aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--app/docker-compose.yml2
-rw-r--r--op_guide/stolon/install.md33
2 files changed, 25 insertions, 10 deletions
diff --git a/app/docker-compose.yml b/app/docker-compose.yml
index 6e717bd..246a269 100644
--- a/app/docker-compose.yml
+++ b/app/docker-compose.yml
@@ -99,7 +99,7 @@ services:
# https://github.com/sorintlab/stolon/releases
STOLON_VERSION: 3bb7499f815f77140551eb762b200cf4557f57d3
context: ./postgres/build/postgres
- image: superboum/amd64_postgres:v10
+ image: superboum/amd64_postgres:v11
backup-consul:
build:
diff --git a/op_guide/stolon/install.md b/op_guide/stolon/install.md
index b511f59..e4791ed 100644
--- a/op_guide/stolon/install.md
+++ b/op_guide/stolon/install.md
@@ -1,9 +1,12 @@
Spawn container:
```bash
-docker run -t -i superboum/arm32v7_postgres:v6
-# OR
-docker run -t -i superboum/amd64_postgres:v1
+docker run \
+ -ti --rm \
+ --name stolon-config \
+ --user root \
+ -v /var/lib/consul/pki/:/certs \
+ superboum/amd64_postgres:v11
```
@@ -11,18 +14,30 @@ Init with:
```
stolonctl \
- --cluster-name pissenlit \
+ --cluster-name chelidoine \
--store-backend=consul \
- --store-endpoints http://consul.service.2.cluster.deuxfleurs.fr:8500 \
+ --store-endpoints https://consul.service.prod.consul:8501 \
+ --store-ca-file /certs/consul-ca.crt \
+ --store-cert-file /certs/consul2022-client.crt \
+ --store-key /certs/consul2022-client.key \
init \
- '{ "initMode": "new", "pgHBA": [ "host all postgres all md5", "host replication replicator all md5", "host all all all ldap ldapserver=bottin.service.2.cluster.deuxfleurs.fr ldapbasedn=\"ou=users,dc=deuxfleurs, dc=fr\" ldapbinddn=\"<bind_dn>\" ldapbindpasswd=\"<bind_pwd>\" ldapsearchattribute=\"cn\"" ] }'
+ '{ "initMode": "new",
+ "usePgrewind" : true,
+ "proxyTimeout" : "120s",
+ "pgHBA": [
+ "host all postgres all md5",
+ "host replication replicator all md5",
+ "host all all all ldap ldapserver=bottin.service.prod.consul ldapbasedn=\"ou=users,dc=deuxfleurs, dc=fr\" ldapbinddn=\"<bind_dn>\" ldapbindpasswd=\"<bind_pwd>\" ldapsearchattribute=\"cn\""
+ ]
+ }'
```
Then set appropriate permission on host:
```
-chown -R 102:102 /mnt/storage/postgres/
+mkdir -p /mnt/{ssd,storage}/postgres/
+chown -R 999:999 /mnt/{ssd,storage}/postgres/
```
(102 is the id of the postgres user used in Docker)
@@ -33,10 +48,10 @@ Moreover it would enable the usage of the user namespace that shift the UIDs.
## Upgrading the cluster
-To retreive the current stolon config:
+To retrieve the current stolon config:
```
-stolonctl spec --cluster-name pissenlit --store-backend consul --store-endpoints http://consul.service.2.cluster.deuxfleurs.fr:8500
+stolonctl spec --cluster-name chelidoine --store-backend consul --store-ca-file ... --store-cert-file ... --store-endpoints https://consul.service.prod.consul:8501
```
The important part for the LDAP: