PostgreSQL JSONB Cost Optimization à¸¥à¸à¸à¹à¸²à¹à¸à¹à¸à¹à¸²à¸¢

System Requirements

Component	Minimum	Recommended (Production)
CPU	2 cores	2+ cores
RAM	4 GB	8+ GB
Disk	50 GB SSD	500+ GB NVMe SSD
OS	Ubuntu 22.04+ / Rocky 9+	Ubuntu 24.04 LTS
Network	100 Mbps	1 Gbps+

à¸à¸´à¸à¸à¸±à¹à¸à¸à¸ Ubuntu/Debian

# âââââââââââââââââââââââââââââââââââââââ
# PostgreSQL JSONB Cost Optimization à¸¥à¸à¸à¹à¸²à¹à¸à¹à¸à¹à¸²à¸¢ Installation â Ubuntu/Debian
# âââââââââââââââââââââââââââââââââââââââ

# 1. Update system
sudo apt update && sudo apt upgrade -y

# 2. Install prerequisites
sudo apt install -y curl wget gnupg2 software-properties-common \
 apt-transport-https ca-certificates git jq unzip

# à¸«à¸£à¸·à¸à¸à¹à¸²à¸à¹à¸à¸à¸à¸²à¸£à¸à¸´à¸à¸à¸±à¹à¸à¹à¸à¸ manual:

à¸à¸´à¸à¸à¸±à¹à¸à¸à¸ CentOS/Rocky Linux/AlmaLinux

# âââââââââââââââââââââââââââââââââââââââ
# PostgreSQL JSONB Cost Optimization à¸¥à¸à¸à¹à¸²à¹à¸à¹à¸à¹à¸²à¸¢ Installation â RHEL-based
# âââââââââââââââââââââââââââââââââââââââ

# 1. Update system
sudo dnf update -y

# 2. Install prerequisites
sudo dnf install -y curl wget git jq

Configuration File

# âââââââââââââââââââââââââââââââââââââââ

server:
 bind: "0.0.0.0"
 port: 9090
 workers: auto # = number of CPU cores
 max_connections: 10000
 read_timeout: 30s
 write_timeout: 30s
 idle_timeout: 120s

logging:
 level: info # debug, info, warn, error
 format: json
 max_size: 100M
 max_backups: 5
 max_age: 30 # days
 compress: true

security:
 tls:
 enabled: true
 min_version: "1.2"
 auth:
 type: token
 secret: 
 cors:
 allowed_origins: ["https://yourdomain.com"]
 allowed_methods: ["GET", "POST", "PUT", "DELETE"]

database:
 driver: postgres
 host: localhost
 port: 5432
 password: 
 max_open_conns: 25
 max_idle_conns: 5
 conn_max_lifetime: 5m

cache:
 driver: redis
 host: localhost
 port: 6379
 db: 0
 max_retries: 3

monitoring:
 prometheus:
 enabled: true
 port: 9090
 path: /metrics
 healthcheck:
 enabled: true
 path: /health
 interval: 10s

à¸à¸à¸à¸§à¸²à¸¡à¸à¸µà¹à¹à¸à¸µà¹à¸¢à¸§à¸à¹à¸à¸

PostgreSQL Full Text Search Cost Optimization à¸¥à¸à¸à¹à¸²à¹à¸à¹à¸à¹à¸²à¸¢PostgreSQL Partitioning Cost Optimization à¸¥à¸à¸à¹à¸²à¹à¸à¹à¸à¹à¸²à¸¢PostgreSQL JSONB FinOps Cloud Cost

AlmaLinux Setup Cost Optimization à¸¥à¸à¸à¹à¸²à¹à¸à¹à¸à¹à¸²à¸¢Ansible AWX Tower Cost Optimization à¸¥à¸à¸à¹à¸²à¹à¸à¹à¸à¹à¸²à¸¢

