Alibaba Cloud PolarDB Tutorial: Architecture, Pricing, Use Cases, and Hands-On Guide for Databases

Category

Databases

1. Introduction

PolarDB is a managed relational database service in Alibaba Cloud Databases designed for high availability, scalability, and operational simplicity. It provides database engines that are compatible with popular open-source and commercial ecosystems (for example MySQL-compatible and PostgreSQL-compatible options), while Alibaba Cloud manages the underlying infrastructure, backups, patching (scope varies by offering), and failover capabilities.

In simple terms: PolarDB lets you run a production-grade relational database cluster without building and operating your own MySQL/PostgreSQL/Oracle-like database stack. You provision a cluster, get endpoints for applications, and scale read capacity by adding read-only nodes while relying on built-in resiliency and backup features.

Technically, PolarDB is implemented as a database cluster with compute nodes (database instances) and shared storage (architecture depends on engine/edition). Applications connect through PolarDB endpoints inside a VPC, and the cluster can include a primary (read/write) node and one or more read-only nodes for read scaling and high availability. You manage it through the Alibaba Cloud console and APIs, and you can integrate with services like Data Management (DMS) and monitoring tools (for example Database Autonomy Service (DAS), where supported).

PolarDB solves common problems teams face with self-managed databases: manual replication setup, complex failover, slow scaling for reads, operational toil (backups/patching), and difficulty achieving consistent performance and availability—while still preserving a familiar SQL interface and compatibility with widely used tools and drivers.

Service naming note: PolarDB is the product name in Alibaba Cloud. Alibaba Cloud also offers related-but-separate database products (for example ApsaraDB RDS and PolarDB-X). This tutorial focuses only on PolarDB.

2. What is PolarDB?

PolarDB is Alibaba Cloud’s managed relational database service that provides database clusters with high availability, read scaling, backup/restore capabilities, and compatibility with common SQL ecosystems.

Official purpose (scope-aligned)

• Provide managed relational database clusters for production workloads.
• Offer high availability and scaling while reducing day-2 operational work (backups, monitoring integrations, failover mechanisms).
• Support engine compatibility options (such as MySQL-compatible and PostgreSQL-compatible offerings; additional compatibility modes may exist—verify in official docs for your region/edition).

Core capabilities

• Cluster-based deployment with endpoints for application connectivity.
• High availability through multi-node architecture and automated failover (exact behavior depends on engine/edition—verify in official docs).
• Read scaling using read-only nodes (where supported).
• Automated backups and point-in-time recovery (PITR) options (retention, backup types, and restore granularity vary—verify).
• Monitoring and performance insights via Alibaba Cloud’s ecosystem tools (for example DAS, CloudMonitor).

Major components (conceptual)

• PolarDB Cluster: The top-level resource you create and manage.
• Primary (read/write) node: Handles writes and read/write traffic.
• Read-only node(s): Scale out reads and may support failover scenarios.
• Endpoints: Connection addresses (for example, a cluster endpoint; additional endpoints may exist depending on engine/edition).
• Storage layer: Managed storage used by the cluster (details vary by engine/edition).
• Backup and snapshots: Automated and manual backup mechanisms.
• Networking: VPC access, whitelists, security groups (at the VPC level), SSL/TLS options.

Service type

• Managed relational database service (DBaaS) in the Databases category.

Scope (regional/zonal/account)

• PolarDB is typically region-scoped (you choose a region when creating a cluster).
• High availability is commonly implemented across zones within a region (multi-zone options vary by region and offering—verify in official docs and console).
• It is account-scoped within your Alibaba Cloud account; access is controlled by RAM (Resource Access Management) and network controls (VPC).

How it fits into the Alibaba Cloud ecosystem

PolarDB is commonly used with: – ECS (Elastic Compute Service) for application servers and database clients. – VPC for private networking and isolation. – SLB (Server Load Balancer) / ALB for application entry points (not for database traffic). – DMS (Data Management) for database administration, SQL execution, change management, and access control workflows. – DAS (Database Autonomy Service) for performance diagnostics and insights (availability varies—verify). – ActionTrail for auditing control-plane API actions. – KMS for encryption key management (when encryption features integrate with KMS—verify by engine/edition).

3. Why use PolarDB?

Business reasons

• Faster time to production: You can provision a cluster in minutes instead of building replication, backups, and failover from scratch.
• Lower operational overhead: Managed backups, automated health management, and integrated monitoring reduce DBA/SRE burden.
• Predictable service capabilities: Standardized options across environments improve consistency.

Technical reasons

• Read scaling: Add read-only nodes to increase read throughput without redesigning your application.
• High availability patterns: Multi-node cluster setups reduce single points of failure.
• Engine compatibility: Run familiar SQL engines (compatibility depends on selected PolarDB engine/edition).

Operational reasons

• Backups and restores: Built-in automated backup scheduling and restore workflows.
• Observability integrations: Performance metrics and slow query analysis via Alibaba Cloud tooling (capability varies).
• Lifecycle management: Console/API-driven operations for scaling, maintenance, and configuration.

Security/compliance reasons

• Private networking with VPC and access controls via whitelists/security groups.
• Centralized identity via RAM with audit trails through ActionTrail.
• Encryption options (in transit via SSL/TLS; at rest depending on configuration and edition—verify).

Scalability/performance reasons

• Scale reads horizontally with read-only nodes.
• Scale compute by changing node specifications (online resize options vary—verify).
• Storage growth is managed by the service (auto-scaling behavior depends on offering—verify).

When teams should choose PolarDB

• You need a managed relational database for OLTP workloads with:
• High availability requirements
• Read-heavy traffic patterns
• Managed backup/restore
• Tight integration with Alibaba Cloud networking and IAM

When teams should not choose PolarDB

• You need full OS-level control of the database host (use ECS + self-managed DB).
• You need a NoSQL model (consider Alibaba Cloud NoSQL offerings instead).
• You need a columnar analytics warehouse for large-scale OLAP (consider AnalyticDB or data warehouse services).
• You are locked into features of a specific community distribution or require custom database plugins not supported by the managed environment (verify engine constraints).

