Skip to content

Increase Postgres High Availability #49

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
ArnobKumarSaha merged 8 commits into from
Dec 8, 2025
Merged

Increase Postgres High Availability #49

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
fa35589
safe pg
souravbiswassanto Nov 13, 2025
9a8a0bd
gg
souravbiswassanto Nov 28, 2025
f6c730a
Check if volume mounted
souravbiswassanto Nov 28, 2025
41773ad
gg
souravbiswassanto Nov 28, 2025
d33cfeb
g
souravbiswassanto Nov 28, 2025
4b553ad
TUNING_ENABLED
souravbiswassanto Dec 3, 2025
41a45b0
unset max_connections default values
souravbiswassanto Dec 3, 2025
7a6748c
Check if mount check file exists
souravbiswassanto Dec 5, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion role_scripts/10/primary/postgresql.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ listen_addresses = '*' # what IP address(es) to listen on;
# defaults to 'localhost'; use '*' for all
# (change requires restart)
#port = 5432 # (change requires restart)
max_connections = 100 # (change requires restart)
# max_connections = 100 # (change requires restart)
#superuser_reserved_connections = 3 # (change requires restart)
#unix_socket_directories = '/tmp' # comma-separated list of directories
# (change requires restart)
Expand Down
23 changes: 23 additions & 0 deletions role_scripts/10/primary/run.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,24 @@ export PGWAL="$PGDATA/pg_wal"

export ARCHIVE=${ARCHIVE:-}
if [ ! -e "$PGDATA/PG_VERSION" ]; then
if [[ ! -e "/var/pv/IGNORE_FILESYSTEM_MOUNT_CHECK" ]]; then
pv_df_output=$(df -hP 2>&1)
# Fail if kernel reports a broken FUSE mount anywhere
if echo "$pv_df_output" | grep -qi "Transport endpoint is not connected"; then
echo "ERROR: /var/pv mount not healthy (Transport endpoint is not connected)."
exit 1
fi
# Ensure /var/pv is actually mounted (present in df output)
if ! echo "$pv_df_output" | awk '{print $NF}' | grep -qx "/var/pv"; then
echo "ERROR: /var/pv is not mounted (not listed in df)."
exit 1
fi
# Ensure the mountpoint is accessible
if ! ls /var/pv >/dev/null 2>&1; then
echo "ERROR: /var/pv is not accessible."
exit 1
fi
fi
mkdir -p "$PGDATA"
rm -rf "$PGDATA"/*
chmod 0700 "$PGDATA"
Expand All @@ -33,4 +51,9 @@ if [ ! -e "$PGDATA/PG_VERSION" ]; then

fi
/run_scripts/role/start.sh $BOOTSTRAP

if [[ -e /var/pv/data/postgresql.conf ]]; then
cp /var/pv/data/postgresql.conf /var/pv/postgresql.conf
fi

exec postgres
96 changes: 51 additions & 45 deletions role_scripts/10/primary/start.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,11 @@
BOOTSTRAP=${1}
# setup postgresql.conf
touch /tmp/postgresql.conf

if [[ "${TUNING_ENABLED:-}" == "true" ]]; then
echo "include_if_exists = '${TUNING_FILE_PATH:-/etc/tune/user.conf}'" >>/tmp/postgresql.conf
fi

echo "wal_level = replica" >>/tmp/postgresql.conf
echo "shared_buffers = $SHARED_BUFFERS" >>/tmp/postgresql.conf
echo "max_wal_senders = 90" >>/tmp/postgresql.conf # default is 10. value must be less than max_connections minus superuser_reserved_connections. ref: https://www.postgresql.org/docs/11/runtime-config-replication.html#GUC-MAX-WAL-SENDERS
Expand Down Expand Up @@ -44,11 +49,11 @@ mv /tmp/postgresql.conf "$PGDATA/postgresql.conf"

