update vars

vars/patroni.yaml

@@ -1,5 +1,3 @@
-patroni_wal_g_install: true
-
 # Consul configuration
 consul_ssl: true
 consul_version: "1.15.4"
@@ -8,6 +6,7 @@ consul_install_repo: false
 # Patroni configuration
 patroni_ssl: true
 patroni_restapi_listen_port: 8008
+patroni_restapi_listen_address: "{{ hostvars[inventory_hostname]['ansible_host'] }}"
 
 # pgbouncer configuration
 pgbouncer_client_tls_key_file: "/etc/patroni/ssl/{{ inventory_hostname }}.key"
@@ -42,6 +41,8 @@ haproxy_timeout:
   client: "60m"
   server: "60m"
 
+haproxy_prometheus_exporter: true
+
 haproxy_config_override: |
   global
       maxconn {{ haproxy_maxconn.global }}
@@ -66,7 +67,7 @@ haproxy_config_override: |
   
   listen stats
       mode http
-      bind *:{{ haproxy_listen_port.stats }}
+      bind {{ hostvars[inventory_hostname]['ansible_host'] }}:{{ haproxy_listen_port.stats }}
       stats enable
       stats uri /
   
@@ -117,9 +118,24 @@ haproxy_config_override: |
       server {{ server }} {{ server }}:{{ pgbouncer_listen_port }} check port {{ patroni_restapi_listen_port }} check-ssl verify none
   {% endfor %}
 
+  {% if haproxy_prometheus_exporter %}
+  frontend {{ haproxy_prometheus_exporter_frontend_name }}
+    bind *:{{ haproxy_prometheus_exporter_port }}
+    mode http
+    http-request use-service prometheus-exporter if { path {{ haproxy_prometheus_exporter_metrics_path }} }
+    no log
+  {% endif %}
+
 keepalived_config_override: |
   global_defs {
     router_id {{ patroni_cluster_name | default('default') }}
+    dynamic_interfaces
+    enable_script_security
+    script_user root
+  }
+  vrrp_script check_patroni_role
+  {
+    script "/etc/keepalived/scripts/check_patroni_role.sh"
   }
   vrrp_track_process haproxy {
     process haproxy
@@ -129,7 +145,7 @@ keepalived_config_override: |
   vrrp_instance VRRP_1 {
     state MASTER
     virtual_router_id {{ keepalived_vip.split('.')[-1][-3:] }}
-    priority {{ ansible_default_ipv4.address.split('.')[-1][-3:] }}
+    priority {{ ((groups['patroni'].index(inventory_hostname)|int)+100)|int }}
     interface {{ ansible_default_ipv4.interface }}
     unicast_src_ip {{ ansible_default_ipv4.address }}
     unicast_peer {
@@ -143,15 +159,33 @@ keepalived_config_override: |
     track_process {
       haproxy
     }
+    track_script {
+      check_patroni_role weight 20
+    }
+    notify_master "/etc/keepalived/scripts/check_patroni_role.sh INSTANCE VRRP_1 MASTER"
+    notify_backup "/etc/keepalived/scripts/check_patroni_role.sh INSTANCE VRRP_1 BACKUP"
+    notify_fault "/etc/keepalived/scripts/check_patroni_role.sh INSTANCE VRRP_1 FAULT"
   }
 