4. Where is PolarDB used?

Industries

• E-commerce and retail (orders, inventory, carts)
• FinTech and payments (account ledgers, transaction metadata)
• Gaming (player profiles, sessions, leaderboards—relational parts)
• Logistics and mobility (dispatching, tracking metadata)
• SaaS platforms (multi-tenant application databases)
• Media and content platforms (user accounts, subscriptions)

Team types

• Platform engineering teams standardizing database provisioning
• DevOps/SRE teams reducing operational toil
• Application teams needing reliable managed SQL without deep DBA investment
• Data engineers supporting operational data stores feeding downstream analytics

Workloads

• OLTP systems with read scaling needs
• Microservices with per-service schemas (or shared schema with careful governance)
• Multi-tenant SaaS databases with strict isolation controls
• Hybrid architectures where operational data replicates to analytics systems

Architectures

• Classic three-tier apps (web/app/db)
• Microservices with a shared database or database-per-service (with governance)
• Event-driven architectures where writes land in PolarDB and events stream outward (streaming service selection varies)

Deployment contexts

• Production: HA cluster, multiple read-only nodes, strict network isolation, backup retention aligned with RPO/RTO.
• Dev/Test: Smaller node specs, shorter backup retention, scheduled uptime, cost-optimized storage.

5. Top Use Cases and Scenarios

Below are practical PolarDB scenarios that align with managed relational databases on Alibaba Cloud.

1) Read-heavy e-commerce catalog

• Problem: Product pages generate heavy read traffic; writes are moderate.
• Why PolarDB fits: Add read-only nodes and route read queries to read endpoints.
• Example: A retail site uses primary for writes (price updates) and multiple read-only nodes for browsing and search filters.

2) High-availability order processing database

• Problem: Orders must be persisted reliably; downtime is costly.
• Why PolarDB fits: HA cluster design and managed failover reduce downtime risk (verify failover behavior by edition/engine).
• Example: Checkout service writes orders to PolarDB and relies on automated failover during node faults.

3) SaaS multi-tenant relational backend

• Problem: Need predictable provisioning and controlled access across tenants/environments.
• Why PolarDB fits: Standardized cluster provisioning, VPC isolation, RAM-based control plane access.
• Example: A SaaS company creates separate clusters per environment and uses DMS workflows for controlled SQL changes.

4) Session store with SQL constraints

• Problem: Sessions require relational integrity and joins (not a pure key/value use case).
• Why PolarDB fits: Relational model + managed operations.
• Example: A B2B portal stores authenticated sessions tied to accounts and roles.

5) CMS and content metadata store

• Problem: Content management needs transactions and consistent reads.
• Why PolarDB fits: Managed MySQL-compatible or PostgreSQL-compatible database with backups.
• Example: A content platform stores article metadata, tags, and publishing workflows.

6) Regional application needing in-region low latency

• Problem: Users are concentrated in a region; cross-region DB latency is too high.
• Why PolarDB fits: Region-scoped deployment close to compute in the same VPC.
• Example: A China-region app runs ECS + PolarDB in the same region and VPC for low latency.

7) Reporting offload using read-only nodes

• Problem: Reporting queries slow down transactional workloads.
• Why PolarDB fits: Use read-only nodes for reporting queries; keep primary focused on writes.
• Example: Business dashboards query read-only nodes during peak hours.

8) Migration from self-managed MySQL/PostgreSQL

• Problem: Self-managed replication/backups are fragile; upgrades are painful.
• Why PolarDB fits: Managed service with familiar SQL compatibility and tooling.
• Example: A team migrates an on-prem MySQL app to PolarDB and uses DMS to manage schema changes.

9) Microservices with shared relational database (governed)

• Problem: Multiple services share a schema; need safe access and change control.
• Why PolarDB fits: DMS approvals, auditing, and controlled database accounts.
• Example: A fintech uses DMS to enforce change workflows and limit privileged access.

10) Burst traffic events (campaigns)

• Problem: Flash sales create sudden read spikes.
• Why PolarDB fits: Add read-only capacity (and possibly adjust specs) around events; remove later.
• Example: Marketing campaign doubles traffic; read-only nodes absorb load.

11) Disaster recovery with cross-region replication (where supported)

• Problem: Need a standby in another region for DR.
• Why PolarDB fits: Some PolarDB offerings support cross-region replication/DR constructs (verify “Global Database Network” or equivalent in official docs).
• Example: Primary runs in Region A; DR replica runs in Region B with defined RPO/RTO.

12) Secure internal line-of-business apps

• Problem: Database must not be publicly exposed; strict access boundaries.
• Why PolarDB fits: VPC-only access, private endpoints, whitelist controls, RAM control-plane permissions.
• Example: HR application runs in a private VPC with PolarDB accessible only from specific ECS security groups.

6. Core Features

Feature availability can differ by engine type, edition, and region. Always verify in the PolarDB official documentation for your selected engine/edition.

1) Cluster-based managed database

• What it does: Lets you deploy a database as a cluster rather than a single instance.
• Why it matters: Enables HA and scaling patterns not available in single-node deployments.
• Practical benefit: Standardized endpoints and node management via console/API.
• Caveats: Node roles and endpoints vary by engine/edition.

2) Primary + read-only node architecture (read scaling)

• What it does: Supports adding read-only nodes to serve read traffic.
• Why it matters: Read scaling is a common bottleneck for OLTP apps.
• Practical benefit: Offload reporting and read-heavy queries.
• Caveats: Replication lag can exist; apps must tolerate eventual consistency for reads (verify semantics).

3) Endpoints for simplified connectivity

• What it does: Provides stable connection endpoints for applications (for example cluster endpoints).
• Why it matters: Reduces reconfiguration during failover or topology changes.
• Practical benefit: Your app connects to an endpoint rather than targeting a specific node.
• Caveats: Some endpoints may be read/write vs read-only; ensure correct usage.

4) High availability and failover

• What it does: Detects node failures and performs failover procedures.
• Why it matters: Reduces downtime and manual intervention.
• Practical benefit: Higher service uptime for production.
• Caveats: RTO/RPO depend on configuration and topology; verify SLA and failover behavior.

5) Automated backups and point-in-time recovery (PITR)

• What it does: Automatically backs up data and supports restoring to a point in time.
• Why it matters: Protects against accidental deletes, application bugs, and corruption.
• Practical benefit: Faster recovery from logical failures than full rebuilds.
• Caveats: Backup retention, restore time, and PITR granularity vary; backups cost money.

6) Manual snapshots / on-demand backups

• What it does: Lets you create backups before risky operations (schema changes, migrations).
• Why it matters: Safer change management.
• Practical benefit: Rollback option for deployment mistakes.
• Caveats: Snapshot storage may incur extra charges.

7) Elastic scaling (compute and read capacity)

• What it does: Resize node specs and/or add/remove read-only nodes (capabilities vary).
• Why it matters: Align capacity with workload changes.
• Practical benefit: Pay for what you need and scale as you grow.
• Caveats: Some changes may involve brief disruption or maintenance windows—verify.

