tpiccioli
/
ansible-role-postgresql
forked from ISTI-ansible-roles/ansible-role-postgresql
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Remove the pgpool tasks and files.

This commit is contained in:
Andrea Dell'Amico 2021-04-02 18:08:23 +02:00
parent 87c1233658
commit fe20da9822
16 changed files with 4 additions and 1204 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

117
defaults/main.yml
View File

@ -124,17 +124,6 @@ psql_db_name: db_name
psql_db_user: db_user
psql_db_pwd: "We cannot save the password into the repository. Use another variable and change pgpass.j2 accordingly. Encrypt the file that contains the variable with ansible-vault"
########
#
# Pgpool-II
#
# Those need to be installed on the postgresql server.
#
pgpool_version: '4.1.4'
pgpool_fixed_version: '={{ pgpool_version }}-2.pgdg18.04+1'
postgresql_pgpool_pkgs:
- 'postgresql-{{ psql_version }}-pgpool2{{ pgpool_fixed_version }}'
#psql_db_data:
# Example of line needed to create a db, create the user that owns the db, manage the db accesses (used by iptables too). All the fields are mandatory.
#- { name: '{{ psql_db_name }}', encoding: 'UTF8', user: '{{ psql_db_user }}', pwd: '{{ psql_db_pwd }}', roles: 'NOCREATEDB,NOSUPERUSER', extensions: [ 'postgis', 'pgpool_regclass', 'pgpool_recovery' ], allowed_hosts: [ 'xxx.xxx.xxx.xxx/32', 'yyy.yyy.yyy.yyy/32' ], managedb: True }
@ -143,112 +132,6 @@ postgresql_pgpool_pkgs:
# Example of line needed to remove a db, create the user that owns the db, manage the db accesses (used by iptables too). All the fields are mandatory.
#- { name: '{{ psql_db_name }}', encoding: 'UTF8', user: '{{ psql_db_user }}', pwd: '{{ psql_db_pwd }}', managedb: True, roles: 'NOCREATEDB,NOSUPERUSER', extensions: [ 'postgis', 'pgpool_regclass', 'pgpool_recovery' ], allowed_hosts: [ 'xxx.xxx.xxx.xxx/32', 'yyy.yyy.yyy.yyy/32' ], state=absent }
# pgpool-II
pgpool_pkgs:
- 'pgpool2{{ pgpool_fixed_version }}'
- iputils-arping
pgpool_el_pkgs:
- 'pgpool-II-{{ psql_version }}'
- 'pgpool-II-{{ psql_version }}-extensions'
pgpool_enabled: True
pgpool_listen_addresses: 'localhost'
pgpool_port: 5433
pgpool_listen_backlog_multiplier: 2
pgpool_pcp_user: admin
# Define pcp_pwd in a vault file
pgpool_pcp_listen_addresses: '*'
pgpool_pcp_port: 9898
#pgpool_backends:
# - { id: 0, hostname: 'backend0', backend_port: '{{ psql_db_port }}', backend_weight: 1, backend_data_directory: '{{ psql_data_dir }}', backend_flag: 'ALLOW_TO_FAILOVER' }
pgpool_enable_pool_hba: 'on'
pgpool_pool_passwd: 'pool_passwd'
pgpool_num_init_children: 32
pgpool_max_pool: 4
pgpool_child_life_time: 300
pgpool_child_max_connections: 0
pgpool_connection_life_time: 0
pgpool_client_idle_limit: 0
pgpool_log_destination: syslog
pgpool_log_connections: 'on'
pgpool_log_hostname: 'on'
pgpool_log_statement: 'off'
pgpool_log_per_node_statement: 'off'
pgpool_debug_level: 0
pgpool_replication_mode: 'on'
pgpool_replicate_select: 'off'
pgpool_insert_lock: 'on'
pgpool_lobj_lock_table: ''
pgpool_replication_stop_on_mismatch: 'on'
pgpool_failover_if_affected_tuples_mismatch: 'off'
pgpool_recovery_timeout: 30
pgpool_client_idle_limit_in_recovery: -1
pgpool_load_balance_mode: 'on'
pgpool_ignore_leading_white_space: 'on'
pgpool_recovery_user: postgres
# pgpool_recovery_user_pwd: use a vault file for this one
pgpool_recovery_stage1_script: pgpool_recovery_stage_1
pgpool_recovery_stage2_script: pgpool_recovery_stage_2
pgpool_remote_start_script: pgpool_remote_start
pgpool_white_function_list: ''
pgpool_black_function_list: 'nextval,setval'
pgpool_allow_sql_comments: 'on'
pgpool_fail_over_on_backend_error: 'on'
pgpool_relcache_expire: 3600
#
pgpool_memory_cache_enabled: False
# memcached, shmem
pgpool_memqcache_method: shmem
pgpool_memqcache_memcached_host: localhost
pgpool_memqcache_memcached_port: 11211
pgpool_memqcache_expire: 0
pgpool_memqcache_auto_cache_invalidation: 'on'
pgpool_serialize_accept: 'off'
# HA and watchdog
pgpool_use_watchdog: 'off'
pgpool_wd_trusted_servers: 'localhost,localhost'
pgpool_wd_port: 9000
pgpool_wd_priority: 1
# Warning: setting pgpool_wd_heartbeat_mode to False enables
# the 'query mode' that is untested and not working without manual intervention
pgpool_wd_heartbeat_mode: True
pgpool_wd_heartbeat_port: 9694
pgpool_wd_heartbeat_keepalive_int: 3
pgpool_wd_heartbeat_deadtime: 30
pgpool_wd_heartbeat_dest0: 'localhost'
pgpool_wd_heartbeat_dest0_port: '{{ pgpool_wd_heartbeat_port }}'
#pgpool_wd_authkey: 'set it inside a vault file'
# SSL as a special case
pgpool_enable_ssl: False
pgpool_letsencrypt_managed: True
pgpool_ssl_key: /etc/pki/pgpool2/pgpool2.key
pgpool_ssl_cert: '/var/lib/acme/live/{{ ansible_fqdn }}/cert'
pgpool_ssl_ca: '/var/lib/acme/live/{{ ansible_fqdn }}/fullchain'
pgpool_ssl_ca_dir: /etc/ssl/certs
pgpool_virtual_ip: 127.0.0.1
pgpool_virtual_netmask: 24
# WAL files archiving is mandatory for pgpool recovery
psql_wal_files_archiving_enabled: '{{ psql_pgpool_install }}'
psql_restart_after_wal_enabling: True
psql_wal_archiving_log_dir: '{{ psql_data_dir }}/archive_log'
psql_base_backup_dir: '{{ pg_backup_base_dir }}/base_backup'
psql_wal_files_conf:
- { name: 'wal_level', value: 'archive', set: '{{ psql_wal_files_archiving_enabled }}' }
- { name: 'wal_sync_method', value: 'fdatasync', set: '{{ psql_wal_files_archiving_enabled }}' }
- { name: 'full_page_writes', value: 'on', set: '{{ psql_wal_files_archiving_enabled }}' }
- { name: 'wal_log_hints', value: 'on', set: '{{ psql_wal_files_archiving_enabled }}' }
- { name: 'archive_mode', value: 'on', set: '{{ psql_wal_files_archiving_enabled }}' }
- { name: 'archive_command', value: "'test ! -f {{ psql_wal_archiving_log_dir }}/%f && cp %p {{ psql_wal_archiving_log_dir }}/%f'", set: '{{ psql_wal_files_archiving_enabled }}' }
- { name: 'archive_timeout', value: '120', set: '{{ psql_wal_files_archiving_enabled }}' }
- { name: 'max_wal_senders', value: '5', set: '{{ psql_wal_files_archiving_enabled }}' }
- { name: 'wal_sender_timeout', value: '60s', set: '{{ psql_wal_files_archiving_enabled }}' }
- { name: 'max_replication_slots', value: '5', set: '{{ psql_wal_files_archiving_enabled }}' }
# postgis
postgres_install_gis_extensions: False
postgres_gis_version: 2.5

