 Ym hyn mae'r ddifigol efallai yn ei fod yn ymdau gael y byd yn ymdau. Mae'r ddweud o'r ddweud yn ymddangos, mae'n ddiogel i'r ddweud, efallai yn ymdau'r ddweud o'r ddweud o'r ddweud o'r ddweud o'r cyfrifyllfa'r cyfrif feddwl. Mae'n ddweud o'r ddweud o'r ddweud o'r ddweud o'r ddweud o'r ddweud. Rydyn ni'n g май oherwydd, ydy'r ddweud yn cael ddweud o'r hwn o'r ddweud a'r ddweud yn cael dweud. Rydyn ni'n gweithio ddweud o'r ddweud o'r ffordd, ac mae'r ddweud o'r ddweud yn cael ffordd o'r hwn o'r ddweud. Roeddwn ni'n gweithio, y pethau'n gweithio o'r ddweud o'r ddweud o'r ddweud o'r ddweud o'r ddweud o'r ddweud. I chose that negative title because that was the feedback I'd received. If it had gone the other way I could have done a different talk. So I'm really being driven by what I'm hearing. Obviously, 2nd Quadrant, we're into open source development and we support people in a range of situations. So we do consulting and training. All of the different forms of post-co-sql available, we do various forms of support for everybody. So we've actually got quite a wide viewpoint on the different options available. So I included this in the start of the talk really, which is how did we get to this talk? And what happened over the last two years is that I've been having more and more conversations where I get called in to explain to a customer why something doesn't work. And then once they've explained their problem to me in detail, I say, well post-co-sql does do that. And then they say, no it doesn't. And go, well it's kind of a weird kind of, you know, what's the other person talking about. And then it turns out that we've discovered some new restriction that exists on some hosting platform. Now that isn't restricted to any particular provider and all of these little details that have come up in various ways. But it's very frequently that I've had to return to the idea that post-co-sql does do that. It's just that you're not able to do that in your current environment. Now what has happened in the past is that when you're talking to a company that runs its own sys admin team, then it's actually a sort of more simpler conversation because you're speaking to a lot of application guys and they say, oh we need this, we need that. And then it's, oh well we'll just have a quick word with the sys admin team and they can add it for you. And what's happened in the recent past is because everything's locked down, there is no sys admin team that you can talk to. You just have to absorb that what you want to do is absolutely not possible. And that's been a bit strange. So obviously with a negative title you might imagine that I'm anti-cloud and that my grey hairs mean that I just don't get it and all that kind of thing. Well obviously you can think that if you like. What I'd say is that I started working on time-sharing systems many years ago and actually everything was virtualised in the cloud long ago and then we kind of invented personal computers and decided to do everything that way. And then we forgot all that stuff and it's kind of, you know, so I've been to quite a few conferences over the years where people are going, that's funny because MVS did that 20 years ago. When are we going to reinvent that? And then slowly we've reinvented all of that side of life again and we're sort of back to where we were sort of 30 years ago. I'm just going to plug that in so it actually works rather than me just standing here feeling a bit. So, you know, my personal objective working on the Postgres project is to deliver database technology that runs well in many environments. That's cloud, that's all sorts of things working in appliances and that kind of thing. And it's required us to change many, many times over the years. So what I do, my personal approach to this type of situation is that we attempt to deliver solutions now but also change the future. Now changing the future does take time and in many cases actually sort of six, seven years in some cases to get changed through. One example is we had a customer that was experiencing massive growth and we were able to tune one of their systems so that it didn't go down every day at a particular time. And at the time the Postgres community feedback was that the patch that we'd provided had no evidence that it had any value and was not applied. And then seven years later the exact same feature that we'd proposed was committed to 9.6 and ample evidence was at that time provided. So it was kind of slightly strange to see exactly the same solution go in when it had been refused before. So just to say that, you know, it doesn't always go in as quickly as you would like, even how much I might claim that things go in quickly. Anyway, personal objective is those two points, the multi-level objective of solving the customer problem now, but also trying to change the future so that it's better for everybody. And some examples of the kind of annoyances that we've handled, not just talking about cloud or anything like that. We've had public feedback from people from Jepson about transaction traceability, from the Uber blog about the way things work for their particular way forwards, and some interesting comments from the gentlemen at GitLab when they almost lost all of their customer data. Now looking through those, that does not mean that we've accepted every single criticism. What I've tried to do there is to examine the critical comments and see if there is something that we can learn. And in some cases I've completely rejected any form of learning. And then in others, I've accepted the technical points and begun proposing solutions. So, you know, it is very difficult sometimes to be objective in those situations, but I mean, you know, my perspective is I want to improve Postgres. And the reason, by the way, why I want to improve Postgres is because it's the best database. If it was the like third best database, I'd probably switch to the best database, right? So, when I, you may sort of see something, you know, I don't have a choice now. I'm so invested in Postgres that I'd never switched to something else. Well, I did have a choice once and I looked at my sequel and really kind of came away shaking my head in disbelief. And it was only really Postgres that met my quality standards. In terms of design, you know, you