From 8c50f40e349c7a7087a75e6b32617f80723499ff Mon Sep 17 00:00:00 2001 From: ElChinoo <3lch1n00B@gmail.com> Date: Mon, 9 Oct 2023 09:47:39 -0300 Subject: [PATCH 1/7] Mixed changes on Terraform and Ansible files. They were not meant to be here but I don't want to lose them, so here they are --- patroni/automation/inventory/inventory.yaml | 18 +- patroni/automation/main.tf | 2 +- patroni/automation/pgha.yaml | 0 ...ry_db_server.tpl => ansible_inventory.tpl} | 0 .../templates/inventory_etcd_server.tpl | 7 - patroni/automation/terraform.tfstate | 267 +++-- patroni/automation/terraform.tfstate.backup | 997 +----------------- patroni/automation/variables.tf | 4 +- 8 files changed, 172 insertions(+), 1123 deletions(-) create mode 100644 patroni/automation/pgha.yaml rename patroni/automation/templates/{inventory_db_server.tpl => ansible_inventory.tpl} (100%) delete mode 100644 patroni/automation/templates/inventory_etcd_server.tpl diff --git a/patroni/automation/inventory/inventory.yaml b/patroni/automation/inventory/inventory.yaml index eeafb57..7204624 100755 --- a/patroni/automation/inventory/inventory.yaml +++ b/patroni/automation/inventory/inventory.yaml @@ -1,23 +1,29 @@ db_server: hosts: node-1: - ansible_host: 34.209.217.171 + ansible_host: 18.237.123.60 ansible_user: ubuntu node-2: - ansible_host: 34.221.198.231 + ansible_host: 54.202.44.91 ansible_user: ubuntu node-3: - ansible_host: 35.163.121.202 + ansible_host: 18.237.55.32 ansible_user: ubuntu etcd_server: hosts: node-1: - ansible_host: 34.209.217.171 + ansible_host: 18.237.123.60 ansible_user: ubuntu node-2: - ansible_host: 34.221.198.231 + ansible_host: 54.202.44.91 ansible_user: ubuntu node-3: - ansible_host: 35.163.121.202 + ansible_host: 18.237.55.32 ansible_user: ubuntu + +ca_server: + hosts: + node-1: + ansible_host: 18.237.123.60 + ansible_user: ubuntu \ No newline at end of file diff --git a/patroni/automation/main.tf b/patroni/automation/main.tf index f62e354..b48705e 100644 --- a/patroni/automation/main.tf +++ b/patroni/automation/main.tf @@ -220,7 +220,7 @@ resource "aws_volume_attachment" "pg_ha_node-att" { ############################### Inventory and Host servers resource "local_file" "ansible_inventory" { content = templatefile( - "./templates/inventory_db_server.tpl", + "./templates/ansible_inventory.tpl", { # Secondary pg_db_pub_ip = aws_instance.pg_ha_node.*.public_ip, diff --git a/patroni/automation/pgha.yaml b/patroni/automation/pgha.yaml new file mode 100644 index 0000000..e69de29 diff --git a/patroni/automation/templates/inventory_db_server.tpl b/patroni/automation/templates/ansible_inventory.tpl similarity index 100% rename from patroni/automation/templates/inventory_db_server.tpl rename to patroni/automation/templates/ansible_inventory.tpl diff --git a/patroni/automation/templates/inventory_etcd_server.tpl b/patroni/automation/templates/inventory_etcd_server.tpl deleted file mode 100644 index 27afda5..0000000 --- a/patroni/automation/templates/inventory_etcd_server.tpl +++ /dev/null @@ -1,7 +0,0 @@ -etcd_server: - hosts: -%{ for index, host in pg_db_pub_ip ~} - node-${index + 1}: - ansible_host: ${host} - ansible_user: ${ssh_user} -%{ endfor ~} diff --git a/patroni/automation/terraform.tfstate b/patroni/automation/terraform.tfstate index d4efe99..3193322 100644 --- a/patroni/automation/terraform.tfstate +++ b/patroni/automation/terraform.tfstate @@ -1,7 +1,7 @@ { "version": 4, "terraform_version": "1.6.0", - "serial": 107, + "serial": 215, "lineage": "e7985d49-2c19-c7ff-2d39-c7567316d7ef", "outputs": {}, "resources": [ @@ -15,11 +15,11 @@ "index_key": 0, "schema_version": 0, "attributes": { - "arn": "arn:aws:ec2:us-west-2:379694287116:volume/vol-04d233f7329cdca87", + "arn": "arn:aws:ec2:us-west-2:379694287116:volume/vol-06a11532656896810", "availability_zone": "us-west-2c", "encrypted": false, "final_snapshot": false, - "id": "vol-04d233f7329cdca87", + "id": "vol-06a11532656896810", "iops": 192, "kms_key_id": "", "multi_attach_enabled": false, @@ -28,7 +28,7 @@ "snapshot_id": "", "tags": { "Environment": "Dev", - "Name": "PGHA_db_-1-vol", + "Name": "PGHA-db-1-vol", "Owner": "Charly El-Chinoo Batista", "PerconaCreatedBy": "charly.batista@percona.com", "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", @@ -36,7 +36,7 @@ }, "tags_all": { "Environment": "Dev", - "Name": "PGHA_db_-1-vol", + "Name": "PGHA-db-1-vol", "Owner": "Charly El-Chinoo Batista", "PerconaCreatedBy": "charly.batista@percona.com", "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", @@ -53,11 +53,11 @@ "index_key": 1, "schema_version": 0, "attributes": { - "arn": "arn:aws:ec2:us-west-2:379694287116:volume/vol-02d8fef4e7d664ded", + "arn": "arn:aws:ec2:us-west-2:379694287116:volume/vol-0ea694069036f40d4", "availability_zone": "us-west-2c", "encrypted": false, "final_snapshot": false, - "id": "vol-02d8fef4e7d664ded", + "id": "vol-0ea694069036f40d4", "iops": 192, "kms_key_id": "", "multi_attach_enabled": false, @@ -66,7 +66,7 @@ "snapshot_id": "", "tags": { "Environment": "Dev", - "Name": "PGHA_db_-2-vol", + "Name": "PGHA-db-2-vol", "Owner": "Charly El-Chinoo Batista", "PerconaCreatedBy": "charly.batista@percona.com", "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", @@ -74,7 +74,7 @@ }, "tags_all": { "Environment": "Dev", - "Name": "PGHA_db_-2-vol", + "Name": "PGHA-db-2-vol", "Owner": "Charly El-Chinoo Batista", "PerconaCreatedBy": "charly.batista@percona.com", "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", @@ -91,11 +91,11 @@ "index_key": 2, "schema_version": 0, "attributes": { - "arn": "arn:aws:ec2:us-west-2:379694287116:volume/vol-060fb5e72bec25c11", + "arn": "arn:aws:ec2:us-west-2:379694287116:volume/vol-054259795ff5ee5ce", "availability_zone": "us-west-2c", "encrypted": false, "final_snapshot": false, - "id": "vol-060fb5e72bec25c11", + "id": "vol-054259795ff5ee5ce", "iops": 192, "kms_key_id": "", "multi_attach_enabled": false, @@ -104,7 +104,7 @@ "snapshot_id": "", "tags": { "Environment": "Dev", - "Name": "PGHA_db_-3-vol", + "Name": "PGHA-db-3-vol", "Owner": "Charly El-Chinoo Batista", "PerconaCreatedBy": "charly.batista@percona.com", "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", @@ -112,7 +112,7 @@ }, "tags_all": { "Environment": "Dev", - "Name": "PGHA_db_-3-vol", + "Name": "PGHA-db-3-vol", "Owner": "Charly El-Chinoo Batista", "PerconaCreatedBy": "charly.batista@percona.com", "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", @@ -138,7 +138,7 @@ "schema_version": 1, "attributes": { "ami": "ami-03f65b8614a860c29", - "arn": "arn:aws:ec2:us-west-2:379694287116:instance/i-0d14efa987a72a631", + "arn": "arn:aws:ec2:us-west-2:379694287116:instance/i-0b3dab3d07fdc1168", "associate_public_ip_address": true, "availability_zone": "us-west-2c", "capacity_reservation_specification": [ @@ -176,7 +176,7 @@ "host_id": "", "host_resource_group_arn": null, "iam_instance_profile": "", - "id": "i-0d14efa987a72a631", + "id": "i-0b3dab3d07fdc1168", "instance_initiated_shutdown_behavior": "stop", "instance_lifecycle": "", "instance_market_options": [], @@ -206,8 +206,8 @@ "password_data": "", "placement_group": "", "placement_partition_number": 0, - "primary_network_interface_id": "eni-02864ce9419a82223", - "private_dns": "ip-10-0-1-46.us-west-2.compute.internal", + "primary_network_interface_id": "eni-0501d10a59f61aff2", + "private_dns": "ip-10-0-1-146.us-west-2.compute.internal", "private_dns_name_options": [ { "enable_resource_name_dns_a_record": false, @@ -215,9 +215,9 @@ "hostname_type": "ip-name" } ], - "private_ip": "10.0.1.46", - "public_dns": "ec2-34-209-217-171.us-west-2.compute.amazonaws.com", - "public_ip": "34.209.217.171", + "private_ip": "10.0.1.146", + "public_dns": "ec2-18-237-123-60.us-west-2.compute.amazonaws.com", + "public_ip": "18.237.123.60", "root_block_device": [ { "delete_on_termination": true, @@ -227,18 +227,18 @@ "kms_key_id": "", "tags": {}, "throughput": 0, - "volume_id": "vol-0d520efe37d81acc9", + "volume_id": "vol-0f26544f1e1ff677a", "volume_size": 8, "volume_type": "gp2" } ], "secondary_private_ips": [], "security_groups": [ - "sg-04d87741996a83b51" + "sg-0dfc7174afd36a050" ], "source_dest_check": true, "spot_instance_request_id": "", - "subnet_id": "subnet-0150d1a5eb5524d19", + "subnet_id": "subnet-0ba3e92069971db72", "tags": { "Environment": "Dev", "HostType": "PostgreSQL", @@ -264,7 +264,7 @@ "user_data_replace_on_change": false, "volume_tags": null, "vpc_security_group_ids": [ - "sg-04d87741996a83b51" + "sg-0dfc7174afd36a050" ] }, "sensitive_attributes": [], @@ -280,7 +280,7 @@ "schema_version": 1, "attributes": { "ami": "ami-03f65b8614a860c29", - "arn": "arn:aws:ec2:us-west-2:379694287116:instance/i-0772fee08e133298d", + "arn": "arn:aws:ec2:us-west-2:379694287116:instance/i-03764f07710be136e", "associate_public_ip_address": true, "availability_zone": "us-west-2c", "capacity_reservation_specification": [ @@ -318,7 +318,7 @@ "host_id": "", "host_resource_group_arn": null, "iam_instance_profile": "", - "id": "i-0772fee08e133298d", + "id": "i-03764f07710be136e", "instance_initiated_shutdown_behavior": "stop", "instance_lifecycle": "", "instance_market_options": [], @@ -348,8 +348,8 @@ "password_data": "", "placement_group": "", "placement_partition_number": 0, - "primary_network_interface_id": "eni-079dd492212c5c1f4", - "private_dns": "ip-10-0-1-10.us-west-2.compute.internal", + "primary_network_interface_id": "eni-016611feb3ff33380", + "private_dns": "ip-10-0-1-199.us-west-2.compute.internal", "private_dns_name_options": [ { "enable_resource_name_dns_a_record": false, @@ -357,9 +357,9 @@ "hostname_type": "ip-name" } ], - "private_ip": "10.0.1.10", - "public_dns": "ec2-34-221-198-231.us-west-2.compute.amazonaws.com", - "public_ip": "34.221.198.231", + "private_ip": "10.0.1.199", + "public_dns": "ec2-54-202-44-91.us-west-2.compute.amazonaws.com", + "public_ip": "54.202.44.91", "root_block_device": [ { "delete_on_termination": true, @@ -369,18 +369,18 @@ "kms_key_id": "", "tags": {}, "throughput": 0, - "volume_id": "vol-07f0cbb615c7b0a8b", + "volume_id": "vol-0ee708c0b91b2484f", "volume_size": 8, "volume_type": "gp2" } ], "secondary_private_ips": [], "security_groups": [ - "sg-04d87741996a83b51" + "sg-0dfc7174afd36a050" ], "source_dest_check": true, "spot_instance_request_id": "", - "subnet_id": "subnet-0150d1a5eb5524d19", + "subnet_id": "subnet-0ba3e92069971db72", "tags": { "Environment": "Dev", "HostType": "PostgreSQL", @@ -406,7 +406,7 @@ "user_data_replace_on_change": false, "volume_tags": null, "vpc_security_group_ids": [ - "sg-04d87741996a83b51" + "sg-0dfc7174afd36a050" ] }, "sensitive_attributes": [], @@ -422,7 +422,7 @@ "schema_version": 1, "attributes": { "ami": "ami-03f65b8614a860c29", - "arn": "arn:aws:ec2:us-west-2:379694287116:instance/i-00e1c337ac29118ba", + "arn": "arn:aws:ec2:us-west-2:379694287116:instance/i-0f12954d94e1fa0df", "associate_public_ip_address": true, "availability_zone": "us-west-2c", "capacity_reservation_specification": [ @@ -460,7 +460,7 @@ "host_id": "", "host_resource_group_arn": null, "iam_instance_profile": "", - "id": "i-00e1c337ac29118ba", + "id": "i-0f12954d94e1fa0df", "instance_initiated_shutdown_behavior": "stop", "instance_lifecycle": "", "instance_market_options": [], @@ -490,8 +490,8 @@ "password_data": "", "placement_group": "", "placement_partition_number": 0, - "primary_network_interface_id": "eni-08506515a9c413adb", - "private_dns": "ip-10-0-1-198.us-west-2.compute.internal", + "primary_network_interface_id": "eni-0501701c1264c515f", + "private_dns": "ip-10-0-1-98.us-west-2.compute.internal", "private_dns_name_options": [ { "enable_resource_name_dns_a_record": false, @@ -499,9 +499,9 @@ "hostname_type": "ip-name" } ], - "private_ip": "10.0.1.198", - "public_dns": "ec2-35-163-121-202.us-west-2.compute.amazonaws.com", - "public_ip": "35.163.121.202", + "private_ip": "10.0.1.98", + "public_dns": "ec2-18-237-55-32.us-west-2.compute.amazonaws.com", + "public_ip": "18.237.55.32", "root_block_device": [ { "delete_on_termination": true, @@ -511,18 +511,18 @@ "kms_key_id": "", "tags": {}, "throughput": 0, - "volume_id": "vol-0012fe5e537de22b6", + "volume_id": "vol-0780b316d55e6d76b", "volume_size": 8, "volume_type": "gp2" } ], "secondary_private_ips": [], "security_groups": [ - "sg-04d87741996a83b51" + "sg-0dfc7174afd36a050" ], "source_dest_check": true, "spot_instance_request_id": "", - "subnet_id": "subnet-0150d1a5eb5524d19", + "subnet_id": "subnet-0ba3e92069971db72", "tags": { "Environment": "Dev", "HostType": "PostgreSQL", @@ -548,7 +548,7 @@ "user_data_replace_on_change": false, "volume_tags": null, "vpc_security_group_ids": [ - "sg-04d87741996a83b51" + "sg-0dfc7174afd36a050" ] }, "sensitive_attributes": [], @@ -570,8 +570,8 @@ { "schema_version": 0, "attributes": { - "arn": "arn:aws:ec2:us-west-2:379694287116:internet-gateway/igw-0202eb1214dd518f6", - "id": "igw-0202eb1214dd518f6", + "arn": "arn:aws:ec2:us-west-2:379694287116:internet-gateway/igw-0ad8262571fa6f4ca", + "id": "igw-0ad8262571fa6f4ca", "owner_id": "379694287116", "tags": { "Environment": "Dev", @@ -590,7 +590,7 @@ "Team": "Tech Lead" }, "timeouts": null, - "vpc_id": "vpc-094f4fd46d4bec3f7" + "vpc_id": "vpc-01ea74491271bef56" }, "sensitive_attributes": [], "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjEyMDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH19", @@ -614,9 +614,9 @@ "id": "PGHA_W2_SSH_Key_AUTO", "key_name": "PGHA_W2_SSH_Key_AUTO", "key_name_prefix": "", - "key_pair_id": "key-0b5b5327417aade08", + "key_pair_id": "key-0e0abd9d630d67434", "key_type": "ed25519", - "public_key": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPftS5GQY8++kJZNMCK5Uzjz/2KDZOqAruLx5xS/wrCz AWS SSH Key for test environment || Charly El-Chinoo Batista\u003ccharly.batista@percona.com\u003e ||", + "public_key": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPftS5GQY8++kJZNMCK5Uzjz/2KDZOqAruLx5xS/wrCz", "tags": { "PerconaCreatedBy": "charly.batista@percona.com" }, @@ -638,8 +638,8 @@ { "schema_version": 0, "attributes": { - "arn": "arn:aws:ec2:us-west-2:379694287116:route-table/rtb-0372702c6727546ee", - "id": "rtb-0372702c6727546ee", + "arn": "arn:aws:ec2:us-west-2:379694287116:route-table/rtb-07c29ede6c4cad12c", + "id": "rtb-07c29ede6c4cad12c", "owner_id": "379694287116", "propagating_vgws": [], "route": [ @@ -649,7 +649,7 @@ "core_network_arn": "", "destination_prefix_list_id": "", "egress_only_gateway_id": "", - "gateway_id": "igw-0202eb1214dd518f6", + "gateway_id": "igw-0ad8262571fa6f4ca", "ipv6_cidr_block": "", "local_gateway_id": "", "nat_gateway_id": "", @@ -676,7 +676,7 @@ "Team": "Tech Lead" }, "timeouts": null, - "vpc_id": "vpc-094f4fd46d4bec3f7" + "vpc_id": "vpc-01ea74491271bef56" }, "sensitive_attributes": [], "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", @@ -697,9 +697,9 @@ "schema_version": 0, "attributes": { "gateway_id": "", - "id": "rtbassoc-0d6b1a37a63f2d98b", - "route_table_id": "rtb-0372702c6727546ee", - "subnet_id": "subnet-0150d1a5eb5524d19", + "id": "rtbassoc-09d80a9146a11ce91", + "route_table_id": "rtb-07c29ede6c4cad12c", + "subnet_id": "subnet-0ba3e92069971db72", "timeouts": null }, "sensitive_attributes": [], @@ -722,7 +722,7 @@ { "schema_version": 1, "attributes": { - "arn": "arn:aws:ec2:us-west-2:379694287116:security-group/sg-04d87741996a83b51", + "arn": "arn:aws:ec2:us-west-2:379694287116:security-group/sg-0dfc7174afd36a050", "description": "Managed by Terraform", "egress": [ { @@ -739,7 +739,7 @@ "to_port": 0 } ], - "id": "sg-04d87741996a83b51", + "id": "sg-0dfc7174afd36a050", "ingress": [ { "cidr_blocks": [ @@ -811,7 +811,7 @@ "Team": "Tech Lead" }, "timeouts": null, - "vpc_id": "vpc-094f4fd46d4bec3f7" + "vpc_id": "vpc-01ea74491271bef56" }, "sensitive_attributes": [], "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6OTAwMDAwMDAwMDAwfSwic2NoZW1hX3ZlcnNpb24iOiIxIn0=", @@ -831,7 +831,7 @@ { "schema_version": 1, "attributes": { - "arn": "arn:aws:ec2:us-west-2:379694287116:subnet/subnet-0150d1a5eb5524d19", + "arn": "arn:aws:ec2:us-west-2:379694287116:subnet/subnet-0ba3e92069971db72", "assign_ipv6_address_on_creation": false, "availability_zone": "us-west-2c", "availability_zone_id": "usw2-az3", @@ -841,7 +841,7 @@ "enable_lni_at_device_index": 0, "enable_resource_name_dns_a_record_on_launch": false, "enable_resource_name_dns_aaaa_record_on_launch": false, - "id": "subnet-0150d1a5eb5524d19", + "id": "subnet-0ba3e92069971db72", "ipv6_cidr_block": "", "ipv6_cidr_block_association_id": "", "ipv6_native": false, @@ -867,7 +867,7 @@ "Team": "Tech Lead" }, "timeouts": null, - "vpc_id": "vpc-094f4fd46d4bec3f7" + "vpc_id": "vpc-01ea74491271bef56" }, "sensitive_attributes": [], "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", @@ -877,6 +877,83 @@ } ] }, + { + "mode": "managed", + "type": "aws_volume_attachment", + "name": "pg_ha_node-att", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "device_name": "/dev/sdf", + "force_detach": null, + "id": "vai-2750086427", + "instance_id": "i-0b3dab3d07fdc1168", + "skip_destroy": null, + "stop_instance_before_detaching": null, + "timeouts": null, + "volume_id": "vol-06a11532656896810" + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "aws_ebs_volume.pg_ha_node-vol", + "aws_instance.pg_ha_node", + "aws_security_group.pg_ha-sg", + "aws_subnet.pg_ha-priv_subnet", + "aws_vpc.pg_ha-vpc" + ] + }, + { + "index_key": 1, + "schema_version": 0, + "attributes": { + "device_name": "/dev/sdf", + "force_detach": null, + "id": "vai-2957908312", + "instance_id": "i-03764f07710be136e", + "skip_destroy": null, + "stop_instance_before_detaching": null, + "timeouts": null, + "volume_id": "vol-0ea694069036f40d4" + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "aws_ebs_volume.pg_ha_node-vol", + "aws_instance.pg_ha_node", + "aws_security_group.pg_ha-sg", + "aws_subnet.pg_ha-priv_subnet", + "aws_vpc.pg_ha-vpc" + ] + }, + { + "index_key": 2, + "schema_version": 0, + "attributes": { + "device_name": "/dev/sdf", + "force_detach": null, + "id": "vai-3196671723", + "instance_id": "i-0f12954d94e1fa0df", + "skip_destroy": null, + "stop_instance_before_detaching": null, + "timeouts": null, + "volume_id": "vol-054259795ff5ee5ce" + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "aws_ebs_volume.pg_ha_node-vol", + "aws_instance.pg_ha_node", + "aws_security_group.pg_ha-sg", + "aws_subnet.pg_ha-priv_subnet", + "aws_vpc.pg_ha-vpc" + ] + } + ] + }, { "mode": "managed", "type": "aws_vpc", @@ -886,17 +963,17 @@ { "schema_version": 1, "attributes": { - "arn": "arn:aws:ec2:us-west-2:379694287116:vpc/vpc-094f4fd46d4bec3f7", + "arn": "arn:aws:ec2:us-west-2:379694287116:vpc/vpc-01ea74491271bef56", "assign_generated_ipv6_cidr_block": false, "cidr_block": "10.0.0.0/16", - "default_network_acl_id": "acl-0322ccbc92c7f000c", - "default_route_table_id": "rtb-042963282b757efd5", - "default_security_group_id": "sg-07391ede40f4254b9", + "default_network_acl_id": "acl-0862e871c4a30e793", + "default_route_table_id": "rtb-0e86c0cfdc08decbd", + "default_security_group_id": "sg-0e7855cf1486c5f3a", "dhcp_options_id": "dopt-05cfbfc7eeec18770", "enable_dns_hostnames": true, "enable_dns_support": true, "enable_network_address_usage_metrics": false, - "id": "vpc-094f4fd46d4bec3f7", + "id": "vpc-01ea74491271bef56", "instance_tenancy": "default", "ipv4_ipam_pool_id": null, "ipv4_netmask_length": null, @@ -905,7 +982,7 @@ "ipv6_cidr_block_network_border_group": "", "ipv6_ipam_pool_id": "", "ipv6_netmask_length": 0, - "main_route_table_id": "rtb-042963282b757efd5", + "main_route_table_id": "rtb-0e86c0cfdc08decbd", "owner_id": "379694287116", "tags": { "Environment": "Dev", @@ -938,52 +1015,18 @@ { "schema_version": 0, "attributes": { - "content": "db_server:\n hosts:\n node-1:\n ansible_host: 34.209.217.171\n ansible_user: ubuntu\n node-2:\n ansible_host: 34.221.198.231\n ansible_user: ubuntu\n node-3:\n ansible_host: 35.163.121.202\n ansible_user: ubuntu\n\netcd_server:\n hosts:\n node-1:\n ansible_host: 34.209.217.171\n ansible_user: ubuntu\n node-2:\n ansible_host: 34.221.198.231\n ansible_user: ubuntu\n node-3:\n ansible_host: 35.163.121.202\n ansible_user: ubuntu\n", + "content": "db_server:\n hosts:\n node-1:\n ansible_host: 18.237.123.60\n ansible_user: ubuntu\n node-2:\n ansible_host: 54.202.44.91\n ansible_user: ubuntu\n node-3:\n ansible_host: 18.237.55.32\n ansible_user: ubuntu\n\netcd_server:\n hosts:\n node-1:\n ansible_host: 18.237.123.60\n ansible_user: ubuntu\n node-2:\n ansible_host: 54.202.44.91\n ansible_user: ubuntu\n node-3:\n ansible_host: 18.237.55.32\n ansible_user: ubuntu\n", "content_base64": null, - "content_base64sha256": "zZLb4MjSyqKxbfR74C3pqQGL3XwexBq6WtGKJMDQapA=", - "content_base64sha512": "CQNR5v7Zbnx/C6iccnkzxeMVLlLiCoqa9yXsTZmCNNGV7LALCLRXF8n1y5rRFEvifwjr0JOEub5xD5z+wbhobw==", - "content_md5": "3105be0b5d8cf317177380ead980f45f", - "content_sha1": "8658daee88c50e0bc9d31d7290de6145bd157fd9", - "content_sha256": "cd92dbe0c8d2caa2b16df47be02de9a9018bdd7c1ec41aba5ad18a24c0d06a90", - "content_sha512": "090351e6fed96e7c7f0ba89c727933c5e3152e52e20a8a9af725ec4d998234d195ecb00b08b45717c9f5cb9ad1144be27f08ebd09384b9be710f9cfec1b8686f", + "content_base64sha256": "2f8Nu3YBHZECRl9y2RqEyUAYREpkRKSAvw+uMr0xv84=", + "content_base64sha512": "ucDEhK/IGWo7J0FgMkEUns4uVIo0uJS3izTz1lu/w5OmId5TDn70eCbR80++vQlXE0Fdbhf7D0Xm/Ly41qlfIA==", + "content_md5": "49df32f8b7082c709f41f77e0a11e348", + "content_sha1": "0c825af9598d05ad45962af4d551abbe4029753b", + "content_sha256": "d9ff0dbb76011d9102465f72d91a84c94018444a6444a480bf0fae32bd31bfce", + "content_sha512": "b9c0c484afc8196a3b2741603241149ece2e548a34b894b78b34f3d65bbfc393a621de530e7ef47826d1f34fbebd095713415d6e17fb0f45e6fcbcb8d6a95f20", "directory_permission": "0777", "file_permission": "0777", "filename": "./inventory/inventory.yaml", - "id": "8658daee88c50e0bc9d31d7290de6145bd157fd9", - "sensitive_content": null, - "source": null - }, - "sensitive_attributes": [], - "dependencies": [ - "aws_instance.pg_ha_node", - "aws_security_group.pg_ha-sg", - "aws_subnet.pg_ha-priv_subnet", - "aws_vpc.pg_ha-vpc" - ] - } - ] - }, - { - "mode": "managed", - "type": "local_file", - "name": "inventory_db_nodes", - "provider": "provider[\"registry.terraform.io/hashicorp/local\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "content": "db_server:\n hosts:\n node-1:\n ansible_host: 18.246.59.237\n ansible_user: ubuntu\n node-2:\n ansible_host: 35.89.34.101\n ansible_user: ubuntu\n node-3:\n ansible_host: 54.189.79.169\n ansible_user: ubuntu\n", - "content_base64": null, - "content_base64sha256": "3LSywqVZIEaz702CUVflaOKtenJhIU5xWuBhiblrunI=", - "content_base64sha512": "twE5Bqxj7kB55YbvfqNCCLvJL1DDlDTIBBUVwqXbPMMbUvsbBuEOjnrsIA569P6EN+38d3jYnY8XyCn7qp6GBQ==", - "content_md5": "4a6a03f45007dbc066cf50d8838d49a0", - "content_sha1": "102767b0fab3fc9be4de0f6ab170769e98e65c13", - "content_sha256": "dcb4b2c2a5592046b3ef4d825157e568e2ad7a7261214e715ae06189b96bba72", - "content_sha512": "b7013906ac63ee4079e586ef7ea34208bbc92f50c39434c8041515c2a5db3cc31b52fb1b06e10e8e7aec200e7af4fe8437edfc7778d89d8f17c829fbaa9e8605", - "directory_permission": "0777", - "file_permission": "0777", - "filename": "./inventory/db_server.yaml", - "id": "102767b0fab3fc9be4de0f6ab170769e98e65c13", + "id": "0c825af9598d05ad45962af4d551abbe4029753b", "sensitive_content": null, "source": null }, diff --git a/patroni/automation/terraform.tfstate.backup b/patroni/automation/terraform.tfstate.backup index 772bc06..7ae9cf1 100644 --- a/patroni/automation/terraform.tfstate.backup +++ b/patroni/automation/terraform.tfstate.backup @@ -1,1002 +1,9 @@ { "version": 4, "terraform_version": "1.6.0", - "serial": 98, + "serial": 197, "lineage": "e7985d49-2c19-c7ff-2d39-c7567316d7ef", "outputs": {}, - "resources": [ - { - "mode": "managed", - "type": "aws_ebs_volume", - "name": "pg_ha_node-vol", - "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", - "instances": [ - { - "index_key": 0, - "schema_version": 0, - "attributes": { - "arn": "arn:aws:ec2:us-west-2:379694287116:volume/vol-04d233f7329cdca87", - "availability_zone": "us-west-2c", - "encrypted": false, - "final_snapshot": false, - "id": "vol-04d233f7329cdca87", - "iops": 192, - "kms_key_id": "", - "multi_attach_enabled": false, - "outpost_arn": "", - "size": 64, - "snapshot_id": "", - "tags": { - "Environment": "Dev", - "Name": "PGHA_db_-1-vol", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "tags_all": { - "Environment": "Dev", - "Name": "PGHA_db_-1-vol", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "throughput": 0, - "timeouts": null, - "type": "gp2" - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjMwMDAwMDAwMDAwMH19" - }, - { - "index_key": 1, - "schema_version": 0, - "attributes": { - "arn": "arn:aws:ec2:us-west-2:379694287116:volume/vol-02d8fef4e7d664ded", - "availability_zone": "us-west-2c", - "encrypted": false, - "final_snapshot": false, - "id": "vol-02d8fef4e7d664ded", - "iops": 192, - "kms_key_id": "", - "multi_attach_enabled": false, - "outpost_arn": "", - "size": 64, - "snapshot_id": "", - "tags": { - "Environment": "Dev", - "Name": "PGHA_db_-2-vol", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "tags_all": { - "Environment": "Dev", - "Name": "PGHA_db_-2-vol", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "throughput": 0, - "timeouts": null, - "type": "gp2" - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjMwMDAwMDAwMDAwMH19" - }, - { - "index_key": 2, - "schema_version": 0, - "attributes": { - "arn": "arn:aws:ec2:us-west-2:379694287116:volume/vol-060fb5e72bec25c11", - "availability_zone": "us-west-2c", - "encrypted": false, - "final_snapshot": false, - "id": "vol-060fb5e72bec25c11", - "iops": 192, - "kms_key_id": "", - "multi_attach_enabled": false, - "outpost_arn": "", - "size": 64, - "snapshot_id": "", - "tags": { - "Environment": "Dev", - "Name": "PGHA_db_-3-vol", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "tags_all": { - "Environment": "Dev", - "Name": "PGHA_db_-3-vol", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "throughput": 0, - "timeouts": null, - "type": "gp2" - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjMwMDAwMDAwMDAwMH19" - } - ] - }, - { - "mode": "managed", - "type": "aws_instance", - "name": "pg_ha_node", - "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", - "instances": [ - { - "index_key": 0, - "schema_version": 1, - "attributes": { - "ami": "ami-03f65b8614a860c29", - "arn": "arn:aws:ec2:us-west-2:379694287116:instance/i-0ac8cb6ddf8d487d8", - "associate_public_ip_address": true, - "availability_zone": "us-west-2c", - "capacity_reservation_specification": [ - { - "capacity_reservation_preference": "open", - "capacity_reservation_target": [] - } - ], - "cpu_core_count": 1, - "cpu_options": [ - { - "amd_sev_snp": "", - "core_count": 1, - "threads_per_core": 1 - } - ], - "cpu_threads_per_core": 1, - "credit_specification": [ - { - "cpu_credits": "standard" - } - ], - "disable_api_stop": false, - "disable_api_termination": false, - "ebs_block_device": [], - "ebs_optimized": false, - "enclave_options": [ - { - "enabled": false - } - ], - "ephemeral_block_device": [], - "get_password_data": false, - "hibernation": false, - "host_id": "", - "host_resource_group_arn": null, - "iam_instance_profile": "", - "id": "i-0ac8cb6ddf8d487d8", - "instance_initiated_shutdown_behavior": "stop", - "instance_lifecycle": "", - "instance_market_options": [], - "instance_state": "running", - "instance_type": "t2.small", - "ipv6_address_count": 0, - "ipv6_addresses": [], - "key_name": "PGHA_W2_SSH_Key_AUTO", - "launch_template": [], - "maintenance_options": [ - { - "auto_recovery": "default" - } - ], - "metadata_options": [ - { - "http_endpoint": "enabled", - "http_protocol_ipv6": "disabled", - "http_put_response_hop_limit": 1, - "http_tokens": "optional", - "instance_metadata_tags": "disabled" - } - ], - "monitoring": false, - "network_interface": [], - "outpost_arn": "", - "password_data": "", - "placement_group": "", - "placement_partition_number": 0, - "primary_network_interface_id": "eni-0cad637846d162ef8", - "private_dns": "ip-10-0-1-215.us-west-2.compute.internal", - "private_dns_name_options": [ - { - "enable_resource_name_dns_a_record": false, - "enable_resource_name_dns_aaaa_record": false, - "hostname_type": "ip-name" - } - ], - "private_ip": "10.0.1.215", - "public_dns": "ec2-34-222-71-215.us-west-2.compute.amazonaws.com", - "public_ip": "34.222.71.215", - "root_block_device": [ - { - "delete_on_termination": true, - "device_name": "/dev/sda1", - "encrypted": false, - "iops": 100, - "kms_key_id": "", - "tags": {}, - "throughput": 0, - "volume_id": "vol-068a3a694a318a98a", - "volume_size": 8, - "volume_type": "gp2" - } - ], - "secondary_private_ips": [], - "security_groups": [ - "sg-04d87741996a83b51" - ], - "source_dest_check": true, - "spot_instance_request_id": "", - "subnet_id": "subnet-0150d1a5eb5524d19", - "tags": { - "Environment": "Dev", - "HostType": "PostgreSQL", - "Name": "PGHA-db-1", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "tags_all": { - "Environment": "Dev", - "HostType": "PostgreSQL", - "Name": "PGHA-db-1", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "tenancy": "default", - "timeouts": null, - "user_data": null, - "user_data_base64": null, - "user_data_replace_on_change": false, - "volume_tags": null, - "vpc_security_group_ids": [ - "sg-04d87741996a83b51" - ] - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMCwidXBkYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==", - "dependencies": [ - "aws_security_group.pg_ha-sg", - "aws_subnet.pg_ha-priv_subnet", - "aws_vpc.pg_ha-vpc" - ] - }, - { - "index_key": 1, - "schema_version": 1, - "attributes": { - "ami": "ami-03f65b8614a860c29", - "arn": "arn:aws:ec2:us-west-2:379694287116:instance/i-08a588eae9e6cccd4", - "associate_public_ip_address": true, - "availability_zone": "us-west-2c", - "capacity_reservation_specification": [ - { - "capacity_reservation_preference": "open", - "capacity_reservation_target": [] - } - ], - "cpu_core_count": 1, - "cpu_options": [ - { - "amd_sev_snp": "", - "core_count": 1, - "threads_per_core": 1 - } - ], - "cpu_threads_per_core": 1, - "credit_specification": [ - { - "cpu_credits": "standard" - } - ], - "disable_api_stop": false, - "disable_api_termination": false, - "ebs_block_device": [], - "ebs_optimized": false, - "enclave_options": [ - { - "enabled": false - } - ], - "ephemeral_block_device": [], - "get_password_data": false, - "hibernation": false, - "host_id": "", - "host_resource_group_arn": null, - "iam_instance_profile": "", - "id": "i-08a588eae9e6cccd4", - "instance_initiated_shutdown_behavior": "stop", - "instance_lifecycle": "", - "instance_market_options": [], - "instance_state": "running", - "instance_type": "t2.small", - "ipv6_address_count": 0, - "ipv6_addresses": [], - "key_name": "PGHA_W2_SSH_Key_AUTO", - "launch_template": [], - "maintenance_options": [ - { - "auto_recovery": "default" - } - ], - "metadata_options": [ - { - "http_endpoint": "enabled", - "http_protocol_ipv6": "disabled", - "http_put_response_hop_limit": 1, - "http_tokens": "optional", - "instance_metadata_tags": "disabled" - } - ], - "monitoring": false, - "network_interface": [], - "outpost_arn": "", - "password_data": "", - "placement_group": "", - "placement_partition_number": 0, - "primary_network_interface_id": "eni-0e7605273e842c7db", - "private_dns": "ip-10-0-1-37.us-west-2.compute.internal", - "private_dns_name_options": [ - { - "enable_resource_name_dns_a_record": false, - "enable_resource_name_dns_aaaa_record": false, - "hostname_type": "ip-name" - } - ], - "private_ip": "10.0.1.37", - "public_dns": "ec2-52-12-138-112.us-west-2.compute.amazonaws.com", - "public_ip": "52.12.138.112", - "root_block_device": [ - { - "delete_on_termination": true, - "device_name": "/dev/sda1", - "encrypted": false, - "iops": 100, - "kms_key_id": "", - "tags": {}, - "throughput": 0, - "volume_id": "vol-06e1d600aca3f7c71", - "volume_size": 8, - "volume_type": "gp2" - } - ], - "secondary_private_ips": [], - "security_groups": [ - "sg-04d87741996a83b51" - ], - "source_dest_check": true, - "spot_instance_request_id": "", - "subnet_id": "subnet-0150d1a5eb5524d19", - "tags": { - "Environment": "Dev", - "HostType": "PostgreSQL", - "Name": "PGHA-db-2", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "tags_all": { - "Environment": "Dev", - "HostType": "PostgreSQL", - "Name": "PGHA-db-2", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "tenancy": "default", - "timeouts": null, - "user_data": null, - "user_data_base64": null, - "user_data_replace_on_change": false, - "volume_tags": null, - "vpc_security_group_ids": [ - "sg-04d87741996a83b51" - ] - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMCwidXBkYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==", - "dependencies": [ - "aws_security_group.pg_ha-sg", - "aws_subnet.pg_ha-priv_subnet", - "aws_vpc.pg_ha-vpc" - ] - }, - { - "index_key": 2, - "schema_version": 1, - "attributes": { - "ami": "ami-03f65b8614a860c29", - "arn": "arn:aws:ec2:us-west-2:379694287116:instance/i-0508059046d4f5361", - "associate_public_ip_address": true, - "availability_zone": "us-west-2c", - "capacity_reservation_specification": [ - { - "capacity_reservation_preference": "open", - "capacity_reservation_target": [] - } - ], - "cpu_core_count": 1, - "cpu_options": [ - { - "amd_sev_snp": "", - "core_count": 1, - "threads_per_core": 1 - } - ], - "cpu_threads_per_core": 1, - "credit_specification": [ - { - "cpu_credits": "standard" - } - ], - "disable_api_stop": false, - "disable_api_termination": false, - "ebs_block_device": [], - "ebs_optimized": false, - "enclave_options": [ - { - "enabled": false - } - ], - "ephemeral_block_device": [], - "get_password_data": false, - "hibernation": false, - "host_id": "", - "host_resource_group_arn": null, - "iam_instance_profile": "", - "id": "i-0508059046d4f5361", - "instance_initiated_shutdown_behavior": "stop", - "instance_lifecycle": "", - "instance_market_options": [], - "instance_state": "running", - "instance_type": "t2.small", - "ipv6_address_count": 0, - "ipv6_addresses": [], - "key_name": "PGHA_W2_SSH_Key_AUTO", - "launch_template": [], - "maintenance_options": [ - { - "auto_recovery": "default" - } - ], - "metadata_options": [ - { - "http_endpoint": "enabled", - "http_protocol_ipv6": "disabled", - "http_put_response_hop_limit": 1, - "http_tokens": "optional", - "instance_metadata_tags": "disabled" - } - ], - "monitoring": false, - "network_interface": [], - "outpost_arn": "", - "password_data": "", - "placement_group": "", - "placement_partition_number": 0, - "primary_network_interface_id": "eni-0f82b306bbc4383a7", - "private_dns": "ip-10-0-1-116.us-west-2.compute.internal", - "private_dns_name_options": [ - { - "enable_resource_name_dns_a_record": false, - "enable_resource_name_dns_aaaa_record": false, - "hostname_type": "ip-name" - } - ], - "private_ip": "10.0.1.116", - "public_dns": "ec2-54-70-108-239.us-west-2.compute.amazonaws.com", - "public_ip": "54.70.108.239", - "root_block_device": [ - { - "delete_on_termination": true, - "device_name": "/dev/sda1", - "encrypted": false, - "iops": 100, - "kms_key_id": "", - "tags": {}, - "throughput": 0, - "volume_id": "vol-008d85087c1c2402d", - "volume_size": 8, - "volume_type": "gp2" - } - ], - "secondary_private_ips": [], - "security_groups": [ - "sg-04d87741996a83b51" - ], - "source_dest_check": true, - "spot_instance_request_id": "", - "subnet_id": "subnet-0150d1a5eb5524d19", - "tags": { - "Environment": "Dev", - "HostType": "PostgreSQL", - "Name": "PGHA-db-3", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "tags_all": { - "Environment": "Dev", - "HostType": "PostgreSQL", - "Name": "PGHA-db-3", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "tenancy": "default", - "timeouts": null, - "user_data": null, - "user_data_base64": null, - "user_data_replace_on_change": false, - "volume_tags": null, - "vpc_security_group_ids": [ - "sg-04d87741996a83b51" - ] - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMCwidXBkYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==", - "dependencies": [ - "aws_security_group.pg_ha-sg", - "aws_subnet.pg_ha-priv_subnet", - "aws_vpc.pg_ha-vpc" - ] - } - ] - }, - { - "mode": "managed", - "type": "aws_internet_gateway", - "name": "pg_ha-gw", - "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "arn": "arn:aws:ec2:us-west-2:379694287116:internet-gateway/igw-0202eb1214dd518f6", - "id": "igw-0202eb1214dd518f6", - "owner_id": "379694287116", - "tags": { - "Environment": "Dev", - "Name": "PGHA_gw", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "tags_all": { - "Environment": "Dev", - "Name": "PGHA_gw", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "timeouts": null, - "vpc_id": "vpc-094f4fd46d4bec3f7" - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjEyMDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH19", - "dependencies": [ - "aws_vpc.pg_ha-vpc" - ] - } - ] - }, - { - "mode": "managed", - "type": "aws_key_pair", - "name": "pg_ha-pkey", - "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", - "instances": [ - { - "schema_version": 1, - "attributes": { - "arn": "arn:aws:ec2:us-west-2:379694287116:key-pair/PGHA_W2_SSH_Key_AUTO", - "fingerprint": "WROBKOosrraL2jzJ5AREE0K9zhLDWGiIT895KySTD00=", - "id": "PGHA_W2_SSH_Key_AUTO", - "key_name": "PGHA_W2_SSH_Key_AUTO", - "key_name_prefix": "", - "key_pair_id": "key-0b5b5327417aade08", - "key_type": "ed25519", - "public_key": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPftS5GQY8++kJZNMCK5Uzjz/2KDZOqAruLx5xS/wrCz AWS SSH Key for test environment || Charly El-Chinoo Batista\u003ccharly.batista@percona.com\u003e ||", - "tags": { - "PerconaCreatedBy": "charly.batista@percona.com" - }, - "tags_all": { - "PerconaCreatedBy": "charly.batista@percona.com" - } - }, - "sensitive_attributes": [], - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==" - } - ] - }, - { - "mode": "managed", - "type": "aws_route_table", - "name": "pg_ha-router", - "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "arn": "arn:aws:ec2:us-west-2:379694287116:route-table/rtb-0372702c6727546ee", - "id": "rtb-0372702c6727546ee", - "owner_id": "379694287116", - "propagating_vgws": [], - "route": [ - { - "carrier_gateway_id": "", - "cidr_block": "0.0.0.0/0", - "core_network_arn": "", - "destination_prefix_list_id": "", - "egress_only_gateway_id": "", - "gateway_id": "igw-0202eb1214dd518f6", - "ipv6_cidr_block": "", - "local_gateway_id": "", - "nat_gateway_id": "", - "network_interface_id": "", - "transit_gateway_id": "", - "vpc_endpoint_id": "", - "vpc_peering_connection_id": "" - } - ], - "tags": { - "Environment": "Dev", - "Name": "PGHA_router", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "tags_all": { - "Environment": "Dev", - "Name": "PGHA_router", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "timeouts": null, - "vpc_id": "vpc-094f4fd46d4bec3f7" - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", - "dependencies": [ - "aws_internet_gateway.pg_ha-gw", - "aws_vpc.pg_ha-vpc" - ] - } - ] - }, - { - "mode": "managed", - "type": "aws_route_table_association", - "name": "pg_ha-priv_subnet-router", - "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "gateway_id": "", - "id": "rtbassoc-0d6b1a37a63f2d98b", - "route_table_id": "rtb-0372702c6727546ee", - "subnet_id": "subnet-0150d1a5eb5524d19", - "timeouts": null - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", - "dependencies": [ - "aws_internet_gateway.pg_ha-gw", - "aws_route_table.pg_ha-router", - "aws_subnet.pg_ha-priv_subnet", - "aws_vpc.pg_ha-vpc" - ] - } - ] - }, - { - "mode": "managed", - "type": "aws_security_group", - "name": "pg_ha-sg", - "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", - "instances": [ - { - "schema_version": 1, - "attributes": { - "arn": "arn:aws:ec2:us-west-2:379694287116:security-group/sg-04d87741996a83b51", - "description": "Managed by Terraform", - "egress": [ - { - "cidr_blocks": [ - "0.0.0.0/0" - ], - "description": "", - "from_port": 0, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "-1", - "security_groups": [], - "self": false, - "to_port": 0 - } - ], - "id": "sg-04d87741996a83b51", - "ingress": [ - { - "cidr_blocks": [ - "0.0.0.0/0" - ], - "description": "", - "from_port": 22, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [], - "self": false, - "to_port": 22 - }, - { - "cidr_blocks": [ - "10.0.1.0/24" - ], - "description": "", - "from_port": 0, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "-1", - "security_groups": [], - "self": false, - "to_port": 0 - }, - { - "cidr_blocks": [], - "description": "", - "from_port": 0, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [], - "self": true, - "to_port": 0 - }, - { - "cidr_blocks": [], - "description": "", - "from_port": 0, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "udp", - "security_groups": [], - "self": true, - "to_port": 0 - } - ], - "name": "pg_ha-sg", - "name_prefix": "", - "owner_id": "379694287116", - "revoke_rules_on_delete": false, - "tags": { - "Environment": "Dev", - "Name": "PGHA_sg", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "tags_all": { - "Environment": "Dev", - "Name": "PGHA_sg", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "timeouts": null, - "vpc_id": "vpc-094f4fd46d4bec3f7" - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6OTAwMDAwMDAwMDAwfSwic2NoZW1hX3ZlcnNpb24iOiIxIn0=", - "dependencies": [ - "aws_subnet.pg_ha-priv_subnet", - "aws_vpc.pg_ha-vpc" - ] - } - ] - }, - { - "mode": "managed", - "type": "aws_subnet", - "name": "pg_ha-priv_subnet", - "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", - "instances": [ - { - "schema_version": 1, - "attributes": { - "arn": "arn:aws:ec2:us-west-2:379694287116:subnet/subnet-0150d1a5eb5524d19", - "assign_ipv6_address_on_creation": false, - "availability_zone": "us-west-2c", - "availability_zone_id": "usw2-az3", - "cidr_block": "10.0.1.0/24", - "customer_owned_ipv4_pool": "", - "enable_dns64": false, - "enable_lni_at_device_index": 0, - "enable_resource_name_dns_a_record_on_launch": false, - "enable_resource_name_dns_aaaa_record_on_launch": false, - "id": "subnet-0150d1a5eb5524d19", - "ipv6_cidr_block": "", - "ipv6_cidr_block_association_id": "", - "ipv6_native": false, - "map_customer_owned_ip_on_launch": false, - "map_public_ip_on_launch": true, - "outpost_arn": "", - "owner_id": "379694287116", - "private_dns_hostname_type_on_launch": "ip-name", - "tags": { - "Environment": "Dev", - "Name": "PGHA_psnet", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "tags_all": { - "Environment": "Dev", - "Name": "PGHA_psnet", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "timeouts": null, - "vpc_id": "vpc-094f4fd46d4bec3f7" - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", - "dependencies": [ - "aws_vpc.pg_ha-vpc" - ] - } - ] - }, - { - "mode": "managed", - "type": "aws_vpc", - "name": "pg_ha-vpc", - "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", - "instances": [ - { - "schema_version": 1, - "attributes": { - "arn": "arn:aws:ec2:us-west-2:379694287116:vpc/vpc-094f4fd46d4bec3f7", - "assign_generated_ipv6_cidr_block": false, - "cidr_block": "10.0.0.0/16", - "default_network_acl_id": "acl-0322ccbc92c7f000c", - "default_route_table_id": "rtb-042963282b757efd5", - "default_security_group_id": "sg-07391ede40f4254b9", - "dhcp_options_id": "dopt-05cfbfc7eeec18770", - "enable_dns_hostnames": true, - "enable_dns_support": true, - "enable_network_address_usage_metrics": false, - "id": "vpc-094f4fd46d4bec3f7", - "instance_tenancy": "default", - "ipv4_ipam_pool_id": null, - "ipv4_netmask_length": null, - "ipv6_association_id": "", - "ipv6_cidr_block": "", - "ipv6_cidr_block_network_border_group": "", - "ipv6_ipam_pool_id": "", - "ipv6_netmask_length": 0, - "main_route_table_id": "rtb-042963282b757efd5", - "owner_id": "379694287116", - "tags": { - "Environment": "Dev", - "Name": "PGHA_vpc", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "tags_all": { - "Environment": "Dev", - "Name": "PGHA_vpc", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - } - }, - "sensitive_attributes": [], - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==" - } - ] - }, - { - "mode": "managed", - "type": "local_file", - "name": "ansible_inventory", - "provider": "provider[\"registry.terraform.io/hashicorp/local\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "content": "db_server:\n hosts:\n node-1:\n ansible_host: 34.222.71.215\n ansible_user: ubuntu\n node-2:\n ansible_host: 52.12.138.112\n ansible_user: ubuntu\n node-3:\n ansible_host: 54.70.108.239\n ansible_user: ubuntu\n\netcd_server:\n hosts:\n node-1:\n ansible_host: 34.222.71.215\n ansible_user: ubuntu\n node-2:\n ansible_host: 52.12.138.112\n ansible_user: ubuntu\n node-3:\n ansible_host: 54.70.108.239\n ansible_user: ubuntu\n", - "content_base64": null, - "content_base64sha256": "1UGalNRUcki2yZEb9zNWQu85/k8PD+g79H1uZMtBV7U=", - "content_base64sha512": "2cwbKpNoEohe7elnd+lnKEDyJzg55nTgXjw/pi1LlDjaH6+PUydnvlwGy0gjvNXYKL7YbAkNbtVD0NyWmJ0/GQ==", - "content_md5": "3e7997fcfd18fa33d1f4802819fd5997", - "content_sha1": "a3acefe7a588a496ab53fc537e1fa6471fc2c220", - "content_sha256": "d5419a94d4547248b6c9911bf7335642ef39fe4f0f0fe83bf47d6e64cb4157b5", - "content_sha512": "d9cc1b2a936812885eede96777e9672840f2273839e674e05e3c3fa62d4b9438da1faf8f532767be5c06cb4823bcd5d828bed86c090d6ed543d0dc96989d3f19", - "directory_permission": "0777", - "file_permission": "0777", - "filename": "./inventory/inventory.yaml", - "id": "a3acefe7a588a496ab53fc537e1fa6471fc2c220", - "sensitive_content": null, - "source": null - }, - "sensitive_attributes": [], - "dependencies": [ - "aws_instance.pg_ha_node", - "aws_security_group.pg_ha-sg", - "aws_subnet.pg_ha-priv_subnet", - "aws_vpc.pg_ha-vpc" - ] - } - ] - }, - { - "mode": "managed", - "type": "local_file", - "name": "inventory_db_nodes", - "provider": "provider[\"registry.terraform.io/hashicorp/local\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "content": "db_server:\n hosts:\n node-1:\n ansible_host: 18.246.59.237\n ansible_user: ubuntu\n node-2:\n ansible_host: 35.89.34.101\n ansible_user: ubuntu\n node-3:\n ansible_host: 54.189.79.169\n ansible_user: ubuntu\n", - "content_base64": null, - "content_base64sha256": "3LSywqVZIEaz702CUVflaOKtenJhIU5xWuBhiblrunI=", - "content_base64sha512": "twE5Bqxj7kB55YbvfqNCCLvJL1DDlDTIBBUVwqXbPMMbUvsbBuEOjnrsIA569P6EN+38d3jYnY8XyCn7qp6GBQ==", - "content_md5": "4a6a03f45007dbc066cf50d8838d49a0", - "content_sha1": "102767b0fab3fc9be4de0f6ab170769e98e65c13", - "content_sha256": "dcb4b2c2a5592046b3ef4d825157e568e2ad7a7261214e715ae06189b96bba72", - "content_sha512": "b7013906ac63ee4079e586ef7ea34208bbc92f50c39434c8041515c2a5db3cc31b52fb1b06e10e8e7aec200e7af4fe8437edfc7778d89d8f17c829fbaa9e8605", - "directory_permission": "0777", - "file_permission": "0777", - "filename": "./inventory/db_server.yaml", - "id": "102767b0fab3fc9be4de0f6ab170769e98e65c13", - "sensitive_content": null, - "source": null - }, - "sensitive_attributes": [], - "dependencies": [ - "aws_instance.pg_ha_node", - "aws_security_group.pg_ha-sg", - "aws_subnet.pg_ha-priv_subnet", - "aws_vpc.pg_ha-vpc" - ] - } - ] - } - ], + "resources": [], "check_results": null } diff --git a/patroni/automation/variables.tf b/patroni/automation/variables.tf index 27b05ba..6d6b3a6 100644 --- a/patroni/automation/variables.tf +++ b/patroni/automation/variables.tf @@ -30,7 +30,7 @@ locals { pg_instance_type = "t2.small" pg_vol_type = "gp2" pg_vol_size = 64 - pg_vol_device = "/dev/sdb" + pg_vol_device = "/dev/sdf" host_type_db = "PostgreSQL" pg_base_name = "PGHA-db" @@ -41,7 +41,7 @@ locals { dcs_instance_type = "t2.small" dcs_vol_type = "gp2" dcs_vol_size = 32 - dcs_vol_device = "/dev/sdb" + dcs_vol_device = "/dev/sdf" # https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/device_naming.html#available-ec2-device-names dcs_num_nodes = 3 dcs_node_name = "pg-dcs" From c9fb339971a3b7e9946f8aa45d3e8e3c48358139 Mon Sep 17 00:00:00 2001 From: ElChinoo <3lch1n00B@gmail.com> Date: Tue, 31 Oct 2023 11:39:48 -0300 Subject: [PATCH 2/7] Signed-off-by: ElChinoo <3lch1n00B@gmail.com> Removed terraform state files and updated some variables --- patroni/automation/inventory/inventory.yaml | 29 - patroni/automation/pgha.yaml | 98 ++ patroni/automation/terraform.tfstate | 1045 ------------------- patroni/automation/terraform.tfstate.backup | 9 - patroni/automation/variables.tf | 4 +- 5 files changed, 100 insertions(+), 1085 deletions(-) delete mode 100755 patroni/automation/inventory/inventory.yaml delete mode 100644 patroni/automation/terraform.tfstate delete mode 100644 patroni/automation/terraform.tfstate.backup diff --git a/patroni/automation/inventory/inventory.yaml b/patroni/automation/inventory/inventory.yaml deleted file mode 100755 index 7204624..0000000 --- a/patroni/automation/inventory/inventory.yaml +++ /dev/null @@ -1,29 +0,0 @@ -db_server: - hosts: - node-1: - ansible_host: 18.237.123.60 - ansible_user: ubuntu - node-2: - ansible_host: 54.202.44.91 - ansible_user: ubuntu - node-3: - ansible_host: 18.237.55.32 - ansible_user: ubuntu - -etcd_server: - hosts: - node-1: - ansible_host: 18.237.123.60 - ansible_user: ubuntu - node-2: - ansible_host: 54.202.44.91 - ansible_user: ubuntu - node-3: - ansible_host: 18.237.55.32 - ansible_user: ubuntu - -ca_server: - hosts: - node-1: - ansible_host: 18.237.123.60 - ansible_user: ubuntu \ No newline at end of file diff --git a/patroni/automation/pgha.yaml b/patroni/automation/pgha.yaml index e69de29..1115f66 100644 --- a/patroni/automation/pgha.yaml +++ b/patroni/automation/pgha.yaml @@ -0,0 +1,98 @@ +# Percona Distribution for PostgreSQL: High Availability with Streaming Replication +# - (Percona Distribution for PostgreSQL-based deployment) +# @author: Charly Batista +# @date: 2023-10-09 +# + +# +# pgha.yam +# Configuration file for the pgha_install tool +# + +--- +pgha: + postgres: + # + listen_addr: 0.0.0.0 + listen_port: 5432 + + # + max_connections: 100 + + # + shared_buffers: 512MB + effective_cache_size: + work_mem: 8MB + maintenance_work_mem: 64MB + wal_buffers: 16MB + + # + checkpoint_timeout: 30 + checkpoint_completion_target: 0.9 + + # + hot_standby: "on" + max_wal_senders: 5 + max_replication_slots: 10 + + # + synchronous_commit: "on" + + # + wal_level: logical + wal_compression: "on" + min_wal_size: 80M + max_wal_size: 1GB + wal_keep_size: 4096 + wal_log_hints: "on" + + # + default_statistics_target: 100 + random_page_cost: 1.1 + effective_io_concurrency: 200 + + # + max_worker_processes: 4 + max_parallel_workers_per_gather: 2 + max_parallel_workers: 4 + max_parallel_maintenance_workers: 2 + + # + archive_mode: "on" + archive_library: "" + archive_command: 'pgbackrest --config={{ config_dir }}/pgbackrest.conf --stanza={{ pg_cluster_name }} archive-push "{{ pg_data_dir }}/pg_wal/%f"' + archive_timeout: 1800 + restore_command: 'pgbackrest --config={{ config_dir }}/pgbackrest.conf --stanza={{ pg_cluster_name }} archive-get %f "%p"' + + # + logging_collector: 'on' + + # Patroni variables + patroni: + namespace: pg_ha + scope: "{{ pg_cluster_name }}" + + # + rest_api_listen: 0.0.0.0 + + # + dcs_ttl: 30 + dcs_loop_wait: 10 + dcs_retry_timeout: 10 + dcs_max_lag_failover: 1048576 + dcs_slot_name: percona_{{ pg_cluster_name }} + dcs_slot_type: physical + use_pg_rewind: "true" + use_slots: "true" + backrest_restore_bkp: "/usr/bin/pgbackrest --stanza={{ pg_cluster_name }} --delta restore" + backrest_keep_data: "true" + backrest_no_params: "true" + + # + pass_file: "{{ config_dir }}/.pgpass" + repl_username: replicator + repl_password: R3pl1c4t0r + super_username: postgres + super_password: PostP4ss + admin_username: admin + admin_password: Pgadm1n \ No newline at end of file diff --git a/patroni/automation/terraform.tfstate b/patroni/automation/terraform.tfstate deleted file mode 100644 index 3193322..0000000 --- a/patroni/automation/terraform.tfstate +++ /dev/null @@ -1,1045 +0,0 @@ -{ - "version": 4, - "terraform_version": "1.6.0", - "serial": 215, - "lineage": "e7985d49-2c19-c7ff-2d39-c7567316d7ef", - "outputs": {}, - "resources": [ - { - "mode": "managed", - "type": "aws_ebs_volume", - "name": "pg_ha_node-vol", - "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", - "instances": [ - { - "index_key": 0, - "schema_version": 0, - "attributes": { - "arn": "arn:aws:ec2:us-west-2:379694287116:volume/vol-06a11532656896810", - "availability_zone": "us-west-2c", - "encrypted": false, - "final_snapshot": false, - "id": "vol-06a11532656896810", - "iops": 192, - "kms_key_id": "", - "multi_attach_enabled": false, - "outpost_arn": "", - "size": 64, - "snapshot_id": "", - "tags": { - "Environment": "Dev", - "Name": "PGHA-db-1-vol", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "tags_all": { - "Environment": "Dev", - "Name": "PGHA-db-1-vol", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "throughput": 0, - "timeouts": null, - "type": "gp2" - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjMwMDAwMDAwMDAwMH19" - }, - { - "index_key": 1, - "schema_version": 0, - "attributes": { - "arn": "arn:aws:ec2:us-west-2:379694287116:volume/vol-0ea694069036f40d4", - "availability_zone": "us-west-2c", - "encrypted": false, - "final_snapshot": false, - "id": "vol-0ea694069036f40d4", - "iops": 192, - "kms_key_id": "", - "multi_attach_enabled": false, - "outpost_arn": "", - "size": 64, - "snapshot_id": "", - "tags": { - "Environment": "Dev", - "Name": "PGHA-db-2-vol", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "tags_all": { - "Environment": "Dev", - "Name": "PGHA-db-2-vol", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "throughput": 0, - "timeouts": null, - "type": "gp2" - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjMwMDAwMDAwMDAwMH19" - }, - { - "index_key": 2, - "schema_version": 0, - "attributes": { - "arn": "arn:aws:ec2:us-west-2:379694287116:volume/vol-054259795ff5ee5ce", - "availability_zone": "us-west-2c", - "encrypted": false, - "final_snapshot": false, - "id": "vol-054259795ff5ee5ce", - "iops": 192, - "kms_key_id": "", - "multi_attach_enabled": false, - "outpost_arn": "", - "size": 64, - "snapshot_id": "", - "tags": { - "Environment": "Dev", - "Name": "PGHA-db-3-vol", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "tags_all": { - "Environment": "Dev", - "Name": "PGHA-db-3-vol", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "throughput": 0, - "timeouts": null, - "type": "gp2" - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjMwMDAwMDAwMDAwMH19" - } - ] - }, - { - "mode": "managed", - "type": "aws_instance", - "name": "pg_ha_node", - "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", - "instances": [ - { - "index_key": 0, - "schema_version": 1, - "attributes": { - "ami": "ami-03f65b8614a860c29", - "arn": "arn:aws:ec2:us-west-2:379694287116:instance/i-0b3dab3d07fdc1168", - "associate_public_ip_address": true, - "availability_zone": "us-west-2c", - "capacity_reservation_specification": [ - { - "capacity_reservation_preference": "open", - "capacity_reservation_target": [] - } - ], - "cpu_core_count": 1, - "cpu_options": [ - { - "amd_sev_snp": "", - "core_count": 1, - "threads_per_core": 1 - } - ], - "cpu_threads_per_core": 1, - "credit_specification": [ - { - "cpu_credits": "standard" - } - ], - "disable_api_stop": false, - "disable_api_termination": false, - "ebs_block_device": [], - "ebs_optimized": false, - "enclave_options": [ - { - "enabled": false - } - ], - "ephemeral_block_device": [], - "get_password_data": false, - "hibernation": false, - "host_id": "", - "host_resource_group_arn": null, - "iam_instance_profile": "", - "id": "i-0b3dab3d07fdc1168", - "instance_initiated_shutdown_behavior": "stop", - "instance_lifecycle": "", - "instance_market_options": [], - "instance_state": "running", - "instance_type": "t2.small", - "ipv6_address_count": 0, - "ipv6_addresses": [], - "key_name": "PGHA_W2_SSH_Key_AUTO", - "launch_template": [], - "maintenance_options": [ - { - "auto_recovery": "default" - } - ], - "metadata_options": [ - { - "http_endpoint": "enabled", - "http_protocol_ipv6": "disabled", - "http_put_response_hop_limit": 1, - "http_tokens": "optional", - "instance_metadata_tags": "disabled" - } - ], - "monitoring": false, - "network_interface": [], - "outpost_arn": "", - "password_data": "", - "placement_group": "", - "placement_partition_number": 0, - "primary_network_interface_id": "eni-0501d10a59f61aff2", - "private_dns": "ip-10-0-1-146.us-west-2.compute.internal", - "private_dns_name_options": [ - { - "enable_resource_name_dns_a_record": false, - "enable_resource_name_dns_aaaa_record": false, - "hostname_type": "ip-name" - } - ], - "private_ip": "10.0.1.146", - "public_dns": "ec2-18-237-123-60.us-west-2.compute.amazonaws.com", - "public_ip": "18.237.123.60", - "root_block_device": [ - { - "delete_on_termination": true, - "device_name": "/dev/sda1", - "encrypted": false, - "iops": 100, - "kms_key_id": "", - "tags": {}, - "throughput": 0, - "volume_id": "vol-0f26544f1e1ff677a", - "volume_size": 8, - "volume_type": "gp2" - } - ], - "secondary_private_ips": [], - "security_groups": [ - "sg-0dfc7174afd36a050" - ], - "source_dest_check": true, - "spot_instance_request_id": "", - "subnet_id": "subnet-0ba3e92069971db72", - "tags": { - "Environment": "Dev", - "HostType": "PostgreSQL", - "Name": "PGHA-db-1", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "tags_all": { - "Environment": "Dev", - "HostType": "PostgreSQL", - "Name": "PGHA-db-1", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "tenancy": "default", - "timeouts": null, - "user_data": null, - "user_data_base64": null, - "user_data_replace_on_change": false, - "volume_tags": null, - "vpc_security_group_ids": [ - "sg-0dfc7174afd36a050" - ] - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMCwidXBkYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==", - "dependencies": [ - "aws_security_group.pg_ha-sg", - "aws_subnet.pg_ha-priv_subnet", - "aws_vpc.pg_ha-vpc" - ] - }, - { - "index_key": 1, - "schema_version": 1, - "attributes": { - "ami": "ami-03f65b8614a860c29", - "arn": "arn:aws:ec2:us-west-2:379694287116:instance/i-03764f07710be136e", - "associate_public_ip_address": true, - "availability_zone": "us-west-2c", - "capacity_reservation_specification": [ - { - "capacity_reservation_preference": "open", - "capacity_reservation_target": [] - } - ], - "cpu_core_count": 1, - "cpu_options": [ - { - "amd_sev_snp": "", - "core_count": 1, - "threads_per_core": 1 - } - ], - "cpu_threads_per_core": 1, - "credit_specification": [ - { - "cpu_credits": "standard" - } - ], - "disable_api_stop": false, - "disable_api_termination": false, - "ebs_block_device": [], - "ebs_optimized": false, - "enclave_options": [ - { - "enabled": false - } - ], - "ephemeral_block_device": [], - "get_password_data": false, - "hibernation": false, - "host_id": "", - "host_resource_group_arn": null, - "iam_instance_profile": "", - "id": "i-03764f07710be136e", - "instance_initiated_shutdown_behavior": "stop", - "instance_lifecycle": "", - "instance_market_options": [], - "instance_state": "running", - "instance_type": "t2.small", - "ipv6_address_count": 0, - "ipv6_addresses": [], - "key_name": "PGHA_W2_SSH_Key_AUTO", - "launch_template": [], - "maintenance_options": [ - { - "auto_recovery": "default" - } - ], - "metadata_options": [ - { - "http_endpoint": "enabled", - "http_protocol_ipv6": "disabled", - "http_put_response_hop_limit": 1, - "http_tokens": "optional", - "instance_metadata_tags": "disabled" - } - ], - "monitoring": false, - "network_interface": [], - "outpost_arn": "", - "password_data": "", - "placement_group": "", - "placement_partition_number": 0, - "primary_network_interface_id": "eni-016611feb3ff33380", - "private_dns": "ip-10-0-1-199.us-west-2.compute.internal", - "private_dns_name_options": [ - { - "enable_resource_name_dns_a_record": false, - "enable_resource_name_dns_aaaa_record": false, - "hostname_type": "ip-name" - } - ], - "private_ip": "10.0.1.199", - "public_dns": "ec2-54-202-44-91.us-west-2.compute.amazonaws.com", - "public_ip": "54.202.44.91", - "root_block_device": [ - { - "delete_on_termination": true, - "device_name": "/dev/sda1", - "encrypted": false, - "iops": 100, - "kms_key_id": "", - "tags": {}, - "throughput": 0, - "volume_id": "vol-0ee708c0b91b2484f", - "volume_size": 8, - "volume_type": "gp2" - } - ], - "secondary_private_ips": [], - "security_groups": [ - "sg-0dfc7174afd36a050" - ], - "source_dest_check": true, - "spot_instance_request_id": "", - "subnet_id": "subnet-0ba3e92069971db72", - "tags": { - "Environment": "Dev", - "HostType": "PostgreSQL", - "Name": "PGHA-db-2", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "tags_all": { - "Environment": "Dev", - "HostType": "PostgreSQL", - "Name": "PGHA-db-2", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "tenancy": "default", - "timeouts": null, - "user_data": null, - "user_data_base64": null, - "user_data_replace_on_change": false, - "volume_tags": null, - "vpc_security_group_ids": [ - "sg-0dfc7174afd36a050" - ] - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMCwidXBkYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==", - "dependencies": [ - "aws_security_group.pg_ha-sg", - "aws_subnet.pg_ha-priv_subnet", - "aws_vpc.pg_ha-vpc" - ] - }, - { - "index_key": 2, - "schema_version": 1, - "attributes": { - "ami": "ami-03f65b8614a860c29", - "arn": "arn:aws:ec2:us-west-2:379694287116:instance/i-0f12954d94e1fa0df", - "associate_public_ip_address": true, - "availability_zone": "us-west-2c", - "capacity_reservation_specification": [ - { - "capacity_reservation_preference": "open", - "capacity_reservation_target": [] - } - ], - "cpu_core_count": 1, - "cpu_options": [ - { - "amd_sev_snp": "", - "core_count": 1, - "threads_per_core": 1 - } - ], - "cpu_threads_per_core": 1, - "credit_specification": [ - { - "cpu_credits": "standard" - } - ], - "disable_api_stop": false, - "disable_api_termination": false, - "ebs_block_device": [], - "ebs_optimized": false, - "enclave_options": [ - { - "enabled": false - } - ], - "ephemeral_block_device": [], - "get_password_data": false, - "hibernation": false, - "host_id": "", - "host_resource_group_arn": null, - "iam_instance_profile": "", - "id": "i-0f12954d94e1fa0df", - "instance_initiated_shutdown_behavior": "stop", - "instance_lifecycle": "", - "instance_market_options": [], - "instance_state": "running", - "instance_type": "t2.small", - "ipv6_address_count": 0, - "ipv6_addresses": [], - "key_name": "PGHA_W2_SSH_Key_AUTO", - "launch_template": [], - "maintenance_options": [ - { - "auto_recovery": "default" - } - ], - "metadata_options": [ - { - "http_endpoint": "enabled", - "http_protocol_ipv6": "disabled", - "http_put_response_hop_limit": 1, - "http_tokens": "optional", - "instance_metadata_tags": "disabled" - } - ], - "monitoring": false, - "network_interface": [], - "outpost_arn": "", - "password_data": "", - "placement_group": "", - "placement_partition_number": 0, - "primary_network_interface_id": "eni-0501701c1264c515f", - "private_dns": "ip-10-0-1-98.us-west-2.compute.internal", - "private_dns_name_options": [ - { - "enable_resource_name_dns_a_record": false, - "enable_resource_name_dns_aaaa_record": false, - "hostname_type": "ip-name" - } - ], - "private_ip": "10.0.1.98", - "public_dns": "ec2-18-237-55-32.us-west-2.compute.amazonaws.com", - "public_ip": "18.237.55.32", - "root_block_device": [ - { - "delete_on_termination": true, - "device_name": "/dev/sda1", - "encrypted": false, - "iops": 100, - "kms_key_id": "", - "tags": {}, - "throughput": 0, - "volume_id": "vol-0780b316d55e6d76b", - "volume_size": 8, - "volume_type": "gp2" - } - ], - "secondary_private_ips": [], - "security_groups": [ - "sg-0dfc7174afd36a050" - ], - "source_dest_check": true, - "spot_instance_request_id": "", - "subnet_id": "subnet-0ba3e92069971db72", - "tags": { - "Environment": "Dev", - "HostType": "PostgreSQL", - "Name": "PGHA-db-3", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "tags_all": { - "Environment": "Dev", - "HostType": "PostgreSQL", - "Name": "PGHA-db-3", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "tenancy": "default", - "timeouts": null, - "user_data": null, - "user_data_base64": null, - "user_data_replace_on_change": false, - "volume_tags": null, - "vpc_security_group_ids": [ - "sg-0dfc7174afd36a050" - ] - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMCwidXBkYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==", - "dependencies": [ - "aws_security_group.pg_ha-sg", - "aws_subnet.pg_ha-priv_subnet", - "aws_vpc.pg_ha-vpc" - ] - } - ] - }, - { - "mode": "managed", - "type": "aws_internet_gateway", - "name": "pg_ha-gw", - "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "arn": "arn:aws:ec2:us-west-2:379694287116:internet-gateway/igw-0ad8262571fa6f4ca", - "id": "igw-0ad8262571fa6f4ca", - "owner_id": "379694287116", - "tags": { - "Environment": "Dev", - "Name": "PGHA_gw", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "tags_all": { - "Environment": "Dev", - "Name": "PGHA_gw", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "timeouts": null, - "vpc_id": "vpc-01ea74491271bef56" - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjEyMDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH19", - "dependencies": [ - "aws_vpc.pg_ha-vpc" - ] - } - ] - }, - { - "mode": "managed", - "type": "aws_key_pair", - "name": "pg_ha-pkey", - "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", - "instances": [ - { - "schema_version": 1, - "attributes": { - "arn": "arn:aws:ec2:us-west-2:379694287116:key-pair/PGHA_W2_SSH_Key_AUTO", - "fingerprint": "WROBKOosrraL2jzJ5AREE0K9zhLDWGiIT895KySTD00=", - "id": "PGHA_W2_SSH_Key_AUTO", - "key_name": "PGHA_W2_SSH_Key_AUTO", - "key_name_prefix": "", - "key_pair_id": "key-0e0abd9d630d67434", - "key_type": "ed25519", - "public_key": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPftS5GQY8++kJZNMCK5Uzjz/2KDZOqAruLx5xS/wrCz", - "tags": { - "PerconaCreatedBy": "charly.batista@percona.com" - }, - "tags_all": { - "PerconaCreatedBy": "charly.batista@percona.com" - } - }, - "sensitive_attributes": [], - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==" - } - ] - }, - { - "mode": "managed", - "type": "aws_route_table", - "name": "pg_ha-router", - "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "arn": "arn:aws:ec2:us-west-2:379694287116:route-table/rtb-07c29ede6c4cad12c", - "id": "rtb-07c29ede6c4cad12c", - "owner_id": "379694287116", - "propagating_vgws": [], - "route": [ - { - "carrier_gateway_id": "", - "cidr_block": "0.0.0.0/0", - "core_network_arn": "", - "destination_prefix_list_id": "", - "egress_only_gateway_id": "", - "gateway_id": "igw-0ad8262571fa6f4ca", - "ipv6_cidr_block": "", - "local_gateway_id": "", - "nat_gateway_id": "", - "network_interface_id": "", - "transit_gateway_id": "", - "vpc_endpoint_id": "", - "vpc_peering_connection_id": "" - } - ], - "tags": { - "Environment": "Dev", - "Name": "PGHA_router", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "tags_all": { - "Environment": "Dev", - "Name": "PGHA_router", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "timeouts": null, - "vpc_id": "vpc-01ea74491271bef56" - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", - "dependencies": [ - "aws_internet_gateway.pg_ha-gw", - "aws_vpc.pg_ha-vpc" - ] - } - ] - }, - { - "mode": "managed", - "type": "aws_route_table_association", - "name": "pg_ha-priv_subnet-router", - "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "gateway_id": "", - "id": "rtbassoc-09d80a9146a11ce91", - "route_table_id": "rtb-07c29ede6c4cad12c", - "subnet_id": "subnet-0ba3e92069971db72", - "timeouts": null - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjEyMDAwMDAwMDAwMH19", - "dependencies": [ - "aws_internet_gateway.pg_ha-gw", - "aws_route_table.pg_ha-router", - "aws_subnet.pg_ha-priv_subnet", - "aws_vpc.pg_ha-vpc" - ] - } - ] - }, - { - "mode": "managed", - "type": "aws_security_group", - "name": "pg_ha-sg", - "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", - "instances": [ - { - "schema_version": 1, - "attributes": { - "arn": "arn:aws:ec2:us-west-2:379694287116:security-group/sg-0dfc7174afd36a050", - "description": "Managed by Terraform", - "egress": [ - { - "cidr_blocks": [ - "0.0.0.0/0" - ], - "description": "", - "from_port": 0, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "-1", - "security_groups": [], - "self": false, - "to_port": 0 - } - ], - "id": "sg-0dfc7174afd36a050", - "ingress": [ - { - "cidr_blocks": [ - "0.0.0.0/0" - ], - "description": "", - "from_port": 22, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [], - "self": false, - "to_port": 22 - }, - { - "cidr_blocks": [ - "10.0.1.0/24" - ], - "description": "", - "from_port": 0, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "-1", - "security_groups": [], - "self": false, - "to_port": 0 - }, - { - "cidr_blocks": [], - "description": "", - "from_port": 0, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [], - "self": true, - "to_port": 0 - }, - { - "cidr_blocks": [], - "description": "", - "from_port": 0, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "udp", - "security_groups": [], - "self": true, - "to_port": 0 - } - ], - "name": "pg_ha-sg", - "name_prefix": "", - "owner_id": "379694287116", - "revoke_rules_on_delete": false, - "tags": { - "Environment": "Dev", - "Name": "PGHA_sg", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "tags_all": { - "Environment": "Dev", - "Name": "PGHA_sg", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "timeouts": null, - "vpc_id": "vpc-01ea74491271bef56" - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6OTAwMDAwMDAwMDAwfSwic2NoZW1hX3ZlcnNpb24iOiIxIn0=", - "dependencies": [ - "aws_subnet.pg_ha-priv_subnet", - "aws_vpc.pg_ha-vpc" - ] - } - ] - }, - { - "mode": "managed", - "type": "aws_subnet", - "name": "pg_ha-priv_subnet", - "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", - "instances": [ - { - "schema_version": 1, - "attributes": { - "arn": "arn:aws:ec2:us-west-2:379694287116:subnet/subnet-0ba3e92069971db72", - "assign_ipv6_address_on_creation": false, - "availability_zone": "us-west-2c", - "availability_zone_id": "usw2-az3", - "cidr_block": "10.0.1.0/24", - "customer_owned_ipv4_pool": "", - "enable_dns64": false, - "enable_lni_at_device_index": 0, - "enable_resource_name_dns_a_record_on_launch": false, - "enable_resource_name_dns_aaaa_record_on_launch": false, - "id": "subnet-0ba3e92069971db72", - "ipv6_cidr_block": "", - "ipv6_cidr_block_association_id": "", - "ipv6_native": false, - "map_customer_owned_ip_on_launch": false, - "map_public_ip_on_launch": true, - "outpost_arn": "", - "owner_id": "379694287116", - "private_dns_hostname_type_on_launch": "ip-name", - "tags": { - "Environment": "Dev", - "Name": "PGHA_psnet", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "tags_all": { - "Environment": "Dev", - "Name": "PGHA_psnet", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "timeouts": null, - "vpc_id": "vpc-01ea74491271bef56" - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", - "dependencies": [ - "aws_vpc.pg_ha-vpc" - ] - } - ] - }, - { - "mode": "managed", - "type": "aws_volume_attachment", - "name": "pg_ha_node-att", - "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", - "instances": [ - { - "index_key": 0, - "schema_version": 0, - "attributes": { - "device_name": "/dev/sdf", - "force_detach": null, - "id": "vai-2750086427", - "instance_id": "i-0b3dab3d07fdc1168", - "skip_destroy": null, - "stop_instance_before_detaching": null, - "timeouts": null, - "volume_id": "vol-06a11532656896810" - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwfX0=", - "dependencies": [ - "aws_ebs_volume.pg_ha_node-vol", - "aws_instance.pg_ha_node", - "aws_security_group.pg_ha-sg", - "aws_subnet.pg_ha-priv_subnet", - "aws_vpc.pg_ha-vpc" - ] - }, - { - "index_key": 1, - "schema_version": 0, - "attributes": { - "device_name": "/dev/sdf", - "force_detach": null, - "id": "vai-2957908312", - "instance_id": "i-03764f07710be136e", - "skip_destroy": null, - "stop_instance_before_detaching": null, - "timeouts": null, - "volume_id": "vol-0ea694069036f40d4" - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwfX0=", - "dependencies": [ - "aws_ebs_volume.pg_ha_node-vol", - "aws_instance.pg_ha_node", - "aws_security_group.pg_ha-sg", - "aws_subnet.pg_ha-priv_subnet", - "aws_vpc.pg_ha-vpc" - ] - }, - { - "index_key": 2, - "schema_version": 0, - "attributes": { - "device_name": "/dev/sdf", - "force_detach": null, - "id": "vai-3196671723", - "instance_id": "i-0f12954d94e1fa0df", - "skip_destroy": null, - "stop_instance_before_detaching": null, - "timeouts": null, - "volume_id": "vol-054259795ff5ee5ce" - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMDAsImRlbGV0ZSI6MzAwMDAwMDAwMDAwfX0=", - "dependencies": [ - "aws_ebs_volume.pg_ha_node-vol", - "aws_instance.pg_ha_node", - "aws_security_group.pg_ha-sg", - "aws_subnet.pg_ha-priv_subnet", - "aws_vpc.pg_ha-vpc" - ] - } - ] - }, - { - "mode": "managed", - "type": "aws_vpc", - "name": "pg_ha-vpc", - "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", - "instances": [ - { - "schema_version": 1, - "attributes": { - "arn": "arn:aws:ec2:us-west-2:379694287116:vpc/vpc-01ea74491271bef56", - "assign_generated_ipv6_cidr_block": false, - "cidr_block": "10.0.0.0/16", - "default_network_acl_id": "acl-0862e871c4a30e793", - "default_route_table_id": "rtb-0e86c0cfdc08decbd", - "default_security_group_id": "sg-0e7855cf1486c5f3a", - "dhcp_options_id": "dopt-05cfbfc7eeec18770", - "enable_dns_hostnames": true, - "enable_dns_support": true, - "enable_network_address_usage_metrics": false, - "id": "vpc-01ea74491271bef56", - "instance_tenancy": "default", - "ipv4_ipam_pool_id": null, - "ipv4_netmask_length": null, - "ipv6_association_id": "", - "ipv6_cidr_block": "", - "ipv6_cidr_block_network_border_group": "", - "ipv6_ipam_pool_id": "", - "ipv6_netmask_length": 0, - "main_route_table_id": "rtb-0e86c0cfdc08decbd", - "owner_id": "379694287116", - "tags": { - "Environment": "Dev", - "Name": "PGHA_vpc", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - }, - "tags_all": { - "Environment": "Dev", - "Name": "PGHA_vpc", - "Owner": "Charly El-Chinoo Batista", - "PerconaCreatedBy": "charly.batista@percona.com", - "Product": "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication", - "Team": "Tech Lead" - } - }, - "sensitive_attributes": [], - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==" - } - ] - }, - { - "mode": "managed", - "type": "local_file", - "name": "ansible_inventory", - "provider": "provider[\"registry.terraform.io/hashicorp/local\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "content": "db_server:\n hosts:\n node-1:\n ansible_host: 18.237.123.60\n ansible_user: ubuntu\n node-2:\n ansible_host: 54.202.44.91\n ansible_user: ubuntu\n node-3:\n ansible_host: 18.237.55.32\n ansible_user: ubuntu\n\netcd_server:\n hosts:\n node-1:\n ansible_host: 18.237.123.60\n ansible_user: ubuntu\n node-2:\n ansible_host: 54.202.44.91\n ansible_user: ubuntu\n node-3:\n ansible_host: 18.237.55.32\n ansible_user: ubuntu\n", - "content_base64": null, - "content_base64sha256": "2f8Nu3YBHZECRl9y2RqEyUAYREpkRKSAvw+uMr0xv84=", - "content_base64sha512": "ucDEhK/IGWo7J0FgMkEUns4uVIo0uJS3izTz1lu/w5OmId5TDn70eCbR80++vQlXE0Fdbhf7D0Xm/Ly41qlfIA==", - "content_md5": "49df32f8b7082c709f41f77e0a11e348", - "content_sha1": "0c825af9598d05ad45962af4d551abbe4029753b", - "content_sha256": "d9ff0dbb76011d9102465f72d91a84c94018444a6444a480bf0fae32bd31bfce", - "content_sha512": "b9c0c484afc8196a3b2741603241149ece2e548a34b894b78b34f3d65bbfc393a621de530e7ef47826d1f34fbebd095713415d6e17fb0f45e6fcbcb8d6a95f20", - "directory_permission": "0777", - "file_permission": "0777", - "filename": "./inventory/inventory.yaml", - "id": "0c825af9598d05ad45962af4d551abbe4029753b", - "sensitive_content": null, - "source": null - }, - "sensitive_attributes": [], - "dependencies": [ - "aws_instance.pg_ha_node", - "aws_security_group.pg_ha-sg", - "aws_subnet.pg_ha-priv_subnet", - "aws_vpc.pg_ha-vpc" - ] - } - ] - } - ], - "check_results": null -} diff --git a/patroni/automation/terraform.tfstate.backup b/patroni/automation/terraform.tfstate.backup deleted file mode 100644 index 7ae9cf1..0000000 --- a/patroni/automation/terraform.tfstate.backup +++ /dev/null @@ -1,9 +0,0 @@ -{ - "version": 4, - "terraform_version": "1.6.0", - "serial": 197, - "lineage": "e7985d49-2c19-c7ff-2d39-c7567316d7ef", - "outputs": {}, - "resources": [], - "check_results": null -} diff --git a/patroni/automation/variables.tf b/patroni/automation/variables.tf index 6d6b3a6..e27dcb4 100644 --- a/patroni/automation/variables.tf +++ b/patroni/automation/variables.tf @@ -56,6 +56,6 @@ locals { percona_user = "charly.batista@percona.com" ssh_user = "ubuntu" ssh_key_name = "PGHA_W2_SSH_Key_AUTO" - ssh_pub_key_value = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPftS5GQY8++kJZNMCK5Uzjz/2KDZOqAruLx5xS/wrCz" - ssh_priv_key_path = "~/keys/aws/PGHA_W2_SSH_Key" + ssh_pub_key_value = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINAY1h4DXe9W+L/bkK+O0FC/Hy7thkJKfX9YCTIGoXfp PGHA_W2_SSH_Key_AUTO" + ssh_priv_key_path = "~/keys/aws/PGHA_W2_SSH_Key_AUTO" } \ No newline at end of file From a9cef758ade0128d510b59e1308040f36045c1e3 Mon Sep 17 00:00:00 2001 From: ElChinoo <3lch1n00B@gmail.com> Date: Tue, 31 Oct 2023 11:42:36 -0300 Subject: [PATCH 3/7] Signed-off-by: ElChinoo <3lch1n00B@gmail.com> Updated the .gitignore file to add the terraform state files --- .gitignore | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitignore b/.gitignore index fbe4180..ef11f36 100644 --- a/.gitignore +++ b/.gitignore @@ -2,4 +2,6 @@ all.yaml buffer patroni/automation/.terraform/ patroni/automation/tmp/ +*.tfstate +*.tfstate.* *.hcl From 211ec5bfc94da6b7d4a4b45ed764d8b0b21547ce Mon Sep 17 00:00:00 2001 From: ElChinoo <3lch1n00B@gmail.com> Date: Tue, 31 Oct 2023 11:48:09 -0300 Subject: [PATCH 4/7] Signed-off-by: ElChinoo <3lch1n00B@gmail.com> Added "inventory.yaml" to the gitignore list as this file is generated by terraform using the template file Added "inventory_sample.yaml" file if one doesn't want to use terraform to generate the Ansible invetory but still wants to use the Ansible playbooks --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index ef11f36..acf2076 100644 --- a/.gitignore +++ b/.gitignore @@ -2,6 +2,7 @@ all.yaml buffer patroni/automation/.terraform/ patroni/automation/tmp/ +inventory.yaml *.tfstate *.tfstate.* *.hcl From 659f66445bb16ecbb4892bb17c08335861c704d3 Mon Sep 17 00:00:00 2001 From: ElChinoo <3lch1n00B@gmail.com> Date: Wed, 8 Nov 2023 12:33:11 -0300 Subject: [PATCH 5/7] Created a module to use the pg_ha on Terraform Add an example for the Ansible inventory --- .gitignore | 1 + .../inventory/inventory_sample.yaml | 32 ++ .../automation/inventory/proxy_server.yaml | 5 - patroni/automation/main.tf | 218 ++---------- .../automation/modules/pg_ha/aws/dcs_nodes.tf | 64 ++++ patroni/automation/modules/pg_ha/aws/main.tf | 156 +++++++++ .../automation/modules/pg_ha/aws/outputs.tf | 43 +++ .../automation/modules/pg_ha/aws/pg_nodes.tf | 64 ++++ .../automation/modules/pg_ha/aws/variables.tf | 316 ++++++++++++++++++ .../playbooks/01-initial_setup.yaml | 16 +- .../templates/ansible_inventory.tpl | 14 +- patroni/automation/variables.tf | 61 ---- 12 files changed, 711 insertions(+), 279 deletions(-) create mode 100755 patroni/automation/inventory/inventory_sample.yaml delete mode 100644 patroni/automation/inventory/proxy_server.yaml create mode 100644 patroni/automation/modules/pg_ha/aws/dcs_nodes.tf create mode 100644 patroni/automation/modules/pg_ha/aws/main.tf create mode 100644 patroni/automation/modules/pg_ha/aws/outputs.tf create mode 100644 patroni/automation/modules/pg_ha/aws/pg_nodes.tf create mode 100644 patroni/automation/modules/pg_ha/aws/variables.tf diff --git a/.gitignore b/.gitignore index acf2076..c1770e1 100644 --- a/.gitignore +++ b/.gitignore @@ -6,3 +6,4 @@ inventory.yaml *.tfstate *.tfstate.