12
files/arping_script
View File

@ -1,12 +0,0 @@
#!/bin/bash
#
# Exec /usr/bin/arping as root via sudo
RETVAL=
CMD=/usr/bin/arping
sudo $CMD $@
RETVAL=$?
exit $RETVAL

12
files/ip_script
View File

@ -1,12 +0,0 @@
#!/bin/bash
#
# Exec /sbin/ip as root via sudo
RETVAL=
CMD=/sbin/ip
sudo $CMD $@
RETVAL=$?
exit $RETVAL

24
handlers/main.yml
View File

@ -7,15 +7,6 @@
service: name=postgresql state=reloaded
when: ansible_distribution_file_variety == "Debian"
- name: Reload pgpool2
service: name=pgpool2 state=reloaded
when: ansible_distribution_file_variety == "Debian"
ignore_errors: True
- name: Restart pgpool2
service: name=pgpool2 state=restarted
when: ansible_distribution_file_variety == "Debian"
- name: Restart postgresql with pgpool config
service: name=postgresql state=restarted
when:
@ -29,18 +20,3 @@
- name: Reload postgresql
service: name='postgresql-{{ psql_version }}' state=reloaded
when: ansible_distribution_file_variety == "RedHat"
- name: Reload pgpool2
service: name='pgpool2-{{ psql_version }}' state=reloaded
when: ansible_distribution_file_variety == "RedHat"
ignore_errors: True
- name: Restart pgpool2
service: name='pgpool2-{{ psql_version }}' state=restarted
when: ansible_distribution_file_variety == "RedHat"
- name: Restart postgresql with pgpool config
service: name='postgresql-{{ psql_version }}' state=restarted
when:
- ansible_distribution_file_variety == "RedHat"
- psql_restart_after_wal_enabling

13
meta/main.yml
View File

@ -16,16 +16,11 @@ galaxy_info:
- name: Ubuntu
versions:
- bionic
- name: EL
versions:
- 7
galaxy_tags:
- postgresql
dependencies:
- src: git+https://gitea-s2i2s.isti.cnr.it/ISTI-ansible-roles/ansible-role-memcached.git
version: master
name: memcached
state: latest
when:
- pgpool_memory_cache_enabled
- pgpool_memqcache_method == "memcached"
- pgpool_memqcache_memcached_host == "localhost"
dependencies: []

9
tasks/main.yml
View File

@ -18,21 +18,12 @@
- psql_db_data is defined
- import_tasks: postgresql-service-status.yml
when: psql_postgresql_install
- import_tasks: postgres_pgpool.yml
when: psql_pgpool_install
- import_tasks: manage_pg_db.yml
when:
- psql_postgresql_install
- psql_db_data is defined
- import_tasks: postgresql-backup.yml
when: psql_postgresql_install
- import_tasks: pgpool-ii.yml
when: psql_pgpool_service_install
- import_tasks: postgresql-letsencrypt-acmetool.yml
when:
- letsencrypt_acme_install is defined and letsencrypt_acme_install
- import_tasks: pgpool-letsencrypt-acmetool.yml
when:
- letsencrypt_acme_install is defined and letsencrypt_acme_install

