RDS

Relational Database Service

FAQs |

Overview

Amazon RDS

• a managed DBaaS service (auto OS patching, DB update, backups...) from AWS.

---

Features

• Supports 6 RDS database engines (MariaDB, MySQl, PostgresSQL, SQL Server, Oracle, Aurora (PostgreSQl, MySQL))

• 3 types of instance classes

  • Standard (m1~m6)

  • Memory optimized (r5, x1, z1d, r6g...)

  • Burstable performance (t2, t3)

• 3 types of storage

  • General purpose (SSD) storage. Eg: gp2

  • Provisioned IOPS (SSD) storage. For I/O intensive workload

  • Magnetic storage. For backward compatibility.

• optimized for memory, performance or I/O.

• High availability: Multi-AZ and Fail-over.

• Point-in-time restore

  • Automatically back up

  • Daily snpashots and transaction logs.

Enhanced Monitoring

• A feature available specifically for RDS.

• Provides detailed metrics about the health of your RDS instances, giving more insight into database load and performance.

-> Particularly useful for detailed analysis, like how different processes use the CPU.

vs. Cloud Watch metrics

• CloudWatch collects CPU utilization metrics from the hypervisor.

• Enhanced Monitoring collects metrics directly from an agent on the DB instance.

Custom endpoint

For different works you need different endpoint. Some works are important, some are not (data analysis, report). -> Make sure important tasks are done quickly, without being slowed down by the less important ones.

Scalability

auto scaling when

• running of storage

  • free storage less than 10%

  • low-storage lass at least 5 minutes

  • 6 hours have passed since last modification

• you have to set Maximum storage threshold (maximum limit for the storage).

---

Pricing

Depend on many factors

• Instance type

  • On-demand

  • Reserved instance (1 or 3 years term)

• Stop/Start instance (the underlying is EC2 instance)

• Storage capacity

• Data transfer

• Additional features

---

Security

3 layers of network security

• Using 3 layer of security

  • Isolated VPC

  • Network ACLs (subnet level)

  • Security group (instance level)

• Resource-level security: using IAM

• Encryption at rest and in transit

  • Encryption at rest (256-bit AES algorithms) using AWS KMS.

  • Encrypt data before store on disk using Transparent data encryption (TDE).

  • Encryption in transit. Eg: connection to DB are secured using HTTPS, using IPsec VPN.

---

RDS Features

RDS Custom

• Managed Oracle and SQL Server Database with OS and database customization.

• De-activate Automation Mode.

• Benefits

  • all the benefits of a managed service

  • access to te underlying database and OS as you can.

    • config setting

    • install patches

    • enable native features

    • access underlying EC2 instances using SSH or SSM Session Manager

RDS Backups

• Automated backups (Automated backup turn ON by default)

  • Daily full backup.

  • Transaction log backed-up every 5 minutes (to S3)

• Manual DB snapshot

  • Manually triggered by user

  • Retention of backup for as long as you want

RDS & Aurora Security

• At-rest encryption

  • using AWS KMS - must be defined as lauch time

• If the master is not encrypted, the read replicas can not be encrypted either.

• To encrypt an un-encrypted database

  • 1st, create a snapshot

  • 2nd, restore that DB from a snapshot as encrypted.

Aurora multi-master cluster

• Support both read/write heavy workload. (Not like Read-replica, which only support read-heavy workload)

• Unlike Read-Replica, which has Master and Secondary instance, multi-master cluster can take any instance to read/write as a Master.

Aurora multi-master cluster

RDS Proxy

• Fully managed database proxy for RDS

• It helps lower the connection number go through the DB instance.

• Never publicly accessiable (must be accessed from VPC)

• Benefit

  • improving DB efficiency

  • serverless, autoscaling, HA (multi-AZ)

  • supports all RDS & Aurora

  • reduced RDS & Aurora failover time by up 66%

Multi-AZ vs Read Replica

• Multi-AZ standby instance

  • For disaster recovery / failover (auto fail over to Standy instance). Increase availability.

  • SYNC replication

  

  turn on Multi-AZ in RDS
• Read- Replica (for Read-heavy workload)

  • For READ-scalability

  • ASYNC replication

  • The Read replica DB can be aligned in the same AZ, cross AZ or cross Region

  • Free within the same region

Read-replica

---

Trivia

• Maximum of CPU is 32 vCPUs, and maximum of memory is 244 GiB RAM.

• Storage scaling depend on type of engine

  • Aurora (auto scaling): max is 64TB, or your defined number.

  • SQL Server: 16TB

  • Other (Oracle, and 3 open-sources): 64TB

• Encrypted at rest include: Automated backups, Read replicas, and Snapshots.

• When you turn ON Multi-AZ, AWS automatically creates a standby instance in a different AZ.

• By stopping the DB although you are not paying for DB hours you are still paying for Provisioned IOPs

• Do not confuse Enhanced Monitoring feature with Detailed Monitoring of EC2.