8) Network isolation with VPC

• What it does: Runs in your VPC so traffic stays private.
• Why it matters: Reduces exposure to the public internet.
• Practical benefit: Better security posture and consistent latency.
• Caveats: Cross-VPC access requires peering/CEN and careful routing.

9) Access control via accounts + RAM governance

• What it does: Database accounts control data-plane access; RAM controls control-plane actions.
• Why it matters: Separate least-privilege access for people, apps, and automation.
• Practical benefit: Reduce blast radius.
• Caveats: Misconfigured privileges remain a major risk; enforce strong processes.

10) Encryption in transit (SSL/TLS)

• What it does: Encrypts client-to-database connections.
• Why it matters: Prevents credential and data exposure on the wire.
• Practical benefit: Better compliance alignment.
• Caveats: Client config must enable SSL; verify cipher support.

11) Encryption at rest (where supported)

• What it does: Encrypts stored data using managed keys (often integrated with KMS).
• Why it matters: Protects data if storage media is compromised.
• Practical benefit: Compliance and risk reduction.
• Caveats: Availability depends on engine/edition; verify KMS requirements and key lifecycle responsibilities.

12) Maintenance and patching workflows

• What it does: Alibaba Cloud provides managed maintenance mechanisms (patching scope varies).
• Why it matters: Reduces manual maintenance burden.
• Practical benefit: More consistent security posture.
• Caveats: Some upgrades may require downtime or compatibility checks; verify release notes.

13) Monitoring and performance diagnostics (CloudMonitor/DAS)

• What it does: Provides metrics and (optionally) deeper performance diagnostics.
• Why it matters: You can detect slow queries, resource saturation, and replication lag early.
• Practical benefit: Faster incident response and tuning.
• Caveats: Advanced features may be extra-cost or limited by edition—verify.

14) Administrative tooling integration (DMS)

• What it does: Allows controlled SQL execution, schema change workflows, and access approvals via DMS.
• Why it matters: Reduces risky “direct-to-production” database operations.
• Practical benefit: Better governance and audit trails.
• Caveats: Requires process adoption and permission design.

15) Compatibility with common drivers and tools

• What it does: Works with standard JDBC/ODBC and common clients for the selected engine compatibility.
• Why it matters: Lower migration friction.
• Practical benefit: Reuse existing application libraries and skills.
• Caveats: Feature-level compatibility is not always 100%; validate critical SQL features and extensions.

7. Architecture and How It Works

High-level architecture

A typical PolarDB deployment places the cluster inside a VPC. Application services (often on ECS, ACK/Kubernetes, or Function Compute depending on architecture) connect to PolarDB using private endpoints. PolarDB routes traffic to the correct compute node role (primary or read-only). Data persistence is handled by the managed storage layer.

Request/data/control flow (conceptual)

• Control plane: Alibaba Cloud console/API actions (create cluster, add nodes, configure backups) authenticated by RAM; actions recorded by ActionTrail.
• Data plane: SQL traffic from clients to database endpoints over private VPC networking (optionally over SSL/TLS).
• Data path: Client → PolarDB endpoint → compute node → storage layer → response.

Integrations with related Alibaba Cloud services

• ECS: Run apps or bastion hosts for private connectivity.
• VPC / Security Groups / NACLs: Network isolation and traffic control.
• DMS: Central DBA tooling, approvals, auditing (where enabled).
• CloudMonitor: Metrics and alerting (PolarDB publishes metrics; verify the metric set).
• DAS: Performance insights and diagnostics (availability varies by edition/engine).
• ActionTrail: Records API actions for governance and auditing.
• KMS: For encryption keys (when encryption at rest integrates with KMS—verify).
• DBS (Database Backup Service): In some architectures, teams use DBS for unified backup policies across engines/services (verify PolarDB support matrix).

Dependency services

• VPC networking and routing
• DNS (endpoint resolution)
• RAM for IAM
• Monitoring/auditing services as optional dependencies

Security/authentication model

• Control plane: RAM users/roles, policies, MFA, API keys.
• Data plane: Database accounts (username/password) and optional SSL/TLS. Network access controls (VPC, whitelists) gate who can connect.

Networking model

• Typically private VPC access is the default/desired pattern.
• Public endpoints may exist for some configurations, but are generally discouraged for production. Prefer private endpoints plus a bastion host/VPN/Direct Connect.

Monitoring/logging/governance considerations

• Enable metrics and alerts for CPU/memory, connections, QPS, storage usage, replication lag (if exposed), and slow queries.
• Use ActionTrail for administrative changes auditing.
• Centralize operational logs from apps (not just DB metrics) to correlate incidents.

Simple architecture diagram (conceptual)

flowchart LR
  A[App on ECS/ACK] -->|SQL over VPC| E[PolarDB Endpoint]
  E --> P[Primary Node (Read/Write)]
  E --> R[Read-only Node(s)]
  P --> S[(Managed Storage)]
  R --> S

Production-style architecture diagram (example)

flowchart TB
  subgraph Internet
    U[Users]
  end

  subgraph "Alibaba Cloud VPC"
    direction TB

    subgraph "Public Subnet"
      ALB[ALB/SLB\n(HTTP/HTTPS)]
      NAT[NAT Gateway\n(optional)]
    end

    subgraph "Private App Subnets (Multi-Zone)"
      APP1[ECS/ACK\nApp Tier - Zone A]
      APP2[ECS/ACK\nApp Tier - Zone B]
      BAST[Bastion ECS\n(SSH, restricted)]
    end

    subgraph "Database Subnets"
      EP[PolarDB Endpoints]
      PRI[Primary Node\n(Read/Write)]
      RO1[Read-only Node\nZone A]
      RO2[Read-only Node\nZone B]
      ST[(PolarDB Storage Layer)]
    end

    APP1 -->|SQL| EP
    APP2 -->|SQL| EP
    BAST -->|Admin SQL| EP

    EP --> PRI
    EP --> RO1
    EP --> RO2

    PRI --> ST
    RO1 --> ST
    RO2 --> ST

    ALB --> APP1
    ALB --> APP2
  end

  subgraph "Ops / Governance"
    CM[CloudMonitor\nAlerts]
    DAS[DAS\nDiagnostics (if enabled)]
    DMS[DMS\nDB Admin & Change Control]
    AT[ActionTrail\nAudit]
    KMS[KMS\nKeys (if used)]
  end

  EP -.metrics.-> CM
  EP -.insights.-> DAS
  DMS -.admin.-> EP
  AT -.audit control plane.-> EP
  KMS -.encryption integration.-> EP

8. Prerequisites

Account and billing

• An active Alibaba Cloud account.
• A billing method configured (PolarDB is a paid service; free tier availability depends on promotions—verify).
• Decide your purchasing model: pay-as-you-go or subscription (availability varies by region/engine—verify).

Permissions / IAM (RAM)

You need RAM permissions to: – Create/manage PolarDB clusters. – Create/manage VPC, vSwitches, and ECS instances (for the lab client). – Manage security groups and network rules. – View billing and costs (optional but recommended). – Optional: manage KMS keys, ActionTrail, CloudMonitor alerts.

If you are in an organization: – Use a RAM role for automation (CI/CD) and a separate privileged admin role for infrastructure changes.

Tools needed

• Alibaba Cloud Console (web).
• Optional: Alibaba Cloud CLI (useful for automation). Verify current CLI commands/modules for PolarDB in official docs:
• https://www.alibabacloud.com/help/en/alibaba-cloud-cli/latest/what-is-alibaba-cloud-cli
• A SQL client:
• mysql client for MySQL-compatible PolarDB
• psql for PostgreSQL-compatible PolarDB
• DMS web SQL console (often easiest for quick tests)

Region availability

• PolarDB availability and engine offerings differ by region.
• Choose a region near your workload and with required features (multi-zone, encryption, etc.).

Quotas/limits

Typical limits to be aware of (verify current quotas in console/docs): – Number of clusters per account/region. – Max read-only nodes per cluster. – Connection limits per node spec. – Backup retention limits and snapshot counts.

Prerequisite services (recommended for the lab)

• VPC with at least one vSwitch.
• ECS instance in the same VPC to test private connectivity (or use DMS if you do not want ECS cost).
• Security group rules allowing outbound from ECS and inbound DB access only from ECS security group/IP range.

9. Pricing / Cost

PolarDB pricing varies by: – Region – Engine compatibility (MySQL/PostgreSQL/etc.) – Edition and node specifications – Purchase model (subscription vs pay-as-you-go) – Optional features (backups retention, cross-region replication, monitoring add-ons, etc.)

Always validate with official sources: – Product page: https://www.alibabacloud.com/product/polardb – Pricing page (region/SKU specific; verify exact URL for your locale): https://www.alibabacloud.com/product/polardb/pricing – Pricing calculator: https://www.alibabacloud.com/pricing/calculator

Common pricing dimensions (typical model)

Exact line items differ by offering—verify in your region’s pricing page.

• Compute: billed per node (primary + read-only nodes) by instance class/spec and time.
• Storage: billed by provisioned/used storage capacity and/or performance tier (depending on offering).
• Backups: backup storage beyond free quota (if any), longer retention, and cross-region backup features.
• Network:
• Intra-VPC traffic is typically not billed like internet egress, but cross-zone or cross-region replication may have costs.
• Public internet egress (if you use public endpoints) can incur bandwidth charges.
• Requests/IOPS: some managed databases bill by I/O or performance tier; verify if PolarDB in your selected offering bills I/O separately.

Free tier

Alibaba Cloud sometimes offers trials or promotions. Do not assume a free tier for PolarDB; check current promotions and your account eligibility.

Main cost drivers

• Number and size of compute nodes (especially read-only nodes you add for scaling).
• Storage usage and growth rate.
• Backup retention and snapshot frequency.
• Cross-region replication/DR (if used).
• Leaving dev/test clusters running 24/7.

Hidden or indirect costs

• ECS client/bastion costs for private access and administration (if you don’t use DMS only).
• NAT Gateway costs if private subnets need outbound internet access for patching.
• Monitoring add-ons (advanced diagnostics) if not included by default.
• Data transfer if you replicate across regions or export large backups.

How to optimize cost

• Start with minimal node specs that meet your CPU/RAM needs and scale gradually.
• Prefer read-only nodes only when needed, and remove them after peak events.
• Set backup retention to the minimum that satisfies compliance and RPO/RTO.
• Avoid public endpoints; keep traffic inside VPC to reduce risk and potential network charges.
• Use scheduling/automation to shut down non-production environments if your organization allows (verify if PolarDB supports pausing/stopping in your edition—many managed DBs do not; if not supported, delete and recreate from snapshot for dev/test).

Example low-cost starter estimate (no fabricated numbers)

Use this structure in the pricing calculator: – 1 PolarDB cluster – 1 primary node (smallest available spec in your region/engine) – 0 read-only nodes (or 1 small read-only node if required by your HA policy) – Minimal initial storage – Standard backup retention (short, e.g., 7 days) and a single manual snapshot

Then compare: – Pay-as-you-go hourly compute + storage – Subscription discounts (if you commit for months/years)

Example production cost considerations

For a production workload, estimate: – Primary node sized for peak write throughput + memory working set. – 1–N read-only nodes for read QPS and reporting. – Multi-zone deployment options (if separately priced). – Higher storage usage with growth buffers. – Longer backup retention (e.g., 30–180 days) plus periodic manual snapshots. – DR: cross-region replication/standby and associated network/replication costs. – Operational tooling: DMS tiering (if applicable), DAS add-ons, log retention.

10. Step-by-Step Hands-On Tutorial

This lab uses PolarDB (MySQL-compatible) as the most common beginner path. If you choose PostgreSQL-compatible PolarDB, the flow is similar but client tooling and SQL syntax can differ slightly.

Objective

Provision a PolarDB cluster in Alibaba Cloud, connect to it privately from an ECS instance in the same VPC, create a database and table, and validate read/write connectivity.

Lab Overview

You will: 1. Create (or reuse) a VPC and vSwitch. 2. Provision a PolarDB cluster (MySQL-compatible) in that VPC. 3. Create a database account and database. 4. Launch a small ECS instance as a database client. 5. Connect using the mysql client and run basic SQL. 6. (Optional) Validate read-only endpoint if you add a read-only node. 7. Clean up all resources to avoid ongoing charges.

---

Step 1: Prepare networking (VPC and vSwitch)

Console path (typical): – Alibaba Cloud Console → VPC → Create VPC – Create at least one vSwitch in a zone that supports PolarDB in your region.

Recommended settings – VPC CIDR: choose a non-overlapping RFC1918 range (e.g., 10.0.0.0/16) – vSwitch CIDR: a subset (e.g., 10.0.1.0/24)

Expected outcome – You have a VPC ID and vSwitch ID ready for PolarDB and ECS.

Verification – In the VPC console, confirm the VPC and vSwitch status is Available.

