-
Notifications
You must be signed in to change notification settings - Fork 108
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implement pg_autoctl create postgres --pg-hba-lan option. #561
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
JelteF
approved these changes
Jan 15, 2021
JelteF
reviewed
Jan 15, 2021
With this option pg_autoctl edits the pg_hba.conf for Postgres to grant connection privileges on the detected LAN for the --dbname database and for the --username user. The LAN detection is done the same way as with the monitor.
This is another way to write --skip-pg-hba, and that's how we record the decision in the configuration file too. The previous code broke it.
We connect to the monitor to figure out the local hostname and IP address, and the monitor might not be running yet. In that case, we might want to persist with some retries before failing back to the user.
This avoids some retry attemps from the other nodes at first startup.
Rather than adding an hostname that we know faulty in the HBA file, we add one of the IP addresses of the hostname instead. We might want to revisit this (add all IP addresses maybe? or find the one we want to add by connecting, like we do for the monitor?), but it allows the docker-compose demo to just work with a minimum of trouble.
This allows to run a demo where the monitor and the Postgres nodes are each running in their own container and connecting through the docker provided TCP/IP network.
DimCitus
force-pushed
the
feature/open-hba-for-lan
branch
from
January 15, 2021 15:31
fc0faca
to
4f97641
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
With this option pg_autoctl edits the pg_hba.conf for Postgres to grant
connection privileges on the detected LAN for the --dbname database and for
the --username user.
The LAN detection is done the same way as with the monitor.
The idea is to simplify steps for running demos using docker-compose, where a single command can be used to start processes in each contained, and sync between running containers and extra actions isn't easily implemented.