Production Architecture â High Availability Setup

# docker-compose.production.yml
# âââââââââââââââââââââââââââââââââââââââ
version: '3.8'

services:
 deploy:
 replicas: 2
 resources:
 limits:
 cpus: '2.0'
 memory: 8G
 reservations:
 cpus: '1.0'
 memory: 2G
 restart_policy:
 condition: on-failure
 delay: 5s
 max_attempts: 3
 ports:
 - "9090:9090"
 environment:
 - NODE_ENV=production
 - DB_HOST=db
 - REDIS_HOST=redis
 healthcheck:
 test: ["CMD", "curl", "-f", "http://localhost:9090/health"]
 interval: 10s
 timeout: 5s
 retries: 3
 start_period: 30s
 depends_on:
 db:
 condition: service_healthy
 redis:
 condition: service_healthy
 networks:
 - app-network

 db:
 image: postgres:16-alpine
 volumes:
 - db_data:/var/lib/postgresql/data
 environment:
 POSTGRES_PASSWORD_FILE: /run/secrets/db_password
 healthcheck:
 interval: 5s
 timeout: 3s
 retries: 5
 deploy:
 resources:
 limits:
 memory: 4G
 networks:
 - app-network

 redis:
 image: redis:7-alpine
 command: >
 redis-server
 --maxmemory 512mb
 --maxmemory-policy allkeys-lru
 --appendonly yes
 --requirepass 
 volumes:
 - redis_data:/data
 healthcheck:
 test: ["CMD", "redis-cli", "ping"]
 interval: 5s
 timeout: 3s
 retries: 5
 networks:
 - app-network

 nginx:
 image: nginx:alpine
 ports:
 - "443:443"
 - "80:80"
 volumes:
 - ./nginx.conf:/etc/nginx/nginx.conf:ro
 - ./ssl:/etc/ssl:ro
 depends_on:
 networks:
 - app-network

volumes:
 db_data:
 redis_data:

networks:
 app-network:
 driver: overlay

High Availability Design

Component	Strategy	RTO	RPO	Tools
Application	2 replicas + Load Balancer	< 5s	0	Docker Swarm / K8s
Database	Primary-Replica + Auto-failover	< 30s	< 1s	Patroni / PgBouncer
Cache	Redis Sentinel / Cluster	< 10s	N/A	Redis Sentinel
Storage	RAID 10 + Daily backup to S3	< 1h	< 24h	restic / borgbackup
DNS	Multi-provider DNS failover	< 60s	N/A	CloudFlare + Route53

Security Hardening Checklist

# âââââââââââââââââââââââââââââââââââââââ
# Security Hardening for PostgreSQL JSONB Cost Optimization à¸¥à¸à¸à¹à¸²à¹à¸à¹à¸à¹à¸²à¸¢
# âââââââââââââââââââââââââââââââââââââââ

# 1. Firewall (UFW)
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow 22/tcp comment "SSH"
sudo ufw allow 443/tcp comment "HTTPS"
sudo ufw allow 9090/tcp comment "PostgreSQL JSONB Cost Optimization à¸¥à¸à¸à¹à¸²à¹à¸à¹à¸à¹à¸²à¸¢"
sudo ufw enable
sudo ufw status verbose

# 2. SSL/TLS with Let's Encrypt
sudo apt install -y certbot python3-certbot-nginx
sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com \
 --non-interactive --agree-tos --email admin@yourdomain.com
# Auto-renewal
sudo systemctl enable certbot.timer

# 3. SSH Hardening
sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
sudo tee -a /etc/ssh/sshd_config.d/hardening.conf << 'EOF'
PermitRootLogin no
PasswordAuthentication no
PubkeyAuthentication yes
MaxAuthTries 3
ClientAliveInterval 300
ClientAliveCountMax 2
X11Forwarding no
AllowTcpForwarding no
EOF
sudo systemctl restart sshd

# 4. fail2ban
sudo apt install -y fail2ban
sudo tee /etc/fail2ban/jail.local << 'EOF'
[DEFAULT]
bantime = 3600
findtime = 600
maxretry = 3

[sshd]
enabled = true
port = 22
filter = sshd
logpath = /var/log/auth.log
maxretry = 3
bantime = 86400
EOF
sudo systemctl enable --now fail2ban