sort of pick up some things like a teapot and go, is that ever going to work? And you go, no, and you walk away. And so that, you know, I came to Postgres because it had potential and that's why I stayed. So, what are the cloud annoyances? We've actually been working through them for quite some time, things like power consumption. We implemented checksums as well at the request of various people that were experiencing a number of problems. Of course, power consumption, we don't care about that now because that's somebody else's problem, isn't it? We don't care about power. But clearly somebody cares about power and so the work that we did that on in 2011 is actually built into the product and that's one of the things that we'll benefit from. Some of the other annoyances, we are only just starting to touch upon things like horizontal scalability and always on functionality. So there's nothing that I can blame other people for on that front. I'll take that squarely on the chin and say, you know, we haven't done that yet and, you know, we're trying. So security issues, I'll just flip through that. Obviously we want secure access to the database and that's one of the reasons that we've responded in the current release with some new features around Scram and 256 bit. And those features are part of the reason why the US Department of Defence has issued a Security Technical Implementation Guide or STIG for PostgresQL and that's actually the first open source database that's been certified by the DOD. So, yeah. And while you might sort of rar about that from a US perspective, I can tell you that some of the features that go towards that certification were actually sponsored by the European Union, for example, as well. So not to diminish that at all, but really just to say that it is a multi-country effort that people are being involved in. Now, one part of the STIG is actually the use of something called PG Audit and that brings us on to the first set of restrictions, which is about the support of extensions. Now you may think that extensions were created in hell to annoy cloud providers, but actually the concept of the extension and the implementation was sponsored by a cloud provider. And so there are various features that have worked their way into PostgresQL as a direct result of feedback from people running large numbers of servers. So the extensions that people support have widened over time, very happy to see all of the different contrib modules accessible as well as things like PostGIS. But there are many, many extensions that are not supported and not supportable because people don't provide you ways of accessing inside PostgresQL. Now that causes us a problem because we've gone to a lot of trouble to design an extensible database and then we can't extend it. So that's sort of one of the major benefits of Postgres is lost. Security get lots of complaints about people that can't access their database as super users. Now I say that we have been taking that comment on the chin and by which I mean accepting it and taking responsibility to change that. So a lot of the features have had super user privileges removed from their checks so that they're able to be granted to people that don't have super user access. And we've got another load of features along those lines in 10 coming out. So we're making progress there. Obviously access to a table like PG Auth ID is difficult because it contains the password hashes. And what we'd already discussed is that that allows those things to be cracked. So it's not particularly surprising that access to that table is banned. What did you expect if you want security? Now one of the issues really with the cloud situation is that we've actually had very little feedback. And I am looking at Grant on this point about what these changes are and what the features that certain providers might like. Some people give us feedback, some people don't. Now it doesn't necessarily need to be patches but just a kind of we don't like that because would be great in fact. So and that sort of comes down to some other things about not being able to even dump database because PG dump all access is the PG Auth ID table. And if you don't have access to it then you can't run that utility and that's so that's caused some problems as well. So anyway there's some issues around security which I believe are in progress of being resolved. Consistently we've had complaints from people saying that they just cannot get access to the underlying platforms to allow them to do diagnostics and problem solving. And although that we've people say that including software patching is included within the sort of cloud agreement in some cases bug fixes are not applied in the ready time. And if they are applied remember that we're actually only providing a roll up release of bug fixes every three months. And at one point we did do a special security release for a cloud provider but ultimately it's not really possible for the open source project to respond quickly enough for all different providers. Though we try. So one of the things that has been problematic is bug fixes and one of my colleagues reminded me just recently that we identified that a problem existed for one customer and we weren't able to fix it for that customer because we don't have access to the underlying platform and that's been a persistent issue unfortunately. So one of the last aspects about different cloud providers is actually cost and I think what's quite strange is that the cost element is sort of all over the map really. It's actually quite difficult to work out in in some cases and there's just sort of a couple of different comments from people about the cost landscape. Now it's complex and you know it's easy to look at things in various ways but one of the most surprising things was one customer that came to us. And when we provided them with a quote for our services it turned out that we were more than $100,000 cheaper than using a particular cloud provider. And that was quite amazing because obviously you get used to being told that cost and flexibility is actually one of the main reasons to use the cloud and then when it turns out that actually there's a massive cost differential that can be quite surprising. So what I've done here is actually outline what are