# setup pg_hba.conf for initial start. this one is just for initialization
touch /tmp/pg_hba.conf
{ echo '#TYPE DATABASE USER ADDRESS METHOD'; } >>tmp/pg_hba.conf
{ echo '# "local" is for Unix domain socket connections only'; } >>tmp/pg_hba.conf
{ echo 'local all all trust'; } >>tmp/pg_hba.conf
{ echo '# IPv4 local connections:'; } >>tmp/pg_hba.conf
{ echo 'host all all 127.0.0.1/32 trust'; } >>tmp/pg_hba.conf
{ echo '#TYPE DATABASE USER ADDRESS METHOD'; } >>/tmp/pg_hba.conf
{ echo '# "local" is for Unix domain socket connections only'; } >>/tmp/pg_hba.conf
{ echo 'local all all trust'; } >>/tmp/pg_hba.conf
{ echo '# IPv4 local connections:'; } >>/tmp/pg_hba.conf
{ echo 'host all all 127.0.0.1/32 trust'; } >>/tmp/pg_hba.conf
mv /tmp/pg_hba.conf "$PGDATA/pg_hba.conf"

# start postgres
Expand Down Expand Up @@ -112,56 +117,56 @@ pg_ctl -D "$PGDATA" -m fast -w stop

# setup pg_hba.conf
touch /tmp/pg_hba.conf
{ echo '#TYPE DATABASE USER ADDRESS METHOD'; } >>tmp/pg_hba.conf
{ echo '# "local" is for Unix domain socket connections only'; } >>tmp/pg_hba.conf
{ echo 'local all all trust'; } >>tmp/pg_hba.conf
{ echo '#TYPE DATABASE USER ADDRESS METHOD'; } >>/tmp/pg_hba.conf
{ echo '# "local" is for Unix domain socket connections only'; } >>/tmp/pg_hba.conf
{ echo 'local all all trust'; } >>/tmp/pg_hba.conf
if [[ "${SSL:-0}" == "ON" ]]; then
if [[ "$CLIENT_AUTH_MODE" == "cert" ]]; then
#*******************client auth with client.crt and key**************

{ echo '# IPv4 local connections:'; } >>tmp/pg_hba.conf
{ echo 'hostssl all all 127.0.0.1/32 cert clientcert=1'; } >>tmp/pg_hba.conf
{ echo '# IPv6 local connections:'; } >>tmp/pg_hba.conf
{ echo 'hostssl all all ::1/128 cert clientcert=1'; } >>tmp/pg_hba.conf
{ echo '# IPv4 local connections:'; } >>/tmp/pg_hba.conf
{ echo 'hostssl all all 127.0.0.1/32 cert clientcert=1'; } >>/tmp/pg_hba.conf
{ echo '# IPv6 local connections:'; } >>/tmp/pg_hba.conf
{ echo 'hostssl all all ::1/128 cert clientcert=1'; } >>/tmp/pg_hba.conf

{ echo 'local replication all trust'; } >>tmp/pg_hba.conf
{ echo 'hostssl replication all 127.0.0.1/32 cert clientcert=1'; } >>tmp/pg_hba.conf
{ echo 'hostssl replication all ::1/128 cert clientcert=1'; } >>tmp/pg_hba.conf
{ echo 'local replication all trust'; } >>/tmp/pg_hba.conf
{ echo 'hostssl replication all 127.0.0.1/32 cert clientcert=1'; } >>/tmp/pg_hba.conf
{ echo 'hostssl replication all ::1/128 cert clientcert=1'; } >>/tmp/pg_hba.conf

{ echo 'hostssl all all 0.0.0.0/0 cert clientcert=1'; } >>tmp/pg_hba.conf
{ echo 'hostssl replication postgres 0.0.0.0/0 cert clientcert=1'; } >>tmp/pg_hba.conf
{ echo 'hostssl all all ::/0 cert clientcert=1'; } >>tmp/pg_hba.conf
{ echo 'hostssl replication postgres ::/0 cert clientcert=1'; } >>tmp/pg_hba.conf
{ echo 'hostssl all all 0.0.0.0/0 cert clientcert=1'; } >>/tmp/pg_hba.conf
{ echo 'hostssl replication postgres 0.0.0.0/0 cert clientcert=1'; } >>/tmp/pg_hba.conf
{ echo 'hostssl all all ::/0 cert clientcert=1'; } >>/tmp/pg_hba.conf
{ echo 'hostssl replication postgres ::/0 cert clientcert=1'; } >>/tmp/pg_hba.conf
else
{ echo '# IPv4 local connections:'; } >>tmp/pg_hba.conf
{ echo 'hostssl all all 127.0.0.1/32 md5'; } >>tmp/pg_hba.conf
{ echo '# IPv6 local connections:'; } >>tmp/pg_hba.conf
{ echo 'hostssl all all ::1/128 md5'; } >>tmp/pg_hba.conf

