You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

256 lines
7.4 KiB

# repmgr Postgres cluster
https://repmgr.org/docs/repmgr.html
Postgres 11 with streaming replication and backups.
# Servers
pg-oca --- Master Postgres Server
pg-oca-rep1 --- Standby Postgres Server
pg-oca-hdd --- Standby Postgres Server
pg-oca-barman --- Postgres Backup Server
pg-oca-witness-1 --- Postgres Witness Server
Each server has two ethernet interfaces. One for the VPN for ssh,
and the second for database backend communication.
# Install
Add Postgres community repository to each server.
wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
echo "deb http://apt.postgresql.org/pub/repos/apt/ buster-pgdg main" > /etc/apt/sources.list.d/pgdg.list
Install Postgres 11 client and repmgr on all servers.
apt update
apt install postgresql-client-11 postgresql-11-repmgr
Install Postgres 11 server on pg-oca and install repmgr module.
apt install postgresql-11 postgresql-11-repmgr
# System Configuration
Configure firewall.
#=============== Postgres Cluster ===================
-A INPUT --dest 10.104.11.0/24 -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A INPUT --dest 10.53.1.0/24 -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A INPUT -p tcp --dest 10.53.1.0/24 --dport 61 -j ACCEPT
-A INPUT -p tcp --dest 10.53.1.0/24 --dport 5432 -j ACCEPT
#=============== End of Postgres Cluster =============
Set up /etc/hosts on all nodes:
cat >> /etc/hosts << EOF
10.104.11.44 oca
10.104.11.116 pg-oca
10.104.11.131 pg-oca-rep1
10.104.11.132 pg-oca-hdd
10.104.11.133 pg-oca-barman
10.104.11.134 pg-oca-witness-1
10.53.1.44 db-oca
10.53.1.116 db-pg-oca
10.53.1.131 db-pg-oca-rep1
10.53.1.132 db-pg-oca-hdd
10.53.1.133 db-pg-oca-barman
10.53.1.134 db-pg-oca-witness-1
EOF
Configure base Postgres 11 server.
pg_hba.conf and tuning
On master server pg-oca and pg-oca-rep1
cat > /etc/postgresql/11/main/conf.d/replication.conf << EOF
# Enable replication connections; set this figure to at least one more
# than the number of standbys which will connect to this server
# (note that repmgr will execute `pg_basebackup` in WAL streaming mode,
# which requires two free WAL senders)
max_wal_senders = 10
# Ensure WAL files contain enough information to enable read-only queries
# on the standby.
#
# PostgreSQL 9.5 and earlier: one of 'hot_standby' or 'logical'
# PostgreSQL 9.6 and later: one of 'replica' or 'logical'
# ('hot_standby' will still be accepted as an alias for 'replica')
#
# See: https://www.postgresql.org/docs/current/static/runtime-config-wal.html#GUC-WAL-LEVEL
wal_level = 'replica'
# Enable read-only queries on a standby
# (Note: this will be ignored on a primary but we recommend including
# it anyway)
hot_standby = on
# Enable WAL file archiving
archive_mode = on
# Set archive command to a script or application that will safely store
# you WALs in a secure place. /bin/true is an example of a command that
# ignores archiving. Use something more sensible.
# XXX
archive_command = '/bin/true'
