Category
PostgreSQL 運用・信頼性(バックアップ/PITR・レプリケーション/HA・接続プーリング・無停止DDL・セキュリティ・アップグレード)の本番運用ガイド
本番のPostgreSQLは『速さ』より先に『壊さない・止めない・詰まらせない・守る・進化させる』が問われます。本クラスタは、継続的アーカイブとPITRで任意の時点へ戻すバックアップ設計、ストリーミング/論理レプリケーションと高可用性(コアは自動フェイルオーバーを持たない現実とその補い方)、プロセス・パー・コネクションを前提とした接続プーリング(サーバーレスでは必須)、ACCESS EXCLUSIVEロックを避ける無停止スキーマ変更、最小権限・pg_hba・SCRAM・TLSのセキュリティ堅牢化、そして版跨ぎのゼロダウンタイム・メジャーアップグレードまでを体系化します。PostgreSQL 16を中核にECS/RDS上でマルチテナントのB2B SaaSを本番運用した知見を根拠に、運用負荷とマネージドの判断軸まで含めて、PostgreSQL 18公式ドキュメントに忠実な実コードと手順で解説します。PostgreSQL本体のチューニング・インデックス・JSONB等は『PostgreSQL本体・性能設計』クラスタを参照してください。
7 articles in total
Foundational guide
Foundational guide (start here)
PostgreSQL production-operations guide (v18): the 5 principles of don't break, don't stop, don't clog, protect, and evolve
A systematic guide to safely operating PostgreSQL in production. From backup and PITR (don't break), replication/HA and zero-downtime changes (don't stop), connection pooling and monitoring (don't clog), role/TLS/SCRAM security (protect), to major upgrades (evolve), it explains with real code and operational procedures faithful to the official docs (v18). Also the decision axes between managed (RDS/Aurora/Cloud SQL) and self-hosting.
Related practical articles
- PostgreSQLパフォーマンスアーキテクチャ設計
PostgreSQL connection pooling in practice (PgBouncer / RDS Proxy / Supavisor, the transaction-mode traps, serverless support)
A practical guide to connection pooling that prevents PostgreSQL connection exhaustion. It explains, with real code: the process-per-connection mechanism, why you must not raise max_connections, the difference between PgBouncer's session/transaction/statement modes, the features that break in transaction mode (prepared statements, LISTEN/NOTIFY, session advisory locks) and how to handle them, the mandatory configuration for serverless (Lambda/Edge), and RDS Proxy and Supabase Supavisor.
9 min read - PostgreSQLアーキテクチャ設計
PostgreSQL backup & PITR in practice (pg_dump / continuous archiving / WAL / Point-in-Time Recovery, v18-ready)
A practical guide to designing PostgreSQL backup and recovery at production quality. Faithful to the official documentation, it explains: choosing among the three methods of logical (pg_dump), physical, and continuous archiving; real pg_dump/pg_restore commands; configuring PITR (recovery to any point in time) with WAL archiving and pg_basebackup and the recovery procedure; PostgreSQL 17's incremental backup; the importance of recovery drills; and managed automatic PITR.
9 min read - PostgreSQLアーキテクチャ設計
PostgreSQL streaming replication and high availability (HA, sync/async, read replicas, failover, v18)
A practical guide to achieving PostgreSQL high availability (HA) with streaming replication. Faithful to the official docs, it explains building physical replication, the durability-vs-latency trade-off of sync/async (synchronous_commit), read replicas and replication conflicts on a hot standby, the fact that the PostgreSQL core doesn't provide automatic failover and STONITH, WAL retention via replication slots, and PostgreSQL 18 improvements.
8 min read - PostgreSQLアーキテクチャ設計
PostgreSQL logical replication in practice (publish/subscribe, CDC, cross-version zero-downtime major upgrade, v18)
A practical guide to using PostgreSQL logical replication in production. It explains the difference from physical replication, building publish/subscribe, CDC (change data capture), and the cross-version zero-downtime major upgrade (a few seconds of downtime to 18). The most important constraint that DDL and sequences aren't replicated and the switchover pitfalls, pg_upgrade's --swap, and PostgreSQL 18 improvements — all faithful to the official docs.
8 min read - PostgreSQLアーキテクチャ設計
PostgreSQL zero-downtime schema change (lock-safe DDL, lock_timeout, NOT VALID→VALIDATE, CONCURRENTLY, v18-ready)
A practical guide to changing the schema of production PostgreSQL with no downtime. It explains, in real code faithful to the official documentation: the mechanism by which an ACCESS EXCLUSIVE lock stops every SELECT, how not to stop the world with lock_timeout, adding columns (PG11+'s fast path), the two-stage NOT VALID→VALIDATE for NOT NULL/constraints, CONCURRENTLY indexes, the shadow-column strategy for type changes, a lock-level cheat sheet, and PostgreSQL 18's NOT NULL NOT VALID.
10 min read - PostgreSQLセキュリティアーキテクチャ設計
PostgreSQL security hardening (roles, least privilege, pg_hba.conf, SCRAM, TLS/verify-full, OAuth, v18)
A security-hardening guide to protect PostgreSQL at production quality. Faithful to the official docs, it explains least-privilege role design that doesn't run as superuser, GRANT/REVOKE and default privileges, the public-schema pitfall (the PG15 change), predefined roles for monitoring, pg_hba.conf authentication design, SCRAM and MD5 deprecation, how to prevent man-in-the-middle attacks with TLS/sslmode=verify-full, and PostgreSQL 18's OAuth 2.0 authentication.
8 min read