diff options
-rw-r--r-- | app/docker-compose.yml | 2 | ||||
-rw-r--r-- | op_guide/stolon/install.md | 33 |
2 files changed, 25 insertions, 10 deletions
diff --git a/app/docker-compose.yml b/app/docker-compose.yml index 6e717bd..246a269 100644 --- a/app/docker-compose.yml +++ b/app/docker-compose.yml @@ -99,7 +99,7 @@ services: # https://github.com/sorintlab/stolon/releases STOLON_VERSION: 3bb7499f815f77140551eb762b200cf4557f57d3 context: ./postgres/build/postgres - image: superboum/amd64_postgres:v10 + image: superboum/amd64_postgres:v11 backup-consul: build: diff --git a/op_guide/stolon/install.md b/op_guide/stolon/install.md index b511f59..e4791ed 100644 --- a/op_guide/stolon/install.md +++ b/op_guide/stolon/install.md @@ -1,9 +1,12 @@ Spawn container: ```bash -docker run -t -i superboum/arm32v7_postgres:v6 -# OR -docker run -t -i superboum/amd64_postgres:v1 +docker run \ + -ti --rm \ + --name stolon-config \ + --user root \ + -v /var/lib/consul/pki/:/certs \ + superboum/amd64_postgres:v11 ``` @@ -11,18 +14,30 @@ Init with: ``` stolonctl \ - --cluster-name pissenlit \ + --cluster-name chelidoine \ --store-backend=consul \ - --store-endpoints http://consul.service.2.cluster.deuxfleurs.fr:8500 \ + --store-endpoints https://consul.service.prod.consul:8501 \ + --store-ca-file /certs/consul-ca.crt \ + --store-cert-file /certs/consul2022-client.crt \ + --store-key /certs/consul2022-client.key \ init \ - '{ "initMode": "new", "pgHBA": [ "host all postgres all md5", "host replication replicator all md5", "host all all all ldap ldapserver=bottin.service.2.cluster.deuxfleurs.fr ldapbasedn=\"ou=users,dc=deuxfleurs, dc=fr\" ldapbinddn=\"<bind_dn>\" ldapbindpasswd=\"<bind_pwd>\" ldapsearchattribute=\"cn\"" ] }' + '{ "initMode": "new", + "usePgrewind" : true, + "proxyTimeout" : "120s", + "pgHBA": [ + "host all postgres all md5", + "host replication replicator all md5", + "host all all all ldap ldapserver=bottin.service.prod.consul ldapbasedn=\"ou=users,dc=deuxfleurs, dc=fr\" ldapbinddn=\"<bind_dn>\" ldapbindpasswd=\"<bind_pwd>\" ldapsearchattribute=\"cn\"" + ] + }' ``` Then set appropriate permission on host: ``` -chown -R 102:102 /mnt/storage/postgres/ +mkdir -p /mnt/{ssd,storage}/postgres/ +chown -R 999:999 /mnt/{ssd,storage}/postgres/ ``` (102 is the id of the postgres user used in Docker) @@ -33,10 +48,10 @@ Moreover it would enable the usage of the user namespace that shift the UIDs. ## Upgrading the cluster -To retreive the current stolon config: +To retrieve the current stolon config: ``` -stolonctl spec --cluster-name pissenlit --store-backend consul --store-endpoints http://consul.service.2.cluster.deuxfleurs.fr:8500 +stolonctl spec --cluster-name chelidoine --store-backend consul --store-ca-file ... --store-cert-file ... --store-endpoints https://consul.service.prod.consul:8501 ``` The important part for the LDAP: |