diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/backup/tasks/postgresql.yml b/core/src/epicli/data/common/ansible/playbooks/roles/backup/tasks/postgresql.yml index d4bd207245..8ba1acf0d6 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/backup/tasks/postgresql.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/backup/tasks/postgresql.yml @@ -10,7 +10,7 @@ - name: Check if database is running on node0 database server become: true become_user: postgres - command: "{{ repmgr.pg_bindir[ansible_os_family] }}/pg_isready" + command: "{{ pg.bindir[ansible_os_family] }}/pg_isready" register: node0 ignore_errors: True when: groups['postgresql'][0] == inventory_hostname diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/defaults/main.yml b/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/defaults/main.yml index cd340fd42b..f810ed2015 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/defaults/main.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/defaults/main.yml @@ -1,5 +1,8 @@ --- pg: + bindir: + RedHat: /usr/pgsql-13/bin + Debian: /usr/lib/postgresql/13/bin service_name: RedHat: postgresql-13 Debian: postgresql @@ -20,9 +23,6 @@ repmgr: bindir: RedHat: /usr/pgsql-13/bin Debian: /usr/bin - pg_bindir: - RedHat: /usr/pgsql-13/bin - Debian: /usr/lib/postgresql/13/bin service_name: RedHat: repmgr13 Debian: repmgrd diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/molecule/README.adoc b/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/molecule/README.adoc index fe6ce785ff..9dc7337748 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/molecule/README.adoc +++ b/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/molecule/README.adoc @@ -25,6 +25,7 @@ molecule test -s ---- === Separate steps + [source:bash] ---- molecule lint -s diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/tasks/extensions/pgbouncer/extension.yml b/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/tasks/extensions/pgbouncer/extension.yml index dfcb3df49b..70b04a2046 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/tasks/extensions/pgbouncer/extension.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/tasks/extensions/pgbouncer/extension.yml @@ -20,6 +20,7 @@ path: /etc/pgbouncer/userlist.txt line: '"postgres" "*"' create: true + mode: u=rw,g=,o= backup: true - name: Extensions | PgBouncer | Create pgbouncer logrotate configuration file diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/tasks/extensions/replication/extension.yml b/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/tasks/extensions/replication/extension.yml index 8c4010c70c..bccc8a0129 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/tasks/extensions/replication/extension.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/tasks/extensions/replication/extension.yml @@ -1,7 +1,7 @@ --- -- name: Extensions | Repmgr | RedHat | Create repmgr symlink +- name: Extensions | Repmgr | RedHat | Create Repmgr symlink file: - src: "{{ repmgr.pg_bindir['RedHat'] }}/repmgr" + src: "{{ pg.bindir['RedHat'] }}/repmgr" dest: "/usr/bin/repmgr" state: link when: @@ -46,22 +46,15 @@ group: postgres mode: u=rw,g=,o= -# --- Configure repmgr --- +# --- Configure Repmgr --- -- name: Extensions | Repmgr | Create database for repmgr +- name: Extensions | Repmgr | Create database for Repmgr become_user: postgres postgresql_db: name: "{{ specification.extensions.replication.repmgr_database }}" owner: "{{ specification.extensions.replication.replication_user_name }}" -# Node id is a constant value independent on order in Ansible host group -- name: Extensions | Repmgr | Set node id - set_fact: - pg_repmgr_node_id: >- - {{ pg_repmgr_node_id | default(groups.postgresql.index(inventory_hostname) + 1) }} - cacheable: true - -- name: Extensions | Repmgr | Create repmgr config file +- name: Extensions | Repmgr | Create Repmgr config file template: src: repmgr.conf.j2 dest: "{{ repmgr.config_dir[ansible_os_family] }}/repmgr.conf" @@ -70,10 +63,10 @@ mode: u=rw,g=,o= register: template_repmgr_conf vars: - node_id: "{{ pg_repmgr_node_id }}" + node_id: "{{ pg_node_id }}" # On Ubuntu config file location is not set by package (see https://repmgr.org/docs/5.2/packages-debian-ubuntu.html). -# Create symlink to allow using repmgr commands without specifying config file location (which is custom). +# Create symlink to allow using Repmgr commands without