+1 DMS is very half baked. Silent, unbuggable errors. Tons of unsupported LOB and CLOB data types. Built-in Postgres logical replication is way easier.
We did the exact thing not too long ago, but we couldn't do it using blue/green. We were able to minimize downtime quite a bit, but it was on the order of minutes, not seconds. I wrote a little bit about the process here. I spent a lot of time prepping and running the migration, so happy to share any details if it's helpful.
We recently did this on my team over Christmas this year. We opted not to use Blue/Green for this but instead spun up an encrypted snapshot and began replication from the old database to the new database using MySQL’s tools. Once traffic on our platform was sufficiently low, we cut connections to the database, waited for for replica lag to reach 0 and relaunch the servers with the new databases host info. Our downtime was around a minute.
This is how we're planning to encrypt our RDS Postgres DBs, but with PG's built-in logical replication.
I tried it with DMS and it was so cumbersome. We would've needed to make a lot of schema changes to get DMS to function. Specifically DMS can't replicate a number of character column-types because they were considered CLOB.
Good question. This was a pain point for my small team (me, myself, and I) a little while back. We had an unencrypted db deployed with CDK, and then tried to get it encrypted without losing data.
yeah I also don't want any third party getting ahold of my transaction data. My solution was to have my banks send alert emails to me for any transaction. Then the alert emails are forwarded to a Dockerized email server I set up. The transaction data is automatically parsed out of the emails and loaded into a database. The only cost for me is the server.
Honestly the email server could be gotten rid of if someone was willing to directly access their gmail email account via IMAP, or whoever you use for email. I thought it would be a fun challenge to make an email server x_x
My goal is to make it so people like you could write some regex for their bank alert email parsing, spin this up, and be off to the races with no third party interference.
