Neat. Just be cautious as docker containers aren't yet secure.

https://docs.docker.com/articles/security/

> Docker containers are, by default, quite secure; especially if you take care of running your processes inside the containers as non-privileged users (i.e., non-root).

I'm not quite seeing the sense of insecurity here, especially from the conclusion. Like any piece of software, it's up the user to not use "dangerous" configurations.

Linux containers are at most a privilege escalation away from breaking.

Also, isn't Docker people the ones talking about unikernels? Where everything run not only with superuser powers, but at kernel level?

Though in a Unikernel, the kernel only implements what is needed to run the service. So a database, for example, would be lacking functionality like a shell to escape to.. or even a TTY to run that shell on.. or an implementation of connect() to even initiate outbound TCP connections, in the extreme case.

Except that the default is for processes inside containers to run as root.

So, "by default, quite secure; except this one default that exposes you to some very nasty attacks unless you override it".

Thanks for taking a look, and looking close enough to see that it uses Docker :-)

Was there some specific aspect or attack vector that came to mind? Or did you mean it more as a blanket warning?

Generally. And only because I see other companies doing this sort of thing. I'd like docker to be a solution here, but we're not quite there.

\dx ( List of installed extensions ) show only : plpgsql

Please add more extension (like: postgis,hstore)

That's definitely in the works.

Anyone know if there's any major upgrades re. speed? From 9.0 to 9.5?

There have been significant scalability improvements in that time (9.2, 9.5). There also have been lots of smaller improvements in single threaded performance in general, leading to rather noticeable aggregate improvements.

That's all for the cases where the same query plan is used in 9.0 and 9.5 - the differences where new type of plans (say index only scans) are often very large.

In short: yes.

Off the top of my head, Index only scans, overhauled GIN & GiST indices, Trigrams come to mind.

9.5 was supposed to get "parallel sequential scan" (which is a big deal performance-wise), but I don't see it on the "what's new in pg 9.5" page. Anyone know what's up with that?

It wasn't ready yet. A significant amount of development happened after the point where that's supposed to happen for features to be integrated in 9.5.

Now that 9.5 has its own branch I hope we'll get it in early in the 9.6 development cycle; so we have time to iron out all the potential kinks.

I don't think there ever was a clear "this will be in 9.5" statement from anyone?

9.5 was the target according to this: http://rhaas.blogspot.com/2015/03/parallel-sequential-scan-f...

Thanks for the info.

Interesting service. rmgraham, what do you see for the future?

Right now account sign up is wide open, but the plan is to move to paid accounts with a free trial period. I'm thinking tiered plans based on concurrency limits (right now all accounts are capped at 1 active instance).

The use case not highlighted by the blog post is is disposable databases for use with automated tests. One of my inspirations was the idea of using a Vagrant VM as a development environment and deleting each night and re-creating it each morning so that the project doesn't accumulate untracked dependencies on environment tweaks. I'd like to enable/encourage similar practices for DBs. For that, I'm working on a Jenkins plugin.