Hardcoded IPs on pg_hba.conf

[brainstorm]

Find a mechanism to setup PostgresSQL replication that does not involve hardcoded IPs as it is now:

host    replication     postgres        IP1/32       trust
host    replication     postgres        IP2/32       trust
host    replication     postgres        IP3/32         trust

http://www.postgresql.org/docs/9.3/static/auth-pg-hba-conf.html

Or just migrate to AWS RDS: https://aws.amazon.com/about-aws/whats-new/2013/11/26/announcing-point-and-click-database-replication-across-aws-regions-for-amazon-rds-for-mysql/

[cansmith]

We can look at using hostnames instead of IP addresses, but we need to make sure that both forward and reverse lookups work properly as they are both done.

We could definitely look at using RDS if you think that the extra cost is not a factor.

Why is the use of the IP addresses a problem anyway? Is there an actual problem here, or is this just because it's the better thing to do in principal? :-)

[brainstorm]

Well, the actual problem is technical debt. Hardcoded IPs are good as long as there are no plans to deploy DataSpace elsewhere or have it scaling without issues on non-amazon clouds.

Just basic scaling good practices to avoid unnecessary future firefighting, I bet you know the drill ;)

[cansmith]

Fair enough, but at the end of the day this is a deployment issue (i.e. manage DB setup with ansible or whatever devops tools is preferred), and not really related to the ids-tools, since they just set up an ICAT with the basic single node (and default) postgres on the zone server installation node.

So not really an issue for ids-tools.