Datomic Pro and Datomic Cloud are FREE!

Using IAM Roles with Datomic on AWS

25 October 2013

With today's Datomic release, you can use IAM roles to manage permissions when running in AWS.

Motivation

Datomic's AWS support has been designed according to the principle of least privilege.  When running in AWS, a Datomic transactor or peer needs only the minimum permissions necessary to communicate with various AWS services.  These permissions are documented in Setting Up Storage Services.

But you still need some way to install these minimal permissions on ephemeral virtual hardware. Early versions of AWS left this problem to the developer.  Solutions were tedious and ad hoc, but more important they were risky.  Leaving every application developer the task of passing credentials around is a recipe for credentials lying around in a hundred different places (or even checked into source code repositories.)

IAM roles provide a generic solution to this problem.  From the FAQ: "An IAM role allows you to delegate access, with defined permissions, to trusted entities without having to share long term access keys (emphasis added).  From a developer perspective, IAM roles get credentials out of your application code.

Implementation

Starting with version 0.9.4314, Datomic supports IAM roles as the default mechanism for conveying credentials in AWS.  What does this mean for developers?
  1. If you are configuring Datomic for the first time, the setup instructions will secure peers and transactors using IAM roles. 
  2. If you have an existing Datomic installation and want to upgrade to roles, Migrating to IAM Roles will walk you through the process.
  3. Using explicit credentials in transactor properties and in connection URIs is deprecated, but will continue to work.  Your existing deployments will not break.
IAM roles make your application both easier to manage and more secure.  Use them.
..

Datomic Pro Starter Edition

08 October 2013

We are happy to announce today the release of Datomic Pro Starter Edition, enabling the use of Datomic for small production deployments at no cost.

Datomic Pro Starter Edition features most benefits of Datomic Pro:

  • Support for all storages
  • A perpetual license with 12 months of updates included
  • Support for the full Datomic programming model
  • Datomic Console included with download
    Datomic Pro Starter Edition features community support, and does not include:
    • High Availability transactor support
    • Integrated memcached
    • Running more than 3 processes (2 peers + transactor)
    To get started, register and download Datomic Pro Starter Edition

    Datomic Pro Starter Edition lets your team build a fully operational system and deploy to production with no additional steps or costs.

    ..

    Datomic Console

    29 September 2013

    [Update: Watch the intro video.]

    The Datomic Console is a graphical UI for exploring Datomic databases.



    It supports exploring schema, building and executing queries, navigating entities, examining transaction history, and walking raw indexes.  The Datomic Console is included in Datomic Pro, and is available as a separate download for Datomic Free users.

    Exploring Schema

    The upper left corner of the console displays a tree view of the attributes defined for the current database.



    Query

    The Query tab provides two synchronized views of queries: a graphical builder, and the equivalent textual representation.



    You can see the results of a query in the Dataset pane on the lower right.


    Entities

    The Entities tab provides a tree view of an entity, plus the ability to drill in to related entities.


    Transactions

    The Transactions tab provides a graphical view of the history of your database at scales ranging from days down to seconds.



    When you zoom in, the specific datoms in a transaction are displayed in the dataset pane.

    Indexes

    The Indexes tab allows you to browse ranges within a Datomic index, displaying results in the dataset pane.


    And More

    This post only scratches the surface, see the full docs for more details.  You can save arbitrary datasets, giving them a name for reuse in subsequent queries.  And, of course, you can use Datomic's time features to work with as-of, since, and historical views of your data.

    ..

    The Transaction Report Queue

    11 September 2013

    Summary: Functional databases such as Datomic eliminate the burden of deciding what information a downstream observer needs.  Just give 'em everything, lazily.

    The Transaction Report Queue

    In Datomic, you can monitor all transactions.  Any peer process in the system can request a transaction report queue of every transaction against a particular database.

    TxReportWatcher is a simple example of this.  It watches a particular attribute in the database, and prints the entity id and value whenever a change to that attribute appears.  The essence of the code is only a few lines of Java:

    final BlockingQueue queue = conn.txReportQueue();

    while (true) {
     final Map tx = queue.take();
     Collection results = q(byAttribute, tx.get(TX_DATA), attrid);
     for (Iterator it = results.iterator(); it.hasNext(); ) {
     printList(it.next());
     }
    }

    There are several things to note here:
    • The Datomic query function q is used to query the transaction data, showing that the full power of the database query language is available while handling transaction events.
    • The TX_DATA map key points to all the data added to the database by this particular transaction.
    • Everything is made of generic data structures accessible from any JVM language: queues, collections, maps, and lists.  (There is no ResultSet API.)

    Context Matters

    How much information does a transaction observer need in order to take useful action?  An easy but naive answer is "just the TX_DATA".

