From a1ff33dc0c15e844bedf597525648fd260dc5188 Mon Sep 17 00:00:00 2001 From: Irek Glownia Date: Wed, 30 Jun 2021 14:41:40 +0200 Subject: [PATCH] pgpool some working version --- .../templates/pgpool/02-configmaps.yml.j2 | 36 +++++++++++-------- .../templates/pgpool/04-deployment.yml.j2 | 22 +++++++++--- .../roles/postgresql/templates/pg_hba.conf.j2 | 8 ++--- .../postgresql/templates/postgresql.conf.j2 | 2 +- 4 files changed, 45 insertions(+), 23 deletions(-) diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/applications/templates/pgpool/02-configmaps.yml.j2 b/core/src/epicli/data/common/ansible/playbooks/roles/applications/templates/pgpool/02-configmaps.yml.j2 index 2cb34ea027..23b7b2f4e4 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/applications/templates/pgpool/02-configmaps.yml.j2 +++ b/core/src/epicli/data/common/ansible/playbooks/roles/applications/templates/pgpool/02-configmaps.yml.j2 @@ -31,7 +31,8 @@ metadata: data: init_pool_passwd_file.sh: | #!/bin/bash - + + set -x set -o errexit set -o nounset set -o pipefail @@ -177,20 +178,24 @@ data: init_pcppass.sh: | #!/bin/bash - + + set -x set -o errexit set -o nounset set -o pipefail echo "==> Started: $0" - echo "Generating $HOME/.pcppass file for Pgpool admin user (${PGPOOL_ADMIN_USERNAME})..." + echo "Generating .pcppass file for Pgpool admin user (${PGPOOL_ADMIN_USERNAME})..." - cat >>"$HOME/.pcppass"<>"${PCPPASSFILE}"< Completed: $0" @@ -223,6 +228,15 @@ data: # server for the changes to take effect, or use "pgpool reload". Some # parameters require a server shutdown and restart to take effect. + #------------------------------------------------------------------------------ + # BACKEND CLUSTERING MODE + # Choose one of: 'streaming_replication', 'native_replication', + # 'logical_replication', 'slony', 'raw' or 'snapshot_isolation' + # (change requires restart) + #------------------------------------------------------------------------------ + + backend_clustering_mode = 'streaming_replication' + #------------------------------------------------------------------------------ # CONNECTIONS #------------------------------------------------------------------------------ @@ -414,6 +428,8 @@ data: log_connections = off # Log connections + log_disconnections = off + # Log disconnections log_hostname = off # Hostname will be shown in ps status # and in logs if connections are logged @@ -494,14 +510,6 @@ data: # The default is 'ABORT; DISCARD ALL' reset_query_list = 'ABORT; DISCARD ALL' - - #------------------------------------------------------------------------------ - # REPLICATION MODE - #------------------------------------------------------------------------------ - - replication_mode = off - - #------------------------------------------------------------------------------ # LOAD BALANCING MODE #------------------------------------------------------------------------------ @@ -756,7 +764,7 @@ data: # Default is on. # (change requires restart) - relcache_query_target = master # Target node to send relcache queries. Default is master (primary) node. + relcache_query_target = primary # Target node to send relcache queries. Default is master (primary) node. # If load_balance_node is specified, queries will be sent to load balance node. #------------------------------------------------------------------------------ # IN MEMORY QUERY MEMORY CACHE diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/applications/templates/pgpool/04-deployment.yml.j2 b/core/src/epicli/data/common/ansible/playbooks/roles/applications/templates/pgpool/04-deployment.yml.j2 index 00fe6b6236..fb86a5039c 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/applications/templates/pgpool/04-deployment.yml.j2 +++ b/core/src/epicli/data/common/ansible/playbooks/roles/applications/templates/pgpool/04-deployment.yml.j2 @@ -76,10 +76,10 @@ spec: - name: pgpool-passwords mountPath: /opt/bitnami/pgpool/secrets/pgpool_admin_password subPath: pgpool_admin_password - - name: pgpool-config-files + - name: pgpool-config-dir mountPath: /opt/bitnami/pgpool/conf/pgpool.conf subPath: pgpool.conf - - name: pgpool-config-files + - name: pgpool-config-dir mountPath: /opt/bitnami/pgpool/conf/pool_hba.conf subPath: pool_hba.conf - name: pgpool-shared-init-dir @@ -99,8 +99,12 @@ spec: {% else %} image: {{ data.image.path }} {% endif %} - command: - - /epiphany/scripts/init_pool_passwd_file.sh + command: ["/bin/sh", "-c"] + args: + - set -x; + /epiphany/scripts/init_pool_passwd_file.sh; + cp /epiphany/bitnami/pgpool/conf/pgpool.conf /opt/bitnami/pgpool/conf/ || echo "Error while copying pgpool.conf"; + cp /epiphany/bitnami/pgpool/conf/pool_hba.conf /opt/bitnami/pgpool/conf/ || echo "Error while copying pool_hba.conf"; envFrom: - configMapRef: name: pgpool-container-env @@ -113,6 +117,14 @@ spec: subPath: pgpool_postgres_password - name: pgpool-shared-init-dir mountPath: /epiphany/shared_dir + - name: pgpool-config-files + mountPath: /epiphany/bitnami/pgpool/conf/pgpool.conf + subPath: pgpool.conf + - name: pgpool-config-files + mountPath: /epiphany/bitnami/pgpool/conf/pool_hba.conf + subPath: pool_hba.conf + - name: pgpool-config-dir + mountPath: /opt/bitnami/pgpool/conf volumes: - name: pgpool-init-scripts configMap: @@ -121,6 +133,8 @@ spec: - name: pgpool-config-files configMap: name: pgpool-config-files + - name: pgpool-config-dir + emptyDir: {} - name: pgpool-passwords secret: secretName: pgpool-passwords diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/templates/pg_hba.conf.j2 b/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/templates/pg_hba.conf.j2 index 877a04a32d..04356e063e 100755 --- a/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/templates/pg_hba.conf.j2 +++ b/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/templates/pg_hba.conf.j2 @@ -85,14 +85,14 @@ # "local" is for Unix domain socket connections only local all all peer # IPv4 connections: -host all all 0.0.0.0/0 scram-sha-256 +host all all 0.0.0.0/0 md5 # IPv6 local connections: -host all all ::1/128 scram-sha-256 +host all all ::1/128 md5 # Allow replication connections from localhost, by a user with the # replication privilege. local replication all peer -host replication all 127.0.0.1/32 scram-sha-256 -host replication all ::1/128 scram-sha-256 +host replication all 127.0.0.1/32 md5 +host replication all ::1/128 md5 {% if specification.extensions.replication.enabled | default(false) %} host replication {{ specification.extensions.replication.replication_user_name }} 0.0.0.0/0 scram-sha-256 diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/templates/postgresql.conf.j2 b/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/templates/postgresql.conf.j2 index 58723ba70c..34984c10d4 100755 --- a/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/templates/postgresql.conf.j2 +++ b/core/src/epicli/data/common/ansible/playbooks/roles/postgresql/templates/postgresql.conf.j2 @@ -89,7 +89,7 @@ max_connections = 100 # (change requires restart) # - Authentication - #authentication_timeout = 1min # 1s-600s -password_encryption = scram-sha-256 # md5 or scram-sha-256 +password_encryption = md5 # md5 or scram-sha-256 #db_user_namespace = off # GSSAPI using Kerberos