Fib 27549 POC

POC.md

@@ -0,0 +1,79 @@
+## VM
+Located at:
+https://hq-fib-vcsa01.fib.local/ui/app/folder;nav=v/urn:vmomi:Folder:group-v14929:2e683356-6528-4429-b53e-78ab46e2136b/vms/vms
+ ![alt text](image.png)
+
+ISO:
+ ![alt text](image-2.png)
+
+VM template:
+ ![alt text](image-1.png)
+
+Debian user/password:
+debian:debian
+network: dhcp
+
+$ cat /etc/ssh/sshd_config.d/01-ssh.conf
+PasswordAuthentication yes   #  in VM template set to 'no'
+PubkeyAuthentication yes
+
+
+
+##### VM network (Ubuntu)
+sudo vim /etc/netplan/99-netcfg-vmware.yaml
+sudo netplan apply
+
+
+## Ansible PG
+###
+automation/vars/system.yml#122 - ssh pub key
+automation/inventory#67 - ssh credentials
+
+
+### STEP 0 and PRE-REQ:
+See step-by-step guide at [README.md#Command line](./README.md#command-line).
+
+#### Deploy PG
+ansible-playbook deploy_pgcluster.yml
+
+#### Destroy ALL PG
+ansible-playbook remove_cluster.yml -e "remove_postgres=true remove_etcd=true"
+
+### Backup S3 (minio)
+TODO:
+Should be done somewhere at [vars/main.yml](./automation/vars/main.yml#518) line 518 should add Minio compatibility (probably).
+But what to do with pgbackerst??
+
+
+### Standby cluster
+TODO:
+Should be done somewhere at [vars/main.yml](./automation/vars/main.yml#401) line 401.
+
+
+
+## Minio Install
+ssh to host and execute:
+```sh
+sudo groupadd -r minio-user
+sudo useradd -M -r -g minio-user minio-user
+sudo mkdir -p /opt/minio
+sudo chown minio-user:minio-user /opt/minio
+
+wget https://dl.min.io/server/minio/release/linux-amd64/archive/minio_20240913202602.0.0_amd64.deb -O minio.deb
+sudo dpkg -i minio.deb
+
+cat <<EOF > ./minio
+MINIO_ROOT_USER=minio
+MINIO_ROOT_PASSWORD=password
+MINIO_VOLUMES="/opt/minio"
+MINIO_OPTS="--console-address :9001"
+EOF
+sudo cp ./minio /etc/default/minio
+
+sudo systemctl restart minio.service
+sudo systemctl status minio.service
+```
+
+### Minio is already available at:
+http://10.228.86.184:9001 site a
+http://10.228.86.185:9001 site b

automation/inventory

@@ -14,6 +14,9 @@
 #10.128.64.140
 #10.128.64.142
 #10.128.64.143
+10.228.86.184
+10.228.86.185
+10.228.86.186
 
 # if dcs_exists: false and dcs_type: "consul"
 [consul_instances]  # recommendation: 3 or 5-7 nodes
@@ -34,12 +37,15 @@
 # PostgreSQL nodes
 [master]
 #10.128.64.140 hostname=pgnode01 postgresql_exists=false # patroni_tags="datacenter=dc1"
+10.228.86.184  hostname=devops-pg1h1 postgresql_exists=false # patroni_tags="datacenter=dc1"
 
 [replica]
 #10.128.64.142 hostname=pgnode02 postgresql_exists=false # patroni_tags="datacenter=dc1"
 #10.128.64.143 hostname=pgnode03 postgresql_exists=false # patroni_tags="datacenter=dc1"
 #10.128.64.144 hostname=pgnode04 postgresql_exists=false patroni_tags="datacenter=dc2"
 #10.128.64.145 hostname=pgnode04 postgresql_exists=false patroni_tags="datacenter=dc2" new_node=true
+10.228.86.185 hostname=devops-pg1h2 postgresql_exists=false # patroni_tags="datacenter=dc1"
+10.228.86.186 hostname=devops-pg1h3 postgresql_exists=false # patroni_tags="datacenter=dc1"
 
 [postgres_cluster:children]
 master
@@ -48,6 +54,7 @@ replica
 # if pgbackrest_install: true and "repo_host" is set
 [pgbackrest]  # optional (Dedicated Repository Host)
 #10.128.64.110
+10.228.86.184
 
 [pgbackrest:vars]
 #ansible_user='postgres'
@@ -57,9 +64,9 @@ replica
 [all:vars]
 ansible_connection='ssh'
 ansible_ssh_port='22'
-#ansible_user='root'
-#ansible_ssh_pass='secretpassword'  # "sshpass" package is required for use "ansible_ssh_pass"
-#ansible_ssh_private_key_file=
+ansible_user='debian'
+ansible_ssh_pass='debian'  # "sshpass" package is required for use "ansible_ssh_pass"
+ansible_ssh_private_key_file=~/.ssl/work.key
 #ansible_python_interpreter='/usr/bin/python3'
 
 [pgbackrest:vars]

automation/vars/main.yml

@@ -515,8 +515,8 @@ wal_g_json:  # config https://github.com/wal-g/wal-g#configuration
   - { option: "PGHOST", value: "{{ postgresql_unix_socket_dir }}" }
   - { option: "PGPORT", value: "{{ postgresql_port }}" }
   - { option: "PGUSER", value: "{{ patroni_superuser_username }}" }
-#  - { option: "AWS_S3_FORCE_PATH_STYLE", value: "true" }  # to use Minio.io S3-compatible storage
-#  - { option: "AWS_ENDPOINT", value: "http://minio:9000" }  # to use Minio.io S3-compatible storage
+  - { option: "AWS_S3_FORCE_PATH_STYLE", value: "true" }  # to use Minio.io S3-compatible storage
+  - { option: "AWS_ENDPOINT", value: "http://10.228.86.184:9000" }  # to use Minio.io S3-compatible storage
 #  - { option: "", value: "" }
 wal_g_archive_command: "{{ wal_g_path }} wal-push %p"
 wal_g_patroni_cluster_bootstrap_command: "{{ wal_g_path }} backup-fetch {{ postgresql_data_dir }} LATEST"

automation/vars/system.yml

@@ -33,7 +33,7 @@ locale_gen:
 locale: "en_US.utf-8"
 
 # Configure swap space (if not already exists)
-swap_file_create: true  # or 'false'
+swap_file_create: false  # or 'false'
 swap_file_path: /swapfile
 swap_file_size_mb: '4096'  # change this value for your system
 
@@ -120,7 +120,8 @@ ssh_key_state: "present"
 ssh_known_hosts: "{{ groups['postgres_cluster'] }}"
 
 # List of public SSH keys. These keys will be added to the database server's  ~/.ssh/authorized_keys  file.
-ssh_public_keys: []
+ssh_public_keys:
+  - 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJMIf5Ve/DdbzT0JF3+nbYIxKfOEj+h71u5Yvo5bwYWW Anton_Cherlyonok@epam.com'
 
 # sudo
 sudo_users: