Database Connection Question

[donavonelli]

Question description

1. Can you connect an Amazon RDS database to Sourcegraph using IAM permissions

2. Question quote from the customer: "how does the database client manage connections and what (if any) guarantees it makes? Eg: it always establishes a connection at process startup and will always reuse an existing connection until closed. This clarification is important to us because PostgreSQL servers should honor keepalive connections, which makes the 15-minute credential TTL only a factor on initial connection."

Is your question related to a problem? If so, please describe or link to another issue.

No

Additional context

The customer was attempting to upgrade their Sourcegraph version from 3.28.0 and wanted to migrate their database over to an external RDS database

Question 1 was answered by Crystal Augustus from the delivery team

[github-actions[bot]]

Heads up @davejrt @ggilmore @dan-mckean @caugustus-sourcegraph - the "team/delivery" label was applied to this issue.

[caugustus-sourcegraph]

@donavonelli - the database connections use a connection pool (https://sourcegraph.com/github.com/sourcegraph/sourcegraph/-/blob/internal/database/dbconn/dbconn.go?L396), which have a default connection lifetime of 1 hour (https://sourcegraph.com/github.com/jackc/pgx/-/blob/pgxpool/pool.go?L18). Even if all pooled connections are established at startup time, they eventually expire and get a fresh connection from the database. The database can also close a connection from the server side, prompting a reconnect from the client many hours after the container startup.

It doesn't seem safe at all to try and rely on the initial connection persisting throughout the lifetime of the container. At best, they could slowly lose available connections and have to manually trigger a restart on the Sourcegraph container.

Adding the ability to refresh the Sourcegraph connection pool using credentials from the environment would be a good feature request, though!