aboutsummaryrefslogtreecommitdiff
path: root/content/operations/deploiement/grappe
diff options
context:
space:
mode:
authorQuentin Dufour <quentin@deuxfleurs.fr>2023-03-01 21:18:40 +0100
committerQuentin Dufour <quentin@deuxfleurs.fr>2023-03-01 21:18:40 +0100
commit58951873b23624332bde25fa88099e02203277a7 (patch)
tree841c7398ae47f8f781992d0ec970494e078e82c2 /content/operations/deploiement/grappe
parentf3b7e90693bf2b51a53a23d98a60bbf04065103a (diff)
downloadguide.deuxfleurs.fr-58951873b23624332bde25fa88099e02203277a7.tar.gz
guide.deuxfleurs.fr-58951873b23624332bde25fa88099e02203277a7.zip
reorg operations
Diffstat (limited to 'content/operations/deploiement/grappe')
-rw-r--r--content/operations/deploiement/grappe/_index.md19
-rw-r--r--content/operations/deploiement/grappe/stolon.md95
2 files changed, 0 insertions, 114 deletions
diff --git a/content/operations/deploiement/grappe/_index.md b/content/operations/deploiement/grappe/_index.md
deleted file mode 100644
index 80de97d..0000000
--- a/content/operations/deploiement/grappe/_index.md
+++ /dev/null
@@ -1,19 +0,0 @@
-+++
-title = "Grappe"
-description = "Grappe"
-weight = 20
-date = 2022-12-22
-sort_by = "weight"
-+++
-
-# Installation
-
-Pointer vers le dépot nixcfg (précédemment le ansible de Deuxfleurs/infrastructure).
-
-Passer sur Wireguard, Nomad, Consul, Diplonat, (Tricot, Garage), etc.
-
-# Les secrets
-
-# Découverte des noeuds
-
-
diff --git a/content/operations/deploiement/grappe/stolon.md b/content/operations/deploiement/grappe/stolon.md
deleted file mode 100644
index 4a683f4..0000000
--- a/content/operations/deploiement/grappe/stolon.md
+++ /dev/null
@@ -1,95 +0,0 @@
-+++
-title = "Stolon"
-description = "Comment déployer Stolon"
-date = 2022-12-22
-dateCreated = 2022-12-22
-weight = 11
-+++
-
-Spawn container:
-
-```bash
-docker run \
- -ti --rm \
- --name stolon-config \
- --user root \
- -v /var/lib/consul/pki/:/certs \
- superboum/amd64_postgres:v11
-```
-
-
-Init with:
-
-```
-stolonctl \
- --cluster-name chelidoine \
- --store-backend=consul \
- --store-endpoints https://consul.service.prod.consul:8501 \
- --store-ca-file /certs/consul-ca.crt \
- --store-cert-file /certs/consul2022-client.crt \
- --store-key /certs/consul2022-client.key \
- init \
- '{ "initMode": "new",
- "usePgrewind" : true,
- "proxyTimeout" : "120s",
- "pgHBA": [
- "host all postgres all md5",
- "host replication replicator all md5",
- "host all all all ldap ldapserver=bottin.service.prod.consul ldapbasedn=\"ou=users,dc=deuxfleurs, dc=fr\" ldapbinddn=\"<bind_dn>\" ldapbindpasswd=\"<bind_pwd>\" ldapsearchattribute=\"cn\""
- ]
- }'
-
-```
-
-Then set appropriate permission on host:
-
-```
-mkdir -p /mnt/{ssd,storage}/postgres/
-chown -R 999:999 /mnt/{ssd,storage}/postgres/
-```
-
-(102 is the id of the postgres user used in Docker)
-It might be improved by staying with root, then chmoding in an entrypoint and finally switching to user 102 before executing user's command.
-Moreover it would enable the usage of the user namespace that shift the UIDs.
-
-
-
-## Upgrading the cluster
-
-To retrieve the current stolon config:
-
-```
-stolonctl spec --cluster-name chelidoine --store-backend consul --store-ca-file ... --store-cert-file ... --store-endpoints https://consul.service.prod.consul:8501
-```
-
-The important part for the LDAP:
-
-```
-{
- "pgHBA": [
- "host all postgres all md5",
- "host replication replicator all md5",
- "host all all all ldap ldapserver=bottin.service.2.cluster.deuxfleurs.fr ldapbasedn=\"ou=users,dc=deuxfleurs,dc=fr\" ldapbinddn=\"cn=admin,dc=deuxfleurs,dc=fr\" ldapbindpasswd=\"<REDACTED>\" ldapsearchattribute=\"cn\""
- ]
-}
-```
-
-Once a patch is writen:
-
-```
-stolonctl --cluster-name pissenlit --store-backend consul --store-endpoints http://consul.service.2.cluster.deuxfleurs.fr:8500 update --patch -f /tmp/patch.json
-```
-
-## Log
-
-- 2020-12-18 Activate pg\_rewind in stolon
-
-```
-stolonctl --cluster-name pissenlit --store-backend consul --store-endpoints http://consul.service.2.cluster.deuxfleurs.fr:8500 update --patch '{ "usePgrewind" : true }'
-```
-
-- 2021-03-14 Increase proxy timeout to cope with consul latency spikes
-
-```
-stolonctl --cluster-name pissenlit --store-backend consul --store-endpoints http://consul.service.2.cluster.deuxfleurs.fr:8500 update --patch '{ "proxyTimeout" : "120s" }'
-```