Architecture¶
Epsio seamlessly integrates into existing databases, ensuring a short and smooth integration process. It requires zero database migrations, keeps your database secure, and allows you to query your data as if it were stored and processed in a single database.
Deployment Architecture¶
Epsio is deployed within the customer environment on a separate compute instance from the database. For each defined query, Epsio first fetches a snapshot of the initial data from the relevant underlying tables in your database and writes back the calculated query result to your original database.
Then, whenever the underlying data changes, Epsio uses logical replication/CDC (change data capture) to receive the new changes and incrementally update the previously written query result.
This deployment acrchitecture has a few benifits:
- Zero database migrations - When deploying Epsio, you get the upside of incremental materialized views without the need to migrate your data to a new database.
- Low Latency - Epsio writes the query result directly to a table in your database. This means you can query the result table from your original database with minimal latency, just like any other table. It's even possible to JOIN it with other data in your database.
- High Control of Result Data - With Epsio writing results to standard SQL tables in your database, you have the flexibility to add indexes, partitions, and more to the results table as you would with any other table in your database.
- High Data Availability - Since Epsio writes the query result back to your database and is only responsible for updating previous results, you can still query the data even if Epsio is down (although the results might not be up to date).
Data Privacy and Security¶
To ensure your sensitive data never leaves your environment and is not accessible to external parties, Epsio is deployed within your environment. This allows our users to comply with specific cloud security and governance standards that their organization may require, without compromising on the benefits of a managed service.
Control Plane and Data Plane¶
The architecture of an Epsio deployment is divided into two separate planes. The control plane is where Epsio runs software updates, monitors the status of the deployment, gathers usage statistics, and alerts when an error occurs. The data plane handles the actual data processing of database data.
Info
To ensure maximum security, we recommend restricting the Epsio deployment to only have outbound network access to the relevant database, and outbound HTTPS access.
How is the control plane separated from the data plane?¶
The Epsio deployment communicates with Epsio cloud for basic management operations, but all data processing is done entirely on the compute instances deployed in the customer's environment, and Epsio Cloud cannot access the processed data.
Any data originating from the database or containing sensitive customer information (for example, database access credentials) is never sent back to Epsio Cloud and is stored only within the instance deployed in the customer environment.