{ echo 'local replication all trust'; } >>tmp/pg_hba.conf
{ echo 'hostssl replication all 127.0.0.1/32 md5'; } >>tmp/pg_hba.conf
{ echo 'hostssl replication all ::1/128 md5'; } >>tmp/pg_hba.conf

{ echo 'hostssl all all 0.0.0.0/0 md5'; } >>tmp/pg_hba.conf
{ echo 'hostssl replication postgres 0.0.0.0/0 md5'; } >>tmp/pg_hba.conf
{ echo 'hostssl all all ::/0 md5'; } >>tmp/pg_hba.conf
{ echo 'hostssl replication postgres ::/0 md5'; } >>tmp/pg_hba.conf
{ echo '# IPv4 local connections:'; } >>/tmp/pg_hba.conf
{ echo 'hostssl all all 127.0.0.1/32 md5'; } >>/tmp/pg_hba.conf
{ echo '# IPv6 local connections:'; } >>/tmp/pg_hba.conf
{ echo 'hostssl all all ::1/128 md5'; } >>/tmp/pg_hba.conf

{ echo 'local replication all trust'; } >>/tmp/pg_hba.conf
{ echo 'hostssl replication all 127.0.0.1/32 md5'; } >>/tmp/pg_hba.conf
{ echo 'hostssl replication all ::1/128 md5'; } >>/tmp/pg_hba.conf

{ echo 'hostssl all all 0.0.0.0/0 md5'; } >>/tmp/pg_hba.conf
{ echo 'hostssl replication postgres 0.0.0.0/0 md5'; } >>/tmp/pg_hba.conf
{ echo 'hostssl all all ::/0 md5'; } >>/tmp/pg_hba.conf
{ echo 'hostssl replication postgres ::/0 md5'; } >>/tmp/pg_hba.conf
fi

else
{ echo '# IPv4 local connections:'; } >>tmp/pg_hba.conf
{ echo 'host all all 127.0.0.1/32 trust'; } >>tmp/pg_hba.conf
{ echo '# IPv6 local connections:'; } >>tmp/pg_hba.conf
{ echo 'host all all ::1/128 trust'; } >>tmp/pg_hba.conf

{ echo 'local replication all trust'; } >>tmp/pg_hba.conf
{ echo 'host replication all 127.0.0.1/32 md5'; } >>tmp/pg_hba.conf
{ echo 'host replication all ::1/128 md5'; } >>tmp/pg_hba.conf

{ echo 'host all all 0.0.0.0/0 md5'; } >>tmp/pg_hba.conf
{ echo 'host replication postgres 0.0.0.0/0 md5'; } >>tmp/pg_hba.conf
{ echo 'host all all ::/0 md5'; } >>tmp/pg_hba.conf
{ echo 'host replication postgres ::/0 md5'; } >>tmp/pg_hba.conf
{ echo '# IPv4 local connections:'; } >>/tmp/pg_hba.conf
{ echo 'host all all 127.0.0.1/32 trust'; } >>/tmp/pg_hba.conf
{ echo '# IPv6 local connections:'; } >>/tmp/pg_hba.conf
{ echo 'host all all ::1/128 trust'; } >>/tmp/pg_hba.conf

{ echo 'local replication all trust'; } >>/tmp/pg_hba.conf
{ echo 'host replication all 127.0.0.1/32 md5'; } >>/tmp/pg_hba.conf
{ echo 'host replication all ::1/128 md5'; } >>/tmp/pg_hba.conf

{ echo 'host all all 0.0.0.0/0 md5'; } >>/tmp/pg_hba.conf
{ echo 'host replication postgres 0.0.0.0/0 md5'; } >>/tmp/pg_hba.conf
{ echo 'host all all ::/0 md5'; } >>/tmp/pg_hba.conf
{ echo 'host replication postgres ::/0 md5'; } >>/tmp/pg_hba.conf
fi

mv /tmp/pg_hba.conf "$PGDATA/pg_hba.conf"
Expand Down Expand Up @@ -196,3 +201,4 @@ if [[ "$STREAMING" == "synchronous" ]]; then
fi
# ref: https://superuser.com/a/246841/985093
cat /tmp/postgresql.conf $PGDATA/postgresql.conf >"/tmp/postgresql.conf.tmp" && mv "/tmp/postgresql.conf.tmp" "$PGDATA/postgresql.conf"