82
tasks/pgpool-ii.yml
View File

@ -1,82 +0,0 @@
---
- block:
- name: Install the pgpool package
apt: name={{ pgpool_pkgs }} state={{ psql_pgpool_pkg_state }} cache_valid_time=1800
- name: Configure pcp
#template: src=pcp.conf.j2 dest=/etc/pgpool2/pcp.conf owner=root group=postgres mode=0640
shell: pwd=`pg_md5 {{ pcp_pwd }}` ; echo "{{ pgpool_pcp_user }}:${pwd}" > /etc/pgpool2/pcp.conf ; chmod 640 /etc/pgpool2/pcp.conf; chown root:postgres /etc/pgpool2/pcp.conf
- name: Install the pgpool configuration file
template: src=pgpool.conf.j2 dest=/etc/pgpool2/pgpool.conf owner=root group=postgres mode=0640
notify: Restart pgpool2
- name: Give access to the remote postgresql clients
lineinfile: name=/etc/pgpool2/pool_hba.conf regexp="^host {{ item.0.name }} {{ item.0.user }} {{ item.1 }}.*$" line="host {{ item.0.name }} {{ item.0.user }} {{ item.1 }} md5"
with_subelements:
- '{{ psql_db_data | default([]) }}'
- allowed_hosts
when:
- psql_db_data is defined
- item.1 is defined
notify: Reload pgpool2
- name: Create the pki directory to store the pgpool key
file: dest=/etc/pki/pgpool2 state=directory owner=postgres group=postgres mode=0750
when: pgpool_enable_ssl
- name: Create a pgpool accessible ssl key file if it does not exist
copy: src=/var/lib/acme/live/{{ ansible_fqdn }}/privkey dest=/etc/pki/pgpool2/pgpool2.key owner=postgres group=postgres mode=0400 remote_src=True
when: pgpool_enable_ssl
- name: Install the pool_passwd configuration file
shell: cd /etc/pgpool2 ; pg_md5 -m -u {{ item.user }} {{ item.pwd }} ; chown root:postgres /etc/pgpool2/pool_passwd ; chmod 660 /etc/pgpool2/pool_passwd
with_items: '{{ psql_db_data | default([]) }}'
- name: Install the sudoers config that permits pgpool change the network configuration during a failover
template: src=pgpool-wd-sudoers.j2 dest=/etc/sudoers.d/pgpool-wd owner=root group=root mode=0440
- name: Install the ip script that manage the network configuration during a failover
copy: src={{ item }} dest=/sbin/{{ item }} owner=root group=root mode=0755
with_items:
- ip_script
- name: Install the arping scripts that manage the network configuration during a failover
copy: src={{ item }} dest=/usr/local/bin/{{ item }} owner=root group=root mode=0755
with_items:
- arping_script
- name: Start and enable pgpool2
service: name=pgpool2 state=started enabled=yes
when:
- pgpool_enabled
- ansible_distribution_file_variety == "Debian"
tags: [ 'postgresql', 'postgres', 'pgpool', 'pcp_conf', 'pgpool_conf' ]
- block:
- name: Stop and disable pgpool2
service: name=pgpool2 state=stopped enabled=no
- name: Install the pgpool packages
apt: name={{ pgpool_pkgs }} state=absent
- name: Remove the pgpool failover sudoers file
file: dest=/etc/sudoers.d/pgpool-wd state=absent
- name: Remove the pgpool configuration directory
file: dest=/etc/pgpool2 state=absent
- name: Remove the scripts that manage the network configuration during a failover
file: dest={{ item }} state=absent
with_items:
- /sbin/ip_script
- /usr/local/bin/arping_script
when:
- not pgpool_enabled
- ansible_distribution_file_variety == "Debian"
tags: [ 'postgresql', 'postgres', 'pgpool' ]

23
tasks/pgpool-letsencrypt-acmetool.yml
View File

@ -1,23 +0,0 @@
---
- block:
- name: Create the acme hooks directory if it does not yet exist
file: dest={{ letsencrypt_acme_services_scripts_dir }} state=directory owner=root group=root
- name: Install a script that fix the letsencrypt certificate for pgpool and then reloads the service
template: src=pgpool-letsencrypt-acme.sh.j2 dest={{ letsencrypt_acme_services_scripts_dir }}/pgpool owner=root group=root mode=4555
when:
- psql_pgpool_service_install
- pgpool_letsencrypt_managed
- letsencrypt_acme_install
tags: [ 'postgresql', 'postgres', 'pgpool', 'letsencrypt', 'pgpool_acme_hook' ]
- block:
- name: Remove the letsencrypt hook for pgpool
file: dest=/usr/lib/acme/hooks/pgpool state=absent
when:
- psql_pgpool_service_install
- not pgpool_letsencrypt_managed
tags: [ 'postgresql', 'postgres', 'pgpool', 'letsencrypt', 'pgpool_acme_hook' ]

82
tasks/postgres_pgpool.yml
View File

@ -1,82 +0,0 @@
---
- name: Install the packages needed by postgres when running behind a pgpool server
apt: pkg={{ postgresql_pgpool_pkgs }} state={{ psql_pkg_state }} cache_valid_time=3600
notify: Restart postgresql
when:
- psql_pgpool_install
- ansible_distribution_file_variety == "Debian"
tags: [ 'postgresql', 'postgres', 'pgpool' ]
- name: PgPool II configuration
block:
- name: Add the postgres user that will manage the recovery, if not postgres
become: True
become_user: postgres
postgresql_user: user={{ pgpool_recovery_user }} password={{ pgpool_recovery_user_pwd }} role_attr_flags=REPLICATION port={{ psql_db_port }}
when:
- ('{{ pgpool_recovery_user }}' != 'postgres')
- pgpool_recovery_user_pwd is defined
- name: Give access to the pgpool recovery user, if it is not postgres
lineinfile: name={{ psql_conf_dir }}/pg_hba.conf regexp="^host {{ item.0.name }} {{ pgpool_recovery_user }} {{ item.1 }}.*$" line="host {{ item.0.name }} {{ pgpool_recovery_user }} {{ item.1 }} md5"
with_subelements:
- '{{ psql_db_data | default([]) }}'
- allowed_hosts
when:
- psql_db_data is defined
- item.1 is defined
- pgpool_recovery_user_pwd is defined
notify: Reload postgresql
- name: Add the system user that will manage the recovery, if not postgres
user: user={{ pgpool_recovery_user }} password={{ pgpool_recovery_user_pwd | password_hash('sha512') }} groups=postgres shell=/bin/bash system=yes
when:
- ('{{ pgpool_recovery_user }}' != 'postgres')
- pgpool_recovery_user_pwd is defined
- name: Create the ssh keys for the recovery user
user: user={{ pgpool_recovery_user }} generate_ssh_key=yes ssh_key_bits=2048 ssh_key_file=.ssh/id_rsa ssh_key_type=rsa
- name: Remember to trust the ssh keys between the two nodes
debug:
msg: "Remember to trust the ssh keys between the two nodes. You have to setup the .ssh/authorized_keys manually for the user {{ pgpool_recovery_user }}"
- name: Install the pgpool recovery and remote restart scripts. They assume that the postgresql hosts can talk to each other
template: src={{ item.1 }}.j2 dest={{ item.0.backend_data_directory }}/{{ item.1 }} owner=postgres group=postgres mode=0500
with_nested:
- '{{ pgpool_backends | default([]) }}'
- [ '{{ pgpool_recovery_stage1_script }}', '{{ pgpool_recovery_stage2_script }}', '{{ pgpool_remote_start_script }}' ]
- name: Set the postgresql configuration parameters needed by pgpool
action: configfile path={{ psql_conf_dir }}/postgresql.conf key={{ item.name }} value="{{ item.value }}"
with_items: '{{ psql_wal_files_conf }}'
when:
- item.set
- psql_wal_files_archiving_enabled
notify: Restart postgresql with pgpool config
tags: [ 'postgresql', 'postgres', 'pg_conf', 'pgpool' ]
- name: Ensure that the postgresql config file has the correct permissions
file: dest={{ psql_conf_dir }}/postgresql.conf owner=root group=postgres mode='0440'
tags: [ 'postgresql', 'postgres', 'pg_conf', 'pgpool' ]
- name: Add the pgpool postgres extensions to the template1 dbs
become: True
become_user: postgres
postgresql_ext: name={{ item }} db=template1 port={{ psql_db_port }}
with_items:
- pgpool_regclass
- pgpool_recovery
tags: [ 'postgresql', 'postgres', 'pg_extensions' ]
- name: Install the sudoers config that permits the postgres user to restart the service after a recovery
template: src=postgresql-sudoers.j2 dest=/etc/sudoers.d/postgres-pgpool owner=root group=root mode=0440
tags: [ 'postgres', 'postgresql', 'sudo', 'pgpool' ]
- name: Install a script that cleans up the wal log archives
template: src=postgresql_wal_backup_and_removal.j2 dest=/usr/local/sbin/postgresql_wal_backup_and_removal owner=root group=root mode=0755
- name: Install a cron job to cleanup the wal log archives
cron: name="Clean up the postgresql WAL log archives" user=postgres job="/usr/local/sbin/postgresql_wal_backup_and_removal > {{ psql_log_dir }}/wal_removal.log 2>&1" special_time=daily
tags: [ 'postgresql', 'postgres', 'pgpool' ]