* *.hcl +tmp \ No newline at end of file diff --git a/patroni/automation/inventory/inventory_sample.yaml b/patroni/automation/inventory/inventory_sample.yaml new file mode 100755 index 0000000..75ac552 --- /dev/null +++ b/patroni/automation/inventory/inventory_sample.yaml @@ -0,0 +1,32 @@ +# db_server: +# hosts: +# node-1: +# ansible_host: 10.0.10.60 +# ansible_user: ubuntu +# update_name: true +# node-2: +# ansible_host: 10.0.10.61 +# ansible_user: ubuntu +# update_name: true +# +# etcd_server: +# hosts: +# node-1: +# ansible_host: 10.0.10.60 +# ansible_user: ubuntu +# update_name: false +# node-2: +# ansible_host: 10.0.10.61 +# ansible_user: ubuntu +# update_name: false +# node-3: +# ansible_host: 10.0.10.70 +# ansible_user: ubuntu +# update_name: true +# +# ca_server: +# hosts: +# node-1: +# ansible_host: 10.0.10.70 +# ansible_user: ubuntu +# update_name: false \ No newline at end of file diff --git a/patroni/automation/inventory/proxy_server.yaml b/patroni/automation/inventory/proxy_server.yaml deleted file mode 100644 index d6444a4..0000000 --- a/patroni/automation/inventory/proxy_server.yaml +++ /dev/null @@ -1,5 +0,0 @@ -# proxy: -# hosts: -# node-prx: -# ansible_host: 34.201.167.49 -# ansible_user: "{{ ssh_username }}" \ No newline at end of file diff --git a/patroni/automation/main.tf b/patroni/automation/main.tf index b48705e..77f365f 100644 --- a/patroni/automation/main.tf +++ b/patroni/automation/main.tf @@ -20,216 +20,40 @@ terraform { required_version = ">= 1.1.0" } -provider "aws" { - region = local.region -} - -resource "aws_key_pair" "pg_ha-pkey" { - key_name = local.ssh_key_name - public_key = local.ssh_pub_key_value - - tags = { - PerconaCreatedBy = local.percona_user - } -} - -resource "aws_vpc" "pg_ha-vpc" { - cidr_block = "10.0.0.0/16" - enable_dns_hostnames = true - enable_dns_support = true - - tags = { - Name = local.vpc_name - Product = local.product - Team = local.team - Owner = local.owner - Environment = local.environment - PerconaCreatedBy = local.percona_user - } -} - -resource "aws_internet_gateway" "pg_ha-gw" { - vpc_id = aws_vpc.pg_ha-vpc.id - - tags = { - Name = local.gw_name - Product = local.product - Team = local.team - Owner = local.owner - Environment = local.environment - PerconaCreatedBy = local.percona_user - } -} - -resource "aws_route_table" "pg_ha-router" { - vpc_id = aws_vpc.pg_ha-vpc.id - - route { - cidr_block = "0.0.0.0/0" - gateway_id = aws_internet_gateway.pg_ha-gw.id - } - - tags = { - Name = local.router_name - Product = local.product - Team = local.team - Owner = local.owner - Environment = local.environment - PerconaCreatedBy = local.percona_user - } -} - - -resource "aws_subnet" "pg_ha-priv_subnet" { - vpc_id = aws_vpc.pg_ha-vpc.id - cidr_block = "10.0.1.0/24" - map_public_ip_on_launch = true - availability_zone = local.av-zone - - tags = { - Name = local.priv_subnet_name - Product = local.product - Team = local.team - Owner = local.owner - Environment = local.environment - PerconaCreatedBy = local.percona_user - } -} - -resource "aws_route_table_association" "pg_ha-priv_subnet-router" { - subnet_id = aws_subnet.pg_ha-priv_subnet.id - route_table_id = aws_route_table.pg_ha-router.id -} - -resource "aws_security_group" "pg_ha-sg" { - name = "pg_ha-sg" - vpc_id = aws_vpc.pg_ha-vpc.id - - ingress { - from_port = 0 - to_port = 0 - protocol = "tcp" - self = true - } +module "pg_ha" { + source = "./modules/pg_ha/aws/" - ingress { - from_port = 0 - to_port = 0 - protocol = "udp" - self = true - } + # AWS configuration block + region = "us-west-2" + zone = "us-west-2c" + ami = "ami-03f65b8614a860c29" - ingress { - from_port = 0 - to_port = 0 - protocol = -1 - cidr_blocks = [aws_subnet.pg_ha-priv_subnet.cidr_block] - } - - ingress { - from_port = 22 - to_port = 22 - protocol = "tcp" - cidr_blocks = ["0.0.0.0/0"] - } - - egress { - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_blocks = ["0.0.0.0/0"] - } - - tags = { - Name = local.sg_name - Product = local.product - Team = local.team - Owner = local.owner - Environment = local.environment - PerconaCreatedBy = local.percona_user - } -} - - -############################### -- PostgreSQL pg_standby instances -resource "aws_ebs_volume" "pg_ha_node-vol" { - type = local.pg_vol_type - size = local.pg_vol_size - availability_zone = local.av-zone - - tags = { - Name = "${local.pg_base_name}-${count.index + 1}-vol" - Product = local.product - Team = local.team - Owner = local.owner - Environment = local.environment - PerconaCreatedBy = local.percona_user - } - count = local.pg_num_nodes -} - -resource "aws_instance" "pg_ha_node" { - # Amazon Linux 2 AMI (HVM) - Kernel 5.10, SSD Volume Type - ami = local.ami - instance_type = local.pg_instance_type - subnet_id = aws_subnet.pg_ha-priv_subnet.id - key_name = local.ssh_key_name - availability_zone = local.av-zone - - tags = { - Name = "${local.pg_base_name}-${count.index + 1}" - Product = local.product - Team = local.team - Owner = local.owner - Environment = local.environment - HostType = local.host_type_db - PerconaCreatedBy = local.percona_user - } - - security_groups = [aws_security_group.pg_ha-sg.id] - count = local.pg_num_nodes - - provisioner "remote-exec" { - inline = ["sudo hostnamectl set-hostname ${local.pg_base_name}-${count.index + 1}"] - - connection { - type = "ssh" - user = local.ssh_user - private_key = file(local.ssh_priv_key_path) - host = self.public_ip - } - } - - provisioner "local-exec" { - command = "ssh-keyscan -H ${self.public_ip} | tee -a ~/.ssh/known_hosts | tee ./tmp/known_hosts" - } + # Node block + pg_num_nodes = 2 + dcs_num_nodes = 1 + dcs_use_pg_node = true } -resource "aws_volume_attachment" "pg_ha_node-att" { - device_name = local.pg_vol_device - volume_id = element(aws_ebs_volume.pg_ha_node-vol.*.id, count.index) - instance_id = element(aws_instance.pg_ha_node.*.id, count.index) - count = local.pg_num_nodes - - # provisioner "local-exec" { - # command = "${local.ansible_cmd} -i ${element(aws_instance.pg_ha_node.*.public_ip, count.index)}, --private-key ${local.ssh_priv_key_path} ${local.ansible_secondary_playbook}" - # } -} -############################### -- PostgreSQL pg_standby instances END - ############################### Inventory and Host servers resource "local_file" "ansible_inventory" { content = templatefile( "./templates/ansible_inventory.tpl", { - # Secondary - pg_db_pub_ip = aws_instance.pg_ha_node.*.public_ip, - pg_etcd_pub_ip = aws_instance.pg_ha_node.*.public_ip, - ssh_user = local.ssh_user, + # + pg_db_nodes = module.pg_ha.db_nodes, + pg_dcs_nodes = module.pg_ha.dcs_nodes, } ) filename = "./inventory/inventory.yaml" } +output "db_nodes_dbg" { + value = module.pg_ha.db_nodes +} + +output "dcs_nodes_dbg" { + value = module.pg_ha.dcs_nodes +} + ############################### Host servers END diff --git a/patroni/automation/modules/pg_ha/aws/dcs_nodes.tf b/patroni/automation/modules/pg_ha/aws/dcs_nodes.tf new file mode 100644 index 0000000..a16b0b5 --- /dev/null +++ b/patroni/automation/modules/pg_ha/aws/dcs_nodes.tf @@ -0,0 +1,64 @@ +############################### -- PostgreSQL instances +resource "aws_ebs_volume" "dcs_ha_node-vol" { + type = var.dcs_vol_type + size = var.dcs_vol_size + availability_zone = var.zone + + tags = { + Name = "${var.dcs_base_name}-${count.index + 1}-vol" + Product = var.product + Team = var.team + Owner = var.owner + Environment = var.environment + PerconaCreatedBy = var.percona_user + } + + count = var.dcs_num_nodes +} + +resource "aws_instance" "dcs_ha_node" { + # Amazon Linux 2 AMI (HVM) - Kernel 5.10, SSD Volume Type + ami = var.ami + instance_type = var.dcs_instance_type + subnet_id = aws_subnet.pg_ha-priv_subnet.id + key_name = var.ssh_key_name + availability_zone = var.zone + + tags = { + Name = "${var.dcs_base_name}-${count.index + 1}" + Product = var.product + Team = var.team + Owner = var.owner + Environment = var.environment + HostType = var.host_type_db + PerconaCreatedBy = var.percona_user + } + + security_groups = [aws_security_group.pg_ha-sg.id] + + provisioner "remote-exec" { + inline = ["sudo hostnamectl set-hostname ${var.dcs_base_name}-${count.index + 1}"] + + connection { + type = "ssh" + user = var.ssh_user + private_key = file(var.ssh_priv_key_path) + host = self.public_ip + } + } + + provisioner "local-exec" { + command = "ssh-keyscan -H ${self.public_ip} | tee -a ~/.ssh/known_hosts | tee ./tmp/known_hosts" + } + + depends_on = [aws_security_group.pg_ha-sg] + count = var.dcs_num_nodes +} + +resource "aws_volume_attachment" "dcs_ha_node-att" { + device_name = var.dcs_vol_device + volume_id = element(aws_ebs_volume.dcs_ha_node-vol.*.id, count.index) + instance_id = element(aws_instance.dcs_ha_node.*.id, count.index) + count = var.dcs_num_nodes +} +############################### -- PostgreSQL instances END \ No newline at end of file diff --git a/patroni/automation/modules/pg_ha/aws/main.tf b/patroni/automation/modules/pg_ha/aws/main.tf new file mode 100644 index 0000000..64f0cd2 --- /dev/null +++ b/patroni/automation/modules/pg_ha/aws/main.tf @@ -0,0 +1,156 @@ +# Percona Distribution for PostgreSQL: High Availability with Streaming Replication +# - (Percona Distribution for PostgreSQL-based deployment) +# @author: Charly Batista +# @date: 2023-10-05 +# + +# main.tf +# +# - Create VPC +# - Create Internet Gateway +# - Create Custom Route Table +# - Create Subnet +# - Associate the subnet with the route table +# - Create a Security Group (Ports 22, 5432 and 6432) +# - Provision extra EBS voumes to be used by the nodes +# - Create the nodes within the correct subnet to get an external IP +# - Associate the volumes to the nodes + +terraform { + required_version = ">= 1.1.0" +} + +provider "aws" { + region = var.region +} + +resource "aws_key_pair" "pg_ha-pkey" { + key_name = var.ssh_key_name + public_key = var.ssh_pub_key_value + + tags = { + PerconaCreatedBy = var.percona_user + } +} + +resource "aws_vpc" "pg_ha-vpc" { + cidr_block = "10.0.0.0/16" + enable_dns_hostnames = true + enable_dns_support = true + + tags = { + Name = var.vpc_name + Product = var.product + Team = var.team + Owner = var.owner + Environment = var.environment + PerconaCreatedBy = var.percona_user + } +} + +resource "aws_internet_gateway" "pg_ha-gw" { + vpc_id = aws_vpc.pg_ha-vpc.id + depends_on = [aws_vpc.pg_ha-vpc] + + tags = { + Name = var.gw_name + Product = var.product + Team = var.team + Owner = var.owner + Environment = var.environment + PerconaCreatedBy = var.percona_user + } +} + +resource "aws_route_table" "pg_ha-router" { + vpc_id = aws_vpc.pg_ha-vpc.id + depends_on = [aws_internet_gateway.pg_ha-gw] + + route { + cidr_block = "0.0.0.0/0" + gateway_id = aws_internet_gateway.pg_ha-gw.id + } + + tags = { + Name = var.router_name + Product = var.product + Team = var.team + Owner = var.owner + Environment = var.environment + PerconaCreatedBy = var.percona_user + } +} + +resource "aws_subnet" "pg_ha-priv_subnet" { + vpc_id = aws_vpc.pg_ha-vpc.id + depends_on = [aws_route_table.pg_ha-router] + cidr_block = "10.0.1.0/24" + map_public_ip_on_launch = true + availability_zone = var.zone + + tags = { + Name = var.priv_subnet_name + Product = var.product + Team = var.team + Owner = var.owner + Environment = var.environment + PerconaCreatedBy = var.percona_user + } +} + +resource "aws_route_table_association" "pg_ha-priv_subnet-router" { + subnet_id = aws_subnet.pg_ha-priv_subnet.id + depends_on = [aws_subnet.pg_ha-priv_subnet] + route_table_id = aws_route_table.pg_ha-router.id +} + +resource "aws_security_group" "pg_ha-sg" { + name = "pg_ha-sg" + vpc_id = aws_vpc.pg_ha-vpc.id + depends_on = [aws_route_table_association.pg_ha-priv_subnet-router] + + ingress { + from_port = 0 + to_port = 0 + protocol = "tcp" + self = true + } + + ingress { + from_port = 0 + to_port = 0 + protocol = "udp" + self = true + } + + ingress { + from_port = 0 + to_port = 0 + protocol = -1 + cidr_blocks = [aws_subnet.pg_ha-priv_subnet.cidr_block] + } + + ingress { + from_port = 22 + to_port = 22 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } + + tags = { + Name = var.sg_name + Product = var.product + Team = var.team + Owner = var.owner + Environment = var.environment + PerconaCreatedBy = var.percona_user + } +} + diff --git a/patroni/automation/modules/pg_ha/aws/outputs.tf b/patroni/automation/modules/pg_ha/aws/outputs.tf new file mode 100644 index 0000000..e57127f --- /dev/null +++ b/patroni/automation/modules/pg_ha/aws/outputs.tf @@ -0,0 +1,43 @@ +locals { + lc_db_nodes = { + for k, nip in aws_instance.pg_ha_node.*.public_ip : k => { + ip = nip + update = true + ssh_user = var.ssh_user + } + } + + # I haven't found a function to concatenate 2 objects. + # The function merge will replace the values for the objects with the same ID (literally merge them) + # and in this case we'll lose IP nodes if the user decides to use a combination of DB and DCS only nodes + # to run the DCS servers + merged = concat(aws_instance.pg_ha_node.*.public_ip, aws_instance.dcs_ha_node.*.public_ip) + lc_dcs_nodes = { + for pkey, pval in local.merged : pkey => { + ip = pval + update = pkey < length(aws_instance.pg_ha_node.*.public_ip) ? false : true + ssh_user = var.ssh_user + } + } + +} # End locals + + +output "db_nodes" { + value = local.lc_db_nodes + description = "List of PostgreSQL nodes public IPs" +} + +output "dcs_nodes" { + value = local.lc_dcs_nodes + description = "List of DCS nodes public IPs" +} + +output "ssh_user" { + value = var.ssh_user + description = "SSH username" +} + +# pg_db_pub_ip = aws_instance.pg_ha_node.*.public_ip, +# pg_etcd_pub_ip = var.dcs_use_pg_node ? aws_instance.pg_ha_node.*.public_ip : [], +# ssh_user = var.ssh_user, \ No newline at end of file diff --git a/patroni/automation/modules/pg_ha/aws/pg_nodes.tf b/patroni/automation/modules/pg_ha/aws/pg_nodes.tf new file mode 100644 index 0000000..4f5e5a5 --- /dev/null +++ b/patroni/automation/modules/pg_ha/aws/pg_nodes.tf @@ -0,0 +1,64 @@ +############################### -- PostgreSQL instances +resource "aws_ebs_volume" "pg_ha_node-vol" { + type = var.pg_vol_type + size = var.pg_vol_size + availability_zone = var.zone + + tags = { + Name = "${var.pg_base_name}-${count.index + 1}-vol" + Product = var.product + Team = var.team + Owner = var.owner + Environment = var.environment + PerconaCreatedBy = var.percona_user + } + + count = var.pg_num_nodes +} + +resource "aws_instance" "pg_ha_node" { + # Amazon Linux 2 AMI (HVM) - Kernel 5.10, SSD Volume Type + ami = var.ami + instance_type = var.pg_instance_type + subnet_id = aws_subnet.pg_ha-priv_subnet.id + key_name = var.ssh_key_name + availability_zone = var.zone + + tags = { + Name = "${var.pg_base_name}-${count.index + 1}" + Product = var.product + Team = var.team + Owner = var.owner + Environment = var.environment + HostType = var.host_type_db + PerconaCreatedBy = var.percona_user + } + + security_groups = [aws_security_group.pg_ha-sg.id] + + provisioner "remote-exec" { + inline = ["sudo hostnamectl set-hostname ${var.pg_base_name}-${count.index + 1}"] + + connection { + type = "ssh" + user = var.ssh_user + private_key = file(var.ssh_priv_key_path) + host = self.public_ip + } + } + + provisioner "local-exec" { + command = "ssh-keyscan -H ${self.public_ip} | tee -a ~/.ssh/known_hosts | tee ./tmp/known_hosts" + } + + depends_on = [aws_security_group.pg_ha-sg] + count = var.pg_num_nodes +} + +resource "aws_volume_attachment" "pg_ha_node-att" { + device_name = var.pg_vol_device + volume_id = element(aws_ebs_volume.pg_ha_node-vol.*.id, count.index) + instance_id = element(aws_instance.pg_ha_node.*.id, count.index) + count = var.pg_num_nodes +} +############################### -- PostgreSQL instances END \ No newline at end of file diff --git a/patroni/automation/modules/pg_ha/aws/variables.tf b/patroni/automation/modules/pg_ha/aws/variables.tf new file mode 100644 index 0000000..52e774e --- /dev/null +++ b/patroni/automation/modules/pg_ha/aws/variables.tf @@ -0,0 +1,316 @@ +# Percona Distribution for PostgreSQL: High Availability with Streaming Replication +# - (Percona Distribution for PostgreSQL-based deployment) +# @author: Charly Batista +# @date: 2023-10-05 +# + +# variables.tf +# Variables and configuration settings +# + +variable "environment" { + description = "" + type = string + default = "Dev" +} + +variable "region" { + description = "" + type = string + default = "us-west-2" +} + +variable "zone" { + description = "" + type = string + default = "us-west-2c" +} + +variable "ami" { + description = "" + type = string + default = "ami-03f65b8614a860c29" +} + + +# Product +variable "product" { + description = "" + type = string + default = "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication" +} + +variable "team" { + description = "" + type = string + default = "Tech Lead" +} + +variable "owner" { + description = "" + type = string + default = "Charly El-Chinoo Batista" +} + + +# Network +variable "vpc_name" { + description = "" + type = string + default = "PGHA_vpc" +} + +variable "gw_name" { + description = "" + type = string + default = "PGHA_gw" +} + +variable "router_name" { + description = "" + type = string + default = "PGHA_router" +} + +variable "priv_subnet_name" { + description = "" + type = string + default = "PGHA_psnet" +} + +variable "sg_name" { + description = "" + type = string + default = "PGHA_sg" +} + +# PostgreSQL instances +variable "pg_instance_type" { + description = "" + type = string + default = "t2.small" +} + +variable "pg_vol_type" { + description = "" + type = string + default = "gp2" +} + +variable "pg_vol_size" { + description = "" + type = number + default = 64 +} + +variable "pg_vol_device" { + description = "" + type = string + default = "/dev/sdf" +} + +variable "host_type_db" { + description = "" + type = string + default = "PostgreSQL" +} + +variable "pg_base_name" { + description = "" + type = string + default = "PGHA-db" +} + +variable "pg_num_nodes" { + description = "" + type = number + default = 3 +} + + +# DCS instances +variable "dcs_instance_type" { + description = "" + type = string + default = "t2.small" +} + +variable "dcs_vol_type" { + description = "" + type = string + default = "gp2" +} + +variable "dcs_vol_size" { + description = "" + type = number + default = 32 +} + +variable "dcs_vol_device" { + description = "" + type = string + default = "/dev/sdf" # https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/device_naming.html#available-ec2-device-names +} + +variable "dcs_base_name" { + description = "" + type = string + default = "PGHA-dcs" +} + +variable "dcs_num_nodes" { + description = "" + type = number + default = 0 +} + +variable "dcs_use_pg_node" { + description = "" + type = bool + default = true +} + +# HAProxy instances +variable "prx_instance_type" { + description = "" + type = string + default = "t2.small" +} + +variable "prx_base_name" { + description = "" + type = string + default = "PGHA-prx" +} + +variable "prx_num_nodes" { + description = "" + type = number + default = 1 +} + +# pgbackrest instances +variable "bkp_instance_type" { + description = "" + type = string + default = "t2.small" +} + +variable "bkp_vol_type" { + description = "" + type = string + default = "gp2" +} + +variable "bkp_vol_size" { + description = "" + type = number + default = 300 +} + +variable "bkp_vol_device" { + description = "" + type = string + default = "/dev/sdf" +} + +variable "bkp_base_name" { + description = "" + type = string + default = "PGHA-bkp" +} + +variable "bkp_num_nodes" { + description = "" + type = number + default = 2 +} + +# PMM instances +variable "pmm_instance_type" { + description = "" + type = string + default = "t2.small" +} + +variable "pmm_vol_type" { + description = "" + type = string + default = "gp2" +} + +variable "pmm_vol_size" { + description = "" + type = number + default = 300 +} + +variable "pmm_vol_device" { + description = "" + type = string + default = "/dev/sdf" +} + +variable "pmm_base_name" { + description = "" + type = string + default = "PGHA-pmm" +} + +variable "pmm_num_nodes" { + description = "" + type = number + default = 0 +} + +### Ansible ### +variable "ansible_cmd" { + description = "" + type = string + default = "export ANSIBLE_HOST_KEY_CHECKING=False; ansible-playbook" +} + +variable "ansible_params" { + description = "" + type = string + default = "" +} + +variable "ansible_playbook" { + description = "" + type = string + default = "pg_ha.yaml" +} + +### User and auth ### +variable "percona_user" { + description = "" + type = string + default = "charly.batista@percona.com" +} + +variable "ssh_user" { + description = "" + type = string + default = "ubuntu" +} + +variable "ssh_key_name" { + description = "" + type = string + default = "PGHA_W2_SSH_Key_AUTO" +} + +variable "ssh_pub_key_value" { + description = "" + type = string + default = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINAY1h4DXe9W+L/bkK+O0FC/Hy7thkJKfX9YCTIGoXfp PGHA_W2_SSH_Key_AUTO" +} + +variable "ssh_priv_key_path" { + description = "" + type = string + default = "~/keys/aws/PGHA_W2_SSH_Key_AUTO" +} + diff --git a/patroni/automation/playbooks/01-initial_setup.yaml b/patroni/automation/playbooks/01-initial_setup.yaml index fa487b9..7429f2c 100644 --- a/patroni/automation/playbooks/01-initial_setup.yaml +++ b/patroni/automation/playbooks/01-initial_setup.yaml @@ -5,20 +5,21 @@ gather_facts: true tasks: - name: Initial host setup + become: true block: - name: Change the hostname to our standard in the server {{ inventory_hostname }} - become: true hostname: name="{{ inventory_hostname }}" + when: hostvars[inventory_hostname].update_name is true - name: restart machine {{ inventory_hostname }} - become: true command: shutdown -r now "Ansible updates triggered" async: 0 poll: 0 - ignore_errors: True + ignore_errors: true when: reboot is defined - name: Waiting for {{ inventory_hostname }} to come back up + become: false local_action: wait_for host="{{ ansible_host }}" port=22 state=started - name: Fix /etc/hosts removing the old hostname @@ -29,10 +30,8 @@ line="{{ ansible_default_ipv4.address }} {{ inventory_hostname }} {{ ansible_hostname }}" regexp="^{{ ansible_default_ipv4.address }}" # when: ansible_fqdn != inventory_hostname - become: true - name: Add IP address of all hosts to {{ inventory_hostname }} - become: true lineinfile: dest: /etc/hosts regexp: ".*{{ item }}$" @@ -49,15 +48,14 @@ - validate assert: that: ansible_hostname == inventory_hostname + when: hostvars[inventory_hostname].update_name is true - - name: Ensure group "{{ pg_os_group }}" exists with correct gid in the server {{ inventory_hostname }} - become: true + - name: Ensure group "{{ pg_os_group }}" exists in the server {{ inventory_hostname }} ansible.builtin.group: name: "{{ pg_os_group }}" state: present - name: Add the user "{{ pg_os_user }}" to server {{ inventory_hostname }} - become: true ansible.builtin.user: name: "{{ pg_os_user }}" comment: PostgreSQL administrator @@ -67,7 +65,6 @@ state: present - name: Create CONFIG folder in the server {{ inventory_hostname }} - become: true file: path: "{{ config_dir }}" state: directory @@ -77,7 +74,6 @@ recurse: yes - name: Create Certificates folder in the server {{ inventory_hostname }} - become: true file: path: "{{ cert_dir }}" state: directory diff --git a/patroni/automation/templates/ansible_inventory.tpl b/patroni/automation/templates/ansible_inventory.tpl index 494cb9b..edcb9a1 100644 --- a/patroni/automation/templates/ansible_inventory.tpl +++ b/patroni/automation/templates/ansible_inventory.tpl @@ -1,15 +1,17 @@ db_server: hosts: -%{ for index, host in pg_db_pub_ip ~} +%{ for index, host in pg_db_nodes ~} node-${index + 1}: - ansible_host: ${host} - ansible_user: ${ssh_user} + ansible_host: ${host.ip} + ansible_user: ${host.ssh_user} + update_name: ${host.update} %{ endfor ~} etcd_server: hosts: -%{ for index, host in pg_etcd_pub_ip ~} +%{ for index, host in pg_dcs_nodes ~} node-${index + 1}: - ansible_host: ${host} - ansible_user: ${ssh_user} + ansible_host: ${host.ip} + ansible_user: ${host.ssh_user} + update_name: ${host.update} %{ endfor ~} \ No newline at end of file diff --git a/patroni/automation/variables.tf b/patroni/automation/variables.tf index e27dcb4..e69de29 100644 --- a/patroni/automation/variables.tf +++ b/patroni/automation/variables.tf @@ -1,61 +0,0 @@ -# Percona Distribution for PostgreSQL: High Availability with Streaming Replication -# - (Percona Distribution for PostgreSQL-based deployment) -# @author: Charly Batista -# @date: 2023-10-05 -# - -# variables.tf -# Variables and configuration settings -# -locals { - environment = "Dev" - region = "us-west-2" - av-zone = "us-west-2c" - ami = "ami-03f65b8614a860c29" - - # Product - product = "Percona Distribution for PostgreSQL: High Availability with Patroni and Streaming Replication" - team = "Tech Lead" - owner = "Charly El-Chinoo Batista" - - # Network - vpc_name = "PGHA_vpc" - gw_name = "PGHA_gw" - - router_name = "PGHA_router" - priv_subnet_name = "PGHA_psnet" - sg_name = "PGHA_sg" - - # PostgreSQL instances - pg_instance_type = "t2.small" - pg_vol_type = "gp2" - pg_vol_size = 64 - pg_vol_device = "/dev/sdf" - - host_type_db = "PostgreSQL" - pg_base_name = "PGHA-db" - pg_num_nodes = 3 - - # DCS instances - host_type_dcs = "DCS" - dcs_instance_type = "t2.small" - dcs_vol_type = "gp2" - dcs_vol_size = 32 - dcs_vol_device = "/dev/sdf" # https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/device_naming.html#available-ec2-device-names - dcs_num_nodes = 3 - - dcs_node_name = "pg-dcs" - - - # Ansible - ansible_cmd = "export ANSIBLE_HOST_KEY_CHECKING=False; ansible-playbook" - ansible_params = "" - ansible_playbook = "pg_ha.yaml" - - # User and auth - percona_user = "charly.batista@percona.com" - ssh_user = "ubuntu" - ssh_key_name = "PGHA_W2_SSH_Key_AUTO" - ssh_pub_key_value = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINAY1h4DXe9W+L/bkK+O0FC/Hy7thkJKfX9YCTIGoXfp PGHA_W2_SSH_Key_AUTO" - ssh_priv_key_path = "~/keys/aws/PGHA_W2_SSH_Key_AUTO" -} \ No newline at end of file From a6c8ce49e178041622896c14f8c39e4ce350853f Mon Sep 17 00:00:00 2001 From: ElChinoo Date: Mon, 12 Aug 2024 02:23:56 -0300 Subject: [PATCH 6/7] Added tutorial to use tarball files --- patroni/tutorial/10-tarball.md | 529 +++++++++++++++++++++++++++++++++ 1 file changed, 529 insertions(+) create mode 100644 patroni/tutorial/10-tarball.md diff --git a/patroni/tutorial/10-tarball.md b/patroni/tutorial/10-tarball.md new file mode 100644 index 0000000..f46ed12 --- /dev/null +++ b/patroni/tutorial/10-tarball.md @@ -0,0 +1,529 @@ +# Setup using tarballs + +This runbook will use the tarball files from the Percona Repositories (https://docs.percona.com/postgresql/16/tarball.html). + +We'll work with a non-privileged user and only use root to create the folders but they can also be in the user `/home` folder. + +## Initial setup + +We'll use below variables to make life easier: + +```bash +WORK_DIR=/pg-ha +BIN_DIR_PG=${WORK_DIR}/percona-postgresql16/bin +BIN_ETCD=${WORK_DIR}/percona-etcd/bin/etcd +BIN_PATRONI=${WORK_DIR}/percona-patroni/bin/patroni + +CONFIG_DIR=${WORK_DIR}/config + +DATA_DIR=${WORK_DIR}/data +DATA_DIR_PG=${DATA_DIR}/pgdata +DATA_DIR_ETCD=${DATA_DIR}/etcd + +TMP_DIR=${WORK_DIR}/tmp + +PGPASS="${CONFIG_DIR}/pgpass" + +PG_USER=postgres + +``` + +The first thing we need to do is to create the `PG_USER` and the folders: + +```bash + +sudo hostnamectl set-hostname pg-node-1 + +sudo adduser ${PG_USER} + +sudo mkdir -p ${WORK_DIR} +sudo mkdir -p ${DATA_DIR} +sudo mkdir -p ${CONFIG_DIR} +sudo mkdir -p ${TMP_DIR} + +sudo chown -R ${PG_USER}:${PG_USER} ${WORK_DIR} + +sudo cp /home/postgres/.bashrc /home/postgres/.bashrc-bak + +echo ' +####### +# Percona config for pg-ha +WORK_DIR=/pg-ha +BIN_DIR_PG=${WORK_DIR}/percona-postgresql16/bin +BIN_ETCD=${WORK_DIR}/percona-etcd/bin/etcd +BIN_PATRONI=${WORK_DIR}/percona-patroni/bin/patroni + +CONFIG_DIR=${WORK_DIR}/config + +DATA_DIR=${WORK_DIR}/data +DATA_DIR_PG=${DATA_DIR}/pgdata +DATA_DIR_ETCD=${DATA_DIR}/etcd + +TMP_DIR=${WORK_DIR}/tmp + +PGPASS="${CONFIG_DIR}/pgpass" + +PG_USER=postgres +PGDATA=${DATA_DIR_PG} + +export PATH=${WORK_DIR}/percona-haproxy/sbin/:${WORK_DIR}/percona-patroni/bin/:${WORK_DIR}/percona-pgbackrest/bin/:${WORK_DIR}/percona-pgbadger/:${WORK_DIR}/percona-pgbouncer/bin/:${WORK_DIR}/percona-pgpool-II/bin/:${WORK_DIR}/percona-postgresql16/bin/:${WORK_DIR}/percona-etcd/bin/:/opt/percona-perl/bin/:/opt/percona-tcl/bin/:/opt/percona-python3/bin/:$PATH + +####### +' | sudo tee -a /home/postgres/.bashrc + +``` + +## Download the packages + +From now on all the commands SHALL be run as `PG_USER`. We'll use `sudo` when we need to escalate privileges, for example to create the `systemd` configuration files. + +We need to download the tarballs from Percona and also the `ETCD` drivers. We'll use the drivers from the `pypi` project (https://pypi.org). + +```bash +sudo su - ${PG_USER} + +curl \ + https://downloads.percona.com/downloads/postgresql-distribution-16/16.3/binary/tarball/percona-postgresql-16.3-ssl3-linux-x86_64.tar.gz \ + -o ${TMP_DIR}/percona-postgresql-16.3-ssl3-linux-x86_64.tar.gz + +curl \ + https://files.pythonhosted.org/packages/a1/da/616a4d073642da5dd432e5289b7c1cb0963cc5dde23d1ecb8d726821ab41/python-etcd-0.4.5.tar.gz \ + -o ${TMP_DIR}/python-etcd-0.4.5.tar.gz + +curl \ + https://files.pythonhosted.org/packages/9c/eb/6d1ef4d6a3e8b74e45c502cbd3ea6c5c6c786d003829db9369c2530f5e3f/etcd3-0.12.0.tar.gz \ + -o ${TMP_DIR}/etcd3-0.12.0.tar.gz + +``` + +We'll also need some additional libraries to be able to compile the driver (dnspython, tenacity, protobuf, grpcio): + +```bash + +# https://pypi.org/project/dnspython/ +curl \ + https://files.pythonhosted.org/packages/87/a1/8c5287991ddb8d3e4662f71356d9656d91ab3a36618c3dd11b280df0d255/dnspython-2.6.1-py3-none-any.whl#sha256=5ef3b9680161f6fa89daf8ad451b5f1a33b18ae8a1c6778cdf4b43f08c0a6e50 \ + -o ${TMP_DIR}/dnspython-2.6.1-py3-none-any.whl + + +# https://pypi.org/project/tenacity/ +curl \ + https://files.pythonhosted.org/packages/b6/cb/b86984bed139586d01532a587464b5805f12e397594f19f931c4c2fbfa61/tenacity-9.0.0-py3-none-any.whl#sha256=93de0c98785b27fcf659856aa9f54bfbd399e29969b0621bc7f762bd441b4539 \ + -o ${TMP_DIR}/tenacity-9.0.0-py3-none-any.whl + +# https://pypi.org/project/protobuf/ +curl \ + https://files.pythonhosted.org/packages/4c/98/db690e43e2f28495c8fc7c997003cbd59a6db342914b404e216c9b6791f0/protobuf-5.27.3-cp38-abi3-manylinux2014_x86_64.whl#sha256=a55c48f2a2092d8e213bd143474df33a6ae751b781dd1d1f4d953c128a415b25 \ + -o ${TMP_DIR}/protobuf-5.27.3-cp38-abi3-manylinux2014_x86_64.whl + +# https://pypi.org/project/grpcio/ +curl \ + https://files.pythonhosted.org/packages/12/75/b25d1f130db4a294214ac300a38cc1f5a853ee8ea2e0e2529a200d3e6165/grpcio-1.65.4-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl#sha256=74c34fc7562bdd169b77966068434a93040bfca990e235f7a67cdf26e1bd5c63 \ + -o ${TMP_DIR}/grpcio-1.65.4-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl + +``` + +### Extract and install the packages + +After downloaded the packages need to be extracted: + +```bash + +tar -xvf ${TMP_DIR}/percona-postgresql-16.3-ssl3-linux-x86_64.tar.gz -C ${WORK_DIR} +tar -xvf ${TMP_DIR}/python-etcd-0.4.5.tar.gz -C ${TMP_DIR} +tar -xvf ${TMP_DIR}/etcd3-0.12.0.tar.gz -C ${TMP_DIR} + +``` + +Note that we extracted the `Percona` package into the `workdir` while we kept the `etcd` drivers in the `tmp` folder. This is because we'll need to kinda `"compile"` the drivers using the `python3` from the `Percona` package. But before we do that we need to create a symbolik link pointing the `python` package to the `/opt` folder. This is needed because the way the `Percona` packages were compiled: + +```bash + +sudo ln -vis ${WORK_DIR}/percona-python3 /opt/ +sudo ln -vis ${WORK_DIR}/percona-tcl /opt/ +sudo ln -vis ${WORK_DIR}/percona-perl /opt/ + +``` + +Now we can finish installing the drivers: + +```bash + +cd ${TMP_DIR} +/opt/percona-python3/bin/pip3 install dnspython-2.6.1-py3-none-any.whl +/opt/percona-python3/bin/pip3 install tenacity-9.0.0-py3-none-any.whl +/opt/percona-python3/bin/pip3 install protobuf-5.27.3-cp38-abi3-manylinux2014_x86_64.whl +/opt/percona-python3/bin/pip3 install grpcio-1.65.4-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl + + +cd ${TMP_DIR}/python-etcd-0.4.5 +/opt/percona-python3/bin/python3 setup.py install + +cd ${TMP_DIR}/etcd3-0.12.0 +/opt/percona-python3/bin/python3 setup.py install + +``` +## Configuration files + +It's now time to create the configuration files and start the services. + +### ETCD: First node + +We'll start with the ETCD cluster. + +I will use the below info as the servers info. Please `CHANGE THE VALUES for your servers`! + +```bash + +SRV1_NAME='pg-node-1' +SRV2_NAME='pg-node-2' +SRV3_NAME='pg-node-3' + +SRV1_IP='12.0.1.242' +SRV2_IP='12.0.1.125' +SRV3_IP='12.0.1.239' + + +ETCD_TOKEN='PostgreSQL_HA_Cluster_1' +CONFIG_FILE_PATH=${CONFIG_DIR}/etcd.yaml +``` + +The first node is the bootstrap node and the configuration will be something like: + +```bash +echo " +# ETCD V3.5 Configuration file by Percona +# ${CONFIG_DIR}/etcd.yaml +name: ${SRV1_NAME} +data-dir: ${DATA_DIR_ETCD} +initial-cluster: '${SRV1_NAME}=http://${SRV1_IP}:2380' +initial-cluster-token: '${ETCD_TOKEN}' +initial-cluster-state: 'new' +listen-peer-urls: 'http://${SRV1_IP}:2380' +listen-client-urls: 'http://${SRV1_IP}:2379' +initial-advertise-peer-urls: 'http://${SRV1_IP}:2380' +advertise-client-urls: 'http://${SRV1_IP}:2379' +" | tee ${CONFIG_DIR}/etcd.yaml + +``` + +We now need to create the `systemd` unity file: + +```bash + +echo " +[Unit] +Description=etcd - highly-available key value store +Documentation=https://etcd.io/docs +Documentation=man:etcd +After=network.target +Wants=network-online.target + +[Service] +Environment=DAEMON_ARGS= +Environment=ETCD_NAME=%H +Environment=DATA_DIR_ETCD=${DATA_DIR_ETCD} +EnvironmentFile=-${CONFIG_DIR}/%p +Type=notify +User=${PG_USER} +PermissionsStartOnly=true +ExecStart=${BIN_ETCD} --config-file ${CONFIG_DIR}/etcd.yaml +Restart=on-abnormal +#RestartSec=10s +LimitNOFILE=65536 + +[Install] +WantedBy=multi-user.target +Alias=etcd2.service + +" | sudo tee /etc/systemd/system/etcd.service + +``` + +Now it's time to reload `systemd`, start the service, and check if running fine: + +```bash + +sudo systemctl daemon-reload +sudo systemctl enable --now etcd +systemctl status etcd +etcdctl --endpoints=${SRV1_IP}:2379 member