Product

For multi-tenant mixed-workload systems like CockroachDB, performance predictability and isolation are critical. Most forms of shared infrastructure approximate these properties, be it through physical isolation within data centers, virtualized resource limits, drastic over-provisioning, and more. For CockroachDB it’s not just about protecting latencies across workload/tenant boundaries, it’s also about isolation from the system’s internal/elastic work like LSM compactions, MVCC garbage collection, and backups, and also from user-initiated bulk work like changefeed backfills. For ill-considered reasons this is something they let me work on. Here we’ll describe generally applicable techniques we applied under the umbrella of admission control, how we arrived at them, and why they were effective. We’ll use control theory, study CPU scheduler latencies, build forms of cooperative scheduling, and patch the Go runtime. We hope for it to be relevant to most systems builders (and aspiring ones!), even if the problems motivating the work were found in this oddly-named database.

Secure authentication is a fundamental requirement when evaluating a database product. Architecture and Security teams prefer capabilities which could somehow be managed centrally, ideally using existing security tools in the enterprise tech stack. Over decades of advancements in the OLTP database ecosystem, we’ve seen a number of solutions emerge for secure authentication. Whether it be PKI/certificates, LDAP integration with enterprise identity directory, GSSAPI/Kerberos, SCRAM and so on, those mechanisms have enabled organizations to adopt a variety of new databases over time. We also support most of those capabilities in CockroachDB that are utilized by the majority of our security-conscious customers.

Efficiency matters. When you’re working with large amounts of data, it matters a lot. Every trip between your application and the database incurs real costs, both in terms of time and money. So how can you minimize those trips?

Charlie Custer

December 5, 2022

In case you hadn’t already heard, Heroku is shutting down its free plans. The change has left many developers scrambling to replace what Heroku offered with other free services. And while CockroachDB doesn’t replace everything Heroku’s free tier offered, developers looking to replace the free cloud Postgres database that Heroku offered can already access an excellent replacement in CockroachDB serverless, a forever-free cloud database that actually offers some major advantages over Heroku Postgres.

Charlie Custer

November 17, 2022

As retailers gear up for Black Friday and Cyber Monday, they will not be caught flat footed by the tidal wave of ecommerce sales. Lessons were learned during the unprecedented digital traffic during the pandemic. Retailers are taking new approaches such as shifting to a “Cyber Month” in order to promote deals early to avoid logistical nightmares, and developing lottery systems (like Nugget) to set expectations upfront. Some companies (such as Peloton) are even saying they won’t have a sale at all. Regardless of your strategy, Cyber Monday and associated holiday peak shopping periods will put pressure on your infrastructure. How are you going to handle massive traffic to your ecommerce site and prevent an outage? Will you survive a region failure? Are you confident when giving customers accurate pricing and shipping information? How many transactions can you process in an hour? In this post, we will cover three strategies retailers can employ to exceed customer expectations this holiday shopping season and beyond. (Interestingly, DoorDash just published a blog about how they deal with the challenge of inventory levels changing in real-time. Worth a read.)

Cassie McAllister

November 10, 2022

Achieving low latency reads in a transactionally consistent, multi-region database is a unique challenge. In CockroachDB, two approaches are frequently used: geo-partitioning data so that it is located in the region where it is accessed most frequently, and historical reads, which read slightly stale data from local replicas. However, there is a third approach that is used less frequently because it fits a narrower use case: global tables. Global tables offer low-latency non-stale reads from all regions at the cost of higher write latency, and they can be used in many cases where the workload has a high read to write ratio.

Jon St. John

November 8, 2022

In my technical journey, I struggled to find a simple tool that gave me the flexibility to collect and deliver data to other monitoring tools. Until, one day, I found it.

Julian Hernandez

November 7, 2022

As part of zero-trust focus, InfoSec and Risk teams pay extra attention to data exfiltration threat vectors, including both when it comes to how service providers manage their data, and how to control & manage insider risk exposure through their employees. Solutions to a number of those requirements manifest in the form of network security controls, especially for egress. With regard to database clusters, restricting clusters to access only specific resources for things like backup-restore, publishing real-time change events, or sending observability data can be challenging.

Let game developers develop games. It doesn’t exactly sound revolutionary. But back in the day, that’s not always how things worked. Every game had its own systems for things like stat tracking, item purchases, user entitlements (in-game items a user has purchased or unlocked), and game devs often got bogged down building bespoke functionality into each of their games to handle these user features.

Charlie Custer

November 3, 2022