1
templates/pcp.conf.j2
View File

@ -1 +0,0 @@
{{ pgpool_pcp_user }}:{{ '{{ pcp_pwd }}' | pg_md5 }}

52
templates/pgpool-letsencrypt-acme.sh.j2
View File

@ -1,52 +0,0 @@
#!/bin/bash
H_NAME=$( hostname -f )
LE_SERVICES_SCRIPT_DIR=/usr/lib/acme/hooks
LE_CERTS_DIR=/var/lib/acme/live/$H_NAME
LE_LOG_DIR=/var/log/letsencrypt
PGPOOL2_CERTDIR=/etc/pki/pgpool2
PGPOOL2_KEYFILE=$PGPOOL2_CERTDIR/pgpool2.key
DATE=$( date )
[ ! -d $PGPOOL2_CERTDIR ] && mkdir -p $PGPOOL2_CERTDIR
[ ! -d $LE_LOG_DIR ] && mkdir $LE_LOG_DIR
echo "$DATE" >> $LE_LOG_DIR/pgpool2.log
if [ -f /etc/default/letsencrypt ] ; then
. /etc/default/letsencrypt
else
echo "No letsencrypt default file" >> $LE_LOG_DIR/pgpool2.log
fi
logger "acme-pgpool-hook: Check if the certificate has been renewed"
cmp ${LE_CERTS_DIR}/privkey ${PGPOOL2_KEYFILE}
RETVAL=$?
if [ $RETVAL -eq 0 ] ; then
logger "acme-pgpool-hook: No new cerficate. Doing nothing"
exit 0
fi
logger "acme-pgpool-hook: Copying the key file"
echo "Copy the key file" >> $LE_LOG_DIR/pgpool2.log
cp ${LE_CERTS_DIR}/privkey ${PGPOOL2_KEYFILE}
chmod 440 ${PGPOOL2_KEYFILE}
chown root ${PGPOOL2_KEYFILE}
chgrp postgres ${PGPOOL2_KEYFILE}
logger "acme-pgpool-hook: Reload the postgresql service after a certificate renewal"
echo "Reload the pgpool2 service" >> $LE_LOG_DIR/pgpool2.log
if [ -x /bin/systemctl ] ; then
{% if ansible_distribution_file_variety == "Debian" %}
systemctl reload pgpool2 >> $LE_LOG_DIR/pgpool2.log 2>&1
{% else %}
systemctl reload pgpool2-{{ psql_version }} >> $LE_LOG_DIR/pgpool2.log 2>&1
{% endif %}
else
service pgpool2 reload >> $LE_LOG_DIR/pgpool2.log 2>&1
fi
logger "acme-pgpool-hook: Done"
echo "Done." >> $LE_LOG_DIR/pgpool2.log
exit 0

3
templates/pgpool-wd-sudoers.j2
View File

@ -1,3 +0,0 @@
{{ pgpool_recovery_user }} ALL=(ALL) NOPASSWD: /bin/ip
{{ pgpool_recovery_user }} ALL=(ALL) NOPASSWD: /usr/bin/arping