list + +``` + +### ETCD: Remaining nodes + +Before we start adding the next nodes let's define the helper variables: + +```bash + +SRV1_NAME='pg-node-1' +SRV2_NAME='pg-node-2' +SRV3_NAME='pg-node-3' + +SRV1_IP='12.0.1.242' +SRV2_IP='12.0.1.125' +SRV3_IP='12.0.1.239' + +# Same for all of them +ETCD_TOKEN='PostgreSQL_HA_Cluster_1' +CONFIG_FILE_PATH=${CONFIG_DIR}/etcd.yaml + +``` + +For the remaining nodes we need to first add the nodes to the cluster. Note that we need to do `ONE BY ONE`, and we can only add node-3 after we fully add node-2, and so on and so forth. To add a new node we run the below command: + +```bash +etcdctl --endpoints=${SRV1_IP}:2379 member add ${SRV2_NAME} --peer-urls=http://${SRV2_IP}:2380 + +``` + +It will return something like: + +```bash + +ETCD_NAME="pg-node-2" +ETCD_INITIAL_CLUSTER="pg-node-1=http://12.0.1.242:2380,pg-node-2=http://12.0.1.125:2380" +ETCD_INITIAL_ADVERTISE_PEER_URLS="http://12.0.1.125:2380" +ETCD_INITIAL_CLUSTER_STATE="existing" + +``` + +We'll will use that information to change the new node configuration file: + +```bash +echo " +# ETCD V3.5 Configuration file by Percona +# ${CONFIG_DIR}/etcd.yaml +name: ${SRV2_NAME} +data-dir: ${DATA_DIR_ETCD} +initial-cluster: 'pg-node-1=http://12.0.1.242:2380,pg-node-2=http://12.0.1.125:2380' +initial-cluster-token: '${ETCD_TOKEN}' +initial-cluster-state: 'existing' +listen-peer-urls: 'http://${SRV2_IP}:2380' +listen-client-urls: 'http://${SRV2_IP}:2379' +initial-advertise-peer-urls: 'http://${SRV2_IP}:2380' +advertise-client-urls: 'http://${SRV2_IP}:2379' +" | tee ${CONFIG_DIR}/etcd.yaml + +``` + +Note that the variables `initial-cluster` and `initial-cluster-state` are the ones coming from the result of the `etcdctl member add` command. Also make sure to change the IP's accordingly to reflect your own setup. This file needs to be saved in the same path as the one in node-1: `${CONFIG_DIR}/etcd.yaml`. + +We now need to configure `systemd`: + +```bash + +echo " +[Unit] +Description=etcd - highly-available key value store +Documentation=https://etcd.io/docs +Documentation=man:etcd +After=network.target +Wants=network-online.target + +[Service] +Environment=DAEMON_ARGS= +Environment=ETCD_NAME=%H +Environment=DATA_DIR_ETCD=${DATA_DIR_ETCD} +EnvironmentFile=-${CONFIG_DIR}/%p +Type=notify +User=${PG_USER} +PermissionsStartOnly=true +ExecStart=${BIN_ETCD} --config-file ${CONFIG_DIR}/etcd.yaml +Restart=on-abnormal +#RestartSec=10s +LimitNOFILE=65536 + +[Install] +WantedBy=multi-user.target +Alias=etcd2.service + +" | sudo tee /etc/systemd/system/etcd.service + +``` + +Also, reload, start the service, and check if running fine: + +```bash + +sudo systemctl daemon-reload +sudo systemctl enable --now etcd +systemctl status etcd +etcdctl --endpoints=${SRV1_IP}:2379 member list + +``` + +Repeat this procedure for all the remaining nodes! + +### Patroni + +Before we start to create the configuration files we need to define some auxiliary variables: + +```bash +NAMESPACE="percona_lab" +SCOPE="cluster_1" + +SRV1_NAME='pg-node-1' +SRV2_NAME='pg-node-2' +SRV3_NAME='pg-node-3' + +SRV1_IP='12.0.1.242' +SRV2_IP='12.0.1.125' +SRV3_IP='12.0.1.239' +``` + +Now, the configuration file: + +```bash + +echo " +namespace: ${NAMESPACE} +scope: ${SCOPE} +name: ${SRV1_NAME} + +restapi: + listen: 0.0.0.0:8008 + connect_address: ${SRV1_IP}:8008 + +etcd3: + hosts: ${SRV1_IP}:2379,${SRV2_IP}:2379,${SRV3_IP}:2379 + +bootstrap: + dcs: + ttl: 30 + loop_wait: 10 + retry_timeout: 10 + maximum_lag_on_failover: 1048576 + slots: + percona_cluster_1: + type: physical + postgresql: + use_pg_rewind: true + use_slots: true + parameters: + wal_level: logical + hot_standby: 'on' + wal_keep_size: 4096 + max_wal_senders: 5 + max_replication_slots: 10 + wal_log_hints: 'on' + archive_mode: 'on' + archive_timeout: 1800s + logging_collector: 'on' + + # some desired options for 'initdb' + initdb: # Note: It needs to be a list (some options need values, others are switches) + - encoding: UTF8 + - data-checksums + + pg_hba: # Add following lines to pg_hba.conf after running 'initdb' + - host replication replicator 127.0.0.1/32 trust + - host replication replicator 0.0.0.0/0 md5 + - host all all 0.0.0.0/0 md5 + - host all all ::0/0 md5 + + # Some additional users which needs to be created after initializing new cluster + users: + admin: + password: qaz123 + options: + - createrole + - createdb + charly: + password: qaz123 + options: + - createrole + - createdb + +postgresql: + cluster_name: cluster_1 + listen: 0.0.0.0:5432 + connect_address: ${SRV1_IP}:5432 + data_dir: ${DATA_DIR_PG} + bin_dir: ${BIN_DIR_PG} + pgpass: ${PGPASS} + + authentication: + replication: + username: replicator + password: passRepl01 + superuser: + username: postgres + password: passPG99 + + parameters: + unix_socket_directories: '/tmp/' + + create_replica_methods: + - basebackup + + basebackup: + checkpoint: 'fast' + +tags: + nofailover: false + noloadbalance: false + clonefrom: false + nosync: false +" | tee ${CONFIG_DIR}/patroni.yaml + +``` + +Make sure to change the IP's, names, and passwords to reflect your environment! + +The next step is to create the `systemd` unity file: + +```bash + +echo " +[Unit] +Description=PostgreSQL high-availability manager +After=syslog.target network.target + +[Service] +Type=simple + +User=${PG_USER} +Group=${PG_USER} + +EnvironmentFile=-${CONFIG_DIR}/patroni_env.conf +Environment=PATRONI_CONFIG_LOCATION=${CONFIG_DIR}/patroni.yaml + +# Disable OOM kill on the postmaster +OOMScoreAdjust=-1000 + +# Start the patroni process +ExecStart=${BIN_PATRONI} \${PATRONI_CONFIG_LOCATION} + +# Send HUP to reload from patroni.yml +ExecReload=/bin/kill -s HUP \$MAINPID + +# Only kill the patroni process, not it's children, so it will gracefully stop postgres +KillMode=process + +# Give a reasonable amount of time for the server to start up/shut down +TimeoutSec=30 + +# Restart the service if it crashed +Restart=on-failure + +[Install] +WantedBy=multi-user.target +" | sudo tee /etc/systemd/system/patroni.service + +``` + +Time to reload the `systemd` and start the `Patroni` service. + +```bash + +sudo systemctl daemon-reload +sudo systemctl enable --now patroni +sudo journalctl -fu patroni + +``` + +Repeat the process for all the remaining nodes always `making sure to change the IP's and names accordingly`! + +We should now have a Patroni cluster running! From b6df022a58d0345724b62967b24342716cd7c5b2 Mon Sep 17 00:00:00 2001 From: Charly Batista Date: Thu, 5 Sep 2024 11:34:40 -0300 Subject: [PATCH 7/7] Added a workaround to use keepalived to monitor the patroni switchover process and keep the virtual IP always on Primary. Note that this is a workaround and some instability may happen when switching over, for example the IP may go to one of the replicas (the MASTER keepalived) for a short period of time while the new PG Primary is recoverying from the WAL files --- patroni/keepalived/chk_primary.sh | 10 ++ .../keepalived/patroni_monitor_backup.conf | 96 ++++++++++++++++++ .../keepalived/patroni_monitor_master.conf | 97 +++++++++++++++++++ 3 files changed, 203 insertions(+) create mode 100644 patroni/keepalived/chk_primary.sh create mode 100644 patroni/keepalived/patroni_monitor_backup.conf create mode 100644 patroni/keepalived/patroni_monitor_master.conf diff --git a/patroni/keepalived/chk_primary.sh b/patroni/keepalived/chk_primary.sh new file mode 100644 index 0000000..4f17a65 --- /dev/null +++ b/patroni/keepalived/chk_primary.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +RET=`/usr/bin/curl -s -o /dev/null -w "%{http_code}" http://localhost:8008/primary` + +if [[ $RET -eq "200" ]] +then + exit 0 +fi + +exit 1 diff --git a/patroni/keepalived/patroni_monitor_backup.conf b/patroni/keepalived/patroni_monitor_backup.conf new file mode 100644 index 0000000..1d6d695 --- /dev/null +++ b/patroni/keepalived/patroni_monitor_backup.conf @@ -0,0 +1,96 @@ +global_defs { + process_names + + enable_script_security # Check that the script can only be edited by root + + script_user root # Systemctl does only work with root + + vrrp_version 3 # Using the latest protocol version allows for dynamic_interfaces + + # vrrp_min_garp true # After switching to MASTER state 5 gratuitous arp (garp) are send and + # after 5 seconds another 5 garp are send. (For the switches to update the arp table) + # This option disables the second time "5 garp are send (as this is not necessary with modern switches) +} + +vrrp_script chk_patroni { + script "/usr/local/bin/chk_primary.sh" + + # script "/usr/bin/killall -0 haproxy" # Sending the zero signal returns OK (0) if the process or process group ID exists, + # otherwise, it returns ERR (-1 and sets errno to ESRCH). + # Note that the kill(2) man page states that error checking is still performed, + # meaning it will return na error (-1) and set errno to EPERM if: + # - The target process doesn't exists + # - The target process exists but the sending process does not have enough permissions to send it a signal + + # script "/usr/bin/systemctl is-active --quiet haproxy" # The more intelligent way of checking the haproxy process + # Simpler way of checking haproxy process: + # script "/usr/bin/killall -0 haproxy" + + fall 2 # 2 fails required for 'ilure + + rise 2 # 2 OKs required to consider the process up after failure + + interval 1 # check every X seconds + + weight -10 # add 10 points rc=0 +} + +vrrp_instance CLUSTER_1 { + state BACKUP # Initial state, MASTER|BACKUP + # MASTER on haproxy1, BACKUP on haproxy2, BACKUP on haproxy3, etc + # NOTE that if the priority is 255, then the instance will transition immediately + # to MASTER if state MASTER is specified; otherwise the instance will + # wait between 3 and 4 advert intervals before it can transition, + # depending on the priority + + interface enp1s0 # interface for inside_network, bound by vrrp. + # Note: if using unicasting, the interface can be omitted as long + # as the unicast addresses are not IPv6 link local addresses (this is + # necessary, for example, if using asymmetric routing). + # If the interface is omitted, then all VIPs and eVIPs should specify + # the interface they are to be configured on, otherwise they will be + # added to the default interface. + + virtual_router_id 99 # Needs to be the same value in all nodes of the same cluster + # HOWEVER, each cluster needs to have an UNIQUE ID + + priority 95 # The higher the priority the higher the chance to be promoted to MASTER + advert_int 1 # Specify the VRRP Advert interval in seconds + + # authentication { # Non compliant but good to have with unicast + # auth_type PASS + # auth_pass passw123 + # } + + unicast_src_ip 192.168.124.121 # The default IP for binding vrrpd is the primary IP + # on the defined interface. If you want to hide the location of vrrpd, + # use this IP as src_addr for multicast or unicast vrrp packets. + + unicast_peer { # Do not send VRRP adverts over a VRRP multicast group. + # Instead it sends adverts to the following list of + # ip addresses using unicast. It can be cool to use + # the VRRP FSM and features in a networking + # environment where multicast is not supported! + # IP addresses specified can be IPv4 as well as IPv6. + # If min_ttl and/or max_ttl are specified, the TTL/hop limit + # of any received packet is checked against the specified + # TTL range, and is discarded if it is outside the range. + # Specifying min_ttl or max_ttl turns on check_unicast_src. + 192.168.124.158 + 192.168.124.129 + } + + unicast_fault_no_peer # It is not possible to operate in unicast mode without any peers. + # Until v2.2.4 keepalived would silently operate in multicast mode + # if no peers were specified but a unicast keyword had been specified. + # Using this keywork stops defaulting to multicast if no peers are + # specified and puts the VRRP instance into fault state. + + virtual_ipaddress { + 192.168.124.99/24 brd + dev enp1s0 label enp1s0:0 + } + + track_script { # Check that haproxy is up + chk_patroni + } +} diff --git a/patroni/keepalived/patroni_monitor_master.conf b/patroni/keepalived/patroni_monitor_master.conf new file mode 100644 index 0000000..6d8dce0 --- /dev/null +++ b/patroni/keepalived/patroni_monitor_master.conf @@ -0,0 +1,97 @@ +global_defs { + process_names + + enable_script_security # Check that the script can only be edited by root + + script_user root # Systemctl does only work with root + + vrrp_version 3 # Using the latest protocol version allows for dynamic_interfaces + + # vrrp_min_garp true # After switching to MASTER state 5 gratuitous arp (garp) are send and + # after 5 seconds another 5 garp are send. (For the switches to update the arp table) + # This option disables the second time "5 garp are send (as this is not necessary with modern switches) +} + +vrrp_script chk_patroni { + script "/usr/local/bin/chk_primary.sh" + + # script "/usr/bin/killall -0 haproxy" # Sending the zero signal returns OK (0) if the process or process group ID exists, + # otherwise, it returns ERR (-1 and sets errno to ESRCH). + # Note that the kill(2) man page states that error checking is still performed, + # meaning it will return na error (-1) and set errno to EPERM if: + # - The target process doesn't exists + # - The target process exists but the sending process does not have enough permissions to send it a signal + + # script "/usr/bin/systemctl is-active --quiet haproxy" # The more intelligent way of checking the haproxy process + # Simpler way of checking haproxy process: + # script "/usr/bin/killall -0 haproxy" + + fall 2 # 2 fails required for failure + + rise 2 # 2 OKs required to consider the process up after failure + + interval 1 # check every X seconds + + weight -10 # add 10 points rc=0 +} + +vrrp_instance CLUSTER_1 { + state MASTER # Initial state, MASTER|BACKUP + # MASTER on haproxy1, BACKUP on haproxy2, BACKUP on haproxy3, etc + # NOTE that if the priority is 255, then the instance will transition immediately + # to MASTER if state MASTER is specified; otherwise the instance will + # wait between 3 and 4 advert intervals before it can transition, + # depending on the priority + + interface enp1s0 # interface for inside_network, bound by vrrp. + # Note: if using unicasting, the interface can be omitted as long + # as the unicast addresses are not IPv6 link local addresses (this is + # necessary, for example, if using asymmetric routing). + # If the interface is omitted, then all VIPs and eVIPs should specify + # the interface they are to be configured on, otherwise they will be + # added to the default interface. + + virtual_router_id 99 # Needs to be the same value in all nodes of the same cluster + # HOWEVER, each cluster needs to have an UNIQUE ID + + priority 100 # The higher the priority the higher the chance to be promoted to MASTER + advert_int 1 # Specify the VRRP Advert interval in seconds + + # authentication { # Non compliant but good to have with unicast + # auth_type PASS + # auth_pass passw123 + # } + + unicast_src_ip 192.168.124.158 # The default IP for binding vrrpd is the primary IP + # on the defined interface. If you want to hide the location of vrrpd, + # use this IP as src_addr for multicast or unicast vrrp packets. + + unicast_peer { # Do not send VRRP adverts over a VRRP multicast group. + # Instead it sends adverts to the following list of + # ip addresses using unicast. It can be cool to use + # the VRRP FSM and features in a networking + # environment where multicast is not supported! + # IP addresses specified can be IPv4 as well as IPv6. + # If min_ttl and/or max_ttl are specified, the TTL/hop limit + # of any received packet is checked against the specified + # TTL range, and is discarded if it is outside the range. + # Specifying min_ttl or max_ttl turns on check_unicast_src. + 192.168.124.121 + 192.168.124.129 + } + + unicast_fault_no_peer # It is not possible to operate in unicast mode without any peers. + # Until v2.2.4 keepalived would silently operate in multicast mode + # if no peers were specified but a unicast keyword had been specified. + # Using this keywork stops defaulting to multicast if no peers are + # specified and puts the VRRP instance into fault state. + + virtual_ipaddress { + 192.168.124.99/24 brd + dev enp1s0 label enp1s0:0 + } + + track_script { # Check that haproxy is up + chk_patroni + } +} +