# If you have configured "pg_basebackup_options"
# in "repmgr.conf" to include the setting "--xlog-method=fetch" (from
# PostgreSQL 10 "--wal-method=fetch"), *and* you have not set
# "restore_command" in "repmgr.conf"to fetch WAL files from another
# source such as Barman, you'll need to set "wal_keep_segments" to a
# high enough value to ensure that all WAL files generated while
# the standby is being cloned are retained until the standby starts up.
#
# wal_keep_segments = 5000
EOF
Set up pg_hba.conf on hosts pg-oca and pg-oca-rep1
cat > /etc/postgresql/11/main/pg_hba.conf << EOF
# Local
local all all peer
local all postgres peer
host all all 127.0.0.1/32 md5
# Replication
local replication repmgr trust
host replication repmgr 127.0.0.1/32 trust
host replication repmgr 10.53.1.116/32 trust
host replication repmgr 10.53.1.131/32 trust
host replication repmgr 10.53.1.132/32 trust
host replication repmgr 10.53.1.133/32 trust
host replication repmgr 10.53.1.134/32 trust
# repmgr
local repmgr repmgr trust
host repmgr repmgr 127.0.0.1/32 trust
host repmgr repmgr 10.53.1.116/32 trust
host repmgr repmgr 10.53.1.131/32 trust
host repmgr repmgr 10.53.1.132/32 trust
host repmgr repmgr 10.53.1.133/32 trust
host repmgr repmgr 10.53.1.134/32 trust
# OCA
host all oca 10.53.1.44/32 trust
host all postgres 10.53.1.44/32 trust
EOF
Set up configuration. Note to change listen_addresses below:
cat > /etc/postgresql/11/main/conf.d/pgconfig.conf << EOF
# Memory Configuration
shared_buffers = 8GB
effective_cache_size = 24GB
work_mem = 128MB
maintenance_work_mem = 2GB
# Checkpoint Related Configuration
min_wal_size = 1GB
max_wal_size = 3GB
checkpoint_completion_target = 0.9
wal_buffers = 16MB
# Network Related Configuration
# XXX Set
#listen_addresses = '10.53.1.130'
max_connections = 256
# Hard Drive Configuration
random_page_cost = 1.1
effective_io_concurrency = 300
# Adjust the minimum time to collect data
log_min_duration_statement = '10s'
log_autovacuum_min_duration = 0
EOF
Configure ssh between nodes. Which users?
# repmgr Cluster Master Configuration
Set up nodes to communicate.
Node pg-oca is master.
Node pg-oca-rep1 does streaming replication of pg-oca.
Node pg-oca-hdd does streaming replication of pg-oca-rep1 and stores to hard disk platters instead of NVMe drives.
Node pg-oca-barman runs the Postgres barman backup system, and does backups of pg-oca-rep1.
Node pg-oca-witness-1 is a Postgres witness server. It isn't needed at present.
Run on pg-oca:
sudo su - postgres
createuser -s repmgr
createdb repmgr -O repmgr
# repmgr Cluster Standby Configuration
On the standby, do not create a PostgreSQL instance.
From pg-oca:
Check the primary database is reachable from the standby using psql:
psql 'host=db-pg-oca user=repmgr dbname=repmgr connect_timeout=2'
# Set up Master repmgr
cat > /etc/repmgr.conf << EOF
node_id=1
node_name=pg-oca
conninfo='host=db-pg-oca user=repmgr dbname=repmgr connect_timeout=2'
data_directory='/var/lib/postgresql/11/main'
pg_bindir='/usr/lib/postgresql/11/bin'
repmgr_bindir='/usr/lib/postgresql/11/bin'
EOF
Register primary server:
sudo su - postgres
repmgr -f /etc/repmgr.conf primary register
# Clone Standby Server
Log into pg-oca-rep1
cat > /etc/repmgr.conf << EOF
node_id=2
node_name=pg-oca-rep1
conninfo='host=db-pg-oca-rep1 user=repmgr dbname=repmgr connect_timeout=2'
data_directory='/var/lib/postgresql/11/main'
pg_bindir='/usr/lib/postgresql/11/bin'
repmgr_bindir='/usr/lib/postgresql/11/bin'
EOF
systemctl stop postgresql
sudo su - postgres
Test it, dry run
repmgr -h db-pg-oca -U repmgr -d repmgr -f /etc/repmgr.conf standby clone --force --dry-run
If good, then run it:
repmgr -h db-pg-oca -U repmgr -d repmgr -f /etc/repmgr.conf standby clone --force
Then as root, start server:
systemctl start postgresql
As user postgres:
sudo su - postgres
repmgr standby register
Check it out:
repmgr cluster show
# Create Database
Log into main server pg-oca.
sudo su - postgres
createuser --createdb oca
createdb --owner=oca oca