693
templates/pgpool.conf.j2
View File

@ -1,693 +0,0 @@
# ----------------------------
# pgPool-II configuration file
# ----------------------------
#
# This file consists of lines of the form:
#
# name = value
#
# Whitespace may be used. Comments are introduced with "#" anywhere on a line.
# The complete list of parameter names and allowed values can be found in the
# pgPool-II documentation.
#
# This file is read on server startup and when the server receives a SIGHUP
# signal. If you edit the file on a running system, you have to SIGHUP the
# server for the changes to take effect, or use "pgpool reload". Some
# parameters, which are marked below, require a server shutdown and restart to
# take effect.
#
#------------------------------------------------------------------------------
# CONNECTIONS
#------------------------------------------------------------------------------
# - pgpool Connection Settings -
listen_addresses = '{{ pgpool_listen_addresses }}'
# Host name or IP address to listen on:
# '*' for all, '' for no TCP/IP connections
# (change requires restart)
port = {{ pgpool_port }}
# Port number
# (change requires restart)
socket_dir = '/var/run/postgresql'
# Unix domain socket path
# The Debian package defaults to
# /var/run/postgresql
# (change requires restart)
listen_backlog_multiplier = {{ pgpool_listen_backlog_multiplier }}
# Set the backlog parameter of listen(2) to
# num_init_children * listen_backlog_multiplier.
# (change requires restart)
# - pgpool Communication Manager Connection Settings -
pcp_listen_addresses = '{{ pgpool_pcp_listen_addresses }}'
# Host name or IP address for pcp process to listen on:
# '*' for all, '' for no TCP/IP connections
# (change requires restart)
pcp_port = {{ pgpool_pcp_port }}
# Port number for pcp
# (change requires restart)
pcp_socket_dir = '/var/run/postgresql'
# Unix domain socket path for pcp
# The Debian package defaults to
# /var/run/postgresql
# (change requires restart)
# - Backend Connection Settings -
{% for bk in pgpool_backends %}
backend_hostname{{ bk.id}} = '{{ bk.hostname }}'
backend_port{{ bk.id }} = {{ bk.backend_port }}
backend_weight{{ bk.id }} = {{ bk.backend_weight }}
backend_data_directory{{ bk.id }} = '{{ bk.backend_data_directory }}'
backend_flag{{ bk.id }} = '{{ bk.backend_flag }}'
{% endfor %}
# - Authentication -
enable_pool_hba = {{ pgpool_enable_pool_hba }}
# Use pool_hba.conf for client authentication
pool_passwd = '{{ pgpool_pool_passwd }}'
# File name of pool_passwd for md5 authentication.
# "" disables pool_passwd.
# (change requires restart)
authentication_timeout = 60
# Delay in seconds to complete client authentication
# 0 means no timeout.
{% if pgpool_enable_ssl %}
# - SSL Connections -
ssl = on
ssl_key = '{{ pgpool_ssl_key }}'
ssl_cert = '{{ pgpool_ssl_cert }}'
ssl_ca_cert = '{{ pgpool_ssl_ca }}'
ssl_ca_cert_dir = '{{ pgpool_ssl_ca_dir }}'
{% endif %}
#------------------------------------------------------------------------------
# POOLS
#------------------------------------------------------------------------------
# - Pool size -
num_init_children = {{ pgpool_num_init_children }}
# Number of pools
# (change requires restart)
max_pool = {{ pgpool_max_pool }}
# Number of connections per pool
# (change requires restart)
# - Life time -
child_life_time = {{ pgpool_child_life_time }}
# Pool exits after being idle for this many seconds
child_max_connections = {{ pgpool_child_max_connections }}
# Pool exits after receiving that many connections
# 0 means no exit
connection_life_time = {{ pgpool_connection_life_time }}
# Connection to backend closes after being idle for this many seconds
# 0 means no close
client_idle_limit = {{ pgpool_client_idle_limit }}
# Client is disconnected after being idle for that many seconds
# (even inside an explicit transactions!)
# 0 means no disconnection
#------------------------------------------------------------------------------
# LOGS
#------------------------------------------------------------------------------
# - Where to log -
log_destination = '{{ pgpool_log_destination }}'
# Where to log
# Valid values are combinations of stderr,
# and syslog. Default to stderr.
# - What to log -
log_line_prefix = '%t: pid %p: ' # printf-style string to output at beginning of each log line.
log_connections = {{ pgpool_log_connections }}
# Log connections
log_hostname = {{ pgpool_log_hostname }}
# Hostname will be shown in ps status
# and in logs if connections are logged
log_statement = {{ pgpool_log_statement }}
# Log all statements
log_per_node_statement = {{ pgpool_log_per_node_statement }}
# Log all statements
# with node and backend informations
log_standby_delay = 'none'
# Log standby delay
# Valid values are combinations of always,
# if_over_threshold, none
# - Syslog specific -
syslog_facility = 'LOCAL0'
# Syslog local facility. Default to LOCAL0
syslog_ident = 'pgpool'
# Syslog program identification string
# Default to 'pgpool'
# - Debug -
debug_level = {{ pgpool_debug_level }}
# Debug message verbosity level
# 0 means no message, 1 or more mean verbose
#log_error_verbosity = default # terse, default, or verbose messages
#client_min_messages = notice # values in order of decreasing detail:
# debug5
# debug4
# debug3
# debug2
# debug1
# log
# notice
# warning
# error
#log_min_messages = warning # values in order of decreasing detail:
# debug5
# debug4
# debug3
# debug2
# debug1
# info
# notice
# warning
# error
# log
# fatal
# panic
#------------------------------------------------------------------------------
# FILE LOCATIONS
#------------------------------------------------------------------------------
pid_file_name = '/var/run/postgresql/pgpool.pid'
# PID file name
# (change requires restart)
logdir = '/var/log/postgresql'
# Directory of pgPool status file
# (change requires restart)
#------------------------------------------------------------------------------
# CONNECTION POOLING
#------------------------------------------------------------------------------
connection_cache = on
# Activate connection pools
# (change requires restart)
# Semicolon separated list of queries
# to be issued at the end of a session
# The default is for 8.3 and later
reset_query_list = 'ABORT; DISCARD ALL'
# The following one is for 8.2 and before
#reset_query_list = 'ABORT; RESET ALL; SET SESSION AUTHORIZATION DEFAULT'
serialize_accept = {{ pgpool_serialize_accept }}
#------------------------------------------------------------------------------
# REPLICATION MODE
#------------------------------------------------------------------------------
replication_mode = {{ pgpool_replication_mode }}
# Activate replication mode
# (change requires restart)
replicate_select = {{ pgpool_replicate_select }}
# Replicate SELECT statements
# when in replication mode
# replicate_select is higher priority than
# load_balance_mode.
insert_lock = {{ pgpool_insert_lock }}
# Automatically locks a dummy row or a table
# with INSERT statements to keep SERIAL data
# consistency
# Without SERIAL, no lock will be issued
lobj_lock_table = '{{ pgpool_lobj_lock_table }}'
# When rewriting lo_creat command in
# replication mode, specify table name to
# lock
# - Degenerate handling -
replication_stop_on_mismatch = {{ pgpool_replication_stop_on_mismatch }}
# On disagreement with the packet kind
# sent from backend, degenerate the node
# which is most likely "minority"
# If off, just force to exit this session
failover_if_affected_tuples_mismatch = {{ pgpool_failover_if_affected_tuples_mismatch }}
# On disagreement with the number of affected
# tuples in UPDATE/DELETE queries, then
# degenerate the node which is most likely
# "minority".
# If off, just abort the transaction to
# keep the consistency
#------------------------------------------------------------------------------
# LOAD BALANCING MODE
#------------------------------------------------------------------------------
load_balance_mode = {{ pgpool_load_balance_mode }}
# Activate load balancing mode
# (change requires restart)
ignore_leading_white_space = {{ pgpool_ignore_leading_white_space }}
# Ignore leading white spaces of each query
white_function_list = '{{ pgpool_white_function_list }}'
# Comma separated list of function names
# that don't write to database
# Regexp are accepted
black_function_list = '{{ pgpool_black_function_list }}'
# Comma separated list of function names
# that write to database
# Regexp are accepted
database_redirect_preference_list = ''
# comma separated list of pairs of database and node id.
# example: postgres:primary,mydb[0-4]:1,mydb[5-9]:2'
# valid for streaming replicaton mode only.
app_name_redirect_preference_list = ''
# comma separated list of pairs of app name and node id.
# example: 'psql:primary,myapp[0-4]:1,myapp[5-9]:standby'
# valid for streaming replicaton mode only.
allow_sql_comments = {{ pgpool_allow_sql_comments }}
# if on, ignore SQL comments when judging if load balance or
# query cache is possible.
# If off, SQL comments effectively prevent the judgment
# (pre 3.4 behavior).
#------------------------------------------------------------------------------
# MASTER/SLAVE MODE
#------------------------------------------------------------------------------
master_slave_mode = off
# Activate master/slave mode
# (change requires restart)
master_slave_sub_mode = 'slony'
# Master/slave sub mode
# Valid values are combinations slony or
# stream. Default is slony.
# (change requires restart)
# - Streaming -
sr_check_period = 0
# Streaming replication check period
# Disabled (0) by default
sr_check_user = 'nobody'
# Streaming replication check user
# This is neccessary even if you disable streaming
# replication delay check by sr_check_period = 0
sr_check_password = ''
# Password for streaming replication check user
delay_threshold = 0
# Threshold before not dispatching query to standby node
# Unit is in bytes
# Disabled (0) by default
# - Special commands -
follow_master_command = ''
# Executes this command after master failover
# Special values:
# %d = node id
# %h = host name
# %p = port number
# %D = database cluster path
# %m = new master node id
# %H = hostname of the new master node
# %M = old master node id
# %P = old primary node id
# %r = new master port number
# %R = new master database cluster path
# %% = '%' character
#------------------------------------------------------------------------------
# HEALTH CHECK
#------------------------------------------------------------------------------
health_check_period = 0
# Health check period
# Disabled (0) by default
health_check_timeout = 20
# Health check timeout
# 0 means no timeout
health_check_user = 'nobody'
# Health check user
health_check_password = ''
# Password for health check user
health_check_max_retries = 0
# Maximum number of times to retry a failed health check before giving up.
health_check_retry_delay = 1
# Amount of time to wait (in seconds) between retries.
connect_timeout = 10000
# Timeout value in milliseconds before giving up to connect to backend.
# Default is 10000 ms (10 second). Flaky network user may want to increase
# the value. 0 means no timeout.
# Note that this value is not only used for health check,
# but also for ordinary conection to backend.
#------------------------------------------------------------------------------
# FAILOVER AND FAILBACK
#------------------------------------------------------------------------------
failover_command = ''
# Executes this command at failover
# Special values:
# %d = node id
# %h = host name
# %p = port number
# %D = database cluster path
# %m = new master node id
# %H = hostname of the new master node
# %M = old master node id
# %P = old primary node id
# %r = new master port number
# %R = new master database cluster path
# %% = '%' character
failback_command = ''
# Executes this command at failback.
# Special values:
# %d = node id
# %h = host name
# %p = port number
# %D = database cluster path
# %m = new master node id
# %H = hostname of the new master node
# %M = old master node id
# %P = old primary node id
# %r = new master port number
# %R = new master database cluster path
# %% = '%' character
{% if pgpool_version is version_compare('4.1.4', '>=') %}
failover_on_backend_error = {{ pgpool_fail_over_on_backend_error }}
{% else %}
fail_over_on_backend_error = {{ pgpool_fail_over_on_backend_error }}
{% endif %}
# Initiates failover when reading/writing to the
# backend communication socket fails
# If set to off, pgpool will report an
# error and disconnect the session.
search_primary_node_timeout = 10
# Timeout in seconds to search for the
# primary node when a failover occurs.
# 0 means no timeout, keep searching
# for a primary node forever.
#------------------------------------------------------------------------------
# ONLINE RECOVERY
#------------------------------------------------------------------------------
recovery_user = '{{ pgpool_recovery_user }}'
# Online recovery user
{% if pgpool_recovery_user_pwd is defined %}
recovery_password = '{{ pgpool_recovery_user_pwd | default() }}'
# Online recovery password
{% else %}
recovery_password = ''
{% endif %}
recovery_1st_stage_command = '{{ pgpool_recovery_stage1_script }}'
# Executes a command in first stage
recovery_2nd_stage_command = '{{ pgpool_recovery_stage2_script }}'
# Executes a command in second stage
recovery_timeout = {{ pgpool_recovery_timeout }}
# Timeout in seconds to wait for the
# recovering node's postmaster to start up
# 0 means no wait
client_idle_limit_in_recovery = {{ pgpool_client_idle_limit_in_recovery }}
# Client is disconnected after being idle
# for that many seconds in the second stage
# of online recovery
# 0 means no disconnection
# -1 means immediate disconnection
#------------------------------------------------------------------------------
# WATCHDOG
#------------------------------------------------------------------------------
# - Enabling -
use_watchdog = {{ pgpool_use_watchdog }}
# Activates watchdog
# (change requires restart)
# -Connection to up stream servers -
trusted_servers = '{{ pgpool_wd_trusted_servers }}'
# trusted server list which are used
# to confirm network connection
# (hostA,hostB,hostC,...)
# (change requires restart)
ping_path = '/bin'
# ping command path
# (change requires restart)
# - Watchdog communication Settings -
wd_hostname = '{{ ansible_default_ipv4.address }}'
# Host name or IP address of this watchdog
# (change requires restart)
wd_port = 9000
# port number for watchdog service
# (change requires restart)
wd_authkey = '{{ pgpool_wd_authkey }}'
# Authentication key for watchdog communication
# (change requires restart)
# - Virtual IP control Setting -
delegate_IP = '{{ pgpool_virtual_ip }}'
# delegate IP address
# If this is empty, virtual IP never bring up.
# (change requires restart)
if_cmd_path = '/sbin'
# ifconfig command path
# (change requires restart)
if_up_cmd = 'ip_script addr add {{ pgpool_virtual_ip }}/{{ pgpool_virtual_netmask }} dev {{ ansible_default_ipv4.alias }}'
# startup delegate IP command
# (change requires restart)
if_down_cmd = 'ip_script addr del {{ pgpool_virtual_ip }}/{{ pgpool_virtual_netmask }} dev {{ ansible_default_ipv4.alias }}'
