search

vitabaks / postgresql_cluster

PostgreSQL High-Availability Cluster (based on "Patroni" and DCS "etcd" or "consul"). Automating with Ansible.
MIT License
1.29k stars 352 forks source link

Vip-manager access? #36

Closed 0x366 closed 4 years ago

0x366 commented 4 years ago

Hi!

Thanks for such a good repo. I'm trying to deploy it to 3 nodes in private network on DO. Everything works fine, but I can't understand how to access db through vip-manager (so I always access db though one ip address).

What should I put to vip-manager in vars/main.yml?

vitabaks commented 4 years ago

In the default scheme [Type B] - with_haproxy_load_balancing: false To provide a single entry point (VIP) for databases access is used "vip-manager".

What should I put to vip-manager in vars/main.yml?

In variable cluster_vip must specify the ip address for your subnet. This address must be used for client access to databases in the cluster.

P.S. If you do not set the variable cluster_vip: "" (did not specify the ip address for your cluster), then vip-manager will not be installed.

0x366 commented 4 years ago

Thanks, am I correct that it will work if the subnet consists of only Postgres instances?

I am asking because I'm trying to deploy it in DO private VPC ( which includes other non-postgres droplets) and the ansible gives error on step of virtual-manager restart due to 60 seconds timeout. (And DO is unable to create subnet inside VPC)

vitabaks commented 4 years ago

I am asking because I'm trying to deploy it in DO private VPC

This playbook is designed for deploying in its own data center (on-premise, self-hosted) and has not been tested on VPC and other cloud solutions.

and the ansible gives error on step of virtual-manager restart due to 60 seconds timeout.

If you have an error during the execution of the "Wait for the cluster ip address (VIP)" {{cluster_vip}} "is running" task, then you have closed access to ssh between cluster nodes.

- name: Wait for the cluster ip address (VIP) "{{ cluster_vip }}" is running
  wait_for:
    host: "{{ cluster_vip }}"
    port: "{{ ansible_ssh_port }}"
    state: started
    timeout: 60
    delay: 2

Maybe I should replace the check with postgresql port instead of ssh port.

Please check the availability of ssh and postgresql ports (between cluster nodes) using telnet.

vitabaks commented 4 years ago

And please attach the vip-manager log

sudo journalctl -u vip-manager.service -n 50

0x366 commented 4 years ago

Sorry, guess I'm doing the network stuff completely wrong.

In DO dashboard I have private network with ip range: 10.110.32.0/20 And there are 3 machines for pg cluster in it: 10.110.32.9, 10.110.32.10, 10.110.32.11 (+some other machines)

In cluster_vip variable I tried 2 values 10.110.32.0/20 and 10.110.32.0. But in both cases I got:

fatal: [10.110.32.11]: FAILED! => {"changed": false, "elapsed": 60, "msg": "Timeout when waiting for 10.110.32.0:22"}
fatal: [10.110.32.10]: FAILED! => {"changed": false, "elapsed": 60, "msg": "Timeout when waiting for 10.110.32.0:22"}
fatal: [10.110.32.9]: FAILED! => {"changed": false, "elapsed": 60, "msg": "Timeout when waiting for 10.110.32.0:22"}

So yeah, I can't ssh to 10.110.32.0 because there is no machine with such address. Do I have to enter in cluster_vip the ip of machine that exists in that network (but not one of postgres machines)?

vitabaks commented 4 years ago

In cluster_vip variable I tried 2 values 10.110.32.0/20 and 10.110.32.0

Check which mask for your subnet. The default mask is: 24

Do I have to enter in cluster_vip the ip of machine that exists in that network (but not one of postgres machines)?

This must be an unused IP address. Try specifying eg 10.110.32.17

then run the playbook with the tag: ansible-playbook deploy_pgcluster.yml --tag vip_manager

So yeah, I can't ssh

Is port 5432 accessible between the nodes 10.110.32.9, 10.110.32.10, 10.110.32.11?

vitabaks commented 4 years ago

please attach the vip-manager log

0x366 commented 4 years ago

Is port 5432 accessible between the nodes 10.110.32.9, 10.110.32.10, 10.110.32.11?

yes, I opened all the ports for experiments.

Check which mask for your subnet. The default mask is: 24

It is /20 in dashboard.

This must be an unused IP address. Try specifying eg 10.110.32.17

guess it's not possible, as private address in DO only assigned to machines. And you can't create new address without creating new machine.

please attach the vip-manager log

Sorry, but I removed the machines

Thanks, I guess the prob is related to limitations in DO.

vitabaks commented 4 years ago

guess it's not possible, as private address in DO only assigned to machines. And you can't create new address without creating new machine.

This is the cause of the problem. Ask your provider if you can use a floating ip address.

vitabaks commented 4 years ago

You can use a cluster without a VIP address. Use multiple hosts in postgresql connection string (see your driver doc).

Or you can use haproxy (on dedicated VMs or install on you application server) In the inventory file, specify the server IP address in the [balancers] group (haproxy will be deployed on this server), specify with_haproxy_load_balancing: true

0x366 commented 4 years ago

Great advices, thank you so much for help ✌️