---

Step 2: Create a PolarDB cluster (MySQL-compatible)

Console path (typical): – Alibaba Cloud Console → PolarDB → Create Cluster

Key choices (verify names/options in your console) – Billing: Pay-as-you-go (recommended for a short lab) – Region: choose a region close to you – Engine: PolarDB for MySQL (MySQL-compatible) – Edition/Series: choose the most basic option that supports the lab (names vary—verify) – Network: select the VPC and vSwitch from Step 1 – Node spec: choose the smallest spec to reduce cost – Storage: keep defaults/minimum where possible – High availability: keep default; if multi-zone is optional and increases cost, choose the minimum that meets your learning needs

Create the cluster and wait until status is Running.

Expected outcome – A PolarDB cluster is created with at least one node and one or more connection endpoints.

Verification – Open the cluster details page and confirm: – Cluster status is Running – You can see the endpoint(s) (addresses/ports) – The network type shows VPC

---

Step 3: Configure database accounts and create a database

In the PolarDB cluster console:

1. Create a privileged or standard account for administration. – Use a strong password and store it securely.
2. Create a database (schema) for the lab, for example: labdb.
3. Grant the account permissions on labdb.

Expected outcome – You have credentials and a database ready.

Verification – In the account list, confirm the account exists. – In the database list, confirm labdb exists and privileges are assigned.

---

Step 4: Allow network access (whitelist/security settings)

PolarDB typically uses a whitelist or access control list concept to permit client connections. The exact UI naming differs by product version—verify in your cluster’s “Security” or “Whitelist” section.

Secure lab approach – Only allow access from your ECS instance’s private IP or the ECS security group CIDR. – Avoid 0.0.0.0/0.

What to do – Add the ECS client’s private IP (you’ll know it after Step 5), or temporarily add your vSwitch CIDR (e.g., 10.0.1.0/24) for the lab, then tighten later.

Expected outcome – PolarDB accepts connections only from approved private sources.

Verification – The whitelist shows your allowed IP(s)/CIDR(s).

---

Step 5: Create a small ECS instance as a private client

Console path: – Alibaba Cloud Console → ECS → Create Instance

Recommended settings – Same Region and VPC/vSwitch as PolarDB. – Small instance type. – OS: Alibaba Cloud Linux / CentOS / Ubuntu (any common Linux works). – Security group: – Allow SSH (22) from your IP only. – Outbound: allow to PolarDB (default outbound allow is common).

After provisioning, SSH into the ECS instance.

Expected outcome – You can SSH to ECS, and ECS has a private IP in the same VPC as PolarDB.

Verification – Run:

ip addr

• Note the private IP (e.g., 10.0.1.10).

Now return to Step 4 and add this private IP to PolarDB’s whitelist (if you didn’t already).

---

Step 6: Install the MySQL client on ECS

On the ECS instance, install a MySQL client.

Alibaba Cloud Linux / CentOS / RHEL-like:

sudo yum -y install mysql

Ubuntu/Debian-like:

sudo apt-get update
sudo apt-get -y install mysql-client

Expected outcome – The mysql command is available.

Verification

mysql --version

---

Step 7: Connect to PolarDB and run SQL

From the PolarDB cluster details page, copy the VPC endpoint and port (commonly 3306 for MySQL-compatible engines; verify your endpoint details).

Connect:

mysql -h <POLARDB_ENDPOINT> -P 3306 -u <DB_USERNAME> -p

Then in the MySQL shell:

SHOW DATABASES;
USE labdb;

CREATE TABLE IF NOT EXISTS messages (
  id BIGINT PRIMARY KEY AUTO_INCREMENT,
  message VARCHAR(255) NOT NULL,
  created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);

INSERT INTO messages (message) VALUES
('hello from ecs client'),
('polardb lab insert');

SELECT * FROM messages;

Expected outcome – You can connect over VPC, create a table, insert rows, and query them.

Verification – The SELECT returns at least 2 rows.

---

Step 8 (Optional): Validate read scaling with a read-only node and endpoint

If your PolarDB offering supports adding read-only nodes:

1. Add a read-only node in the cluster console.
2. Identify the read-only endpoint (or configure an endpoint suitable for reads—naming varies by engine/edition).

Connect to the read-only endpoint and verify you can read:

mysql -h <READONLY_ENDPOINT> -P 3306 -u <DB_USERNAME> -p -e "USE labdb; SELECT COUNT(*) FROM messages;"

Then verify that writes are blocked (expected failure) if it is strictly read-only:

mysql -h <READONLY_ENDPOINT> -P 3306 -u <DB_USERNAME> -p -e "USE labdb; INSERT INTO messages(message) VALUES ('should fail on read-only');"

Expected outcome – Reads succeed from the read endpoint. – Writes fail or are routed depending on endpoint semantics (verify your endpoint behavior in official docs).

---

Validation

Use this checklist:

• [ ] PolarDB cluster status is Running
• [ ] ECS can reach the endpoint (VPC)
• [ ] Database user can authenticate
• [ ] SQL operations succeed on the primary/read-write endpoint
• [ ] (Optional) Read-only endpoint serves reads as expected

Quick connectivity test (TCP) If nc is available:

nc -vz <POLARDB_ENDPOINT> 3306

If not, you can install netcat or rely on mysql connection attempts.

---

Troubleshooting

Issue: “Access denied for user” – Confirm username/password. – Verify the user has privileges on labdb. – If using DMS-created accounts vs console-created accounts, re-check which credentials you used.

Issue: Connection timeout – Verify PolarDB is in the same VPC as ECS. – Ensure the PolarDB whitelist includes the ECS private IP (or the correct CIDR). – Check ECS security group outbound rules (and any NACLs).

Issue: “Unknown host” – Ensure endpoint is copied correctly. – Confirm ECS DNS resolution (try nslookup <endpoint> if tools are available).

Issue: Writes fail on endpoint – You may be connected to a read-only endpoint. – Use the cluster’s read/write endpoint (names vary—verify in console).

---

Cleanup

To avoid ongoing charges, delete resources in a safe order:

1. Delete the ECS instance – ECS Console → Instances → Release (ensure disks and EIP are also released if applicable).
2. Delete the PolarDB cluster – PolarDB Console → Cluster → Delete/Release – Review snapshot/backup retention prompts; deleting snapshots may be required to stop storage charges.
3. (Optional) Remove VPC resources – Delete unused vSwitches and VPC if created only for this lab.

Confirm in Billing/Cost Center that no active billable resources remain.

11. Best Practices

Architecture best practices

• Use private VPC connectivity for applications; avoid public endpoints for production.
• Separate read and write traffic:
• Write-heavy services use the read/write endpoint.
• Read-heavy services and reporting use read-only endpoints/nodes (if supported).
• Design for failure:
• Use endpoints rather than node-specific addresses.
• Ensure application retry logic and connection pool behavior are compatible with failover.

