Merge pull request #5044 from EnterpriseDB/release/2023-11-27

Release: 2023-11-27

advocacy_docs/pg_extensions/advanced_storage_pack/configuring.mdx

@@ -3,7 +3,7 @@ title: Configuring Advanced Storage Pack
 navTitle: Configuring
 ---
 
-Place the extension module implementing the custom TAM in `shared_preload_libraries` so that it loads early during Postgres startup. This step is needed so that the extension is available before the table based on the given TAM is accessed for the first time. For example, update the parameter in `postgresql.conf` with `autocluster` or `refadata`:
+Place the extension module implementing the custom TAM in `shared_preload_libraries` so that it loads early during Postgres startup. This step is needed so that the extension is available before the table based on the given TAM is accessed for the first time. For example, update the parameter in `postgresql.conf` with `autocluster`, `refdata`, or `bluefin`:
 
 ```ini
 shared_preload_libraries = '$libdir/<extension_name>'

advocacy_docs/pg_extensions/advanced_storage_pack/index.mdx

@@ -13,7 +13,19 @@ EDB Advanced Storage Pack provides advanced storage options for Postgres databas
 
 For tables whose access patterns you know, you might prefer a targeted TAM that makes different tradeoffs. For instance, if a table has a specific usage pattern, you might consider using a specialized TAM that is designed to enhance that usage pattern.
 
-EnterpriseDB offers two TAMs in the Advanced Storage Pack. 
+EnterpriseDB offers three TAMs in the Advanced Storage Pack.
+
+## Bluefin
+
+Bluefin is designed to provide data compaction and delta compression, which makes it particularly useful for storing time-series data, common in IoT and monitoring use cases.
+
+In its design, UPDATE and DELETE operations aren't permitted. This design allows for a much smaller tuple header. It also allows for tuples to be stored as compressed deltas of other tuples and eagerly freezing of pages as soon as the page is full. The result is that Bluefin tables accept only INSERTs, but they are able to reach a much higher density of tuples per page. This ability leads to faster reads on such append-only tables.
+
+Due to the lack of DELETE operations, Bluefin is best used together with table partitioning features. This combination allows older data to be pruned by dropping older, time-range-based, partitions.
+
+Bluefin is available only for database versions 15 and later, since it depends on features introduced in PostgreSQL 15.
+
+See [Bluefin example](using/#bluefin-example) for an example use case.
 
 ## Autocluster 
 

advocacy_docs/pg_extensions/advanced_storage_pack/installing.mdx

@@ -3,7 +3,7 @@ title: Installing Advanced Storage Pack
 navTitle: Installing
 ---
 
-The Advanced Storage Pack is supported on the same platforms as the Postgres distribution you're using. Support for Advanced Storage Pack starts with Postgres 12. For details, see:
+The Advanced Storage Pack is supported on the same platforms as the Postgres distribution you're using. Support for Advanced Storage Pack starts with Postgres 12 for Autocluster and Refdata, and with Postgres 15 for Bluefin. For details, see:
 
 - [EDB Postgres Advanced Server Product Compatibility](https://www.enterprisedb.com/platform-compatibility#epas)
 

advocacy_docs/pg_extensions/advanced_storage_pack/rel_notes/asp_1.2.1_rel_notes.mdx

@@ -0,0 +1,10 @@
+---
+title: Release notes for Advanced Storage Pack version 1.2.1
+navTitle: "Version 1.2.1"
+---
+
+This release of Advanced Storage Pack includes:
+
+|  Type   |               Description               |
+| ------- | --------------------------------------- |
+| Feature | Bluefin is released for PG/PGE/EPAS 15+ |

advocacy_docs/pg_extensions/advanced_storage_pack/rel_notes/index.mdx

@@ -11,6 +11,7 @@ about the release that introduced the feature.
 
 |           Version           | Release Date |
 | --------------------------- | ------------ |
+| [1.2.1](asp_1.2.1_rel_notes) | 09 Nov 2023 |
 | [1.0.0](asp_1.0.0_rel_notes) | 30 Nov 2022 |
 
 

advocacy_docs/pg_extensions/advanced_storage_pack/using.mdx

@@ -5,6 +5,38 @@ navTitle: Using
 
 The following are scenarios where the EDB Advanced Storage Pack TAMs are useful.
