diff --git a/README.md b/README.md index 4a115a8..edf6fcd 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,10 @@ -Deploy Patroni +# Deploy Patroni + +## Supported features +- TLS +- Backups to S3 with WAL-G +- Deploy new cluster from S3 +- Scheduled backups to S3 ## Install ansible and requirements in virtualenv diff --git a/inventory/group_vars/all.yaml b/inventory/group_vars/all.yaml index fa8a20e..5b49ec9 100644 --- a/inventory/group_vars/all.yaml +++ b/inventory/group_vars/all.yaml @@ -1,5 +1,6 @@ consul_install_official_repo: false -patroni_wal_g_install: false +patroni_wal_g_install: true +patroni_wal_g_backup_enable: true wal_g_config: >- {{ { diff --git a/vars/patroni.yaml b/vars/patroni.yaml index f17f83a..4fc2b85 100644 --- a/vars/patroni.yaml +++ b/vars/patroni.yaml @@ -1,12 +1,31 @@ +patroni_wal_g_install: true + +# Consul configuration +consul_ssl: true +consul_version: "1.15.4" +consul_install_repo: false + +# Patroni configuration +patroni_ssl: true +patroni_restapi_listen_port: 8008 + # pgbouncer configuration -pgbouncer_client_tls_key_file: "/etc/patroni/ssl/cert.key" -pgbouncer_client_tls_cert_file: "/etc/patroni/ssl/cert.crt" +pgbouncer_client_tls_key_file: "/etc/patroni/ssl/{{ inventory_hostname }}.key" +pgbouncer_client_tls_cert_file: "/etc/patroni/ssl/{{ inventory_hostname }}.crt" pgbouncer_systemd_user: "postgres" pgbouncer_systemd_group: "postgres" pgbouncer_postgresql_major_version: "{{ patroni_postgresql_major_version }}" pgbouncer_postgresql_superuser_username: "{{ patroni_superuser_username }}" pgbouncer_postgresql_superuser_password: "{{ patroni_superuser_password }}" pgbouncer_auth_hba_file: "{{ patroni_postgresql_data_dir }}/pg_hba.conf" +pgbouncer_max_client_conn: 100000 +pgbouncer_max_db_connections: 10000 +pgbouncer_default_pool_size: 1000 + +postgresql_agent_patroni_restapi_username: "{{ patroni_restapi_username }}" +postgresql_agent_patroni_restapi_password: "{{ patroni_restapi_password }}" +postgresql_agent_wal_g: "{{ patroni_wal_g_install | default(no) }}" +postgresql_agent_wal_g_config: "{{ wal_g_combined_config | default({}) }}" # HAProxy configuration haproxy_listen_port: @@ -100,7 +119,7 @@ haproxy_config_override: | keepalived_config_override: | global_defs { - router_id {{ patroni_cluster_name | d('default') }} + router_id {{ patroni_cluster_name | default('default') }} } vrrp_track_process haproxy { process haproxy @@ -127,12 +146,12 @@ keepalived_config_override: | } # Backup and restore options -patroni_postgresql_archive_command: "{{ 'http_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ 'https_proxy=' ~ wal_g_https_proxy ~ ' ' if wal_g_https_proxy is defined else 'https_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ wal_g_pg_binary_name ~ ' --config ' ~ wal_g_pg_home_dir ~ '/' ~ wal_g_config_name ~ ' wal-push %p' if patroni_wal_g_install else '' }}" -patroni_postgresql_restore_command: "{{ 'http_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ 'https_proxy=' ~ wal_g_https_proxy ~ ' ' if wal_g_https_proxy is defined else 'https_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ wal_g_pg_binary_name ~ ' --config ' ~ wal_g_pg_home_dir ~ '/' ~ wal_g_config_name ~ ' wal-fetch %f %p' if patroni_wal_g_install else '' }}" -patroni_cluster_bootstrap_command: "{{ 'http_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ 'https_proxy=' ~ wal_g_https_proxy ~ ' ' if wal_g_https_proxy is defined else 'https_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ wal_g_pg_binary_name ~ ' --config ' ~ wal_g_pg_home_dir ~ '/' ~ wal_g_config_name ~ ' backup-fetch ' ~ patroni_postgresql_data_dir ~ ' LATEST'}}" -patroni_cluster_restore_bootstrap_command: "{{ 'http_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ 'https_proxy=' ~ wal_g_https_proxy ~ ' ' if wal_g_https_proxy is defined else 'https_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ wal_g_pg_binary_name ~ ' --config ' ~ wal_g_pg_home_dir ~ '/' ~ wal_g_restore_config_name ~ ' backup-fetch ' ~ patroni_postgresql_data_dir ~ ' ' ~ patroni_wal_g_restore_backup_name }}" +patroni_postgresql_archive_command: "{{ 'http_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ 'https_proxy=' ~ wal_g_https_proxy ~ ' ' if wal_g_https_proxy is defined else 'https_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ wal_g_pg_binary ~ ' --config ' ~ wal_g_pg_home_dir ~ '/' ~ wal_g_config_name ~ ' wal-push %p' if patroni_wal_g_install else '' }}" +patroni_postgresql_restore_command: "{{ 'http_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ 'https_proxy=' ~ wal_g_https_proxy ~ ' ' if wal_g_https_proxy is defined else 'https_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ wal_g_pg_binary ~ ' --config ' ~ wal_g_pg_home_dir ~ '/' ~ wal_g_config_name ~ ' wal-fetch %f %p' if patroni_wal_g_install else '' }}" +patroni_cluster_bootstrap_command: "{{ 'http_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ 'https_proxy=' ~ wal_g_https_proxy ~ ' ' if wal_g_https_proxy is defined else 'https_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ wal_g_pg_binary ~ ' --config ' ~ wal_g_pg_home_dir ~ '/' ~ wal_g_config_name ~ ' backup-fetch ' ~ patroni_postgresql_data_dir ~ ' LATEST'}}" +patroni_cluster_restore_bootstrap_command: "{{ 'http_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ 'https_proxy=' ~ wal_g_https_proxy ~ ' ' if wal_g_https_proxy is defined else 'https_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ wal_g_pg_binary ~ ' --config ' ~ wal_g_pg_home_dir ~ '/' ~ wal_g_restore_config_name ~ ' backup-fetch ' ~ patroni_postgresql_data_dir ~ ' ' ~ patroni_wal_g_restore_backup_name }}" # "restore_command" written to recovery.conf when configuring follower (create replica) -patroni_cluster_restore_command: "{{ 'http_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ 'https_proxy=' ~ wal_g_https_proxy ~ ' ' if wal_g_https_proxy is defined else 'https_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ wal_g_pg_binary_name ~ ' --config ' ~ wal_g_pg_home_dir ~ '/' ~ wal_g_restore_config_name ~ ' wal-fetch %f %p' if patroni_wal_g_restore_from_backup else '' }}" +patroni_cluster_restore_command: "{{ 'http_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ 'https_proxy=' ~ wal_g_https_proxy ~ ' ' if wal_g_https_proxy is defined else 'https_proxy=' ~ wal_g_http_proxy ~ ' ' if wal_g_http_proxy is defined else '' }}{{ wal_g_pg_binary ~ ' --config ' ~ wal_g_pg_home_dir ~ '/' ~ wal_g_restore_config_name ~ ' wal-fetch %f %p' if patroni_wal_g_restore_from_backup else '' }}" patroni_wal_g_create_replica_methods: - {option: "command", value: "{{ patroni_cluster_bootstrap_command }}"} - {option: "no_params", value: "True"} @@ -141,10 +160,8 @@ patroni_basebackup_create_replica_methods: - {option: "checkpoint", value: "fast"} # WAL-G options -wal_g_pg: "{{ patroni_wal_g_install }}" -wal_g_pg_binary_name: "wal-g-pg" -wal_g_config_name: ".walg.json" -wal_g_restore_config_name: ".walg-restore.json" +wal_g_backup_enable: "{{ patroni_wal_g_backup_enable }}" +wal_g_backup_retention_enable: "{{ wal_g_backup_enable }}" wal_g_pg_home_dir: "{{ patroni_postgresql_home_dir }}" wal_g_pg_data_dir: "{{ patroni_postgresql_home_dir }}/{{ patroni_postgresql_major_version }}/{{ patroni_postgresql_cluster_name }}" wal_g_pg_major_version: "{{ patroni_postgresql_major_version }}"