# 5. Automatic Security Updates
sudo apt install -y unattended-upgrades
sudo dpkg-reconfigure -plow unattended-upgrades

# 7. Audit logging
sudo apt install -y auditd
sudo systemctl enable --now auditd

à¸à¹à¸²à¸à¹à¸à¸´à¹à¸¡à¹à¸à¸´à¸¡: |

Monitoring Stack â Prometheus + Grafana

# prometheus.yml
# âââââââââââââââââââââââââââââââââââââââ
global:
 scrape_interval: 15s
 evaluation_interval: 15s

rule_files:
 - "alerts.yml"

alerting:
 alertmanagers:
 - static_configs:
 - targets: ['alertmanager:9093']

scrape_configs:
 scrape_interval: 10s
 static_configs:
 - targets: ['localhost:9090']
 metrics_path: '/metrics'

 - job_name: 'node-exporter'
 static_configs:
 - targets: ['localhost:9100']

 - job_name: 'postgres'
 static_configs:
 - targets: ['localhost:9187']

# alerts.yml â Alert Rules
# âââââââââââââââââââââââââââââââââââââââ
groups:
 rules:
 - alert: HighCPU
 for: 5m
 labels:
 severity: warning
 annotations:

 - alert: HighMemory
 for: 5m
 labels:
 severity: warning

 - alert: ServiceDown
 for: 1m
 labels:
 severity: critical
 annotations:

Grafana Dashboard: Import dashboard ID: 52674

à¸à¸±à¸à¸«à¸²	à¸ªà¸²à¹à¸«à¸à¸¸	à¸§à¸´à¸à¸µà¸§à¸´à¸à¸´à¸à¸à¸±à¸¢	à¸§à¸´à¸à¸µà¹à¸à¹
Service à¹à¸¡à¹ start	Config à¸à¸´à¸ / Port à¸à¸ / Permission		à¸à¸£à¸§à¸ config, à¸à¸£à¸§à¸ port, à¸à¸£à¸§à¸ permission
Performance à¸à¹à¸²	Resource à¹à¸¡à¹à¸à¸ / Query à¸à¹à¸²	`htop`, `iostat -x 1`, `pg_stat_activity`	à¹à¸à¸´à¹à¸¡ resource, optimize query, à¹à¸à¸´à¹à¸¡ index
Connection refused	Firewall / Bind address / Service down	`ss -tlnp \| grep 9090`, `ufw status`	à¸à¸£à¸§à¸ firewall, à¸à¸£à¸§à¸ bind address
Out of memory (OOM)	Memory leak / Config à¹à¸¡à¹à¹à¸«à¸¡à¸²à¸°	`free -h`, `dmesg \| grep -i oom`	à¸à¸£à¸±à¸ memory limits, à¸à¸£à¸§à¸ memory leak
Disk full	Log à¹à¸¡à¹ rotate / Data à¹à¸	`df -h`, `du -sh /var/log/*`	à¸à¸±à¹à¸ logrotate, à¸¥à¸ old data, à¹à¸à¸´à¹à¸¡ disk
SSL certificate expired	Certbot à¹à¸¡à¹ renew	`certbot certificates`	`certbot renew --force-renewal`

Q: à¹à¸à¹à¸à¸±à¸ Docker à¹à¸à¹à¹à¸«à¸¡?

A: à¹à¸à¹à¹à¸¥à¸¢à¸à¸£à¸±à¸à¸¡à¸µ official Docker image: à¹à¸à¸°à¸à¸³à¹à¸à¹ Docker à¸ªà¸³à¸«à¸£à¸±à¸ development à¹à¸¥à¸° Docker Swarm/Kubernetes à¸ªà¸³à¸«à¸£à¸±à¸ production

A: à¸à¸±à¹à¸à¸à¹à¸³ 2 CPU, 4GB RAM, 50GB SSD à¸ªà¸³à¸«à¸£à¸±à¸ development à¸ªà¸³à¸«à¸£à¸±à¸ production à¹à¸à¸°à¸à¸³ 2+ CPU, 8+ GB RAM, 500+ GB NVMe SSD

Q: à¸¡à¸µ GUI à¹à¸«à¸¡?

Q: à¹à¸à¹ Cloud provider à¹à¸«à¸à¸à¸µ?

