diff --git a/patroni/README.md b/patroni/README.md new file mode 100644 index 00000000..e3999617 --- /dev/null +++ b/patroni/README.md @@ -0,0 +1,4 @@ +# Patroni + +Installation and basic configuration of Patroni. + diff --git a/patroni/defaults/main.yml b/patroni/defaults/main.yml new file mode 100644 index 00000000..5ceee3ba --- /dev/null +++ b/patroni/defaults/main.yml @@ -0,0 +1,20 @@ +--- + +# Install Patroni from backport Evolix +patroni_backport: false + +# Define variable for Patroni + +cluster_name: "mycluster" +patroni_restapi_listen: "127.0.0.1" +patroni_port: "8008" +postgresql_hosts_cluster: [] +postgresql_host: 127.0.0.1 +postgresql_version: '' +postgresql_replication_user: 'repl' +postgresql_superuser: 'admin' + +# Define variable for etcd +etcd_hosts: [] +etcd_port: "2379" + diff --git a/patroni/meta/main.yml b/patroni/meta/main.yml new file mode 100644 index 00000000..dffff81a --- /dev/null +++ b/patroni/meta/main.yml @@ -0,0 +1,31 @@ +galaxy_info: + company: Evolix + description: Installation and basic configuration of Patroni + + issue_tracker_url: https://gitea.evolix.org/evolix/ansible-roles/issues + + license: GPLv2 + + min_ansible_version: "2.7" + + platforms: + - name: Debian + versions: + - buster + - bullseye + - bookworm + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is + # a keyword that describes and categorizes the role. + # Users find roles by searching for tags. Be sure to + # remove the '[]' above if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of + # alphanumeric characters. Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. + # Be sure to remove the '[]' above if you add dependencies + # to this list. + diff --git a/patroni/tasks/backports.yml b/patroni/tasks/backports.yml new file mode 100644 index 00000000..43e76f22 --- /dev/null +++ b/patroni/tasks/backports.yml @@ -0,0 +1,27 @@ +--- + +- name: Add Evolix GPG key + ansible.builtin.copy: + src: pub_evolix.asc + dest: "{{ apt_keyring_dir }}/pub_evolix.asc" + force: yes + mode: "0644" + owner: root + group: root + +- name: Add Evolix backports repository + ansible.builtin.apt_repository: + repo: "deb [signed-by={{ apt_keyring_dir }}/pub_evolix.asc] http://pub.evolix.org/evolix {{ ansible_distribution_release }}-backports main" + filename: backports.list + state: present + +- name: Update APT cache + ansible.builtin.apt: + update_cache: yes + +- name: Add APT preference file + ansible.builtin.template: + src: patroni.pref.j2 + dest: /etc/apt/preferences.d/patroni.pref + mode: "0644" + diff --git a/patroni/tasks/config.yml b/patroni/tasks/config.yml new file mode 100644 index 00000000..54a19c0e --- /dev/null +++ b/patroni/tasks/config.yml @@ -0,0 +1,18 @@ +--- + +- name: Create a password for PostgreSQL repl user + command: "apg -a 0 -m 16" + register: postgresql_replication_password + +- name: Create a password for PostgreSQL superuser user + command: "apg -a 0 -m 16" + register: postgresql_superuser_password + +- name: Create Patroni config file + ansible.builtin.template: + src: patroni.conf.j2 + dest: /etc/patroni/config-{{ cluster_name }}.yml + owner: root + group: root + mode: "0644" + diff --git a/patroni/tasks/main.yml b/patroni/tasks/main.yml new file mode 100644 index 00000000..05f82a89 --- /dev/null +++ b/patroni/tasks/main.yml @@ -0,0 +1,6 @@ +--- + +- ansible.builtin.import_tasks: packages.yml + +- ansible.builtin.import_tasks: backports.yml + when: patroni_backport: | bool diff --git a/patroni/tasks/packages.yml b/patroni/tasks/packages.yml new file mode 100644 index 00000000..198dcb7b --- /dev/null +++ b/patroni/tasks/packages.yml @@ -0,0 +1,8 @@ +--- + +- name: Install patroni package + ansible.builtin.apt: + name: + - patroni + update_cache: yes + diff --git a/patroni/templates/patroni.conf.j2 b/patroni/templates/patroni.conf.j2 new file mode 100644 index 00000000..c88c96fb --- /dev/null +++ b/patroni/templates/patroni.conf.j2 @@ -0,0 +1,73 @@ +scope: {{ cluster_name }} +name: {{ cluster_name }} + +restapi: + listen: {{ patroni_restapi_listen }}:{{ patroni_port }} + connect_address: {{ patroni_restapi_listen }}:{{ patroni_port }} + +etcd: + hosts: + - {{ etcd_hosts }}:{{ etcd_port }} + - {{ etcd_hosts }}:{{ etcd_port }} + - {{ etcd_hosts }}:{{ etcd_port }} + +bootstrap: + dcs: + ttl: 30 + loop_wait: 10 + retry_timeout: 10 + maximum_lag_on_failover: 1048576 + postgresql: + use_pg_rewind: true + use_slots: true + parameters: + wal_level: replica + hot_standby: "on" + wal_keep_segment: 8 + max_wal_senders: 5 + max_relication_slots: 5 + checkpoint_timeout: 30 + + initdb: + - encoding: UTF8 + - data-checksums + + pg_hba: + - host replication repl 127.0.0.1/32 md5 + - host replication repl {{ postgresql_hosts_cluster }}/0 md5 + - host replication repl {{ postgresql_hosts_cluster }}/0 md5 + - host replication repl {{ postgresql_hosts_cluster }}/0 md5 + - host all all 0.0.0.0/0 md5 + + users: + {{ postgresql_superuser }}: + password: {{ postgresql_superuser_password }} + options: + - createrole + - createdb + {{ postgresql_replication_user }}: + password: {{ postgresql_replication_password }} + options: + - replication + +postgresql: + listen: {{ postgresql_host }}:{{ postgresql_port }} + connect_address: {{ postgresql_host }}:{{ postgresql_port }} + bin_dir: /usr/lib/postgresql/{{ postgresql_version }}/bin/ + data_dir: /home/{{ cluster_name }} + pgpass: /tmp/{{ cluster_name }}-pgpass + authentication: + replication: + username: {{ postgresql_replication_user }} + password: {{ postgresql_replication_password }} + superuser: + username: {{ postgresql_superuser }} + password: {{ postgresql_superuser_password }} + parameters: + unix_socket_directories: '/tmp' + +tags: + nofailover: false + noloadbalance: false + clonefrom: false + nosync: false diff --git a/patroni/templates/patroni.pref.j2 b/patroni/templates/patroni.pref.j2 new file mode 100644 index 00000000..6e6dd081 --- /dev/null +++ b/patroni/templates/patroni.pref.j2 @@ -0,0 +1,3 @@ +Package: patroni +Pin: release a={{ ansible_distribution_release }}-backports +Pin-Priority: 999