-
Notifications
You must be signed in to change notification settings - Fork 0
/
config-system.yml
297 lines (259 loc) · 7.47 KB
/
config-system.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
---
- hosts:
- all
roles:
- common
tasks:
- name: Update the DNF cache
command: dnf makecache
become: yes
- name: Ensure the pgdg10 repo is disabled
command: dnf config-manager --set-disabled pgdg10
become: yes
- name: Enable the Code Ready Builder repo
shell: crb enable
become: yes
- name: Ensure the system is fully updated
dnf:
name: "*"
state: latest
become: yes
- name: Setup EPEL
dnf:
name: epel-release
state: present
become: yes
- name: Import the PostgreSQL package signing key
rpm_key:
state: present
key: https://download.postgresql.org/pub/repos/yum/RPM-GPG-KEY-PGDG
become: yes
- name: Setup the PostgreSQL repo
dnf:
name: "https://download.postgresql.org/pub/repos/yum/reporpms/EL-{{ ansible_facts['distribution_major_version'] }}-x86_64/pgdg-redhat-repo-latest.noarch.rpm"
state: present
become: yes
- name: Disable the built-in PostgreSQL module
command: dnf -qy module disable postgresql
become: yes
- name: Enable the PostgreSQL debuginfo repo
command: dnf config-manager --set-enabled pgdg14-debuginfo
become: yes
- name: Setup the EDB repo
dnf:
name: https://yum.enterprisedb.com/edbrepos/edb-repo-latest.noarch.rpm
state: present
disable_gpg_check: yes
become: yes
when: EDB_REPO_USER is defined and EDB_REPO_USER
- name: Add EDB repo credentials
replace:
path: /etc/yum.repos.d/edb.repo
regexp: "<username>:<password>"
replace: "{{ EDB_REPO_USER }}:{{ EDB_REPO_PW }}"
backup: yes
become: yes
when: EDB_REPO_USER is defined and EDB_REPO_USER
- name: Force a dnf cache update to ensure keys are installed
command: dnf -y makecache
become: yes
- name: Ensure required packages are installed
dnf:
name:
- bison
- bzip2
- chrony
- clang
- dbt2-common
- dbt2-pg{{ POSTGRES_DB_VERSION }}-extensions
- firewalld
- flex
- gcc
- git
- krb5-devel
- libicu-devel
- libpq
- libuuid-devel
- libxml2-devel
- libxslt-devel
- lvm2
- llvm-devel
- make
- mdadm
- nano
- net-tools
- numactl
- openldap-devel
- openssl-devel
- pam-devel
- perf
- perl-devel
- perl-ExtUtils-Embed
- postgresql{{ POSTGRES_DB_VERSION }}-contrib
- postgresql{{ POSTGRES_DB_VERSION }}-devel
- postgresql{{ POSTGRES_DB_VERSION }}-server
- postgresql{{ POSTGRES_DB_VERSION }}-contrib-debuginfo
- postgresql{{ POSTGRES_DB_VERSION }}-devel-debuginfo
- postgresql{{ POSTGRES_DB_VERSION }}-server-debuginfo
- psmisc
- python3-devel
- python3-firewall
- R-core
- readline-devel
- sysstat
- systemd-devel
- tar
- tcl-devel
- tmux
- tuned
- zlib-devel
state: latest
update_cache: yes
become: yes
- name: Ensure required packages are installed (EDB)
dnf:
name:
- edb-as{{ POSTGRES_DB_VERSION }}-server
- edb-as{{ POSTGRES_DB_VERSION }}-server-devel
- edb-as{{ POSTGRES_DB_VERSION }}-server-contrib
state: latest
update_cache: yes
become: yes
when: EDB_REPO_USER is defined and EDB_REPO_USER
- name: Start chronyd
service:
name: chronyd
enabled: yes
state: started
become: yes
- name: Create sysstat timer override directory
file:
path: /etc/systemd/system/sysstat-collect.timer.d
state: directory
become: yes
- name: Configure sysstat to run every minute
copy:
dest: /etc/systemd/system/sysstat-collect.timer.d/override.conf
content: |
[Timer]
OnCalendar= # Clear previous definition
OnCalendar=*:*:00
become: yes
- name: Start sysstat for sar data
service:
name: sysstat
enabled: yes
daemon_reload: yes
state: started
become: yes
- name: Install HammerDB
unarchive:
src: https://github.com/TPC-Council/HammerDB/releases/download/v4.3/HammerDB-4.3-Linux.tar.gz
dest: /usr/local/
owner: root
group: root
remote_src: yes
become: yes
- name: Create data dump directory
file:
path: ~/pgsql/dump
state: directory
- hosts:
- all
roles:
- role: geerlingguy.node_exporter
node_exporter_options: --collector.vmstat.fields='.*'
become: yes
tasks:
- name: Open the node_exporter port
firewalld:
zone: public
port: 9100/tcp
permanent: yes
immediate: yes
state: enabled
become: yes
ignore_errors: yes
- hosts:
- benchmark
roles:
- common
tasks:
- name: Open the PostgreSQL port
firewalld:
zone: public
port: 5432/tcp
permanent: yes
immediate: yes
state: enabled
become: yes
ignore_errors: yes
- name: Open the EPAS port
firewalld:
zone: public
port: 5444/tcp
permanent: yes
immediate: yes
state: enabled
become: yes
ignore_errors: yes
when: EDB_REPO_USER is defined and EDB_REPO_USER
- name: Create tuned profile directory
file:
path: /etc/tuned/postgres
owner: root
group: root
mode: '0755'
state: directory
become: yes
notify: Restart server
- name: Create tuned profile
copy:
dest: /etc/tuned/postgres/tuned.conf
content: |
[main]
summary=Tuned profile for PostgreSQL Instances
[bootloader]
cmdline=transparent_hugepage=never
[cpu]
governor=performance
energy_perf_bias=performance
min_perf_pct=100
[sysctl]
vm.swappiness = 10
vm.dirty_expire_centisecs = 500
vm.dirty_writeback_centisecs = 250
vm.dirty_ratio = 10
vm.dirty_background_ratio = 3
vm.overcommit_memory=2
vm.overcommit_kbytes={{ ansible_memtotal_mb * 1024 }}
net.ipv4.tcp_timestamps=0
[vm]
transparent_hugepages=never
become: yes
notify: Restart server
- name: Start tuned
service:
name: tuned
enabled: yes
state: started
become: yes
notify: Restart server
- name: Enable postgres tuned profile
shell: tuned-adm profile postgres && touch /etc/tuned/.postgres-profile
args:
creates: /etc/tuned/.postgres-profile
become: yes
notify: Restart server
- name: Determine if local tasks exist
local_action: stat path=../../ansible-local/hooks/config-system.yml
register: local_config_system
- name: Calling config_system hook
debug:
msg: "{{ 'Loading additional tasks from ../../ansible-local/hooks/config_system.yml' if local_config_system.stat.exists else 'Local config_system not found.' }}"
- include_tasks: ../../ansible-local/hooks/config-system.yml
when: local_config_system.stat.exists
handlers:
- name: Restart server
reboot:
become: yes