specifying config file location (which is custom). # See https://repmgr.org/docs/5.2/configuration-file.html - name: Extensions | Repmgr | Debian specific tasks when: ansible_os_family == 'Debian' @@ -87,7 +80,7 @@ group: postgres when: template_repmgr_conf.dest != '/etc/repmgr.conf' - # For repmgr installed from Ubuntu package additional configuration is required before repmgrd is started as daemon + # For Repmgr installed from Ubuntu package additional configuration is required before repmgrd is started as daemon - name: Extensions | Repmgr | Set repmgr.conf file in /etc/default/repmgrd replace: path: /etc/default/repmgrd @@ -135,9 +128,9 @@ # on system) and postgresql@.service (service template for clusters). The latter is 'PartOf' the former. # Ansible seems to not wait for dependent service to be stopped so we need to stop both to avoid error # from 'repmgr standby clone'. - - name: Extensions | Repmgr | Stop postgresql service + - name: Extensions | Repmgr | Stop PostgreSQL service systemd: - name: "{{ item }}" + name: "{{ service_name }}" state: stopped vars: _services: @@ -146,9 +139,11 @@ - "{{ pg.instantiated_service_name['Debian'] }}" RedHat: - "{{ pg.service_name['RedHat'] }}" + loop_control: + loop_var: service_name loop: "{{ _services[ansible_os_family] }}" - - name: Extensions | Repmgr | Clone standby node with repmgr + - name: Extensions | Repmgr | Clone standby node with Repmgr become_user: postgres command: >- {{ repmgr.bindir[ansible_os_family] }}/repmgr standby clone @@ -156,12 +151,12 @@ -U {{ specification.extensions.replication.privileged_user_name }} -d {{ specification.extensions.replication.repmgr_database }} -p 5432 --force - - name: Extensions | Repmgr | Start postgresql service + - name: Extensions | Repmgr | Start PostgreSQL service systemd: name: "{{ pg.service_name[ansible_os_family] }}" state: started - - name: Extensions | Repmgr | Register node with repmgr + - name: Extensions | Repmgr | Register node with Repmgr become_user: postgres command: >- {{ repmgr.bindir[ansible_os_family] }}/repmgr standby register --force @@ -171,7 +166,7 @@ connect_timeout=2' --upstream-node-id 1 - - name: Extensions | Repmgr | Restart and enable repmgr service + - name: Extensions | Repmgr | Restart and enable Repmgr service systemd: name: "{{ repmgr.service_name[ansible_os_family] }}" state: restarted @@ -193,7 +188,7 @@ - name: Extensions | Repmgr | Tasks to run only on standby node when: pg_node_primary_found.stdout != inventory_hostname block: - - name: Extensions | Repmgr | Check if node is not attached to repmgr + - name: Extensions | Repmgr | Check if node is not attached to Repmgr become_user: postgres command: "{{ repmgr.bindir[ansible_os_family] }}/repmgr cluster show" changed_when: false @@ -202,7 +197,5 @@ - name: Extensions | Repmgr | Attach active standby to current primary node when: "'not attached to its upstream node' in pg_cluster_status.stdout|lower" - become: true become_user: postgres - become_method: sudo command: "{{ repmgr.bindir[ansible_os_family] }}/repmgr standby follow" diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/tasks/main.yml b/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/tasks/main.yml index 639263cd90..2d57054131 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/tasks/main.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/tasks/main.yml @@ -2,19 +2,29 @@ - name: Set 'enabled_extensions' fact set_fact: enabled_extensions: >- - {{ (_defined_extensions | selectattr('config.enabled') | list) + _undefined_extensions }} + {{ _defined_enabled_extensions + _undefined_extensions }} vars: - _defined_extensions: >- + _defined_enabled_extensions: >- {{ specification.extensions | dict2items(key_name='name', value_name='config') | selectattr('config.enabled', 'defined') + | selectattr('config.enabled') + | map(attribute='name') | list }} _undefined_extensions: >- {{ specification.extensions | dict2items(key_name='name', value_name='config') | selectattr('config.enabled', 'undefined') + | map(attribute='name') | list }} +# Node id is a constant value independent on order in Ansible host group +- name: Set 'pg_node_id' fact + set_fact: + pg_node_id: >- + {{ pg_node_id | default(groups.postgresql.index(inventory_hostname) + 1) }} + cacheable: true + - name: Install OS-specific packages package: name: "{{ _packages[ansible_os_family] }}" @@ -27,16 +37,16 @@ - postgresql-client-13 - postgresql-13 - postgresql-contrib-13 - - python-psycopg2 # required for postgresql ansible management + - python-psycopg2 # required for PostgreSQL ansible management RedHat: - postgresql13-server - - python-psycopg2 # required for postgresql ansible management + - python-psycopg2 # required for PostgreSQL ansible management module_defaults: yum: { lock_timeout: "{{ yum_lock_timeout }}" } # Extension packages need to be installed first to be able to process PostgreSQL config - name: Install extension packages - include_tasks: extensions/{{ extension.name }}/packages.yml + include_tasks: extensions/{{ extension }}/packages.yml loop_control: loop_var: extension loop: "{{ enabled_extensions }}" @@ -63,12 +73,15 @@ register: pg_hba_conf_stat - name: RedHat | Initialize database + become_user: postgres when: not pg_hba_conf_stat.stat.exists - command: /usr/pgsql-13/bin/postgresql-13-setup initdb {{ pg.service_name[ansible_os_family] }} + command: "{{ pg.bindir[ansible_os_family] }}/initdb" + environment: + PGDATA: "{{ pg.data_dir[ansible_os_family] }}" -- name: Ensure that postgresql service is started +- name: Ensure that PostgreSQL service is started block: - - name: Ensure that postgresql service is started + - name: Ensure that PostgreSQL service is started systemd: name: "{{ pg.service_name[ansible_os_family] }}" state: started @@ -86,7 +99,6 @@ - name: Set runtime_shared_preload_libraries fact block: - name: Get PostgreSQL settings - become: true become_user: postgres postgresql_info: filter: settings @@ -114,9 +126,9 @@ loop: "{{ _files }}" register: change_pg_config -- name: Restart postgresql service if configuration changed +- name: Restart PostgreSQL service if configuration changed block: - - name: Restart postgresql service if configuration changed + - name: Restart PostgreSQL service if configuration changed systemd: name: "{{ pg.service_name[ansible_os_family] }}" state: restarted @@ -124,7 +136,7 @@ - *check-debian-service when: (change_pg_config.results | map(attribute='changed') | list) is any -- name: Configure postgresql logrotate +- name: Configure PostgreSQL logrotate block: - name: Remove logrotate configuration provided by 'postgresql-common' package file: @@ -132,7 +144,7 @@ state: absent when: ansible_os_family == 'Debian' - - name: Create postgresql logrotate configuration file + - name: Create PostgreSQL logrotate configuration file template: src: logrotate-postgresql.conf.j2 dest: /etc/logrotate.d/postgresql @@ -141,9 +153,9 @@ mode: u=rw,g=r,o=r - name: Include extensions - include_tasks: extensions/{{ data.name }}/extension.yml + include_tasks: extensions/{{ extension }}/extension.yml loop_control: - loop_var: data + loop_var: extension loop: "{{ enabled_extensions }}" # PgPool is configured only if such K8s application is enabled @@ -169,4 +181,4 @@ | default({}) }} when: - pgpool.env is defined - - groups['postgresql'][0] == inventory_hostname + - pg_node_id|int == 1 diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/templates/repmgr.conf.j2 b/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/templates/repmgr.conf.j2 index 88925e69ed..f940aa1468 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/templates/repmgr.conf.j2 +++ b/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/templates/repmgr.conf.j2 @@ -4,14 +4,14 @@ conninfo='host={{ ansible_default_ipv4.address }} user={{ specification.extensio data_directory='{{ pg.data_dir[ansible_os_family] }}' failover=automatic -promote_command='{{ repmgr.pg_bindir[ansible_os_family] }}/repmgr standby promote --log-to-file' -follow_command='{{ repmgr.pg_bindir[ansible_os_family] }}/repmgr standby follow --log-to-file --upstream-node-id=%n' +promote_command='{{ pg.bindir[ansible_os_family] }}/repmgr standby promote --log-to-file' +follow_command='{{ pg.bindir[ansible_os_family] }}/repmgr standby follow --log-to-file --upstream-node-id=%n' monitoring_history=yes monitor_interval_secs=10 log_file='/var/log/postgresql/repmgr.log' -pg_bindir='{{ repmgr.pg_bindir[ansible_os_family] }}/' +pg_bindir='{{ pg.bindir[ansible_os_family] }}/' service_start_command='sudo /bin/systemctl start {{ pg.service_name[ansible_os_family] }}' service_stop_command='sudo /bin/systemctl stop {{ pg.service_name[ansible_os_family] }}' service_restart_command='sudo /bin/systemctl restart {{ pg.service_name[ansible_os_family] }}'