Hello,
As the title suggests, how do you manage your DBs for docker services.
Do you spin a new DB for every new docker cluster or do you have a centralized DB that is accessible to the docker clusters.
What are the pros and cons of both method?
For the moment, I spin a new DB for every services as I feel it is easier to backup the service in case of a problem.
One database service but separate databases running inside of the service. Each database has 3 accounts: table_owner (no remote access), proc_owner (only table specific permissions and the owner of all stored procedures; no remote access) and application_account (no table access and only execute permissions on the proc_owner’s stored procedures).
Which means that even if the application is compromised, it can not compromise the database. It can only use approved stored procedures that check their inputs and abort on the smallest deviation from expected inputs.
That is way above my database knowledge. I will need to read up on that.
Thanks for the input