    But when you move past toy systems and blog examples, context matters.  For example, when a user places an order in a system, you might want to take different actions based on 
    • that user's order history
    • the current inventory status
    • time limited promotions
    • that user's relation to other users
    It is impossible to anticipate in advance the context you might need.  But if you don't provide enough information, you will have to go back and ask for more.  There are many risks here.  The biggest risk is that such asking will introduce tighter coupling via the need for coordination, e.g. going back and asking questions of a database, questions that must be coordinated with the time of the event.  Unnecessary coordination is a cause of complexity (and an enemy of scalability).

    Is there another way?  You bet!  If you have a functional database, where points in time are immutable values, then you can make the entire database available.  Datomic provides exactly this. In addition to the TX_DATA key, the DB_AFTER key points to the entire database as of the completion of the transaction.  And the DB_BEFORE key points to the entire database immediately before the transaction started.  Because both the "before" and "after" copies of the database are immutable values, no coordination with other processes is required, ever.

    A Common Misconception

    Developers often raise an objection to this approach:  "Oh, I see, this approach is limited to tiny databases that can fit in memory and be passed around."  Not at all.  Because they are immutable, Datomic databases can be lazily realized, pulling into memory only the parts that are needed.

    Moreover, Datomic's indexes provide leverage over your data. Queries do not have to realize the entire database, they can use just the data needed.  Datomic indexes provide leverage for "row", "column", "document", and "graph" access styles, so a wide variety of workloads are efficient.  Different peers will "cache over" their working sets automatically, without you having to plan in advance which machine needs which data.

      Composition FTW

      Datomic's transaction report queue makes it possible for any peer to observe and respond to transactions, with complete access to all necessary context, and without any coordination with database writes.  Transaction reports are a simple building block for scalable systems.
      ..

      Datomic MusicBrainz sample database

      01 June 2013

      MusicBrainz is an open music encyclopedia that collects music metadata and makes it available to the public. We are pleased to release a sample project that uses the MusicBrainz dataset to help people get familiar with using Datomic.
      The MusicBrainz dataset makes a great example database for learning, evaluating, or testing Datomic for a couple of reasons:

      • It deals with a domain with which nearly everyone is familiar
      • It is of decent size: 60,438 labels; 664,226 artists; 1,035,592 album releases; and 13,233,625 recorded tracks
      • It comprises a good number of entities, attributes, and relationships
      • It is fun to play with, query, and explore

      Schema

      The mbrainz-sample schema is an adaptation of a subset of the full MusicBrainz schema. We didn't include some entities, and we made some simplifying assumptions and combined some entities. In particular:
      • We omit any notion of Work
      • We combine Track, Tracklist and Recording into simply "track"
      • We renamed Release group to "abstractRelease"

      Abstract Release vs. Release vs. Medium

      (Adapted from the MusicBrainz schema docs)
      An "abstractRelease" is an abstract "album" entity (e.g. "The Wall" by Pink Floyd). A "release" is something you can buy in your music store (e.g. the 1984 US vinyl release of "The Wall" by Columbia, as opposed to the 2000 US CD release by Capitol Records).
      Therefore, when you query for releases e.g. by name, you may see duplicate releases. To find just the "work of art" level album entity, query for abstractRelease.
      The media are the physical components comprising a release (disks, CDs, tapes, cartridges, piano rolls). One medium will have several tracks, and the total tracks across all media represent the track list of the release.

      Relationship Diagram


      Entities

      For information about the individual entities and their attributes, please see the schema page in the wiki, or the EDN schema itself.

      Getting Started

      First get Datomic, and start up a transactor.

      Getting the Data

      Next download the mbrainz backup:

       # 2.8 GB, md5 4e7d254c77600e68e9dc71b1a2785c53
       wget http://s3.amazonaws.com/mbrainz/datomic-mbrainz-backup-20130611.tar
      and extract:
       # this takes a while
       tar -xvf datomic-mbrainz-backup-20130611.tar
      Finally, restore the backup:
       # takes a while, but prints progress -- ~150,000 segments in restore
       bin/datomic restore-db file:datomic-mbrainz-backup-20130611 datomic:free://localhost:4334/mbrainz

      Getting the Code

      Clone the git repo somewhere convenient:
       git clone git@github.com:Datomic/mbrainz-sample.git
       cd mbrainz-sample

      Running the examples

      From Java

      Fire up your favorite IDE, and configure it to use both the included pom.xml and the following Java options when running: 

       -Xmx2g -server

      From Clojure

      Start up a Clojure REPL:
       # from the root of the mbrainz-sample repo
       lein repl
      Then connect to the database and run the queries.

      Thanks

      We would like to thank the MusicBrainz project for defining and compiling a great dataset, and for making it freely available. ..

      10 of 13
      Datomic Pro
      Benefits Documentation Release Notes Apache License
      Datomic Cloud
      Product Details Support Pricing Documentation Release Notes Apache License
      Resources
      Blog Knowledgbase Developer Forum Product Support
      Company
      About UsContact
      ©2016-2021 Cognitect, Inc.
      Datomic® is a registered trademark of Cognitect, Inc.
      Trademark Guidelines | Privacy Policy