# shutdown delegate IP command
# (change requires restart)
arping_path = '/usr/local/bin' # arping command path
# (change requires restart)
arping_cmd = 'arping_script -U $_IP_$ -w 1'
# arping command
# (change requires restart)
# - Behaivor on escalation Setting -
clear_memqcache_on_escalation = on
# Clear all the query cache on shared memory
# when standby pgpool escalate to active pgpool
# (= virtual IP holder).
# This should be off if client connects to pgpool
# not using virtual IP.
# (change requires restart)
wd_escalation_command = 'date >> {{ psql_log_dir }}/wd_pgpool_escalation.log'
# Executes this command at escalation on new active pgpool.
# (change requires restart)
wd_de_escalation_command = 'date >> {{ psql_log_dir }}/wd_pgpool_de_escalation.log'
# - Lifecheck Setting -
# -- common --
wd_monitoring_interfaces_list = 'any'
wd_lifecheck_method = 'heartbeat'
# Method of watchdog lifecheck ('heartbeat' or 'query')
# (change requires restart)
wd_interval = 10
# lifecheck interval (sec) > 0
# (change requires restart)
wd_priority = {{ pgpool_wd_priority }}
{% if pgpool_wd_heartbeat_mode %}
# -- heartbeat mode --
wd_heartbeat_port = {{ pgpool_wd_heartbeat_port }}
# Port number for receiving heartbeat signal
# (change requires restart)
wd_heartbeat_keepalive = {{ pgpool_wd_heartbeat_keepalive_int }}
# Interval time of sending heartbeat signal (sec)
# (change requires restart)
wd_heartbeat_deadtime = {{ pgpool_wd_heartbeat_deadtime }}
# Deadtime interval for heartbeat signal (sec)
# (change requires restart)
heartbeat_destination0 = '{{ pgpool_wd_heartbeat_dest0 }}'
# Host name or IP address of destination 0
# for sending heartbeat signal.
# (change requires restart)
heartbeat_destination_port0 = {{ pgpool_wd_heartbeat_dest0_port }}
# Port number of destination 0 for sending
# heartbeat signal. Usually this is the
# same as wd_heartbeat_port.
# (change requires restart)
heartbeat_device0 = ''
# Name of NIC device (such like 'eth0')
# used for sending/receiving heartbeat
# signal to/from destination 0.
# This works only when this is not empty
# and pgpool has root privilege.
# (change requires restart)
{% else %}
# -- query mode --
wd_life_point = 3
# lifecheck retry times
# (change requires restart)
wd_lifecheck_query = 'SELECT 1'
# lifecheck query to pgpool from watchdog
# (change requires restart)
wd_lifecheck_dbname = 'template1'
# Database name connected for lifecheck
# (change requires restart)
wd_lifecheck_user = 'nobody'
# watchdog user monitoring pgpools in lifecheck
# (change requires restart)
wd_lifecheck_password = ''
# Password for watchdog user in lifecheck
# (change requires restart)
{% endif %}
# - Other pgpool Connection Settings -
other_pgpool_hostname0 = '{{ pgpool_wd_heartbeat_dest0 }}'
# Host name or IP address to connect to for other pgpool 0
# (change requires restart)
other_pgpool_port0 = {{ pgpool_port }}
# Port number for othet pgpool 0
# (change requires restart)
other_wd_port0 = {{ pgpool_wd_port }}
# Port number for othet watchdog 0
# (change requires restart)
#------------------------------------------------------------------------------
# OTHERS
#------------------------------------------------------------------------------
relcache_expire = {{ pgpool_relcache_expire }}
# Life time of relation cache in seconds.
# 0 means no cache expiration(the default).
# The relation cache is used for cache the
# query result against PostgreSQL system
# catalog to obtain various information
# including table structures or if it's a
# temporary table or not. The cache is
# maintained in a pgpool child local memory
# and being kept as long as it survives.
# If someone modify the table by using
# ALTER TABLE or some such, the relcache is
# not consistent anymore.
# For this purpose, cache_expiration
# controls the life time of the cache.
relcache_size = 256
# Number of relation cache
# entry. If you see frequently:
# "pool_search_relcache: cache replacement happend"
# in the pgpool log, you might want to increate this number.
check_temp_table = on
# If on, enable temporary table check in SELECT statements.
# This initiates queries against system catalog of primary/master
# thus increases load of master.
# If you are absolutely sure that your system never uses temporary tables
# and you want to save access to primary/master, you could turn this off.
# Default is on.
check_unlogged_table = on
# If on, enable unlogged table check in SELECT statements.
# This initiates queries against system catalog of primary/master
# thus increases load of master.
# If you are absolutely sure that your system never uses unlogged tables
# and you want to save access to primary/master, you could turn this off.
# Default is on.
{% if pgpool_memory_cache_enabled %}
#------------------------------------------------------------------------------
# IN MEMORY QUERY MEMORY CACHE
#------------------------------------------------------------------------------
memory_cache_enabled = on
# If on, use the memory cache functionality, off by default
memqcache_method = '{{ pgpool_memqcache_method }}'
# Cache storage method. either 'shmem'(shared memory) or
# 'memcached'. 'shmem' by default
# (change requires restart)
memqcache_memcached_host = '{{ pgpool_memqcache_memcached_host }}'
# Memcached host name or IP address. Mandatory if
# memqcache_method = 'memcached'.
# Defaults to localhost.
# (change requires restart)
memqcache_memcached_port = {{ pgpool_memqcache_memcached_port }}
# Memcached port number. Mondatory if memqcache_method = 'memcached'.
# Defaults to 11211.
# (change requires restart)
memqcache_total_size = 67108864
# Total memory size in bytes for storing memory cache.
# Mandatory if memqcache_method = 'shmem'.
# Defaults to 64MB.
# (change requires restart)
memqcache_max_num_cache = 1000000
# Total number of cache entries. Mandatory
# if memqcache_method = 'shmem'.
# Each cache entry consumes 48 bytes on shared memory.
# Defaults to 1,000,000(45.8MB).
# (change requires restart)
memqcache_expire = {{ pgpool_memqcache_expire }} # Memory cache entry life time specified in seconds.
# 0 means infinite life time. 0 by default.
# (change requires restart)
memqcache_auto_cache_invalidation = {{ pgpool_memqcache_auto_cache_invalidation }}
# If on, invalidation of query cache is triggered by corresponding
# DDL/DML/DCL(and memqcache_expire). If off, it is only triggered
# by memqcache_expire. on by default.
# (change requires restart)
memqcache_maxcache = 409600
# Maximum SELECT result size in bytes.
# Must be smaller than memqcache_cache_block_size. Defaults to 400KB.
# (change requires restart)
memqcache_cache_block_size = 1048576
# Cache block size in bytes. Mandatory if memqcache_method = 'shmem'.
# Defaults to 1MB.
# (change requires restart)
memqcache_oiddir = '/var/log/pgpool/oiddir'
# Temporary work directory to record table oids
# (change requires restart)
white_memqcache_table_list = ''
# Comma separated list of table names to memcache
# that don't write to database
# Regexp are accepted
black_memqcache_table_list = ''
# Comma separated list of table names not to memcache
# that don't write to database
# Regexp are accepted
{% else %}
#------------------------------------------------------------------------------
# IN MEMORY QUERY MEMORY CACHE
#------------------------------------------------------------------------------
memory_cache_enabled = off
# If on, use the memory cache functionality, off by default
memqcache_method = 'shmem'
# Cache storage method. either 'shmem'(shared memory) or
# 'memcached'. 'shmem' by default
# (change requires restart)
{% endif %}