your cloud options. Now this draws heavily and directly from AWS security guidelines in that there's actually three different types of service. There's cloud hosting where you get a platform like EC2, there's managed cloud. Now these are my phrases by the way but I'm using them with example against the types of service but these three levels of service do come from the AWS manual. So cloud hosting, managed cloud and cloud services and the differences really are you get access to the instances. Managed cloud is where you know that there are instances but you can't really do anything to them apart from sets and parameters. Or something like S3 where you don't really even know where there are instances or even how it's configured or anything it's just literally a cloud. And that's really where that name came from the cloud right because that's where you know you do a cloud backup and you've got no idea where it goes and you don't care which is nice. Now that is something that could easily frame the discussion around that point but what I wanted to do is really talk about a whole range of different management options that you have available. And it's kind of important to keep these things in context when we're discussing them. So in the old days you had to do everything yourself with your own data centre and so you bought a lot of stuff and you had to get the electrician in to wire it up and that took months right and that was extremely painful. And that's if you were lucky, if you were unlucky you had to migrate to a different building in order to implement a new server. And so it's extremely painful and you know I've not found anyone that sanely discusses that as a great way forwards. And we had a platform discussion the other day where somebody was sort of like going you know I hear that databases run better on bare metal therefore you know you'll hate virtualisation. But I was like well no not really I mean it seems pretty good to me if you've got hundreds of databases you don't really want to be managing all that bare metal yourself if you can avoid it. Now interestingly these layers up here that we hardly ever speak about business process outsourcing rather than running any of this yourself let's just take that whole business function and we'll put it off to Capgem and I. And who knows how they're going to manage it? We don't care. Do they use Postgres? Who cares right? It's completely out of our control right? And you know that was in vogue at some points and then the next layer down is the sort of application level and that's the you know the classic sales force thing of all you get is the application. Does it run on Oracle? Does it run on Postgres? Again who cares that's their problem right? And it's really down to your trust in that vendor. And then again the cloud level services you've got all sorts of different things where it's kind of a little bit too early but you're still abstracted away from a lot of the detail. And it's only really in these layers where any of us care whether it's Postgres QL or not so but you know there's quite often discussed a huge gap between kind of managed cloud and bare metal. And you know people I've seen people kind of laugh insanely at the thought that if you don't use RDS you must be talking about running bare metal on your own floor yourself. And it's kind of like why would I be talking about that? You know quite clearly I'm talking about other ways of doing it. So you know what's interesting here is that there are different levels of control that you can select and that's really where generally I get involved. So our response to some of these things has been something that we call trusted Postgres QL architecture. So it's an orchestrated deployment of Postgres QL that was really kind of modelled conceptually on what other people are doing in the cloud. Not really because in fact anybody wanted to copy anything but it's really about deploying things in a way that gives people more control. And this is all driven by customer request I should add. It's not something that we kind of plucked out of our heads as a way forward. This is something that we put together based upon what people have said they wanted from us. Now I won't really go into too much detail there because really it looks in many ways very similar to some other things. The aspects of it are really ease of use convenience that kind of thing. But it's convenience at the same time as giving you access to different parts of the stack. And it's when you have access to the different parts of the stack that we're able to do some of the cool things that Second Quadrant can do. Now I fully accept that some people neither know nor care about some of the things that we can do. So Second Quadrant's ability to reach into the database and write plugins or tune things or add new features is a lot of people can't do that. And so they can sensibly argue I can't do it so why would I care to have that level of access. Now that's potentially a reasonable argument if you want to have it. But from our perspective we've been helping people use databases for quite a long time now. And we have made significant differences to people when they're trying to run their business either by keeping their systems up at particular time or reducing their costs by exploiting advantages in the different architecture. So this is our take on convenience. Now how do we get to that situation. Well of course the first problem that we face is of course PgLogicals not supported because it's an extension right. So in fact we can't use that to migrate anybody away. And we can't install slowly because that uses C triggers and they're not supported. We can't use Londi's because it uses C triggers and they're not supported. And so then somebody rewrote the Londi's triggers in PLPG SQL and that's not particularly good. And so we move to to using something like Bacardo which is a fully user space optimized replication. So it is kind of amusing that when people say like we really hate it we just want to get off it now please can you help us. And then we hit the very restrictions that we're causing them to hate it in the first place. So it's kind of a bit strange right. So again why would you migrate away from some of these clouds. You know what's the argument why would you put