80 changes: 40 additions & 40 deletions role_scripts/10/standby/ha_backup_job.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -130,56 +130,56 @@ mv /tmp/postgresql.conf "$PGDATA/postgresql.conf"

# setup pg_hba.conf
touch /tmp/pg_hba.conf
{ echo '#TYPE DATABASE USER ADDRESS METHOD'; } >>tmp/pg_hba.conf
{ echo '# "local" is for Unix domain socket connections only'; } >>tmp/pg_hba.conf
{ echo 'local all all trust'; } >>tmp/pg_hba.conf
{ echo '#TYPE DATABASE USER ADDRESS METHOD'; } >>/tmp/pg_hba.conf
{ echo '# "local" is for Unix domain socket connections only'; } >>/tmp/pg_hba.conf
{ echo 'local all all trust'; } >>/tmp/pg_hba.conf
if [[ "${SSL:-0}" == "ON" ]]; then
if [[ "$CLIENT_AUTH_MODE" == "cert" ]]; then
#*******************client auth with client.crt and key**************

{ echo '# IPv4 local connections:'; } >>tmp/pg_hba.conf
{ echo 'hostssl all all 127.0.0.1/32 cert clientcert=1'; } >>tmp/pg_hba.conf
{ echo '# IPv6 local connections:'; } >>tmp/pg_hba.conf
{ echo 'hostssl all all ::1/128 cert clientcert=1'; } >>tmp/pg_hba.conf
{ echo '# IPv4 local connections:'; } >>/tmp/pg_hba.conf
{ echo 'hostssl all all 127.0.0.1/32 cert clientcert=1'; } >>/tmp/pg_hba.conf
{ echo '# IPv6 local connections:'; } >>/tmp/pg_hba.conf
{ echo 'hostssl all all ::1/128 cert clientcert=1'; } >>/tmp/pg_hba.conf

{ echo 'local replication all trust'; } >>tmp/pg_hba.conf
{ echo 'hostssl replication all 127.0.0.1/32 cert clientcert=1'; } >>tmp/pg_hba.conf
{ echo 'hostssl replication all ::1/128 cert clientcert=1'; } >>tmp/pg_hba.conf
{ echo 'local replication all trust'; } >>/tmp/pg_hba.conf
{ echo 'hostssl replication all 127.0.0.1/32 cert clientcert=1'; } >>/tmp/pg_hba.conf
{ echo 'hostssl replication all ::1/128 cert clientcert=1'; } >>/tmp/pg_hba.conf

{ echo 'hostssl all all 0.0.0.0/0 cert clientcert=1'; } >>tmp/pg_hba.conf
{ echo 'hostssl replication postgres 0.0.0.0/0 cert clientcert=1'; } >>tmp/pg_hba.conf
{ echo 'hostssl all all ::/0 cert clientcert=1'; } >>tmp/pg_hba.conf
{ echo 'hostssl replication postgres ::/0 cert clientcert=1'; } >>tmp/pg_hba.conf
{ echo 'hostssl all all 0.0.0.0/0 cert clientcert=1'; } >>/tmp/pg_hba.conf
{ echo 'hostssl replication postgres 0.0.0.0/0 cert clientcert=1'; } >>/tmp/pg_hba.conf
{ echo 'hostssl all all ::/0 cert clientcert=1'; } >>/tmp/pg_hba.conf
{ echo 'hostssl replication postgres ::/0 cert clientcert=1'; } >>/tmp/pg_hba.conf
else
{ echo '# IPv4 local connections:'; } >>tmp/pg_hba.conf
{ echo 'hostssl all all 127.0.0.1/32 md5'; } >>tmp/pg_hba.conf
{ echo '# IPv6 local connections:'; } >>tmp/pg_hba.conf
{ echo 'hostssl all all ::1/128 md5'; } >>tmp/pg_hba.conf

{ echo 'local replication all trust'; } >>tmp/pg_hba.conf
{ echo 'hostssl replication all 127.0.0.1/32 md5'; } >>tmp/pg_hba.conf
{ echo 'hostssl replication all ::1/128 md5'; } >>tmp/pg_hba.conf

