Product

The popularity of sports betting, also called real-money gaming, is exploding. And at least in the US, there’s no bigger moment for sports betting than this weekend. The NFL’s championship game – you know, the game with the name we’re not allowed to say – is likely to be watched by around 100 million people. And with the growing legality and popularity of sports betting apps in the US, it is very likely this game will see more money flowing through betting apps than ever before.

Charlie Custer

February 9, 2023

If you’re building and managing applications in public cloud providers like GCP or AWS, chances are you’ve heard of VPC peering. This blog post explains what VPC peering is, why you’d want to use it, and, if you’re using CockroachDB Dedicated today, how you can get started with our VPC peering functionality.

Tommy Truongchau

February 2, 2023

We are thrilled to announce that CockroachDB Dedicated, the fully managed service of CockroachDB, is now PCI-DSS certified by a Qualified Security Assessor (QSA) as a PCI Level 1 Service Provider. The PCI-DSS was created by the PCI Security Standards Council - an organization formed in 2006 by the major credit card associations (Visa, American Express, MasterCard and JCB). The mission of this council is to establish a “minimum security standard” to protect customers’ payment information. Any business that handles credit card and payment data is required to conform to that minimum standard referred to as the Payment Card Industry (PCI) Data Security Standard (DSS).

If you’re working with CockroachDB, chances are that you care about transactional consistency. CockroachDB offers ACID transactional guarantees, including serializable isolation to ensure that no matter the volume of transactions or how many transactions are being processed in parallel, each transaction is committed to the database sequentially. These guarantees ensure that your database maintains ironclad consistency immediately, which is important for many transactional applications. (Every application has a range of business use cases that determine how consistent its database needs to be. For transactional workloads, an eventually consistent database is often not the right persistence tool). However, CockroachDB’s strong ACID guarantees do mean that occasionally transactions will fail and will need to be retried. Let’s take a closer look at why that happens, and how retries can be accomplished.

Charlie Custer

January 30, 2023

This is part 1 of a 3-part blog series about how we’ve improved the way CockroachDB stores and modifies data in bulk. We went way down into the deepest layers of our storage system, then up to our SQL schema changes and their transaction timestamps - all without anybody noticing (or at least we hope!)

David Taylor

January 18, 2023

When working with an OLTP database, customers’ data protection concerns manifest in different ways. Whether it is about the ability to encrypt data with one’s own keys, redacting cluster logs, field-level data masking or something else, we have partnered closely with our customers in providing more than what they were looking for. So, when we heard feedback that customers needed a way to obfuscate cloud resource credentials when running backup-restore or changefeed SQL commands, we decided to outdo that requirement. Backup-Restore and real-time changefeeds are two of the most critical capabilities in an OLTP database. The former applies to disaster recovery whereas the latter allows integration with analytics platforms or is sometimes used for replication.

Moving and processing data between systems is a common pain point. Users need up-to-date data across systems for use in business analytics, for event-driven architectures, for creating audit trails, or for archiving data. One way to do that is to set up an external service that regularly polls the database for changes.

For multi-tenant mixed-workload systems like CockroachDB, performance predictability and isolation are critical. Most forms of shared infrastructure approximate these properties, be it through physical isolation within data centers, virtualized resource limits, drastic over-provisioning, and more. For CockroachDB it’s not just about protecting latencies across workload/tenant boundaries, it’s also about isolation from the system’s internal/elastic work like LSM compactions, MVCC garbage collection, and backups, and also from user-initiated bulk work like changefeed backfills. For ill-considered reasons this is something they let me work on. Here we’ll describe generally applicable techniques we applied under the umbrella of admission control, how we arrived at them, and why they were effective. We’ll use control theory, study CPU scheduler latencies, build forms of cooperative scheduling, and patch the Go runtime. We hope for it to be relevant to most systems builders (and aspiring ones!), even if the problems motivating the work were found in this oddly-named database.

Secure authentication is a fundamental requirement when evaluating a database product. Architecture and Security teams prefer capabilities which could somehow be managed centrally, ideally using existing security tools in the enterprise tech stack. Over decades of advancements in the OLTP database ecosystem, we’ve seen a number of solutions emerge for secure authentication. Whether it be PKI/certificates, LDAP integration with enterprise identity directory, GSSAPI/Kerberos, SCRAM and so on, those mechanisms have enabled organizations to adopt a variety of new databases over time. We also support most of those capabilities in CockroachDB that are utilized by the majority of our security-conscious customers.