 
+## Bluefin example
+
+Bluefin is best when used with time-range partitioning. This example shows a table containing logs of trucks that get inserted periodically when each truck provides updates of its status.
+
+```sql
+CREATE TABLE truck_logs (
+    ts TIMESTAMP WITH TIME ZONE,
+    truck_id INTEGER,
+    latitude FLOAT,
+    longitude FLOAT,
+    elevation INTEGER,
+    velocity FLOAT,
+    characteristics JSON,
+    data JSON
+) PARTITION BY RANGE (ts)
+  USING bluefin;
+```
+
+Each partition contains one month of data:
+
+```sql
+CREATE TABLE "truck_logs_2023-09"
+  PARTITION OF truck_logs FOR VALUES FROM ('2023-09-01') TO ('2023-10-01')
+  USING bluefin;
+```
+
+One single index is created on each partition:
+
+```sql
+CREATE INDEX "i_truck_logs_2023-09_truck_id_ts" ON "truck_logs_2023-09"(truck_id, ts);
+```
+
 ## Refdata example
 
 A scenario where Refdata is useful is creating a reference table of all

product_docs/docs/biganimal/release/overview/03a_region_support/index.mdx

@@ -63,12 +63,12 @@ When using AWS, you can create clusters in the following regions.
 
 #### North America (NA)
 
-|       Cloud region       |   Short name   |
-| ------------------------ | -------------- |
-| Canada (Central)         | ca-central-1   |
-| US East (N. Virginia)    | us-east-1      |
-|  US East (Ohio)           | us-east-2      |
-|  US West (Oregon)         | us-west-2      |
+|     Cloud region      |  Short name  |
+| --------------------- | ------------ |
+| Canada (Central)      | ca-central-1 |
+| US East (N. Virginia) | us-east-1    |
+| US East (Ohio)        | us-east-2    |
+| US West (Oregon)      | us-west-2    |
 
 #### Europe, Middle East, and Africa (EMEA)
 
@@ -77,6 +77,7 @@ When using AWS, you can create clusters in the following regions.
 | Europe (Frankfurt) | eu-central-1 |
 | Europe (Ireland)   | eu-west-1    |
 | Europe (London)    | eu-west-2    |
+| Europe (Spain)     | eu-south-2   |
 
 #### Asia and Pacific (APAC) 
 

product_docs/docs/language_pack/2/installing/macos.mdx

@@ -7,7 +7,7 @@ On MacOS, EDB provides a graphical interactive installer for Language Pack. To a
 
 ## Using Stack Builder
 
-Using PostgreSQL, you can invoke the graphical installer with Stack Builder. See [Using Stack Builder](https://www.enterprisedb.com/docs/supported-open-source/postgresql/installer/03_using_stackbuilder/). 
+Using PostgreSQL, you can invoke the graphical installer with Stack Builder. See [Using Stack Builder](/supported-open-source/postgresql/installing/using_stackbuilder/). 
 
 1. In Stack Builder, follow the prompts until you get to the module selection page.
 

product_docs/docs/language_pack/2/installing/windows.mdx

@@ -9,9 +9,9 @@ On Windows, EDB provides a graphical interactive installer for Language Pack. Us
 
 ## Using Stack Builder or StackBuilder Plus
 
-If you're using PostgreSQL, you can invoke the graphical installer for Language Pack with Stack Builder. See [Using Stack Builder](https://www.enterprisedb.com/docs/supported-open-source/postgresql/installer/03_using_stackbuilder/). 
+If you're using PostgreSQL, you can invoke the graphical installer for Language Pack with Stack Builder. See [Using Stack Builder](/supported-open-source/postgresql/installing/using_stackbuilder/). 
 
-If you're using EDB Postgres Advanced Server, you can invoke the graphical installer for Language Pack with StackBuilder Plus. See [Using StackBuilder Plus](/epas/latest/epas_inst_windows/installing_advanced_server_with_the_interactive_installer/using_stackbuilder_plus/). 
+If you're using EDB Postgres Advanced Server, you can invoke the graphical installer for Language Pack with StackBuilder Plus. See [Using StackBuilder Plus](/epas/latest/installing/windows/installing_advanced_server_with_the_interactive_installer/using_stackbuilder_plus/). 