{ echo 'hostssl all all 0.0.0.0/0 md5'; } >>tmp/pg_hba.conf
{ echo 'hostssl replication postgres 0.0.0.0/0 md5'; } >>tmp/pg_hba.conf
{ echo 'hostssl all all ::/0 md5'; } >>tmp/pg_hba.conf
{ echo 'hostssl replication postgres ::/0 md5'; } >>tmp/pg_hba.conf
{ echo '# IPv4 local connections:'; } >>/tmp/pg_hba.conf
{ echo 'hostssl all all 127.0.0.1/32 md5'; } >>/tmp/pg_hba.conf
{ echo '# IPv6 local connections:'; } >>/tmp/pg_hba.conf
{ echo 'hostssl all all ::1/128 md5'; } >>/tmp/pg_hba.conf

{ echo 'local replication all trust'; } >>/tmp/pg_hba.conf
{ echo 'hostssl replication all 127.0.0.1/32 md5'; } >>/tmp/pg_hba.conf
{ echo 'hostssl replication all ::1/128 md5'; } >>/tmp/pg_hba.conf

{ echo 'hostssl all all 0.0.0.0/0 md5'; } >>/tmp/pg_hba.conf
{ echo 'hostssl replication postgres 0.0.0.0/0 md5'; } >>/tmp/pg_hba.conf
{ echo 'hostssl all all ::/0 md5'; } >>/tmp/pg_hba.conf
{ echo 'hostssl replication postgres ::/0 md5'; } >>/tmp/pg_hba.conf
fi

else
{ echo '# IPv4 local connections:'; } >>tmp/pg_hba.conf
{ echo 'host all all 127.0.0.1/32 trust'; } >>tmp/pg_hba.conf
{ echo '# IPv6 local connections:'; } >>tmp/pg_hba.conf
{ echo 'host all all ::1/128 trust'; } >>tmp/pg_hba.conf

{ echo 'local replication all trust'; } >>tmp/pg_hba.conf
{ echo 'host replication all 127.0.0.1/32 md5'; } >>tmp/pg_hba.conf
{ echo 'host replication all ::1/128 md5'; } >>tmp/pg_hba.conf

{ echo 'host all all 0.0.0.0/0 md5'; } >>tmp/pg_hba.conf
{ echo 'host replication postgres 0.0.0.0/0 md5'; } >>tmp/pg_hba.conf
{ echo 'host all all ::/0 md5'; } >>tmp/pg_hba.conf
{ echo 'host replication postgres ::/0 md5'; } >>tmp/pg_hba.conf
{ echo '# IPv4 local connections:'; } >>/tmp/pg_hba.conf
{ echo 'host all all 127.0.0.1/32 trust'; } >>/tmp/pg_hba.conf
{ echo '# IPv6 local connections:'; } >>/tmp/pg_hba.conf
{ echo 'host all all ::1/128 trust'; } >>/tmp/pg_hba.conf

{ echo 'local replication all trust'; } >>/tmp/pg_hba.conf
{ echo 'host replication all 127.0.0.1/32 md5'; } >>/tmp/pg_hba.conf
{ echo 'host replication all ::1/128 md5'; } >>/tmp/pg_hba.conf

{ echo 'host all all 0.0.0.0/0 md5'; } >>/tmp/pg_hba.conf
{ echo 'host replication postgres 0.0.0.0/0 md5'; } >>/tmp/pg_hba.conf
{ echo 'host all all ::/0 md5'; } >>/tmp/pg_hba.conf
{ echo 'host replication postgres ::/0 md5'; } >>/tmp/pg_hba.conf
fi

mv /tmp/pg_hba.conf "$PGDATA/pg_hba.conf"
Expand Down
2 changes: 1 addition & 1 deletion role_scripts/10/standby/postgresql.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ listen_addresses = '*' # what IP address(es) to listen on;
# defaults to 'localhost'; use '*' for all
# (change requires restart)
#port = 5432 # (change requires restart)
max_connections = 100 # (change requires restart)
# max_connections = 100 # (change requires restart)
#superuser_reserved_connections = 3 # (change requires restart)
#unix_socket_directories = '/tmp' # comma-separated list of directories
# (change requires restart)
Expand Down
Loading