Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement pg_autoctl create postgres --pg-hba-lan option. #561

Merged
merged 12 commits into from
Jan 15, 2021
Merged

Implement pg_autoctl create postgres --pg-hba-lan option. #561

merged 12 commits into from
Jan 15, 2021

Conversation

DimCitus
Copy link
Collaborator

With this option pg_autoctl edits the pg_hba.conf for Postgres to grant
connection privileges on the detected LAN for the --dbname database and for
the --username user.

The LAN detection is done the same way as with the monitor.

The idea is to simplify steps for running demos using docker-compose, where a single command can be used to start processes in each contained, and sync between running containers and extra actions isn't easily implemented.

@DimCitus DimCitus added user experience Size: S Effort Estimate: Small labels Dec 23, 2020
@DimCitus DimCitus added this to the Sprint 2020 W52 2021 W2 milestone Dec 23, 2020
@DimCitus DimCitus requested a review from JelteF December 23, 2020 18:04
@DimCitus DimCitus self-assigned this Dec 23, 2020
JelteF
JelteF approved these changes Jan 15, 2021
View reviewed changes
src/bin/pg_autoctl/cli_do_tmux.c Outdated Show resolved Hide resolved
@DimCitus
Implement pg_autoctl create postgres --pg-hba-lan option.
4a1f333 
With this option pg_autoctl edits the pg_hba.conf for Postgres to grant
connection privileges on the detected LAN for the --dbname database and for
the --username user.

The LAN detection is done the same way as with the monitor.
@DimCitus
Fix compiler compatibility.
65bfbc6
@DimCitus
Reduce connection retries chatter.
1be11e3
@DimCitus
Fix.
b572c61
@DimCitus
Fix --auth skip.
f225da8 
This is another way to write --skip-pg-hba, and that's how we record the
decision in the configuration file too. The previous code broke it.
@DimCitus
Implement a retry loop when trying to figure local IP address.
5f3eba1 
We connect to the monitor to figure out the local hostname and IP address,
and the monitor might not be running yet. In that case, we might want to
persist with some retries before failing back to the user.
@DimCitus
Reduce some retry loops chatter.
d19c492
@DimCitus
Install HBA on the monitor early.
f90b4a5 
This avoids some retry attemps from the other nodes at first startup.
@DimCitus
When we WARN about hostname, use IP address in HBA.
6ef5faa 
Rather than adding an hostname that we know faulty in the HBA file, we add
one of the IP addresses of the hostname instead. We might want to revisit
this (add all IP addresses maybe? or find the one we want to add by
connecting, like we do for the monitor?), but it allows the docker-compose
demo to just work with a minimum of trouble.
@DimCitus
Add a docker-compose.yml setup.
c0c2fdb 
This allows to run a demo where the monitor and the Postgres nodes are each
running in their own container and connecting through the docker provided
TCP/IP network.
@DimCitus
Per review, prefer HBA_EDIT_LAN over HBA_EDIT_APP.
cd7e254
@DimCitus
Mention --pg-hba-lan in the reference documentation.
4f97641
@DimCitus DimCitus merged commit 8be3d7c into master Jan 15, 2021
@DimCitus DimCitus deleted the feature/open-hba-for-lan branch January 15, 2021 15:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@JelteF JelteF JelteF approved these changes

@onderkalaci onderkalaci Awaiting requested review from onderkalaci

Assignees

@DimCitus DimCitus

Labels
Size: S Effort Estimate: Small user experience
Projects
None yet
Milestone
Sprint 2021 W2 W3
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@DimCitus @JelteF