+keepalived_scripts:
+  - name: check_patroni_role.sh
+    data: |
+      #!/bin/bash
+      role=$(curl -s -k {{ 'https' if patroni_ssl else 'http' }}://{{ ansible_default_ipv4.address }}:{{ patroni_restapi_listen_port }} -u "{{ patroni_restapi_username }}:{{ patroni_restapi_password }}" | jq -r '.role')
+      if [ "${role}" == "master" ]
+      then
+        exit 0
+      else
+        exit 1
+      fi
+
 # Backup and restore options
-patroni_postgresql_archive_command: "{{ 'http_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ 'https_proxy=' ~ wal_g_https_proxy ~ ' ' if wal_g_https_proxy is defined else 'https_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ wal_g_pg_binary ~ ' --config ' ~ wal_g_pg_home_dir ~ '/' ~ wal_g_config_name ~ ' wal-push %p' if patroni_wal_g_install else '' }}"
+patroni_postgresql_archive_command: "{{ 'http_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ 'https_proxy=' ~ wal_g_https_proxy ~ ' ' if wal_g_https_proxy is defined else 'https_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ wal_g_pg_binary ~ ' --config ' ~ wal_g_pg_home_dir ~ '/' ~ wal_g_config_name ~ ' wal-push %p' if patroni_wal_g_install else 'cd .' }}"
-patroni_postgresql_restore_command: "{{ 'http_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ 'https_proxy=' ~ wal_g_https_proxy ~ ' ' if wal_g_https_proxy is defined else 'https_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ wal_g_pg_binary ~ ' --config ' ~ wal_g_pg_home_dir ~ '/' ~ wal_g_config_name ~ ' wal-fetch %f %p' if patroni_wal_g_install else '' }}"
+patroni_postgresql_restore_command: "{{ 'http_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ 'https_proxy=' ~ wal_g_https_proxy ~ ' ' if wal_g_https_proxy is defined else 'https_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ wal_g_pg_binary ~ ' --config ' ~ wal_g_pg_home_dir ~ '/' ~ wal_g_config_name ~ ' wal-fetch %f %p' if patroni_wal_g_install else 'cd .' }}"
 patroni_cluster_bootstrap_command: "{{ 'http_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ 'https_proxy=' ~ wal_g_https_proxy ~ ' ' if wal_g_https_proxy is defined else 'https_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ wal_g_pg_binary ~ ' --config ' ~ wal_g_pg_home_dir ~ '/' ~ wal_g_config_name ~ ' backup-fetch ' ~ patroni_postgresql_data_dir ~ ' LATEST'}}"
 patroni_cluster_restore_bootstrap_command: "{{ 'http_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ 'https_proxy=' ~ wal_g_https_proxy ~ ' ' if wal_g_https_proxy is defined else 'https_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ wal_g_pg_binary ~ ' --config ' ~ wal_g_pg_home_dir ~ '/' ~ wal_g_restore_config_name ~ ' backup-fetch ' ~ patroni_postgresql_data_dir ~ ' ' ~  patroni_wal_g_restore_backup_name }}"
 # "restore_command" written to recovery.conf when configuring follower (create replica)
-patroni_cluster_restore_command: "{{ 'http_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ 'https_proxy=' ~ wal_g_https_proxy ~ ' ' if wal_g_https_proxy is defined else 'https_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ wal_g_pg_binary ~ ' --config ' ~ wal_g_pg_home_dir ~ '/' ~ wal_g_restore_config_name ~ ' wal-fetch %f %p' if patroni_wal_g_restore_from_backup else '' }}"
+patroni_cluster_restore_command: "{{ 'http_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ 'https_proxy=' ~ wal_g_https_proxy ~ ' ' if wal_g_https_proxy is defined else 'https_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ wal_g_pg_binary ~ ' --config ' ~ wal_g_pg_home_dir ~ '/' ~ wal_g_restore_config_name ~ ' wal-fetch %f %p' if patroni_wal_g_restore_from_backup }}"
 patroni_wal_g_create_replica_methods:
   - {option: "command", value: "{{ patroni_cluster_bootstrap_command }}"}
   - {option: "no_params", value: "True"}
@@ -159,9 +193,19 @@ patroni_basebackup_create_replica_methods:
   - {option: "max-rate", value: "1000M"}
   - {option: "checkpoint", value: "fast"}
 
+# Patroni WAL-G
+patroni_wal_g_install: true
+
 # WAL-G options
 wal_g_backup_enable: "{{ patroni_wal_g_backup_enable }}"
 wal_g_backup_retention_enable: "{{ wal_g_backup_enable }}"
+wal_g_pg_binary: "/usr/bin/wal-g-pg"
+wal_g_config_name: ".walg.json"
+wal_g_restore_config_name: ".walg-restore.json"
 wal_g_pg_home_dir: "{{ patroni_postgresql_home_dir }}"
 wal_g_pg_data_dir: "{{ patroni_postgresql_home_dir }}/{{ patroni_postgresql_major_version }}/{{ patroni_postgresql_cluster_name }}"
 wal_g_pg_major_version: "{{ patroni_postgresql_major_version }}"
+
+# Monitoring
+node_exporter_listen_address: "{{ hostvars[inventory_hostname]['ansible_host'] }}"
+postgres_exporter_listen_address: "{{ hostvars[inventory_hostname]['ansible_host'] }}"