merge #7
Open
merge #7
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ly (#399) This commit adds a check for the existence of the 'repo1-host' and 'repo1-host-user' options when 'pgbackrest_repo_host' is defined. If these options are not set, the configuration is adjusted automatically. This is crucial for the proper functioning of pgBackRest when using a dedicated backup server. Issue: #393
Starting with Patroni version 3.0.0, endpoint '/master' was removed from the documentation. Although backward compatibility is still working, but in future versions endpoint '/master' may be removed, so we switch to Patroni REST API endpoint '/primary'. Details here: patroni/patroni#2541
This commit is aimed at improving the maintainability and usability of our Ansible scripts. Specifically, this involves: 1. Removing support for older Ansible versions: We are discontinuing support for Ansible versions prior to 2.11.0. By doing so, we eliminate the need to write and maintain extra code for backward compatibility, which often complicates the codebase and can introduce potential bugs. 2. Embracing newer functionalities: Dropping support for older versions allows us to fully utilize the advanced features and improvements offered in recent Ansible releases, thereby making our scripts more efficient and powerful. While this change may require users to upgrade their Ansible installation, it's a step towards keeping our tools up-to-date and as effective as possible. To mitigate potential disruption, we recommend all users to upgrade their Ansible installations to version 2.11.0 or newer.
This commit is removing Molecule tests for CentOS 8. CentOS 8 reached its end of life on December 31, 2021, and no longer receives updates or patches from the CentOS team. We are discontinuing the CentOS 8 Molecule tests and focusing on CentOS Stream 8 and 9.
This commit brings a significant improvement to the database's authentication process through pgbouncer, transitioning from the auth_file method to auth_user and auth_query. Previously, we relied on the auth_file method, which required maintaining and updating a userlist.txt file each time a user was added to or removed from the database. This method was less flexible and efficient, as it required manual management. The new implementation utilizes auth_user and auth_query, automating and simplifying the process. The auth_user in pgbouncer allows a single specified user (pgbouncer_auth_username) to query the user's password for authentication using auth_query. This removes the necessity to manually manage a userlist.txt file, thus streamlining the database users and pgbouncer pool management.
This commit follows the best practice configuration to make sure only pgbouncer can use this function.
In this commit, we have made important changes to the backup and retention strategy. We have transitioned from using the 'wal-g delete before FIND_FULL' command to 'wal-g delete retain'. This change was made to ensure a more robust and predictable backup retention policy. With 'wal-g delete retain', we explicitly specify the number of full backups to retain, which provides better control over the backup history. Furthermore, we have introduced a new configuration option, 'WALG_DELTA_MAX_STEPS', which is set to '6'. This option determines the maximum number of delta backups that can be retained between full backups. By limiting the number of data backups, we can optimize storage utilization and ensure efficient backup management. Additionally, we have added logging to capture the results of both backup creation and deletion. This logging will help us monitor the success and effectiveness of the backup and retention process, allowing us to quickly identify any issues or anomalies.
…412) This commit aims to adhere to Ansible best practices and add FQCN at each task level. In order to achieve this, the fqcn[action-core] rule has been removed from .config/ansible-lint.yml file.
This commit aims to improve jinja spacing. To achieve this, the jinja[spacing] section has been removed from the .config/ansible-lint.yml file.
Issue: #414 Previously, tasks involving the deletion of temporary files, where delegation to localhost was employed, were unnecessarily requiring sudo privileges. This was causing issues during execution, as the tasks were prompting for a sudo password and failing if not provided. To address this, we've added become: false to these tasks. This disables privilege escalation for these specific tasks, allowing them to execute without needing sudo permissions. It's important to note that this change doesn't affect the security or functionality of our playbook. Instead, it streamlines execution by eliminating unnecessary privilege requests. This fix has been applied to all tasks involving the deletion of temporary files where delegate_to: localhost is used. With this update, we expect smoother and more efficient playbook runs, improving our automation capabilities.
Main Changes: 1. Refactoring the Ansible playbook for managing Postgresql WAL: - Defined the name of the base WAL directory at the start of the script. This improves readability and simplifies the handling of the variable later in the script. - Updated the WAL synchronization block. Now, it first ensures the custom WAL directory exists and is empty. Execute CHECKPOINT before stopping PostgreSQL. - Modified the order of certain actions to enhance script reliability. 2. Updating the Patroni configuration template: - Removed the PostgreSQL version check and the condition for defining waldir in the template. - Added a new option In 'basebackup' variable which allows users to specify 'waldir' setting. By default, this option is disabled. 3. Additional tag added for point-in-time recovery operations: - An extra tag point_in_time_recovery has been introduced for tasks in custom_wall_dir.yml. This tag allows the execution of these tasks specifically after restore from backup to ensure that a symlink to a separate WAL directory set up after the recovery. 4. Added molecule test for custom PostgreSQL data and WAL directory. - It makes sense when custom paths are set in the variables postgresql_data_dir and postgresql_wal_dir - This test verifies that our setup can accommodate non-standard directory paths and supports relocating the WAL directory to a separate disk (using a symlink).
…tory This commit introduces a pre-check task in our Ansible playbook that checks if a host is present in the 'pgbackrest' inventory group when the 'pgbackrest_repo_host' variable is defined. This helps to ensure that the playbook run will not fail due to misconfigured inventory file settings.
Some versions of distributions may lack the necessary package for configuring cron jobs. Now we check that the package is present and install it if it is missing. Fixed: crontab: command not found
Bumps [certifi](https://github.com/certifi/python-certifi) from 2023.5.7 to 2023.7.22. - [Commits](certifi/python-certifi@2023.05.07...2023.07.22) --- updated-dependencies: - dependency-name: certifi dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [cryptography](https://github.com/pyca/cryptography) from 41.0.2 to 41.0.3. - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](pyca/cryptography@41.0.2...41.0.3) --- updated-dependencies: - dependency-name: cryptography dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…default (RedHat) (#443) - Do not install PowerTools repository for RedHat 8 - Do not install the postgresql devel package by default (for compatibility with RedHat 8) - - Because you need to first execute the command "subscription-manager repos --enable codeready-builder-for-rhel-8-x86_64-rpms" to install the necessary dependencies, which is only available with an active subscription on RedHat. - Do not install the glibc-langpack-ru by default - Do not install extra repositories if the devel package is not defined in postgresql_packages
Extra postgres packages are not installed by default. To install, just uncomment it.
…nd install make package (#446)
increase the limits for open file descriptors from 1024 to 65536
Co-authored-by: Artem Safiiulin <[email protected]>
Co-authored-by: Vitaliy Kukharik <[email protected]>
Co-authored-by: Vitaliy Kukharik <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.