IAM/security best practices

• Use RAM roles for automation; avoid long-lived AccessKey secrets in CI.
• Enforce MFA for privileged RAM users.
• Apply least privilege: separate roles for networking, database provisioning, and billing access.
• Restrict who can modify whitelists, endpoints, and backup settings.

Cost best practices

• Start small; scale based on measured metrics (CPU, connections, QPS, latency).
• Avoid over-provisioning read-only nodes “just in case”.
• Tune backup retention to business requirements.
• Regularly delete unused snapshots and old dev/test clusters.

Performance best practices

• Use connection pooling; keep connection counts within node limits.
• Create the right indexes; avoid unbounded queries.
• Use slow query logs and performance insights (DAS/engine tools) to find hotspots.
• Keep transactions short; avoid long-running locks.

Reliability best practices

• Set clear RPO/RTO targets and align with backup and DR features.
• Regularly test restore procedures (PITR and snapshot restore).
• Avoid single-client dependency: run application tiers across multiple zones.

Operations best practices

• Use DMS (or controlled processes) for schema migrations and production SQL execution.
• Set alarms for:
• CPU/memory saturation
• Storage growth
• Connections nearing limits
• Slow query spikes
• Replication lag (if exposed)
• Maintain runbooks for:
• Failover events
• Restore workflows
• Scaling procedures

Governance/tagging/naming best practices

• Use consistent naming: env-app-region-db patterns (e.g., prod-checkout-cn-hz-polardb).
• Tag resources with Environment, Owner, CostCenter, DataClass (if your org uses data classification).
• Document:
• Endpoint usage (which app uses which endpoint)
• Backup retention policy and restore steps
• Change windows and maintenance preferences

12. Security Considerations

Identity and access model

• Control plane: RAM policies determine who can create/modify/delete PolarDB clusters, change network settings, or view credentials.
• Data plane: Database users and privileges determine who can run SQL and access schemas/tables.

Recommendations: – Do not share a single “admin” database account across teams. – Create separate accounts for apps with least-privilege grants (e.g., read-only vs read/write). – Rotate credentials and prefer secrets management patterns (store in a secure vault; Alibaba Cloud has secret management options—verify current product availability in your region).

Encryption

• In transit: Enable SSL/TLS for database connections when supported; update clients to enforce TLS.
• At rest: Use encryption at rest when available for your engine/edition; validate KMS integration and key policies.

Network exposure

• Prefer VPC-only access.
• Avoid public endpoints; if unavoidable:
• Restrict by IP allowlist to known corporate egress IPs
• Enforce TLS
• Use bastion/VPN/Direct Connect instead where possible

Secrets handling

• Never hardcode DB passwords in code repositories.
• Use environment variables only if your runtime is locked down; prefer a secret manager.
• Implement credential rotation and deploy pipelines that can update secrets safely.

Audit/logging

• Enable ActionTrail for control-plane audit trails.
• Use DMS approvals/auditing for production SQL operations (where feasible).
• Retain logs according to compliance requirements.

Compliance considerations

• Data residency: deploy in regions appropriate for your regulatory needs.
• Access controls: implement segregation of duties (SoD) between infra admins and app operators.
• Retention: align backup retention with policy (and ensure secure deletion).

Common security mistakes

• Whitelisting 0.0.0.0/0 for convenience.
• Using a single privileged DB user for all applications.
• Disabling TLS while allowing cross-network access.
• No monitoring on connection spikes (can indicate brute-force attempts if publicly reachable).

Secure deployment recommendations

• Use private VPC endpoints and restrict inbound to application subnets/security groups.
• Enforce RAM least privilege; require MFA for sensitive operations.
• Enable backup encryption and at-rest encryption where available.
• Build a restore drill into your quarterly/biannual operational process.

13. Limitations and Gotchas

Because PolarDB has multiple engines/editions and regional differences, treat these as common “check-before-you-build” items:

• Feature availability varies by engine/edition/region (encryption, cross-region replication, serverless options, endpoint types).
• Compatibility is not always identical to community MySQL/PostgreSQL/Oracle features; validate:
• SQL modes
• Stored procedures/triggers
• Extensions
• Character sets/collations
• Replication semantics and lag behavior
• Replication lag can affect read-only query correctness for time-sensitive reads.
• Connection limits depend on node specs; connection storms during deployments can trigger failures.
• Backup costs can grow significantly with high churn databases and long retention.
• Cross-zone/cross-region architectures can introduce extra costs and latency.
• Maintenance windows: some operations (upgrades/resizes) can cause brief disruptions; plan changes carefully.
• Migration challenges:
• Large datasets require careful cutover planning
• Application connection strings/endpoints must be managed
• Charset/collation differences can break comparisons/sorts
• Public endpoint risk: Misconfiguration can expose your DB to the internet.

14. Comparison with Alternatives

PolarDB is one option in Alibaba Cloud Databases and beyond. Here’s how it typically compares.

Key alternatives

• Alibaba Cloud ApsaraDB RDS: Managed single-instance (with HA options) relational databases.
• PolarDB-X: A separate product oriented toward distributed scale-out relational patterns (do not confuse with PolarDB).
• Self-managed MySQL/PostgreSQL on ECS: Maximum control but highest operational burden.
• AWS Aurora / Azure Database / Google AlloyDB: Comparable managed relational services in other clouds.

Comparison table

Option	Best For	Strengths	Weaknesses	When to Choose
Alibaba Cloud PolarDB	Managed relational clusters needing HA + read scaling	Cluster endpoints, read-only scaling, managed backups, strong Alibaba Cloud VPC integration	Feature differences by edition/engine; costs can increase with nodes/backups	You want managed HA + scaling in Alibaba Cloud with familiar SQL
Alibaba Cloud ApsaraDB RDS	Straightforward managed relational DB needs	Simpler model, broad engine support, widely used	May offer less cluster-style read scaling depending on engine/architecture	You need a simpler managed DB and don’t need PolarDB’s cluster model
Alibaba Cloud PolarDB-X	Scale-out distributed SQL patterns	Horizontal sharding/distribution features (product-specific)	Different operational model and compatibility considerations	You need distributed scale-out beyond read replicas (verify suitability)
Self-managed DB on ECS	Full control and custom setups	Full OS/db control, custom extensions	Highest ops burden: HA, backups, patching, monitoring	You need custom DB features or strict control not available in managed DBaaS
AWS Aurora	Managed relational on AWS	Similar managed cluster goals	Different cloud ecosystem and networking/IAM	You are standardized on AWS
Google AlloyDB	PostgreSQL-oriented managed performance on GCP	Managed Postgres with performance focus	Different ecosystem; migration cost	You are standardized on GCP and need managed Postgres
Azure Database for MySQL/PostgreSQL	Managed SQL on Azure	Integration with Azure identity and tooling	Different ecosystem	You are standardized on Azure

15. Real-World Example

Enterprise example: Multi-service e-commerce platform

Problem An enterprise e-commerce company runs dozens of microservices. The product catalog and inventory services face high read traffic, and reporting queries sometimes degrade checkout performance. The company also needs strict network isolation and audited operational access.

