This page is not created by, affiliated with, or supported by Slack Technologies, Inc.
2023-08-15
Channels
- # alda (1)
- # beginners (24)
- # biff (9)
- # calva (55)
- # cherry (1)
- # clj-kondo (36)
- # cljs-dev (3)
- # clojure (37)
- # clojure-austin (2)
- # clojure-brasil (1)
- # clojure-europe (14)
- # clojure-nl (1)
- # clojure-norway (24)
- # clojure-spec (3)
- # clojure-uk (1)
- # community-development (6)
- # core-typed (1)
- # datalevin (5)
- # datomic (28)
- # emacs (14)
- # events (1)
- # gratitude (9)
- # hyperfiddle (27)
- # instaparse (3)
- # joker (16)
- # lsp (89)
- # malli (24)
- # missionary (2)
- # nbb (5)
- # off-topic (59)
- # re-frame (12)
- # reitit (17)
- # releases (4)
- # sci (14)
- # spacemacs (1)
- # squint (7)
- # xtdb (41)
We’re running datomic pro on GCP, inside kubernetes clusters, backed by cloud sql - so far, so good, all working great. A snag is that the backup tool works with either file locations or s3 buckets - file locations would mean we would have to backup to a persistent volume in k8s, and then upload from there to a cloud storage bucket - this gets a bit unwieldy as the size increases. consequently, there’s a couple of things on our mind: • did any of you make backup work directly onto a cloud storge bucket? if so, mind sharing? • I think i read a while ago that we can’t “just” take a snapshot of the storage and restore that, as it won’t be consistent with what is happening on the transactor - is this true?
Why you don’t want s3 bucket or something with compatible s3 interface?
If your storage snapshot is transactionally consistent, you can snapshot. Many (eg dynamodb’s) are not
The advantage of the datomic-level backup is storage independence and automatic garbage collection (it only restores non-garbage)
Fwiw on both gcp and aws at two different companies we eventually converged on using a persistent backup because it’s faster and cheaper, although more work to set up
One big problem with backups is there’s no way to remove old ones, so you need some sort of rotation anyway. Might as well be a persistent volume vs a directory of your bucket
@U3ZUC5M0R GCS has a https://cloud.google.com/storage/docs/interoperability#xml_api
thank you @U09R86PA4 and @U74MQ2347 - super helpful
s3 backups are nice because they are incremental you can run a script, once every hour, and have a nice and hot backup 🙂 (once in a month, copy the "currnet-backup" into "aug-backup")
You can do this just fine with a persistent volume also. We run a backup to a volume continually (i.e. runs backup in a loop, snapshots the volume), and every week we spin up another backup instance and volume with a few hours overlap to allow a full backup to complete
We use persistent volumes mostly for cost and speed: s3 operation cost adds up and is much slower to complete a full backup (> 10 billion datoms here). An ebs volume is much cheaper and faster.
(might still not have a choice--I don’t know if you can do the hostname override needed to make “s3 compatible” backends usable by the backup process.)
When running lambdas that link to ions, how does one enhance the authorizations of the lambda itself? I know how to work with the role in the CF template that allows additional authorizations for the Ion itself, but I need to adjust the permissions of the ion-generated lambdas. Ideally we want to attach a managed policy to the role used by the lambdas.
The Lambda function should just be a pass through to code running on the node. How are you modifying code on the Lambda?
We’re not modifying code on the lambda. But the https://docs.aws.amazon.com/lambda/latest/dg/with-sqs.html#services-sqs-batchfailurereporting apparently needs permissions beyond the default. Not surprising in some ways since Cognitect can’t know my SQS queues in advance, right? And it definitely needs to read (pull!) and delete potentially sensitive messages.
Ah. This seems like a valid use-case, and it does not seem like there’s a supported way to do this now. The created lambdas currently have an execution role, right? If so, and this a little gross, you could read the resource in using your IaaC tooling, grab the role arn, and attach your custom policy to it.
Is anyone aware of a string length limit in Datomic Pro? I’m aware of the soft 4096 character limit for datomic cloud, but can’t find any documentation on datomic pro.
I think the only length limit that is actually enforced (i.e., a transaction will be rejected) is a 256 limit on strings inside tuples.