your hands put yourself in in other people's hands. Well second quadrant has been contributing to PostgreSQL for some time. We've had very significant contribution to the PostgreSQL system. We've got four committers and the last three major corruption bugs were fixed by second quadrant staff and contributed publicly. So the sequence of events there is that we help our customers first and then we do eventually help the wider community and that's quite important. Now that does offer us the ability to provide support in a way that other people do not possess the ability to provide support. And that's really why a lot of people have come to us. So if we have been involved in migrating people away from different cloud providers it's not by choice it's simply as a way of allowing us to provide control to the people that want that and have come to us and say they want that. So I think that's an interesting comment. Now one thing that does then allow me to touch upon is PostgreSQL or different forks. And I think that there has been some thinking that I am against certain companies. What I'm interested in doing is being absolutely specific about that. Certain companies allow PostgreSQL to be used as the full open source version and I completely support that. I'm even reasonably happy that RDS PostgreSQL uses almost exactly PostgreSQL at least as far as I can tell. Obviously I can't actually see the patch so although that's in my list of closed source forks it's not very much in my opinion a closed source fork and that does not make it particularly bad. I do ask that AWS, because I can see you, submit the patches for that so that we can make PostgreSQL what you want it to be. It's very simple. If you can submit that please that would be great. I understand those difficulties so I don't need to go there. RDS PostgreSQL was a great step forward for the open source PostgreSQL project. I absolutely maintain that and I've said I'm very very happy that that occurred but no more happy than any other company that supports PostgreSQL. So we have been moving through different companies one by one. IBM, Microsoft and many other companies have announced in part support for PostgreSQL and I say thank you very much to all of those. I noted the detail and the presentation about Cloud SQL which is the managed cloud service by Google for example does run the open source PostgreSQL. Again it's a managed service so I don't really know for certain whether it's exactly the open source version but that looks close enough and that's pretty much okay by me. If I have a problem it's with the other closed source forks here and here which are Aurora and Redshift and that does cause me more of a problem because I really want to get to a situation where different people have got access to good database technology and there's a distinct difference in my mind between open source and closed source. Now that is in some ways you could easily throw things at me along the lines of so when you told me about that customer you helped seven years ago and that patch you had inside their system that wasn't part of open source PostgreSQL. How come? I mean you know you're an open source guy how come you didn't just run the open source version. Well we tried to put that back into PostgreSQL and that's really the difference is we write software as well as other people the question is where does that software go. So at the instant I hit enter on a new piece of software I haven't submitted it at that point so technically I'm writing closed source software until the moment it's released. But that's the perspective the question is when and how do you release it. And of course there's various things that we might say about the technology and I'll come back to that in a sec but one of the things that people are often confused about is exactly what happens. I'm glad you're slightly sort of slow response there guys but you know it's easy to characterize myself or other people as you know you guys are just weird what is this like incredible attachment you have to open sourceness and what the hell does it matter. Whether the source codes readable on some you know you know Planet X or something you know what happens if I write it down and send it to Neptune on a spacecraft. Would that be open source or you know I don't know and then you can get into really stupid discussions about what actually is important here. Okay and I'll tell you what's absolutely important here is number two and number three and that is that we've had decades of people screwing us over. Okay and I have multiple CIOs telling me that they have been screwed so badly by people in the past that they will not even let them in the building anymore. Okay and there's a huge legacy of literally hatred by the way that people have been treated because they've been locked in by vendors. Okay and people want to get off that right so they tick box to okay but some people realize that actually they don't want to just get off that other technology. They want to get off that technology in a way that they never get some guy having the same hold over them that they had in the past. Okay and so actually people tick box three and you'll see that for example the guy from FINRA said that he had an extremely rigid policy on no proprietary databases. Okay and so lots and lots of people are saying that they want open source for sensible saying commercial reasons. Okay and it's not because we've got shaggy here and all believe in free love or whatever right. So however good that sounds. So what I have to say really is that a kind of strange belief in open source prospects QL is one thing but when we talk about other technologies and people keep telling me about other closed source technologies I kind of every time I come to the conference I get some like typically about five people approaching me saying would I resell their closed source technology. And it's kind of like really you just listen to my old presentation and then you ask me that and I like go you know if I could resell closed source technology to any of my customers. Yeah I might consider it but all of them have told me that they don't want it right. So what am I going to do walk back in the door and go you know you said you wanted open source for reasonable rational reasons. How about I