Database Server Role Design Considerations (Take Two)

Bruno Wolff III bruno at
Mon Dec 15 14:11:51 UTC 2014

On Mon, Dec 15, 2014 at 09:07:45 -0500,
  Stephen Gallagher <sgallagh at> wrote:
>     3. We run multiple database services in individual containers on
>        the system. Each of these services is provided by a rolekit
>        instance and is a full, isolated copy of the PostgreSQL
>        processes. Each of these databases will need to operate on a
>        separate port (or the same port on separate interfaces, etc.)

Note that using domain sockets provides a nice authentication option 
(using the userid of the peer) for other services using the same machine, 
that you don't get with a normal network port. If possible it may be 
desirable to make the domain sockets visible outside of the container 
as well as the network ports. (This assumes that you are expecting some 
services that consume the database service running on the same machine. 
that might be a bad assumption for the database server role.)

More information about the server mailing list