CockroachDB Setup Rule

This rule provides comprehensive guidance for setting up CockroachDB in development and production environments. It covers initial cluster configuration, node setup, and essential security configurations to ensure optimal performance and reliability.

# CockroachDB Setup Rule ## Overview This rule provides comprehensive guidance for setting up CockroachDB in development and production environments. It covers initial cluster configuration, node setup, and essential security configurations to ensure optimal performance and reliability. ## Implementation ### 1. Initial Cluster Setup #### Single-Node Development Setup ```bash # Download and install CockroachDB curl https://binaries.cockroachdb.com/cockroach-v23.2.0.linux-amd64.tgz | tar -xz sudo cp -i cockroach-v23.2.0.linux-amd64/cockroach /usr/local/bin/ # Start single-node cluster for development cockroach start-single-node \ --insecure \ --listen-addr=localhost:26257 \ --http-addr=localhost:8080 \ --store=cockroach-data \ --background ``` #### Multi-Node Production Setup ```bash # Node 1 (initialize cluster) cockroach start \ --certs-dir=certs \ --store=node1 \ --listen-addr=node1.example.com:26257 \ --http-addr=node1.example.com:8080 \ --join=node1.example.com:26257,node2.example.com:26257,node3.example.com:26257 \ --background # Initialize the cluster (run once) cockroach init --certs-dir=certs --host=node1.example.com:26257 # Node 2 & 3 (join existing cluster) cockroach start \ --certs-dir=certs \ --store=node2 \ --listen-addr=node2.example.com:26257 \ --http-addr=node2.example.com:8080 \ --join=node1.example.com:26257,node2.example.com:26257,node3.example.com:26257 \ --background ``` ### 2. Security Configuration #### Generate Certificates ```bash # Create CA certificate cockroach cert create-ca \ --certs-dir=certs \ --ca-key=my-safe-directory/ca.key # Create node certificates cockroach cert create-node \ localhost \ node1.example.com \ node2.example.com \ node3.example.com \ --certs-dir=certs \ --ca-key=my-safe-directory/ca.key # Create client certificate for root user cockroach cert create-client \ root \ --certs-dir=certs \ --ca-key=my-safe-directory/ca.key ``` #### User Management ```sql -- Create application user CREATE USER app_user WITH PASSWORD 'strong_password'; -- Grant necessary privileges GRANT ALL ON DATABASE myapp TO app_user; GRANT ALL ON TABLE myapp.public.* TO app_user; -- Create read-only user for monitoring CREATE USER monitoring WITH PASSWORD 'monitoring_password'; GRANT SELECT ON DATABASE myapp TO monitoring; ``` ### 3. Database and Schema Setup #### Initial Database Configuration ```sql -- Create application database CREATE DATABASE myapp; -- Set default configurations ALTER DATABASE myapp SET sql_stats_automatic_collection_enabled = true; ALTER DATABASE myapp SET sql_stats_histogram_collection_enabled = true; -- Create schema USE myapp; CREATE SCHEMA IF NOT EXISTS public; ``` #### Connection Pool Configuration ```go // Go example with pgx import ( "github.com/jackc/pgx/v5/pgxpool" "context" ) config, err := pgxpool.ParseConfig("postgresql://app_user:password@localhost:26257/myapp?sslmode=require") if err != nil { log.Fatal(err) } // Configure connection pool config.MaxConns = 30 config.MinConns = 5 config.MaxConnLifetime = time.Hour config.MaxConnIdleTime = time.Minute * 30 pool, err := pgxpool.NewWithConfig(context.Background(), config) ``` ### 4. Environment-Specific Configurations #### Development Environment ```yaml # docker-compose.yml version: '3.8' services: cockroach: image: cockroachdb/cockroach:latest ports: - "26257:26257" - "8080:8080" command: start-single-node --insecure volumes: - cockroach-data:/cockroach/cockroach-data environment: - COCKROACH_DATABASE=myapp - COCKROACH_USER=app_user - COCKROACH_PASSWORD=dev_password volumes: cockroach-data: ``` #### Production Environment Variables ```bash # Essential environment variables export COCKROACH_CERTS_DIR=/var/lib/cockroach/certs export COCKROACH_STORE=/var/lib/cockroach/data export COCKROACH_HOST=node1.example.com:26257 export COCKROACH_DATABASE=myapp export COCKROACH_USER=app_user export COCKROACH_PASSWORD=production_password export COCKROACH_SSL_MODE=require ``` ## Best Practices ### 1. Cluster Configuration - **Minimum 3 nodes**: Always use odd numbers of nodes (3, 5, 7) for proper consensus - **Geographic distribution**: Spread nodes across different availability zones - **Resource allocation**: Ensure adequate CPU, memory, and storage for each node - **Network configuration**: Use dedicated network interfaces for inter-node communication ### 2. Security Hardening - **Never use --insecure**: Always use certificates in production - **Certificate rotation**: Implement automated certificate rotation - **Network isolation**: Use VPCs and security groups to restrict access - **Audit logging**: Enable audit logging for compliance requirements ### 3. Performance Optimization - **Storage configuration**: Use SSD storage with appropriate IOPS - **Memory allocation**: Set --cache to 25% of available memory - **Connection pooling**: Always use connection pooling in applications - **Query optimization**: Use EXPLAIN to analyze query plans ### 4. Monitoring Setup ```sql -- Enable important cluster settings SET CLUSTER SETTING server.time_until_store_dead = '1m30s'; SET CLUSTER SETTING kv.raft.log.disable_synchronization_unsafe = false; SET CLUSTER SETTING sql.metrics.statement_details.enabled = true; ``` ## Common Issues ### 1. Clock Synchronization **Problem**: "clock synchronization error" on cluster startup **Solution**: ```bash # Ensure NTP is configured on all nodes sudo apt-get install ntp sudo systemctl enable ntp sudo systemctl start ntp ``` ### 2. Certificate Issues **Problem**: SSL certificate verification failures **Solution**: ```bash # Verify certificate validity cockroach cert list --certs-dir=certs # Check certificate expiration openssl x509 -in certs/node.crt -text -noout | grep "Not After" ``` ### 3. Node Join Failures **Problem**: New nodes cannot join the cluster **Solution**: ```bash # Check node connectivity cockroach node status --certs-dir=certs --host=node1.example.com:26257 # Verify join addresses are correct cockroach node ls --certs-dir=certs --host=node1.example.com:26257 ``` ### 4. Storage Issues **Problem**: Node running out of disk space **Solution**: ```bash # Monitor storage usage cockroach node status --certs-dir=certs --host=node1.example.com:26257 # Clean up old logs find /var/lib/cockroach/logs -name "*.log" -mtime +7 -delete ``` ### 5. Connection Pool Exhaustion **Problem**: "connection pool exhausted" errors **Solution**: ```go // Increase pool size and add proper timeouts config.MaxConns = 50 config.HealthCheckPeriod = 1 * time.Minute config.ConnConfig.ConnectTimeout = 5 * time.Second ``` ### 6. Version Upgrade Issues **Problem**: Cluster upgrade failures **Solution**: ```bash # Always perform rolling upgrades cockroach node drain --certs-dir=certs --host=node1.example.com:26257 # Stop node, upgrade binary, restart cockroach start --certs-dir=certs --join=... --background ``` ## Validation Commands ```bash # Check cluster health cockroach node status --certs-dir=certs --host=node1.example.com:26257 # Verify replication cockroach sql --certs-dir=certs --host=node1.example.com:26257 -e "SHOW RANGES FROM TABLE myapp.public.users;" # Test connection cockroach sql --certs-dir=certs --host=node1.example.com:26257 -e "SELECT version();" ```