Proposed architecture – VPC with separate subnets for app and database. – ECS/ACK for microservices across multiple zones. – PolarDB cluster for transactional data: – Primary node for writes – Multiple read-only nodes for catalog reads and reporting – DMS for controlled SQL changes and audited access. – CloudMonitor + DAS (if supported) for performance monitoring and alerting. – ActionTrail for auditing administrative changes.

Why PolarDB was chosen – Managed cluster operations reduce DBA overhead. – Read-only scaling supports high read QPS without overloading the primary. – VPC-only connectivity aligns with security requirements.

Expected outcomes – Improved read performance and reduced impact of reporting queries. – Faster recovery from node failures (failover procedures managed by service). – Better governance through audited change workflows.

Startup/small-team example: SaaS application backend

Problem A startup runs a multi-tenant SaaS product. The team is small, with limited DBA experience. They need reliable backups and the ability to scale reads as usage grows, without maintaining replication and failover manually.

Proposed architecture – One VPC, private subnets. – ECS for app tier (or containers). – One PolarDB cluster (MySQL-compatible) for primary application data. – Daily automated backups, short retention in dev, longer in prod. – DMS for safe production queries and account control.

Why PolarDB was chosen – Familiar MySQL-compatible development experience. – Managed backups and simplified scaling. – Clear path to add read-only capacity as customers grow.

Expected outcomes – Reduced operational load and fewer late-night incidents. – Ability to grow from one node to a small cluster without redesign. – Better customer trust due to consistent availability and recoverability.

16. FAQ

1) Is PolarDB the same as ApsaraDB RDS?
No. Both are Alibaba Cloud managed relational services, but PolarDB is cluster-oriented with its own architecture and scaling model. Choose based on your workload needs and feature availability.

2) Is PolarDB the same as PolarDB-X?
No. PolarDB-X is a separate product with a different scope (distributed scale-out patterns). This tutorial is only about PolarDB.

3) Which engines does PolarDB support?
PolarDB provides engine compatibility options (commonly MySQL-compatible and PostgreSQL-compatible; additional options may exist). Verify the supported engines and versions in official docs for your region.

4) Can I run PolarDB in my own VPC?
Yes—PolarDB is typically deployed into a selected VPC and vSwitch for private connectivity.

5) Can PolarDB be publicly accessible?
Some configurations may provide public connectivity options, but for production security you should prefer VPC-only access and connect via VPN/Direct Connect/bastion if remote access is needed.

6) How do I scale reads?
Add read-only nodes and route read traffic to the appropriate endpoint(s). Application-level read/write splitting may be required.

7) Does PolarDB guarantee zero replication lag?
No. Like most systems with read replicas, lag can occur. If your app requires read-after-write consistency, read from the primary/read-write endpoint.

8) How do backups work?
PolarDB typically supports automated backups and restore workflows (including point-in-time recovery). Retention and restore options vary—verify in the docs and console for your engine/edition.

9) Can I restore to a new cluster?
Commonly, managed database services support restoring from backups/snapshots into a new cluster. Verify the exact restore workflow and limitations for your offering.

10) How do I monitor PolarDB?
Use Alibaba Cloud monitoring tools such as CloudMonitor and (where supported) DAS for deeper diagnostics. Also monitor application-level metrics (latency, error rate).

11) How do I manage schema changes safely?
Use DMS workflows, backups before changes, migration tooling, and staged rollouts. Avoid manual changes on production without approvals and rollback plans.

12) Does PolarDB support encryption at rest?
Often yes, but availability depends on engine/edition/region. Verify in official docs and confirm KMS requirements if applicable.

13) What is the recommended way to connect from my laptop?
Do not expose the database publicly. Use a bastion ECS, VPN, or Direct Connect into the VPC, or use DMS web SQL console for controlled access.

14) How do I reduce cost in dev/test?
Use the smallest node specs, minimal retention, and delete clusters when not needed. Avoid adding read-only nodes unless you are explicitly testing scaling.

15) What should I do before migrating production to PolarDB?
Run a proof of concept: – Validate SQL compatibility and performance – Measure latency from your app tier – Test backup/restore and failover behavior – Plan cutover and rollback

16) Can I use PolarDB for analytics workloads?
PolarDB is primarily for relational transactional workloads. For heavy analytics, consider Alibaba Cloud analytics databases/warehouses. You can also offload reads to read-only nodes for light reporting.

17) How do I handle connection storms during deployments?
Use connection pooling, exponential backoff retries, and limit concurrency during rolling deploys. Ensure your node specs and connection limits match expected peak connections.

17. Top Online Resources to Learn PolarDB

Resource Type	Name	Why It Is Useful
Official Documentation	PolarDB Documentation (Alibaba Cloud Help Center) — https://www.alibabacloud.com/help/en/polardb/	Primary source for current features, engine support, APIs, and operational guides
Official Product Page	PolarDB Product Page — https://www.alibabacloud.com/product/polardb	High-level overview, supported editions, links to docs and updates
Official Pricing	PolarDB Pricing — https://www.alibabacloud.com/product/polardb/pricing	Region/SKU-based pricing model and billing dimensions (verify region)
Pricing Calculator	Alibaba Cloud Pricing Calculator — https://www.alibabacloud.com/pricing/calculator	Build estimates for your region, node size, and storage/backup needs
Getting Started (Official)	PolarDB Getting Started (within docs) — https://www.alibabacloud.com/help/en/polardb/	Step-by-step provisioning and connection guidance (verify the exact “Quick Start” page inside docs)
Admin Tooling	Data Management (DMS) — https://www.alibabacloud.com/product/dms	Safe SQL execution, schema change workflows, access control and auditing patterns
Monitoring/Diagnostics	Database Autonomy Service (DAS) — https://www.alibabacloud.com/product/das	Performance diagnostics and tuning insights (feature availability varies)
Auditing	ActionTrail — https://www.alibabacloud.com/product/actiontrail	Track API actions for governance and compliance
Networking	VPC Documentation — https://www.alibabacloud.com/help/en/vpc/	Required for secure private deployments and routing design
Compute Client	ECS Documentation — https://www.alibabacloud.com/help/en/ecs/	Run private clients/bastions and application tiers that connect to PolarDB

