Scalingo Database Addons

You applications need databases to store your data. As we believe your data should be located geographically close to your application servers we support the most common types of database.

We ensure your database is located at the same location as your applications. It provides the best performance and latency possible. Moreover you know where your data are.

Database Types



Backups Retention Policy

If your database is in a paid plan (i.e. it’s not “free plan”), we’ll automatically make periodic backups of your database on a daily basis, at around 1:00 AM Central European Time (CET or UTC+0100). The time of your daily backup is configurable via the web dashboard of your database or using the CLI.

We keep a limited amount of backups depending on your database plan. A daily backup is retained for the last 7 days. That means that 7 backups will exist, one for each of the last 7 days. A weekly backup means that only one backup is saved over a 7 days period. A monthly backup means that only 1 backup is saved over the course of a month.

Plan Weekly Backups Retained Monthly Backup Retained
Sandbox/Free N/A N/A
Starter 4 weeks 0 months
Business 8 weeks 12 months

You can also manually trigger a backup for your database at any time you want. The number of manual backups that you can retain is limited by your plan:

Plan Backups Retained
Sandbox/Free N/A
Starter 10
Business 50

In case a database is removed from an application, the retention policy remains untouched: backups are not instantly deleted.

Encryption at Rest

All databases created after the 6th of January 2019 have encryption at rest enabled. In other words, all your data is encrypted before being stored on disk.

Encryption at rest on our database offer leverages a feature of the Linux Kernel allowing to encrypt data at the disk level named dm-crypt. The algorithm used is aes-xts-plain64 with a key size of 256 bit and hashed using SHA-256. This method is considered secure and standard in the industry. To reduce the attack surface, each instance of each database has its own cryptographic key to protect its data, so getting access to one key wouldn’t allow an attacker to get plain data from another database. The keys are stored in a database which is itself encrypted and protected by authentication.

Communication With TLS

We enable for all database types the possibility to connect to them using TLS. By default, you can connect both with or without TLS to your database. You can also enforce all connections to use TLS by activating the “Force TLS Connections” feature in the web dashboard of your addon:

Moreover, we also encrypt all communications between the members of cluster:

  • from the gateways to the leader,
  • from the leader to the followers,
  • between the cluster orchestrator and its database for PostgreSQL databases.

Connection Timeouts

Most of our high availability setups contain a HAProxy as entry point to the actual database nodes. This HAProxy has a few timeouts configured which may impact your application, especially if you reuse connections. The concerned databases are:

  • Elasticsearch:
    • Timeout when the client is inactive: 1 minute.
    • Timeout when the server is inactive: 2 minutes.
    • Maximum allowed time to wait for a complete HTTP request: 5 seconds.
  • PostgreSQL
    • Timeout when the client is inactive: 1 day.
    • Timeout when the server is inactive: 30 minutes.
    • Inactivity timeout on the client side for half-closed connections: 5 minutes.
  • Redis
    • Timeout when the client is inactive: 5 minutes.
    • Timeout when the server is inactive: 5 minutes.
    • Inactivity timeout on the client side for half-closed connections: 1 hour.

mode_edit Suggest edits