Service Resilience
Security Hardening on the Management Plane
- Tomcat hardening: In the container images on the GaussDB(DWS) management plane, the security of open source software like Tomcat is enhanced.
- JRE hardening:
- Upgrade the HuaweiJre8 kernel version to 1.8.0_262 or later. Use the actual version number.
- Configure the JRE path after the original PATH to avoid local unauthorized operations (PATH=$PATH:$JAVA_HOME/bin).
- System resource hardening: GaussDB(DWS) has preset security parameters on underlying VMs to enhance the OS security of ECS and BMS.
Isolation Between the Database and External Networks
GaussDB(DWS) is deployed in an independent VPC, which is isolated from other VPCs. Regarding firewall security zones, GaussDB(DWS) resides in the internal user interface zone (trusted zone). Data transmission (using the CLI, GUI tool, and applications developed based on the client library) between clients and coordinator nodes is encrypted using SSL. Cluster nodes run in the secure internal network.
Database Cluster HA
Cluster high availability (HA) is a practice of write ahead logging (WAL), using mechanisms such as primary/standby data synchronization, switchover, and reconstruction for database instance recovery and self-healing. By doing this, data reliability and integrity, and more importantly, service continuity, can be maintained when a crash occurs in the database.
Intra-Region DR Deployment
GaussDB(DWS) provides dual-cluster intra-region DR capabilities. A GaussDB(DWS) production cluster and its homogeneous DR cluster can be deployed in different AZs within the same region. If the production cluster cannot provide read or write services due to a natural disaster or a fault, the DR cluster can serve as the production cluster to ensure service continuity.
The dual-cluster DR framework is based on Roach. It periodically synchronizes data between two clusters. This framework is flexible, enabling the two clusters to work either independently or together without affecting each other. RTO and RPO are within hours. In the non-recovery period, the standby cluster is in hot standby mode, able to provide read-only services.
For details, see DR Overview.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