40
templates/pgpool_recovery_stage_1.j2
View File

@ -1,40 +0,0 @@
#!/bin/bash
# PGpool stage 1 recovery script
# Reference: http://michael.stapelberg.de/Artikel/replicated_postgresql_with_pgpool
#
TS=$(date +%Y-%m-%d_%H-%M-%S)
MASTER_HOST=$(hostname -f)
# $1 is {{ psql_data_dir }} while $3 is {{ psql_data_dir }}
#MASTER_DATA="{{ psql_data_dir }}"
MASTER_DATA="${1}"
RECOVERY_TARGET=${2}
#RECOVERY_DATA="{{ psql_data_dir }}"
RECOVERY_DATA="${3}"
logger "pgpool_recovery_1: MASTER_DATA=$MASTER_DATA"
logger "pgpool_recovery_1: RECOVERY_DATA=$RECOVERY_DATA"
# Ensure that postgres is shut down on the target node
ssh -T $RECOVERY_TARGET sudo /etc/init.d/postgresql stop
# Move the PostgreSQL data directory out of our way.
ssh -T $RECOVERY_TARGET \
"[ -d $RECOVERY_DATA ] && mv $RECOVERY_DATA $RECOVERY_DATA.$TS"
# We only use archived WAL logs during recoveries, so delete all
# logs from the last recovery to limit the growth.
rm $MASTER_DATA/archive_log/*
# With this file present, our archive_command will actually
# archive WAL files.
touch $MASTER_DATA/archive_log/backup_in_progress
# Perform a backup of the database.
ssh -T $RECOVERY_TARGET \
"pg_basebackup -h $MASTER_HOST -D $RECOVERY_DATA --xlog"
# Configure the restore_command to use the archive_log WALs well copy
# over in 2nd_stage.sh.
echo "restore_command = 'cp $RECOVERY_DATA/archive_log/%f %p'" | \
ssh -T $RECOVERY_TARGET "cat > $RECOVERY_DATA/recovery.conf"

37
templates/pgpool_recovery_stage_2.j2
View File

@ -1,37 +0,0 @@
#!/bin/bash
# Online recovery 2nd stage script
#
#MASTER_DATA="{{ psql_data_dir }}"
MASTER_DATA="${1}"
RECOVERY_TARGET=${2}
#RECOVERY_DATA="{{ psql_data_dir }}"
RECOVERY_DATA="${3}"
port="{{ psql_db_port }}" # PostgreSQL port number
archive_dir="{{ psql_wal_archiving_log_dir }}"
logger "pgpool_recovery_2: MASTER_DATA=$MASTER_DATA"
logger "pgpool_recovery_2: RECOVERY_DATA=$RECOVERY_DATA"
logger "pgpool_recovery_2: archive_dir=$archive_dir"
# Force to flush current value of sequences to xlog
psql -p $port -t -c 'SELECT datname FROM pg_database WHERE NOT datistemplate AND datallowconn' template1|
while read i
do
if [ "$i" != "" ];then
psql -p $port -c "SELECT setval(oid, nextval(oid)) FROM pg_class WHERE relkind = 'S'" $i
fi
done
# Flush all transactions to disk. Since pgpool stopped all connections,
# there cannot be any data that does not reside on disk until the
# to-be-recovered host is back on line.
psql -p $port -c "SELECT pgpool_switch_xlog('$MASTER_DATA/archive_log')" template1
# Copy over all archive logs at once.
rsync -avx --delete $MASTER_DATA/archive_log/ \
$RECOVERY_TARGET:$RECOVERY_DATA/archive_log/
# Delete the flag file to disable WAL archiving again.
rm $MASTER_DATA/archive_log/backup_in_progress

8
templates/pgpool_remote_start.j2
View File

@ -1,8 +0,0 @@
#!/bin/bash
DEST=$1
DESTDIR=$2
# Deploy a base backup
ssh -T $DEST 'cd {{ psql_data_root_dir }}; tar zxf pgsql.tar.gz' 2>/dev/null 1>/dev/null < /dev/null
# Startup PostgreSQL server
ssh -T $DEST sudo /etc/init.d/postgresql start 2>/dev/null 1>/dev/null < /dev/null