just sell you this closed source thing but surely you want that right. Well clearly they don't yes so I would have to be insane to do that. So when I say that second quadrant does sustainable open source development it's not because I want to set a circle holding hands and you know singing the coke song or whatever it's because customers have told me they wanted it. And just to sort of refer back to my history I spent long years of my life selling closed source solutions and didn't really lose any sleep on it at that time. But it's only laterally when people tell me that they actually want open source that I go that's cool I can provide that we'll provide it to you. So second quadrant provides sustainable open source development because we're listening to the people that talk to us. And that's why we're doing it not because there's some other kind of strange reason for that. Now I've got a kind of whole load of other stuff that I might talk about different technologies so perhaps there might be questions on that and perhaps I could refer back to my other slides if there are questions. But really just to end up by saying that second quadrant does provide sustainable open source development. We do 24 7 bug fix support if we are allowed to. If we can't fix your server then there's not really that much that we can do. The frequently is but obviously if we do support for you on a platform where we can't actually fix the software then there are certain things that we can't do. So we provide a whole range of different services aimed at getting you over the problems that you have with scaling your business operating your business. And we are not selective about that in any way. We don't have a preference to cloud or on premise or whatever. My personal focus is on solving your problems. I'd love to solve your life problems and all sorts of other things but really I only know about databases right so that's the only kind of area I can help with. So just to say that we do that pretty well and our customers tell us that we have extremely high levels of recommendation from them. What that means is roughly spoken that means nine out of ten of our customers would actively recommend us to other people. And when I find out who the 10th guy is he's he's in trouble. Anyway so so we're operating in the U.S. Second Quadrant Inc. Tom Kincaid is there as well. So I field questions now about any topic that I have or have not mentioned. So the floor is yours for questions in my ten minutes remaining. Any questions. You mean what type of career you mean like select version do you sort of. Yeah something I thought about. So there isn't a specific command that allows you to to look at the checksum of the binary that you're executing and that kind of thing. I think that's probably going a little far to be frank. You know it sounds like you would get into all sorts of arguments with people about exactly why the checksum isn't exactly right but it is actually the right source code. You know and so. Yeah well I mean you know all of that's fakeable right. I mean there's you know we can easily set up a view that tells you anything you want to hear right. So you know if there was some sort of you know is it open source yes or no type query. I mean you know you just have a close source vendor that sort of makes it say yes always you know. So you know there's you know there's no real point in doing that. And that's why I'm you know not getting too tense about providers that are like providing post squares with a couple of little changes right. So you know because that you know it's close enough right. You know the problem with the big source code type changes where you know for example what's been described to me is Aurora changes the whole storage solution underneath post squares. Well a lot of people have said it's got a crap storage system. You know I mean that that I'm not saying it does but you know some of the developers saying they want to rip the storage system out and replace it. Well that's great. What we don't really want is the MySQL situation where you have you know MySQL at one point you know the best storage engine for MySQL was owned by Oracle. So you know that put them in a very difficult position and meant pretty much that they had to kind of be bought by Oracle because there wasn't really too many other options. So you know changes possible in that regard but you know the main thing is if we can do it in an open source manner then that helps everybody and it does avoid this big lock-in problem that we keep talking about. I'll answer that I think did you want to say you want to do answer that or you just have a question. Just have a question. Oh right. Thank you. So you're just like saying politely hello. Yeah. So you know anybody that wants to contribute to the Postcode SQL project no problem with. What causes a problem is if you're talking about open source and then you quickly switch to closed source and then back again so that when your sentences and paragraphs contain. Both at the same time and it's you read it and go like so what is that feature that they've said they're contributing to open source and you know people say things like it's got open source pricing like what does that mean. Or you know and so this you know I've no problem with people that have got multiple products as long as they keep them completely separate so that you know that you're either buying apples or oranges. You know if you kind of like being sold a kind of vague bag of mystery fruit. And using the word Postgres around that then then I have a problem right so. But that's what my customers are asking for right. So you know all of the people that sell close source stuff when they speak to somebody I can assure you that that person you just spoke to comes to speak to us right. And they're not hugely impressed. I mean you know the people don't necessarily give you that feedback to say how little they were impressed but they do ring up second quadrant right. So. You know maybe 50% of our customers came to us from other vendors that were trying to sell them other stuff. I mean I can't really maybe it's more than 50% but it's significant number of people. OK well I'm sure the boys are going to come and beat me up afterwards so. Goodbye it's been nice knowing you. Thank you.