Created: 6/1/2025

Keywords: text snippets, slack for ai prompts, slack for ai, AI consulting, AI Cheat Tool, AI Cheat Tool for developers, AI Cheat Tool for AI, AI Cheat Tool for ChatGPT, chatgpt prompt generator, AI Cheat Tool for email, AI Cheat Tool for text, AI Cheat Tool for keyboard shortcuts, AI Cheat Tool for text expansion, AI Cheat Tool for text snippets, AI Cheat Tool for text replacement, AI Cheating Tool, AI Cheating Tool for developers, AI Cheating Tool for AI, AI Cheating Tool for ChatGPT, AI Cheating Tool for email, AI Cheating Tool for text, AI Cheating Tool for keyboard shortcuts, prompt cheating, AI prompt engineering, AI context engineering, context engineering, ai prompt manager, AI prompt manager, AI prompt management, ai consulting, prompt engineering consulting, generative ai consulting, ai implementation services, llm integration consultants, ai strategy for enterprises, enterprise ai transformation, ai prompt optimization, large language model consulting, ai training for teams, ai workflow automation, build ai knowledge base, llm prompt management, ai prompt infrastructure, ai adoption consulting, enterprise ai onboarding, custom ai workflow design, ai integration for dev teams, ai productivity tools, team prompt collaboration, github gists, github snippets, github code snippets, github code snippets automation, github, text expansion, text automation, snippet manager, code snippets, team collaboration tools, shared snippets, snippet sharing, keyboard shortcuts, productivity tools, workflow automation, AI-powered productivity, snippet tool for teams, team knowledge base, AI text completion, text expander for teams, snippet collaboration, multi-platform productivity, custom keyboard shortcuts, snippet sharing platform, collaborative snippet management, knowledge base automation, team productivity software, business productivity tools, snippet management software, quick text input, macOS productivity apps, Windows productivity tools, Linux productivity tools, cloud-based snippets, cross-platform snippets, team workspace tools, workflow enhancement tools, automation tools for teams, text automation software, team knowledge sharing, task automation, integrated team tools, real-time collaboration, AI for team productivity, business text automation, time-saving tools, clipboard manager, multi-device clipboard, keyboard shortcut manager, team communication tools, project management integration, productivity boost AI, text snippet sharing, text replacement software, text management tools, efficient team collaboration, AI workspace tools, modern productivity apps, custom text automation, digital workspace tools, collaborative workspaces, cloud productivity tools, streamline team workflows, smart text management, snippets AI app, snippet management for teams, shared knowledge platforms, team-focused text automation, team productivity platform, AI text expansion tools, snippet taking app, note taking app, note taking software, note taking tools, note taking app for teams, note taking app for developers, note taking app for AI, note taking app for ChatGPT, snippet software, snippet tools, snippet app for teams, snippet app for developers, snippet app for AI, snippet app for ChatGPT, AI agent builder, AI agent snippets, AI agent prompts, prompt management, prompt engineering, ChatGPT snippets, ChatGPT prompts, AI prompt optimization, AI-powered prompts, prompt libraries for AI, prompt sharing for ChatGPT, GPT productivity tools, AI assistant snippets, ChatGPT integrations, custom AI prompts, AI agent workflows, machine learning snippets, automated AI prompts, AI workflow automation, collaborative AI prompts, personalized AI agents, text snippets for ChatGPT, AI prompt creation tools, AI code snippet manager, GPT-4 text automation, AI-powered writing assistants, AI tools for developers, AI agent integrations, developer prompt snippets, AI text generation workflows, AI-enhanced productivity, GPT prompt sharing tools, team collaboration for AI, openAI integrations, text automation for AI teams, AI-powered collaboration tools, GPT-4 team tools, AI-driven text expanders, AI-driven productivity solutions, AI agent for email writing, AI agent for text expansion, AI agent for text automation, AI agent for text snippets, AI agent for text replacement, AI agent for keyboard shortcuts, AI Agent Developer, Prompt engineering, Machine Learning Engineer, AI Engineer, Customer Support, Code snippets for developers, Recruiting, AI agent for automation, AI agent for AI automation, AI agent for ChatGPT automation, AI agent for email automation, electron app for snippets, desktop snippet manager, code snippet organization, AI prompt repository, intelligent text expansion, vibe coding, Claude cli ai prompts, prompt optimizer, buy prompts, sell prompts, snippets store, sell scripts, buy scripts, buy python scripts, scraping scripts, AI prompt marketplace, ChatGPT prompt marketplace, best AI prompts, best ChatGPT prompts, AI prompt database, AI prompt packs, AI prompt bundles, GPT prompt marketplace, prompt engineering masterclass, prompt engineering certification, prompt engineering course, ChatGPT prompt store, AI prompt store, prompt monetization, sell AI prompts, buy AI prompts, prompt marketplace platform, AI prompt plugins, Claude prompt marketplace, AI prompt subscription, Custom GPT, real-time prompt collaboration, developer workflow optimization, team prompt library, knowledge management for developers, code snippet search, searchable code library, reusable code blocks, prompt engineering tools, prompt template management, collaborative coding, cross-team knowledge sharing, code snippet versioning, AI prompt templates, technical documentation tools, developer productivity suite, team snippet repository, AI prompt history, snippet synchronization, cloud snippet backup, markdown snippet support, syntax highlighting for snippets, code categorization, programming language snippets, language-specific code templates, contextual code suggestions, snippets with AI integration, command palette for snippets, code snippet folder organization, team snippet discovery, private and public snippets, enterprise code management, team codebase documentation, prompt engineering best practices, Vibe Coding, Vibe Coding for developers, Vibe Coding for AI, Vibe Coding for ChatGPT, Vibe Coding for email, Vibe Coding for text, Vibe Coding for keyboard shortcuts, Vibe Coding for text expansion, Vibe Coding for text snippets, Vibe Coding for text replacement, free prompt generator, ai prompt generator, prompt generator, promptlayer, promptimize ai, langchain prompt management, lanhsmith prompt management, latitude, langchain, langgraph, langchain documentation, raycast, text expander, raycast snippets, raycast mac, cursor, cursro ai, cursor snippets, cursor rules, cursor ai rules, learn prompting, how to prompt, prompting guide, prompting tutorials, best prompting practices, ai prompt best practices, prompting techniques, prompting, express, rust, api, go, spa, node, postgresql, docker, rest, git, linux, monitoring, logging, performance, security

AI Prompts, ChatGPT, Code Snippets, Prompt Engineering

Cockroach Labs

https://cockroachlabs.com