From 987cd30b11e876205a2e3d265bdf2426d562ca4c Mon Sep 17 00:00:00 2001 From: Anton Cherlenok Date: Mon, 30 Sep 2024 20:11:16 +0200 Subject: [PATCH 1/2] [FIB-27549] WIP: POC.md --- POC.md | 59 ++++++++++++++++++++++++++++++++++++++ automation/inventory | 13 +++++++-- automation/vars/main.yml | 4 +-- automation/vars/system.yml | 5 ++-- 4 files changed, 74 insertions(+), 7 deletions(-) create mode 100644 POC.md diff --git a/POC.md b/POC.md new file mode 100644 index 0000000000..4544893bd3 --- /dev/null +++ b/POC.md @@ -0,0 +1,59 @@ +##### VM network (Ubuntu) +sudo vim /etc/netplan/99-netcfg-vmware.yaml +sudo netplan apply + + +## Ansible PG +### +automation/vars/system.yml#122 - ssh pub key +automation/inventory#67 - ssh credentials + + +### STEP 0 and PRE-REQ: +See step-by-step guide at [README.md#Command line](./README.md#command-line). + +#### Deploy PG +ansible-playbook deploy_pgcluster.yml + +#### Destroy ALL PG +ansible-playbook remove_cluster.yml -e "remove_postgres=true remove_etcd=true" + +### Backup S3 (minio) +TODO: +Should be done somewhere at [vars/main.yml](./automation/vars/main.yml#518) line 518 should add Minio compatibility (probably). +But what to do with pgbackerst?? + + +### Standby cluster +TODO: +Should be done somewhere at [vars/main.yml](./automation/vars/main.yml#401) line 401. + + + +## Minio Install +ssh to host and execute: +```sh +sudo groupadd -r minio-user +sudo useradd -M -r -g minio-user minio-user +sudo mkdir -p /opt/minio +sudo chown minio-user:minio-user /opt/minio + +wget https://dl.min.io/server/minio/release/linux-amd64/archive/minio_20240913202602.0.0_amd64.deb -O minio.deb +sudo dpkg -i minio.deb + +cat < ./minio +MINIO_ROOT_USER=minio +MINIO_ROOT_PASSWORD=password +MINIO_VOLUMES="/opt/minio" +MINIO_OPTS="--console-address :9001" +EOF +sudo cp ./minio /etc/default/minio + +sudo systemctl restart minio.service +sudo systemctl status minio.service +``` + +### Minio is already available at: +http://10.228.86.184:9001 site a +http://10.228.86.185:9001 site b + diff --git a/automation/inventory b/automation/inventory index 9f76286579..e3b90e5998 100644 --- a/automation/inventory +++ b/automation/inventory @@ -14,6 +14,9 @@ #10.128.64.140 #10.128.64.142 #10.128.64.143 +10.228.86.184 +10.228.86.185 +10.228.86.186 # if dcs_exists: false and dcs_type: "consul" [consul_instances] # recommendation: 3 or 5-7 nodes @@ -34,12 +37,15 @@ # PostgreSQL nodes [master] #10.128.64.140 hostname=pgnode01 postgresql_exists=false # patroni_tags="datacenter=dc1" +10.228.86.184 hostname=devops-pg1h1 postgresql_exists=false # patroni_tags="datacenter=dc1" [replica] #10.128.64.142 hostname=pgnode02 postgresql_exists=false # patroni_tags="datacenter=dc1" #10.128.64.143 hostname=pgnode03 postgresql_exists=false # patroni_tags="datacenter=dc1" #10.128.64.144 hostname=pgnode04 postgresql_exists=false patroni_tags="datacenter=dc2" #10.128.64.145 hostname=pgnode04 postgresql_exists=false patroni_tags="datacenter=dc2" new_node=true +10.228.86.185 hostname=devops-pg1h2 postgresql_exists=false # patroni_tags="datacenter=dc1" +10.228.86.186 hostname=devops-pg1h3 postgresql_exists=false # patroni_tags="datacenter=dc1" [postgres_cluster:children] master @@ -48,6 +54,7 @@ replica # if pgbackrest_install: true and "repo_host" is set [pgbackrest] # optional (Dedicated Repository Host) #10.128.64.110 +10.228.86.184 [pgbackrest:vars] #ansible_user='postgres' @@ -57,9 +64,9 @@ replica [all:vars] ansible_connection='ssh' ansible_ssh_port='22' -#ansible_user='root' -#ansible_ssh_pass='secretpassword' # "sshpass" package is required for use "ansible_ssh_pass" -#ansible_ssh_private_key_file= +ansible_user='debian' +ansible_ssh_pass='debian' # "sshpass" package is required for use "ansible_ssh_pass" +ansible_ssh_private_key_file=~/.ssl/work.key #ansible_python_interpreter='/usr/bin/python3' [pgbackrest:vars] diff --git a/automation/vars/main.yml b/automation/vars/main.yml index 267a88229f..d07088203c 100644 --- a/automation/vars/main.yml +++ b/automation/vars/main.yml @@ -515,8 +515,8 @@ wal_g_json: # config https://github.com/wal-g/wal-g#configuration - { option: "PGHOST", value: "{{ postgresql_unix_socket_dir }}" } - { option: "PGPORT", value: "{{ postgresql_port }}" } - { option: "PGUSER", value: "{{ patroni_superuser_username }}" } -# - { option: "AWS_S3_FORCE_PATH_STYLE", value: "true" } # to use Minio.io S3-compatible storage -# - { option: "AWS_ENDPOINT", value: "http://minio:9000" } # to use Minio.io S3-compatible storage + - { option: "AWS_S3_FORCE_PATH_STYLE", value: "true" } # to use Minio.io S3-compatible storage + - { option: "AWS_ENDPOINT", value: "http://10.228.86.184:9000" } # to use Minio.io S3-compatible storage # - { option: "", value: "" } wal_g_archive_command: "{{ wal_g_path }} wal-push %p" wal_g_patroni_cluster_bootstrap_command: "{{ wal_g_path }} backup-fetch {{ postgresql_data_dir }} LATEST" diff --git a/automation/vars/system.yml b/automation/vars/system.yml index 376c7f942b..1ffa4af367 100644 --- a/automation/vars/system.yml +++ b/automation/vars/system.yml @@ -33,7 +33,7 @@ locale_gen: locale: "en_US.utf-8" # Configure swap space (if not already exists) -swap_file_create: true # or 'false' +swap_file_create: false # or 'false' swap_file_path: /swapfile swap_file_size_mb: '4096' # change this value for your system @@ -120,7 +120,8 @@ ssh_key_state: "present" ssh_known_hosts: "{{ groups['postgres_cluster'] }}" # List of public SSH keys. These keys will be added to the database server's  ~/.ssh/authorized_keys  file. -ssh_public_keys: [] +ssh_public_keys: + - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJMIf5Ve/DdbzT0JF3+nbYIxKfOEj+h71u5Yvo5bwYWW Anton_Cherlyonok@epam.com' # sudo sudo_users: From e4c06163f082e18ea679deacfc90fc2f9454710e Mon Sep 17 00:00:00 2001 From: Anton Cherlenok Date: Tue, 1 Oct 2024 09:25:59 +0200 Subject: [PATCH 2/2] [FIB-27549] WIP: POC.md --- POC.md | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/POC.md b/POC.md index 4544893bd3..042cdec6c9 100644 --- a/POC.md +++ b/POC.md @@ -1,3 +1,24 @@ +## VM +Located at: +https://hq-fib-vcsa01.fib.local/ui/app/folder;nav=v/urn:vmomi:Folder:group-v14929:2e683356-6528-4429-b53e-78ab46e2136b/vms/vms + ![alt text](image.png) + +ISO: + ![alt text](image-2.png) + +VM template: + ![alt text](image-1.png) + +Debian user/password: +debian:debian +network: dhcp + +$ cat /etc/ssh/sshd_config.d/01-ssh.conf +PasswordAuthentication yes # in VM template set to 'no' +PubkeyAuthentication yes + + + ##### VM network (Ubuntu) sudo vim /etc/netplan/99-netcfg-vmware.yaml sudo netplan apply @@ -56,4 +77,3 @@ sudo systemctl status minio.service ### Minio is already available at: http://10.228.86.184:9001 site a http://10.228.86.185:9001 site b -