HackerTrans
TopNewTrendsCommentsPastAskShowJobs

mattaitken

no profile record

comments

mattaitken
·4 tháng trước·discuss
This is cool. I think for our use case this wouldn’t work. We’re dealing with billions of rows for some tenants.

We’re about to introduce alerts where users can write their own TRQL queries and then define alerts from them. Which requires evaluating them regularly so effectively the data needs to be continuously up to date.
mattaitken
·4 tháng trước·discuss
ClickHouse is a high performance OLAP database. It’s good for analytics and search.

We use it (I’m the author or the article) so users can search every run they do and graph all sorts of metrics.
mattaitken
·4 tháng trước·discuss
Yes it’s exactly this. There’s not a neat permission boundary when you have users, orgs, projects, environments. Let alone when you add RBAC too.
mattaitken
·4 tháng trước·discuss
You’re right RLS can go a long way here. With complex RBAC rules it can get tricky though.

The main advantages of a DSL are you can expose a nicer interface to users (table names, columns, virtual columns, automatic joins, query optimization).

We very intentionally kept the syntax as close to regular ClickHouse as possible but added some functions.
mattaitken
·4 tháng trước·discuss
In a system with organizations, projects and advanced user access permissions having separate databases doesn’t full solve the problem. You still need access control inside each tenanted database. It also makes cross-cutting queries impossible which means users can’t query across all their orgs for example.

The DSL approach has other advantages too: like rewriting queries to not expose underlying tables, doing automatic performance optimizations…
mattaitken
·4 tháng trước·discuss
Yes, you can actually do this already because we expose a REST API and TypeScript SDK functions to execute the queries.