Que is the new kid on Ruby’s job-backgrounding block.
It takes advantage of PostgreSQL’s advisory locks to provide concurrency, efficiency, and safety. Chris Hanks – Que’s author – in an email to us, says:
…in a benchmark on EC2′s biggest compute-optimized instance it’s capable of queuing and dequeuing almost 10,000 jobs per second, while DelayedJob and QueueClassic max out at around 500
Between that and its built-in support for transactions (for ActiveRecord and Sequel), Que looks pretty tantalizing to this long-time Resque user (and admitted Postgres fanboy).
pgtune is an awesome little Python script that you can run on your postgresql.conf to quickly optimize your config for optimal performance.
As with any performance tuning: YMMV. You should still tweak things manually after running pgtune, but this looks great for picking off low hanging performance fruit!
Monocle is yet another link and news aggregation site with a tech focus. The site’s creator, Alex MacCaw, has just open sourced the code behind it.
This looks like a shining example of a well-factored Sinatra app powered by PostgreSQL. If you’re just learning Ruby or want to learn some new tricks, give it a read.
reactive_record from Chris Wilson is a nifty library that generates ActiveRecord models to fit a pre-existing PostgreSQL database.
Rails 4 is out and used en masse, but Dan McClain hasn’t rested on his laurels with adding Postgres-specific goodies to ActiveRecord.
Most schema migration tools are tightly coupled with the ORM or the framework in use. They usually have a limited DSL to interact with the database and are hard to maintain on a complex system.
Sqitch lets you write the upgrade scripts in the native language
of your database and provides automatic dependency resolution.
The currently supported database engines are PostgreSQL, SQLite, MySQL, and Oracle.
Sqitch’s source is written in Perl, but it is a command line tool and can be used in any project written in any programming language.
David E. Wheeler (not to be confused with other David Wheelers in the computing field),
provides extensive tutorials including talks, slides, and videos. He also blogs about the
development of Sqitch.
Adam Stacoviak, Andrew Thorp and Kenneth Reitz talk with Mattt Thompson, Mobile Lead at Heroku, about his many contributions to open source. You can tune-in LIVE on Tuesday’s at 5pm CST. AFNetworking/AFNetworking AFNetworking – a delightful networking framework for iOS and OSX mattt (Mattt Thompson) Mattt Thompson (mattt) on Twitter Helios helios-framework/helios Postgres.app, an easier […]
A week or so back, I was chatting with Craig Kerstiens, a product guy at Heroku, about an issue I was having with my Postgres install (through Homebrew) — he suggested that I use Postgres.app.
There’s an easier way
Just download, install and run the app when you want to run Postgres locally for development. I always found myself fumbling with commands like
pg_ctl -D /usr/local/var/postgres start or
pg_ctl -D /usr/local/var/postgres stop -s -m fast to start and stop my Postgres server. Running Postgres.app is a much simpler and easier user experience now. Just run the app when you’re hacking, and quit the app when you’re done. Simple.
The classic Postgres elephant icon will hang out in your system tray for easy access.
Heroku and Rails specifics
If you’re hacking on a project and deploying to Heroku with a Postgres database, you’ll need to run
heroku addons:add heroku-postgresql:dev to setup Postgres for your app before running something like
heroku run rake db:migrate.
For more details on using Postgres on Heroku check out postgres.heroku.com. You should also subscribe to Postgres Weekly – a free, once–weekly e-mail round-up of PostgreSQL news and articles curated by Craig Kerstiens.
Adam Stacoviak, Andrew Thorp, Steve Klabnik, Kenneth Reitz and Jerod Santo take the show live for the first time since August 8th, 2012. Tune in LIVE every Tuesday at 3pm PT / 6pm ET. We’re live every Tuesday! thechangelog.com/live Hack in style with your very own Changelog tee! We are now member supported! Groovy on […]
Last week, I told you all about an incoming security patch for Postgres. Well, today, it’s here. Please check out this page and upgrade your Postgres. As the Postgres team says, ‘This is the first security issue of this magnitude since 2006.’
What’s the issue?
As always, you can find the latest information about security patches via the CVE system. Here’s the one for this vulnerability, CVE-2013-1899.
There are three things that can happen with this vulnerability:
- Denial of Service. Error messages can be appended to files in Postgres’ data directory. This can fill up disks, or cause Postgres to crash.
- Configuration Setting Privilege Escalation. If they have a legitimate login, and the username and database name are identical, then that user can set a config variable as the superuser.
- Arbitrary Code Execution. The ‘boss level’ of vulnerabilities. If they can do both of the above things, and can save files outside of the data directory, then they can execute arbitrary C code.
What versions are affected?
Versions 9.0, 9.1 and 9.2.
Where can I find more?
The Postgres team has a FAQ for this release, and here are the release announcements.
You can also see the commit that fixed the issue, with all the gory details.
Or, discuss on Hacker News.
UPDATE: Reminder: Upgrade your Postgres today!
Yesterday, I became aware of this email to the PostgresSQL-hackers email list. The email states that there is a very serious security release coming up next week — so bad that they’re taking extra precautions.
Here’s my summary of the email:
The core committee has decided that one of the security issues due to be
fixed next week is sufficiently bad that we need to take extra measures
to prevent it from becoming public before packages containing the fix
What we intend to do is shut off updates from the master git repo to
the anonymous-git mirror, and to github, from Monday afternoon until
We do not intend to start doing this
as a routine thing, and apologize in advance for any disruption.
Every project has security flaws, and it’s great to see the Postgres team take this so seriously. If your team relies heavily on Postgres, consider scheduling a maintenance window sometime shortly after the patch is due to be released, so that you can get your servers fixed up. This one looks to be anomalously big.
Share your thoughts and vote this up on Hacker News.
The ever-awesome @mattt has released Postgres.app. From the README:
Postgres.app is the easiest way to get started with PostgreSQL on the Mac. Open the app, and you have a PostgreSQL server ready and awaiting new connections. Close the app, and the server shuts down.
Even with homebrew, installing postgres can kind of be a pain sometimes. I’m always for any project that makes software installation even easier.
You can get Postgres.app from its website or check it out on GitHub.