à¸à¹à¸²à¸à¹à¸à¸´à¹à¸¡à¹à¸à¸´à¸¡: |

à¸ªà¸£à¸¸à¸ PostgreSQL JSONB Cost Optimization à¸¥à¸à¸à¹à¸²à¹à¸à¹à¸à¹à¸²à¸¢ â Action Plan à¸ªà¸³à¸«à¸£à¸±à¸ IT Professional

Action Plan

à¸ªà¸±à¸à¸à¸²à¸«à¹à¸à¸µà¹ 1: à¸à¸´à¸à¸à¸±à¹à¸à¹à¸¥à¸°à¸à¸à¸¥à¸à¸à¹à¸ lab environment (Docker à¸à¸ laptop)
à¸ªà¸±à¸à¸à¸²à¸«à¹à¸à¸µà¹ 3: à¸à¸±à¹à¸à¸à¹à¸² monitoring (Prometheus + Grafana)
à¸ªà¸±à¸à¸à¸²à¸«à¹à¸à¸µà¹ 4: Security hardening + backup strategy
à¹à¸à¸·à¸à¸à¸à¸µà¹ 2: Deploy staging environment
à¹à¸à¸·à¸à¸à¸à¸µà¹ 3: Deploy production à¹à¸¡à¸·à¹à¸à¸¡à¸±à¹à¸à¹à¸ + à¹à¸à¸µà¸¢à¸ documentation

"à¸à¸¸à¸à¸à¸±à¸à¸«à¸²à¸¡à¸µà¸à¸²à¸à¹à¸à¹à¸à¹à¸²à¹à¸£à¸²à¸¢à¸±à¸à¹à¸¡à¹à¹à¸à¸à¹à¸ªà¸à¸à¸§à¹à¸²à¹à¸£à¸²à¸¢à¸±à¸à¸«à¸²à¹à¸¡à¹à¹à¸à¸" â à¸ªà¸¸à¸ à¸²à¸©à¸´à¸à¸à¸±à¸à¸à¸±à¸à¸à¸²

à¹à¸à¸à¸à¹à¹à¸à¸£à¸µà¸¢à¸à¹à¸à¸µà¸¢à¸	PostgreSQL JSONB Cost Optimization à¸¥à¸à¸à¹à¸²à¹à¸à¹à¸à¹à¸²à¸¢	à¸à¸²à¸à¹à¸¥à¸·à¸à¸à¸à¸·à¹à¸
à¸à¸§à¸²à¸¡à¸à¹à¸²à¸¢à¹à¸à¸à¸²à¸£à¸à¸´à¸à¸à¸±à¹à¸	à¸à¸²à¸à¸à¸¥à¸²à¸-à¸à¹à¸²à¸¢	à¹à¸à¸à¸à¹à¸²à¸à¸à¸±à¸à¹à¸
à¸£à¸²à¸à¸²	à¸à¸£à¸µ / Open Source	à¸à¸£à¸µ-à¹à¸à¸
Community Support	à¹à¸à¹à¸à¹à¸à¸£à¹à¸à¸¡à¸²à¸	à¹à¸à¸à¸à¹à¸²à¸à¸à¸±à¸à¹à¸
Enterprise Ready	à¹à¸à¹	à¸à¸²à¸à¸à¸±à¸§
Documentation	à¸à¸µà¸¡à¸²à¸	à¹à¸à¸à¸à¹à¸²à¸à¸à¸±à¸à¹à¸
à¸à¸§à¸²à¸¡à¹à¸ªà¸à¸µà¸¢à¸£	à¸ªà¸¹à¸	à¸à¸²à¸à¸à¸¥à¸²à¸-à¸ªà¸¹à¸
Learning Curve	à¸à¸²à¸à¸à¸¥à¸²à¸	à¸à¹à¸³-à¸ªà¸¹à¸
à¸à¸§à¸²à¸¡à¸à¸´à¸¢à¸¡à¹à¸à¹à¸à¸¢	à¸ªà¸¹à¸à¸¡à¸²à¸	à¸à¸²à¸à¸à¸¥à¸²à¸