 
 1. In Stack Builder or StackBuilder Plus, follow the prompts until you get to the module selection page.
 

product_docs/docs/pem/9/index.mdx

@@ -68,8 +68,8 @@ Supported versions of Postgres for PEM 9.x:
 
 |                                          |**Monitored Instance**      |**Backend Instance**  |
 |:-----------------------------------------|:---------------------------|:---------------------|
-|**EDB Postgres Advanced Server (EPAS)**   |11, 12, 13, 14, 15          |11, 12, 13, 14, 15    |
-|**PostgreSQL (PG)**                       |11, 12, 13, 14, 15          |11, 12, 13, 14, 15    |
-|**EDB Postgres Extended Server (PGE)**    |11, 12, 13, 14, 15          |12, 13, 14, 15[^1]    |
+|**EDB Postgres Advanced Server (EPAS)**   |12, 13, 14, 15, 16          |12, 13, 14, 15, 16    |
+|**PostgreSQL (PG)**                       |12, 13, 14, 15, 16          |12, 13, 14, 15, 16    |
+|**EDB Postgres Extended Server (PGE)**    |12, 13, 14, 15, 16          |13, 14, 15, 16[^1]    |
 
 [^1]: sslutils isn't available for RHEL 7 on IBM Power, so this distribution can't use PGE as a backend.

product_docs/docs/postgres_for_kubernetes/1/tde.mdx

@@ -158,3 +158,67 @@ For example:
 
 -   wrap command: `openssl enc -aes-128-cbc -pass pass:temp-pass -e -out %p`
 -   unwrap command: `openssl enc -aes-128-cbc -pass pass:temp-pass -d -in %p`
+
+
+## Example using HashiCorp Vault
+
+The following example shows how to use HashiCorp Vault to store the encryption
+key and use it to activate TDE. The `vault` CLI is used to interact with Vault
+and is included by default in the EDB Postgres Advanced Server (EPAS) image.
+
+First, wherever you have vault running you must enable the Transit secrets 
+engine and create a key:
+
+``` shell
+vault secrets enable transit
+vault write -f transit/keys/pg-tde
+```
+
+Then, create a secret containing the custom wrap/unwrap commands. The wrap
+and unwrap commands will 'wrap' a binary that is in the EPAS image. The 
+binary will interact with the vault API to encrypt/decrypt the EPAS encryption.
+
+The binary needs 4 flags: `--host`, `--secret`, `--key` and `--vault-endpoint`. The
+`--host` flag is in the format of `http://vault-host:vault-port` and needs to be
+provided to reach the Vault. The server`--secret` flag is the name of the Kubernetes
+secret that contains the vault token and the `--key` flag is the key in that secret
+pointing the vault token. The `--vault-endpoint` flag is the name of the key that
+was created inside vault; in the example above it is `pg-tde`.
+
+If running the Vault operator in Kubernetes the root token can be obtained from the
+following two commands:
+
+```shell
+kubectl exec vault-0 -- vault operator init -key-shares=1 -key-threshold=1 -format=json > cluster-keys.json
+cat cluster-keys.json | jq -r ".root_token"
+```
+
+``` shell
+kubectl create secret generic -o yaml vault-token \
+    --from-literal=wrap="/bin/vault wrap --file %p --host http://vault:8200 --secret vault-token --key token --vault-endpoint pg-tde" \
+    --from-literal=unwrap="/bin/vault unwrap --file %p --host http://vault:8200 --secret vault-token --key token --vault-endpoint pg-tde" \
+    --from-literal=token="hvs.whatever"
+```
+
+You can now create a Cluster that is referencing the secrets:
+
+``` yaml
+apiVersion: postgresql.k8s.enterprisedb.io/v1
+kind: Cluster
+metadata:
+  name: hashicorp-vault-tde
+spec:
+  instances: 3
+  storage:
+    size: 1Gi
+  postgresql:
+    epas:
+      tde:
+        enabled: true
+        wrapCommand:
+          name: vault-token
+          key: wrap
+        unwrapCommand:
+          name: vault-token
+          key: unwrap
+```