Merge pull request 'feat: add patroni/psql cluster' (#140) from neoloc/patroni into develop
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/140
This commit was merged in pull request #140.
This commit is contained in:
@@ -0,0 +1,95 @@
|
||||
# profiles::sql::patroni
|
||||
class profiles::sql::patroni (
|
||||
String $cluster_name,
|
||||
String $superuser_password,
|
||||
String $replication_password,
|
||||
String $superuser_username = 'postgres',
|
||||
String $replication_username = 'repl',
|
||||
String $pgsql_version = '15',
|
||||
Stdlib::Absolutepath $pgsql_data_base = '/data/pgsql',
|
||||
Stdlib::Absolutepath $pgsql_data_dir = "${pgsql_data_base}/${pgsql_version}/data",
|
||||
Boolean $use_consul = true,
|
||||
String $consul_host = 'localhost',
|
||||
Stdlib::Port $consul_port = 8500,
|
||||
Enum['http','https'] $consul_scheme = 'http',
|
||||
Variant[Undef,String] $consul_token = undef,
|
||||
Boolean $consul_verify = false,
|
||||
Boolean $consul_register_service = true,
|
||||
String $consul_service_check_interval = '5s',
|
||||
String $consul_cacert = '/etc/pki/ca-trust/source/anchors/vaultcaroot.pem',
|
||||
Boolean $postgres_exporter_enabled = false,
|
||||
Optional[String] $postgres_exporter_user = undef,
|
||||
Optional[String] $postgres_exporter_pass = undef,
|
||||
){
|
||||
|
||||
# disable the postgresql dnf module for el8+
|
||||
if $facts['os']['family'] == 'RedHat' and $facts['os']['release']['major'] >= '8' {
|
||||
# based on https://github.com/puppetlabs/puppetlabs-postgresql/blob/main/manifests/dnfmodule.pp
|
||||
package { 'postgresql dnf module':
|
||||
ensure => 'disabled',
|
||||
name => 'postgresql',
|
||||
provider => 'dnfmodule',
|
||||
before => Class['patroni'],
|
||||
}
|
||||
}
|
||||
|
||||
# prepare data path
|
||||
mkdir::p {$pgsql_data_dir:}
|
||||
file {$pgsql_data_dir:
|
||||
ensure => 'directory',
|
||||
owner => 'postgres',
|
||||
group => 'postgres',
|
||||
mode => '0700',
|
||||
require => Class['patroni'],
|
||||
}
|
||||
|
||||
# manage patroni
|
||||
class { 'patroni':
|
||||
scope => $cluster_name,
|
||||
use_consul => $use_consul,
|
||||
consul_host => $consul_host,
|
||||
consul_port => $consul_port,
|
||||
consul_scheme => $consul_scheme,
|
||||
consul_token => $consul_token,
|
||||
consul_verify => $consul_verify,
|
||||
consul_register_service => $consul_register_service,
|
||||
consul_service_check_interval => $consul_service_check_interval,
|
||||
consul_cacert => $consul_cacert,
|
||||
manage_python => false,
|
||||
pgsql_connect_address => "${facts['networking']['fqdn']}:5432",
|
||||
restapi_connect_address => "${facts['networking']['fqdn']}:8008",
|
||||
postgresql_version => $pgsql_version,
|
||||
pgsql_data_dir => $pgsql_data_dir,
|
||||
pgsql_pgpass_path => '/var/lib/pgsql/pgpass',
|
||||
pgsql_parameters => {
|
||||
'max_connections' => 5000,
|
||||
},
|
||||
bootstrap_pg_hba => [
|
||||
'local all postgres ident',
|
||||
'host all all 0.0.0.0/0 md5',
|
||||
'host replication repl 0.0.0.0/0 md5',
|
||||
],
|
||||
pgsql_pg_hba => [
|
||||
'local all postgres ident',
|
||||
'host all all 0.0.0.0/0 md5',
|
||||
'host replication repl 0.0.0.0/0 md5',
|
||||
],
|
||||
superuser_username => $superuser_username,
|
||||
superuser_password => $superuser_password,
|
||||
replication_username => $replication_username,
|
||||
replication_password => $replication_password,
|
||||
require => [
|
||||
Yumrepo["postgresql-${pgsql_version}"],
|
||||
Yumrepo['postgresql-common']
|
||||
],
|
||||
}
|
||||
|
||||
if $postgres_exporter_enabled {
|
||||
class { 'prometheus::postgres_exporter':
|
||||
postgres_user => $postgres_exporter_user,
|
||||
postgres_pass => $postgres_exporter_pass,
|
||||
data_source_uri => "${facts['networking']['ip']}:5432/postgres?sslmode=disable",
|
||||
export_scrape_job => true,
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user