I feel more comfortable with this approach... I'll learn more about ssh tunnel...
[]s
Márcio
On Wed, Dec 21, 2016 at 10:57 PM, Hannu Krosing <hkrosing@gmail.com> wrote:
On 12/17/2016 02:58 PM, Marcio Duarte wrote: > Hello ppl, > > My name is Márcio, from Brazil and I need help in understanding the > streaming replication process. > > I have a PostgreSQL data base hosted in an internal server. I need to > replicate this database on Heroku for read only access, but I need to > keep this Heroku instance synced with my internal server... I don't > want to expose this PostgreSQL internal server to the Web... > > What I understood > in https://wiki.postgresql.org/wiki/Streaming_Replication is that > standby will read data from master and not the other way... In this > case, I will need to expose the internal database server to the Web > via TCP, right? Maybe not web, but at least to the replica.
And otherways full PostgreSQL security applies., like requiring SSL connection, fine-grained control of client addresses etc.
And, you can always set up an ssh tunnel if you are more comfortable with this than with postgreSQL-s ssl. And you can even initiate the tunneling SSH connection from the master :) > > If so, there is a way to make the master send the data to standby?
Not easily.
Cheers -- Hannu Krosing PostgreSQL Consultant Performance, Scalability and High Availability https://2ndquadrant.com/