18. Training and Certification Providers

Institute	Suitable Audience	Likely Learning Focus	Mode	Website URL
DevOpsSchool.com	DevOps engineers, SREs, platform teams	Cloud operations, CI/CD, DevOps practices around cloud services (verify PolarDB-specific coverage on site)	check website	https://www.devopsschool.com/
ScmGalaxy.com	Beginners to intermediate DevOps learners	SCM, DevOps fundamentals, tooling and practices	check website	https://www.scmgalaxy.com/
CLoudOpsNow.in	Cloud engineers, operations teams	Cloud operations, monitoring, reliability practices	check website	https://www.cloudopsnow.in/
SreSchool.com	SREs, reliability engineers	SRE principles, observability, incident management	check website	https://www.sreschool.com/
AiOpsSchool.com	Ops teams exploring AIOps	AIOps concepts, monitoring automation	check website	https://www.aiopsschool.com/

19. Top Trainers

Platform/Site	Likely Specialization	Suitable Audience	Website URL
RajeshKumar.xyz	DevOps/cloud training content (verify current offerings)	Beginners to intermediate engineers	https://www.rajeshkumar.xyz/
devopstrainer.in	DevOps training and mentoring (verify service catalog)	DevOps practitioners	https://www.devopstrainer.in/
devopsfreelancer.com	Freelance DevOps consulting/training listings (verify offerings)	Teams needing short-term help	https://www.devopsfreelancer.com/
devopssupport.in	DevOps support and guidance (verify scope)	Ops/DevOps teams	https://www.devopssupport.in/

20. Top Consulting Companies

Company Name	Likely Service Area	Where They May Help	Consulting Use Case Examples	Website URL
cotocus.com	Cloud/DevOps consulting (verify exact catalog)	Architecture, migrations, operations	PolarDB migration planning, VPC design, monitoring setup	https://www.cotocus.com/
DevOpsSchool.com	DevOps and cloud consulting/training	DevOps transformation, automation	CI/CD for DB changes, infrastructure-as-code patterns around Alibaba Cloud	https://www.devopsschool.com/
DEVOPSCONSULTING.IN	DevOps consulting services (verify service list)	Reliability, automation, cloud operations	Production readiness reviews, cost optimization, observability	https://www.devopsconsulting.in/

21. Career and Learning Roadmap

What to learn before PolarDB

• SQL fundamentals: schema design, indexing, transactions, isolation levels.
• Basics of relational performance: query plans, slow queries, connection pooling.
• Alibaba Cloud fundamentals:
• VPC, vSwitch, routing, security groups
• ECS basics
• RAM (users, roles, policies)
• Basic Linux administration for client hosts and troubleshooting.

What to learn after PolarDB

• Advanced database operations:
• Backup/restore drills
• Capacity planning and performance testing
• Schema migration strategies (online migrations, backward-compatible changes)
• Observability:
• CloudMonitor alerting
• DAS (if used) and query optimization workflows
• Security:
• TLS enforcement, secrets management, audit trails
• Network segmentation and bastion/VPN patterns
• DR architectures:
• Cross-region strategies (where supported)
• Application-level resilience and failover testing

Job roles that use it

• Cloud Engineer / Cloud Architect (designing managed database solutions)
• DevOps Engineer / Platform Engineer (provisioning automation, governance)
• SRE (reliability, monitoring, incident response)
• Database Engineer / DBA (performance tuning, migrations, governance)
• Backend Engineer (schema design, query optimization, scaling reads)

Certification path (if available)

Alibaba Cloud certification programs change over time. If you are targeting certification: – Start with Alibaba Cloud foundational certifications (cloud fundamentals). – Move to associate/professional tracks that include networking, security, and databases.
Verify current Alibaba Cloud certification paths on the official certification site.

Project ideas for practice

1. Build a three-tier app (ECS/ACK + PolarDB) with read/write split.
2. Implement automated schema migrations with rollback strategy (use DMS + CI pipeline).
3. Simulate a traffic spike and scale read-only nodes; measure latency/QPS changes.
4. Perform PITR restore into a new cluster and validate data correctness.
5. Implement least-privilege DB accounts and demonstrate blocked operations.

22. Glossary

• ACK: Alibaba Cloud Container Service for Kubernetes.
• ActionTrail: Alibaba Cloud service that records API calls for auditing.
• ALB/SLB: Load balancing services for application traffic (not for database SQL traffic).
• Backup retention: How long backups are kept before deletion.
• Cluster endpoint: A stable connection address representing the cluster (exact semantics vary).
• DAS (Database Autonomy Service): Diagnostics and performance insights service (availability varies).
• DMS (Data Management): Web-based database management and governance tool.
• ECS (Elastic Compute Service): Alibaba Cloud virtual machine service.
• Failover: Switching database role/service to another node when a failure occurs.
• PITR (Point-in-Time Recovery): Restoring a database to a specific time within a retention window.
• Primary node: The node that handles writes (read/write).
• RAM (Resource Access Management): Alibaba Cloud IAM service.
• Read-only node: A node used to serve read queries and scale read capacity.
• RPO/RTO: Recovery Point Objective / Recovery Time Objective.
• Security group: Virtual firewall for ECS and some other resources.
• vSwitch: Subnet inside a VPC.
• VPC (Virtual Private Cloud): Private networking boundary in Alibaba Cloud.

23. Summary

PolarDB is Alibaba Cloud’s managed relational database cluster service in the Databases category, designed for high availability, operational simplicity, and read scaling through cluster architecture and managed features like backups and endpoints.

It matters because it helps teams deliver reliable SQL-backed applications faster, with fewer operational burdens than self-managed databases—especially when you need high availability and a clear path to scale reads.

From a cost and security perspective: – Costs are driven mainly by node specs, number of nodes, storage growth, and backup retention—use the official pricing page and calculator for accurate estimates. – Secure deployments should prioritize VPC-only access, least-privilege RAM and database accounts, TLS, and audited operations (ActionTrail/DMS).

Use PolarDB when you want a managed relational database cluster on Alibaba Cloud with scalable reads and built-in operational features. If you need full host control or non-relational models, consider alternatives.

Next step: follow the official PolarDB documentation for your chosen engine/edition, then extend the lab by adding read-only nodes, enabling monitoring alerts, and practicing backup/restore drills in a staging environment.