-
Notifications
You must be signed in to change notification settings - Fork 19
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Updated builds comparison after the review
- Loading branch information
1 parent
ec4d32d
commit 2818555
Showing
3 changed files
with
11 additions
and
10 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,26 +1,26 @@ | ||
# Build comparison | ||
|
||
We provide `pg_tde` builds for both PostgreSQL Community and [Percona Server for PostgreSQL](https://docs.percona.com/postgresql/17/). The difference between the builds is in the set of included features which in its turn depends on the Storage Manager API. While PostgreSQL Community uses the default Storage Manager API, Percona Server for PostgreSQL extends the Storage Manager API enabling to integrate custom storage managers. | ||
We provide `pg_tde` builds for both PostgreSQL Community and [Percona Server for PostgreSQL](https://docs.percona.com/postgresql/latest/postgresql-server.html). The difference between the builds is in the set of included features which in turn depends on the Storage Manager API. While PostgreSQL Community uses the default Storage Manager API, Percona Server for PostgreSQL extends the Storage Manager API enabling to integrate custom storage managers. | ||
|
||
## Features | ||
|
||
The following table provides the differences between the builds: | ||
|
||
| PostgreSQL Community build | Percona Server for PostgreSQL build <br> (in addition to features included in the PostgreSQL Community build)| | ||
| PostgreSQL Community build | Percona Server for PostgreSQL build <br> | | ||
|----------------------|-------------------------------| | ||
| Table encryption: <br> - data tables, <br> - TOAST tables <br> - temporary tables created during the database operation.<br><br> Metadata of those tables is not encrypted. | Index data encryption for encrypted tables | | ||
| Table encryption: <br> - data tables, <br> - TOAST tables <br> - temporary tables created during the database operation.<br><br> Metadata of those tables is not encrypted. | Table encryption: <br> - data tables, <br> - TOAST tables <br> - temporary tables created during the database operation.<br> - Index data for encrypted tables<br><br> Metadata of those tables is not encrypted. | | ||
| Write-Ahead Log (WAL) encryption of data in encrypted tables | Write-Ahead Log (WAL) encryption of data for encrypted and non-encrypted tables | | ||
| Multi-tenancy support| | | ||
| Table-level granularity | | | ||
| Key management via: <br> - HashiCorp Vault; <br> - Local keyfile | | ||
| Multi-tenancy support| Multi-tenancy support | | ||
| Table-level granularity |Table-level granularity | | ||
| Key management via: <br> - HashiCorp Vault; <br> - Local keyfile | Key management via: <br> - HashiCorp Vault; <br> - Local keyfile| | ||
| | Logical replication of encrypted tables | | ||
|
||
## Future releases | ||
|
||
The following is planned for future releases of `pg_tde`: | ||
|
||
* Logical replication support | ||
* KMIP integration for key management | ||
* Global principal keys | ||
|
||
<i warning>:material-alert: Warning:</i> Note that introducing encryption/decryption affects performance. Our benchmark tests show less than 10% performance overhead for most situations. However, in some specific applications such as those using JSONB operations, performance degradation might be higher. | ||
|
||
[Get started](install.md){.md-button} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters