diff --git a/product_docs/docs/tpa/23/INSTALL-repo.mdx b/product_docs/docs/tpa/23/INSTALL-repo.mdx index c9cb0d7646b..39f4162c1f9 100644 --- a/product_docs/docs/tpa/23/INSTALL-repo.mdx +++ b/product_docs/docs/tpa/23/INSTALL-repo.mdx @@ -1,5 +1,6 @@ --- navTitle: Install from Source +description: Installing and running TPA from a copy of the source code repository. title: Installing TPA from source originalFilePath: INSTALL-repo.md @@ -9,6 +10,7 @@ This document explains how to use TPA from a copy of the source code repository. !!! Note + EDB customers must [install TPA from packages](INSTALL/) in order to receive EDB support for the software. diff --git a/product_docs/docs/tpa/23/INSTALL.mdx b/product_docs/docs/tpa/23/INSTALL.mdx index fb2b74fa404..64389690648 100644 --- a/product_docs/docs/tpa/23/INSTALL.mdx +++ b/product_docs/docs/tpa/23/INSTALL.mdx @@ -1,5 +1,6 @@ --- navTitle: Installation +description: Installing TPA packages and setting up the Python environment. title: TPA installation originalFilePath: INSTALL.md @@ -16,6 +17,7 @@ See [Distribution support](reference/distributions/) for information on what platforms are supported. !!! Info + Please make absolutely sure that your system has the correct date and time set, because various things will fail otherwise. We recommend you use a network time, for example `sudo ntpdate @@ -129,6 +131,7 @@ Next, run `tpaexec setup` to create an isolated Python environment and install the correct versions of all required modules. !!! Note + On Ubuntu versions prior to 20.04, please use `sudo -H tpaexec setup` to avoid subsequent permission errors during `tpaexec configure` @@ -167,9 +170,18 @@ If your internet-connected machine uses the same operating system as the target, we recommend using `yumdownloader` (RHEL-like) or `apt download` (Debian-like) to download the packages. -If this is not possible, please contact EDB support and we will provide -you with a download link or instructions appropriate to your -subscription. +Alternatively, you can download packages for any platform from your +browser by visiting [EDB Repos](https://www.enterprisedb.com/repos) and +selecting either 'Enterprise', 'Standard' or 'Community 360' under the +heading 'Download EDB software packages from your browser'. +To install TPA you need these packages: + +- tpaexec +- tpaexec-deps +- edb-python39 + +Once you have transferred the downloaded packages to the target server, +you must install them using the appropriate tool for your platform. ### Installing without access to a Python package index diff --git a/product_docs/docs/tpa/23/ansible-and-sudo.mdx b/product_docs/docs/tpa/23/ansible-and-sudo.mdx index 18a6be0d309..70827365859 100644 --- a/product_docs/docs/tpa/23/ansible-and-sudo.mdx +++ b/product_docs/docs/tpa/23/ansible-and-sudo.mdx @@ -1,5 +1,8 @@ --- -title: TPA, Ansible, and sudo +description: >- + How TPA uses Ansible with sudo to execute tasks with elevated privileges on + target instances. +title: 'TPA, Ansible, and sudo' originalFilePath: ansible-and-sudo.md --- diff --git a/product_docs/docs/tpa/23/architecture-BDR-Always-ON.mdx b/product_docs/docs/tpa/23/architecture-BDR-Always-ON.mdx index 3dbd94b0ae5..c76e5af6342 100644 --- a/product_docs/docs/tpa/23/architecture-BDR-Always-ON.mdx +++ b/product_docs/docs/tpa/23/architecture-BDR-Always-ON.mdx @@ -1,4 +1,5 @@ --- +description: Configuring a BDR-Always-ON cluster with TPA. title: BDR-Always-ON originalFilePath: architecture-BDR-Always-ON.md diff --git a/product_docs/docs/tpa/23/architecture-M1.mdx b/product_docs/docs/tpa/23/architecture-M1.mdx index 6a72edb0ddf..d4038e65426 100644 --- a/product_docs/docs/tpa/23/architecture-M1.mdx +++ b/product_docs/docs/tpa/23/architecture-M1.mdx @@ -1,4 +1,5 @@ --- +description: Configuring the M1 architecture with TPA. title: M1 originalFilePath: architecture-M1.md @@ -78,16 +79,17 @@ More detail on the options is provided in the following section. #### Additional Options -| Parameter | Description | Behaviour if omitted | -| --------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------- | -| `--platform` | One of `aws`, `docker`, `bare`. | Defaults to `aws`. | -| `--location-names` | A space-separated list of location names. The number of active locations is equal to the number of names supplied, minus one for each of the witness-only location and the single-node location if they are requested. | A single location called "main" is used. | -| `--primary-location` | The location where the primary server will be. Must be a member of `location-names`. | The first listed location is used. | -| `--data-nodes-per-location` | A number from 1 upwards. In each location, one node will be configured to stream directly from the cluster's primary node, and the other nodes, if present, will stream from that one. | Defaults to 2. | -| `--witness-only-location` | A location name, must be a member of `location-names`. | No witness-only location is added. | -| `--single-node-location` | A location name, must be a member of `location-names`. | No single-node location is added. | -| `--enable-haproxy` | 2 additional nodes will be added as a load balancer layer.
Only supported with Patroni as the failover manager. | HAproxy nodes will not be added to the cluster. | -| `--patroni-dcs` | Select the Distributed Configuration Store backend for patroni.
Only option is `etcd` at this time.
Only supported with Patroni as the failover manager. | Defaults to `etcd`. | +| Parameter | Description | Behaviour if omitted | +| --------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------ | +| `--platform` | One of `aws`, `docker`, `bare`. | Defaults to `aws`. | +| `--location-names` | A space-separated list of location names. The number of active locations is equal to the number of names supplied, minus one for each of the witness-only location and the single-node location if they are requested. | A single location called "main" is used. | +| `--primary-location` | The location where the primary server will be. Must be a member of `location-names`. | The first listed location is used. | +| `--data-nodes-per-location` | A number from 1 upwards. In each location, one node will be configured to stream directly from the cluster's primary node, and the other nodes, if present, will stream from that one. | Defaults to 2. | +| `--witness-only-location` | A location name, must be a member of `location-names`. | No witness-only location is added. | +| `--single-node-location` | A location name, must be a member of `location-names`. | No single-node location is added. | +| `--enable-haproxy` | 2 additional nodes will be added as a load balancer layer.
Only supported with Patroni as the failover manager. | HAproxy nodes will not be added to the cluster. | +| `--enable-pgbouncer` | PgBouncer will be configured in the Postgres nodes to pool connections for the primary. | PgBouncer will not be configured in the cluster. | +| `--patroni-dcs` | Select the Distributed Configuration Store backend for patroni.
Only option is `etcd` at this time.
Only supported with Patroni as the failover manager. | Defaults to `etcd`. |

diff --git a/product_docs/docs/tpa/23/architecture-PGD-Always-ON.mdx b/product_docs/docs/tpa/23/architecture-PGD-Always-ON.mdx index 95feae18deb..27427ac8f46 100644 --- a/product_docs/docs/tpa/23/architecture-PGD-Always-ON.mdx +++ b/product_docs/docs/tpa/23/architecture-PGD-Always-ON.mdx @@ -1,4 +1,5 @@ --- +description: Configuring a PGD-Always-ON cluster with TPA. title: PGD-Always-ON originalFilePath: architecture-PGD-Always-ON.md @@ -61,6 +62,8 @@ More detail on the options is provided in the following section. | `--enable-camo` | Sets two data nodes in each location as CAMO partners. | CAMO will not be enabled. | | `--bdr-database` | The name of the database to be used for replication. | Defaults to `bdrdb`. | | `--enable-pgd-probes` | Enable http(s) api endpoints for pgd-proxy such as `health/is-ready` to allow probing proxy's health. | Disabled by default. | +| `--proxy-listen-port` | The port on which proxy nodes will route traffic to the write leader. | Defaults to 6432 | +| `--proxy-read-only-port` | The port on which proxy nodes will route read-only traffic to shadow nodes. | Defaults to 6433 |

@@ -79,6 +82,7 @@ regions, your own data centres, or any other designation to identify where your servers are hosted. !!! Note for AWS users + If you are using TPA to provision an AWS cluster, the locations will be mapped to separate availability zones within the `--region` you specify. diff --git a/product_docs/docs/tpa/23/configure-cluster.mdx b/product_docs/docs/tpa/23/configure-cluster.mdx index 49b7e4c1f2f..8cc806bf07f 100644 --- a/product_docs/docs/tpa/23/configure-cluster.mdx +++ b/product_docs/docs/tpa/23/configure-cluster.mdx @@ -1,4 +1,5 @@ --- +description: How to configure a TPA cluster. title: Cluster configuration originalFilePath: configure-cluster.md diff --git a/product_docs/docs/tpa/23/configure-instance.mdx b/product_docs/docs/tpa/23/configure-instance.mdx index 8455f2c6529..242ec2c04ca 100644 --- a/product_docs/docs/tpa/23/configure-instance.mdx +++ b/product_docs/docs/tpa/23/configure-instance.mdx @@ -1,4 +1,5 @@ --- +description: Customising the deployment process on cluster instances. title: Instance configuration originalFilePath: configure-instance.md diff --git a/product_docs/docs/tpa/23/configure-source.mdx b/product_docs/docs/tpa/23/configure-source.mdx index 42f31f2b0ba..3de19211d35 100644 --- a/product_docs/docs/tpa/23/configure-source.mdx +++ b/product_docs/docs/tpa/23/configure-source.mdx @@ -1,10 +1,12 @@ --- +description: How to build Postgres and other components from source with TPA. title: Building from source originalFilePath: configure-source.md --- !!!Warning + This option is intended for developers and advanced users. Only software built and tested by EDB is supported by EDB. Please refer to [Self-Managed Supported Open Source Software](https://www.enterprisedb.com/product-compatibility/edb-supported-open-source-software.pdf). diff --git a/product_docs/docs/tpa/23/firstclusterdeployment.mdx b/product_docs/docs/tpa/23/firstclusterdeployment.mdx index 479417af30d..eeacda9b696 100644 --- a/product_docs/docs/tpa/23/firstclusterdeployment.mdx +++ b/product_docs/docs/tpa/23/firstclusterdeployment.mdx @@ -1,5 +1,6 @@ --- navTitle: Tutorial +description: A simple tutorial to deploy a Postgres cluster with TPA on Docker. title: A First Cluster Deployment originalFilePath: firstclusterdeployment.md @@ -38,11 +39,13 @@ newgrp docker ``` !!! Warning + Giving a user the ability to speak to the Docker daemon lets them trivially gain root on the Docker host. Only trusted users should have access to the Docker daemon. !!! Note on RHEL 7 instances + To use RHEL 7 instances your host must be configured to run cgroups v1. Refer to documentation for your system to verify and alter cgroups configuration, or choose another operating system for your containers to follow this tutorial. diff --git a/product_docs/docs/tpa/23/misc-configure-putty.mdx b/product_docs/docs/tpa/23/misc-configure-putty.mdx index 97a2f7ea518..52505610df8 100644 --- a/product_docs/docs/tpa/23/misc-configure-putty.mdx +++ b/product_docs/docs/tpa/23/misc-configure-putty.mdx @@ -1,5 +1,6 @@ --- navTitle: PuTTY configuration +description: How to configure PuTTY to connect to a TPA cluster. title: TPA - PuTTY Configuration guide originalFilePath: misc-configure-putty.md diff --git a/product_docs/docs/tpa/23/misc-troubleshooting.mdx b/product_docs/docs/tpa/23/misc-troubleshooting.mdx index 2f55e51f853..cb3c0e2467b 100644 --- a/product_docs/docs/tpa/23/misc-troubleshooting.mdx +++ b/product_docs/docs/tpa/23/misc-troubleshooting.mdx @@ -1,4 +1,5 @@ --- +description: How to troubleshoot TPA installations title: Troubleshooting originalFilePath: misc-troubleshooting.md @@ -70,7 +71,7 @@ An easy way to smoketest an existing cluster is to run: This will do a functional test of the cluster components, followed by a performance test of the cluster, using pgbench. As pgbench can take a while to complete, benchmarking can be omitted by running: ``` -[tpa]$ tpaexec test --excluded_tasks pgbench +[tpa]$ tpaexec test --excluded_tasks=pgbench ``` ### TPA server test diff --git a/product_docs/docs/tpa/23/opensourcetpa.mdx b/product_docs/docs/tpa/23/opensourcetpa.mdx index 831ed557ee5..327e69fa75c 100644 --- a/product_docs/docs/tpa/23/opensourcetpa.mdx +++ b/product_docs/docs/tpa/23/opensourcetpa.mdx @@ -1,5 +1,6 @@ --- navTitle: Open Source +description: Open source Trusted Postgres Architect (TPA) documentation. title: Open source TPA originalFilePath: opensourcetpa.md diff --git a/product_docs/docs/tpa/23/platform-aws.mdx b/product_docs/docs/tpa/23/platform-aws.mdx index c6ed638b426..adeaac887cd 100644 --- a/product_docs/docs/tpa/23/platform-aws.mdx +++ b/product_docs/docs/tpa/23/platform-aws.mdx @@ -1,5 +1,6 @@ --- navTitle: AWS +description: Provisioning production clusters on AWS EC2 with TPA. title: aws originalFilePath: platform-aws.md diff --git a/product_docs/docs/tpa/23/platform-bare.mdx b/product_docs/docs/tpa/23/platform-bare.mdx index f84adf86a3c..165678aeff5 100644 --- a/product_docs/docs/tpa/23/platform-bare.mdx +++ b/product_docs/docs/tpa/23/platform-bare.mdx @@ -1,5 +1,6 @@ --- navTitle: Bare metal +description: Provisioning and managing bare(-metal) servers with TPA. title: bare(-metal servers) originalFilePath: platform-bare.md diff --git a/product_docs/docs/tpa/23/platform-docker.mdx b/product_docs/docs/tpa/23/platform-docker.mdx index 556ac370fa2..0bc8f60dfd8 100644 --- a/product_docs/docs/tpa/23/platform-docker.mdx +++ b/product_docs/docs/tpa/23/platform-docker.mdx @@ -1,4 +1,5 @@ --- +description: Provisioning and deploying to Docker containers with TPA. title: Docker originalFilePath: platform-docker.md diff --git a/product_docs/docs/tpa/23/reference/2q_and_edb_repositories.mdx b/product_docs/docs/tpa/23/reference/2q_and_edb_repositories.mdx index f98c5f1df6b..7bb46c0da0c 100644 --- a/product_docs/docs/tpa/23/reference/2q_and_edb_repositories.mdx +++ b/product_docs/docs/tpa/23/reference/2q_and_edb_repositories.mdx @@ -1,4 +1,5 @@ --- +description: How TPA uses 2ndQuadrant and EDB repositories. title: How TPA uses 2ndQuadrant and EDB repositories originalFilePath: 2q_and_edb_repositories.md @@ -33,6 +34,7 @@ that you have [exported the token](#authenticating-with-package-sources) before running `tpaexec deploy` or the operation will fail. !!! Note + EDB is in the process of publishing all software through Repos 2.0, and will eventually remove the older repositories. diff --git a/product_docs/docs/tpa/23/reference/INSTALL-docker.mdx b/product_docs/docs/tpa/23/reference/INSTALL-docker.mdx index c6ff69ce762..73e1b25459a 100644 --- a/product_docs/docs/tpa/23/reference/INSTALL-docker.mdx +++ b/product_docs/docs/tpa/23/reference/INSTALL-docker.mdx @@ -1,4 +1,7 @@ --- +description: >- + How to run TPA itself from within a Docker container, for systems where TPA is + not supported natively. title: Running TPA in a Docker container originalFilePath: INSTALL-docker.md diff --git a/product_docs/docs/tpa/23/reference/air-gapped.mdx b/product_docs/docs/tpa/23/reference/air-gapped.mdx index 4a80131fc49..e5d14fe2b39 100644 --- a/product_docs/docs/tpa/23/reference/air-gapped.mdx +++ b/product_docs/docs/tpa/23/reference/air-gapped.mdx @@ -1,4 +1,5 @@ --- +description: How to manage clusters in a disconnected or air-gapped environment title: Managing clusters in a disconnected or air-gapped environment originalFilePath: air-gapped.md @@ -19,6 +20,7 @@ follow the instructions below to either copy an existing cluster configuration or create a new cluster. !!! Note + If the air-gapped server does not already have TPA installed, follow the instructions [here](../INSTALL/#installing-tpa-without-internet-or-network-access-air-gapped) diff --git a/product_docs/docs/tpa/23/reference/apt_repositories.mdx b/product_docs/docs/tpa/23/reference/apt_repositories.mdx index b238058de12..9cc4220ae7c 100644 --- a/product_docs/docs/tpa/23/reference/apt_repositories.mdx +++ b/product_docs/docs/tpa/23/reference/apt_repositories.mdx @@ -1,4 +1,5 @@ --- +description: Configuring APT repositories for Debian and Ubuntu systems. title: Configuring APT repositories originalFilePath: apt_repositories.md diff --git a/product_docs/docs/tpa/23/reference/artifacts.mdx b/product_docs/docs/tpa/23/reference/artifacts.mdx index da0d942eb06..e1f58df48d5 100644 --- a/product_docs/docs/tpa/23/reference/artifacts.mdx +++ b/product_docs/docs/tpa/23/reference/artifacts.mdx @@ -1,4 +1,5 @@ --- +description: Uploading files and directories to target instances with TPA. title: Uploading artifacts originalFilePath: artifacts.md diff --git a/product_docs/docs/tpa/23/reference/barman.mdx b/product_docs/docs/tpa/23/reference/barman.mdx index 6b05ca0ce8e..80f7546e683 100644 --- a/product_docs/docs/tpa/23/reference/barman.mdx +++ b/product_docs/docs/tpa/23/reference/barman.mdx @@ -1,4 +1,5 @@ --- +description: Configuring Barman for backup and recovery with TPA. title: Barman originalFilePath: barman.md diff --git a/product_docs/docs/tpa/23/reference/bdr.mdx b/product_docs/docs/tpa/23/reference/bdr.mdx index 3a2be32508d..05a78985034 100644 --- a/product_docs/docs/tpa/23/reference/bdr.mdx +++ b/product_docs/docs/tpa/23/reference/bdr.mdx @@ -1,4 +1,5 @@ --- +description: How to configure and deploy EDB Postgres Distributed (PGD) with TPA. title: EDB Postgres Distributed configuration originalFilePath: bdr.md diff --git a/product_docs/docs/tpa/23/reference/beacon-agent.mdx b/product_docs/docs/tpa/23/reference/beacon-agent.mdx new file mode 100644 index 00000000000..7b2f7305be1 --- /dev/null +++ b/product_docs/docs/tpa/23/reference/beacon-agent.mdx @@ -0,0 +1,48 @@ +--- +description: Integrating TPA deployments with EDB Postgres AI using the agent +title: Configuring the beacon agent +originalFilePath: beacon-agent.md + +--- + +TPA installs and configures the beacon agent on nodes which have +the role `beacon-agent` in `config.yml`. If `--enable-beacon-agent` is +passed to `tpaexec configure`, then all of the postgres nodes in the +cluster have this role. + +## Beacon agent configuration + +The beacon agent configuration contains two parameters which must be set +per-cluster, the access key and the project id. + +The access key is kept encrypted in the cluster directory and can be +set or read using tpa's `store-password` and `show-password` commands: + +```bash +$ tpaexec store-password . beacon_agent_access_key +Password: +``` + +```bash +$ tpaexec show-password . beacon_agent_access_key +``` + +If the environment variable BEACON_AGENT_ACCESS_KEY is set when `tpaexec +provision` is run, the access key is set from its value. + +The project id is stored in `config.yml` under the +`beacon_agent_project_id` key in `cluster_vars`. If the +`--beacon_agent_project_id` argument is passed to `tpaexec configure` +then its value is written to `config.yml` appropriately. + +## Installing the beacon agent + +TPA installs the beacon agent from EDB's repositories and creates an +operating system user called `beacon` and a database user called +`beacon`. A configuration file for the agent is written to +`.beacon/beacon_agent.yaml` in the beacon user's home directory. + +## Running the beacon agent + +TPA installs a systemd service unit file to start the agent at +boot-time, running as the beacon user. diff --git a/product_docs/docs/tpa/23/reference/distributions.mdx b/product_docs/docs/tpa/23/reference/distributions.mdx index 9927550ebae..9adadef64ed 100644 --- a/product_docs/docs/tpa/23/reference/distributions.mdx +++ b/product_docs/docs/tpa/23/reference/distributions.mdx @@ -1,4 +1,5 @@ --- +description: Which Linux distributions are supported by TPA. title: Distribution support originalFilePath: distributions.md @@ -14,11 +15,15 @@ and is not suitable for production use. Fully supported platforms are supported both as host systems for running TPA and target systems on which TPA deploys the Postgres cluster. +## Debian ARM64 + +- Debian 12/bookworm is fully supported + ## Debian x86 - Debian 12/bookworm is fully supported - Debian 11/bullseye is fully supported -- Debian 10/buster is fully supported +- Debian 10/buster is a legacy distribution - Debian 9/stretch is a legacy distribution - Debian 8/jessie is a legacy distribution @@ -29,24 +34,24 @@ TPA and target systems on which TPA deploys the Postgres cluster. - Ubuntu 18.04/bionic is a legacy distribution - Ubuntu 16.04/xenial is a legacy distribution -## Oracle Linux +## Oracle Linux x86 - Oracle Linux 9.x is fully supported (docker only) - Oracle Linux 8.x is fully supported (docker only) -- Oracle Linux 7.x is fully supported (docker only) +- Oracle Linux 7.x is a legacy distribution (docker only) ## RedHat x86 - RHEL/Rocky/AlmaLinux/Oracle Linux 9.x is fully supported (python3 only) - RHEL/CentOS/Rocky/AlmaLinux 8.x is fully supported (python3 only) -- RHEL/CentOS 7.x is fully supported (python2 only) +- RHEL/CentOS 7.x is a legacy distribution (python2 only) ## RedHat ppc64le - RHEL/Rocky/AlmaLinux 9.x is fully supported (python3 only) - RHEL/AlmaLinux 8.x is fully supported (python3 only) -## SLES +## SLES x86 - SLES 15.x is fully supported diff --git a/product_docs/docs/tpa/23/reference/edb_repositories.mdx b/product_docs/docs/tpa/23/reference/edb_repositories.mdx index 61381fe54bc..c4226cc244a 100644 --- a/product_docs/docs/tpa/23/reference/edb_repositories.mdx +++ b/product_docs/docs/tpa/23/reference/edb_repositories.mdx @@ -1,4 +1,5 @@ --- +description: How to configure EDB Repos 2.0 package repositories on any system. title: Configuring EDB Repos 2.0 repositories originalFilePath: edb_repositories.md diff --git a/product_docs/docs/tpa/23/reference/efm.mdx b/product_docs/docs/tpa/23/reference/efm.mdx index ef87afa549a..21ae5197df8 100644 --- a/product_docs/docs/tpa/23/reference/efm.mdx +++ b/product_docs/docs/tpa/23/reference/efm.mdx @@ -1,4 +1,5 @@ --- +description: How to install and configure EFM with TPA. title: Configuring EFM originalFilePath: efm.md diff --git a/product_docs/docs/tpa/23/reference/git-credentials.mdx b/product_docs/docs/tpa/23/reference/git-credentials.mdx index 77eb22e2afb..c20efa0ea4f 100644 --- a/product_docs/docs/tpa/23/reference/git-credentials.mdx +++ b/product_docs/docs/tpa/23/reference/git-credentials.mdx @@ -1,4 +1,5 @@ --- +description: How to authenticate to Git repositories during deployment. title: Git credentials originalFilePath: git-credentials.md @@ -24,6 +25,7 @@ disk on the target instance: before running `tpaexec deploy`. !!! Note + When deploying to Docker on macOS, you should use only `https://` repository URLs because Docker containers cannot be accessed by ssh from the host in this environment. diff --git a/product_docs/docs/tpa/23/reference/haproxy.mdx b/product_docs/docs/tpa/23/reference/haproxy.mdx index 4a98a51b207..e38e19d4f80 100644 --- a/product_docs/docs/tpa/23/reference/haproxy.mdx +++ b/product_docs/docs/tpa/23/reference/haproxy.mdx @@ -1,4 +1,5 @@ --- +description: How to install and configure haproxy with TPA. title: Configuring haproxy originalFilePath: haproxy.md @@ -24,14 +25,14 @@ Packages from PGDG extras repo can be installed if required. You can set the following variables on any `haproxy` instance. -| Variable | Default value | Description | -| ------------------------- | --------------------- | --------------------------------------------------------------------------------------------------------------------------------- | -| `haproxy_bind_address` | 127.0.0.1 | The address haproxy should bind to | -| `haproxy_port` | 5432 (5444 for EPAS) | The TCP port haproxy should listen on | -| `haproxy_read_only_port` | 5433 (5445 for EPAS) | TCP port for read-only load-balancer | -| `haproxy_backend_servers` | None | A list of Postgres instance names | -| `haproxy_maxconn` | `max_connections`×0.9 | The maximum number of connections allowed per backend server; the default is derived from the backend's `max_connections` setting | -| `haproxy_peer_enabled` | True\* | Add known haproxy hosts as `peer` list.
\*`False` if `failover_manager` is harp or patroni. | +| Variable | Default value | Description | +| ------------------------- | --------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | +| `haproxy_bind_address` | 127.0.0.1\* | The address to which haproxy should bind
\*0.0.0.0 if `failover_manager` is patroni. **Users should change this value to something more restrictive and appropriate for their cluster networking** | +| `haproxy_port` | 5432 (5444 for EPAS) | The TCP port haproxy should listen on | +| `haproxy_read_only_port` | 5433 (5445 for EPAS) | TCP port for read-only load-balancer | +| `haproxy_backend_servers` | None | A list of Postgres instance names | +| `haproxy_maxconn` | `max_connections`×0.9 | The maximum number of connections allowed per backend server; the default is derived from the backend's `max_connections` setting | +| `haproxy_peer_enabled` | True\* | Add known haproxy hosts as `peer` list.
\*`False` if `failover_manager` is harp or patroni. | ## Read-Only load-balancer diff --git a/product_docs/docs/tpa/23/reference/harp.mdx b/product_docs/docs/tpa/23/reference/harp.mdx index dfc241dd4fd..281f9e5515a 100644 --- a/product_docs/docs/tpa/23/reference/harp.mdx +++ b/product_docs/docs/tpa/23/reference/harp.mdx @@ -1,4 +1,5 @@ --- +description: Configuring HARP for BDR-Always-ON clusters. title: Configuring HARP originalFilePath: harp.md diff --git a/product_docs/docs/tpa/23/reference/hosts.mdx b/product_docs/docs/tpa/23/reference/hosts.mdx index 51e5b4060a0..21735687c18 100644 --- a/product_docs/docs/tpa/23/reference/hosts.mdx +++ b/product_docs/docs/tpa/23/reference/hosts.mdx @@ -1,4 +1,5 @@ --- +description: Configuring /etc/hosts on instances with TPA title: Configuring /etc/hosts originalFilePath: hosts.md diff --git a/product_docs/docs/tpa/23/reference/initdb.mdx b/product_docs/docs/tpa/23/reference/initdb.mdx index 87ba860b53b..5fa389d27d3 100644 --- a/product_docs/docs/tpa/23/reference/initdb.mdx +++ b/product_docs/docs/tpa/23/reference/initdb.mdx @@ -1,4 +1,5 @@ --- +description: Running initdb to initialise a Postgres data directory on a target instance. title: Running initdb originalFilePath: initdb.md diff --git a/product_docs/docs/tpa/23/reference/install_from_source.mdx b/product_docs/docs/tpa/23/reference/install_from_source.mdx index f70aa74da3e..f017269461b 100644 --- a/product_docs/docs/tpa/23/reference/install_from_source.mdx +++ b/product_docs/docs/tpa/23/reference/install_from_source.mdx @@ -1,4 +1,5 @@ --- +description: Building and installing Postgres extensions from source. title: Installing from source originalFilePath: install_from_source.md diff --git a/product_docs/docs/tpa/23/reference/local-repo.mdx b/product_docs/docs/tpa/23/reference/local-repo.mdx index cf7fe974a3c..20b1ec52389 100644 --- a/product_docs/docs/tpa/23/reference/local-repo.mdx +++ b/product_docs/docs/tpa/23/reference/local-repo.mdx @@ -1,4 +1,5 @@ --- +description: Creating and using a local repository with TPA. title: Creating and using a local repository originalFilePath: local-repo.md @@ -17,6 +18,7 @@ You can create a local repository manually, or have TPA create one for you. Instructions for both are included below. !!! Note + Specific instructions are available for [managing clusters in an air-gapped](air-gapped/) environment. @@ -92,11 +94,13 @@ the appropriate directory. Then generate metadata using the correct tool for your system as detailed below. !!! Note + You must generate the metadata on the control node, i.e., the machine where you run tpaexec. TPA will copy the metadata and packages to target instances. !!! Note + You must generate the metadata in the subdirectory that the instance will use, i.e., if you copy packages into `local-repo/Debian/12`, you must create the metadata in that directory, not in `local-repo/Debian`. diff --git a/product_docs/docs/tpa/23/reference/locale.mdx b/product_docs/docs/tpa/23/reference/locale.mdx index a24e3996afb..6b5eea72ad7 100644 --- a/product_docs/docs/tpa/23/reference/locale.mdx +++ b/product_docs/docs/tpa/23/reference/locale.mdx @@ -1,4 +1,5 @@ --- +description: Setting the locale for the target instance. title: Locale originalFilePath: locale.md diff --git a/product_docs/docs/tpa/23/reference/manage_ssh_hostkeys.mdx b/product_docs/docs/tpa/23/reference/manage_ssh_hostkeys.mdx index 4f22d19e495..072601f9b7d 100644 --- a/product_docs/docs/tpa/23/reference/manage_ssh_hostkeys.mdx +++ b/product_docs/docs/tpa/23/reference/manage_ssh_hostkeys.mdx @@ -1,4 +1,5 @@ --- +description: Managing a cluster's SSH host keys with TPA. title: Managing SSH host keys originalFilePath: manage_ssh_hostkeys.md diff --git a/product_docs/docs/tpa/23/reference/packages.mdx b/product_docs/docs/tpa/23/reference/packages.mdx index 5710109409d..dcdc788dfbc 100644 --- a/product_docs/docs/tpa/23/reference/packages.mdx +++ b/product_docs/docs/tpa/23/reference/packages.mdx @@ -1,4 +1,5 @@ --- +description: Installing packages on target instances with TPA. title: Installing packages originalFilePath: packages.md diff --git a/product_docs/docs/tpa/23/reference/patroni.mdx b/product_docs/docs/tpa/23/reference/patroni.mdx index 8e88c4b1097..a5d9dacee21 100644 --- a/product_docs/docs/tpa/23/reference/patroni.mdx +++ b/product_docs/docs/tpa/23/reference/patroni.mdx @@ -1,4 +1,5 @@ --- +description: Using Patroni as a failover manager with TPA. title: Patroni cluster management commands originalFilePath: patroni.md @@ -18,24 +19,30 @@ cluster_vars: failover_manager: patroni ``` -If deploying to RedHat you must also add the `PGDG` repository to your -yum repository list in config.yml: - -```yaml -cluster_vars: - yum_repository_list: - - PGDG -``` - -TPA `configure` will add 3 etcd nodes and 2 haproxy nodes. Etcd is used -for the Distributed Configuration Store (DCS). Patroni supports other -DCS backends, but they are not currently supported by EDB or TPA. - -TPA uses Patroni's feature of converting an existing PostgreSQL -standalone server. This allows for TPA to initialise and manage -configuration. Once a single PostgreSQL server and database has been -created, Patroni will create replicas and configure replication. -TPA will then remove any postgres configuration files used during setup. +TPA is able to deploy Patroni clusters using either `patroni` packages (from +PGDG repositories) or `edb-patroni` packages (from EDB repositories). You can +configure that through the `patroni_package_flavour` option under `cluster_vars` +in the config.yml, which can also be set through the `--patroni-package-flavour` +command-line argument. If no `patroni_package_flavour` is explicitly set, TPA +will attempt to infere the flavour based on the configured repositories: if EDB +repositories were configured, implicitly select `edb` flavour, otherwise +implicitly select `community` flavour. + +TPA `configure` will add 3 etcd nodes, and may add 2 haproxy nodes if you +specify the option `--enable-haproxy`. Etcd is used for the Distributed +Configuration Store (DCS). Patroni supports other DCS backends, but they are not +currently supported by EDB or TPA. + +As an alternative to HAProxy, you can use the `--enable-pgbouncer` option to configure +PgBouncer in the Postgres nodes. PgBouncer will be configured to pool +connections for the primary. Patroni will be configured to reconfigure PgBouncer +upon failovers or switchovers in the cluster, so PgBouncer follows the new +primary Postgres instance. + +TPA uses Patroni's feature of converting an existing PostgreSQL cluster. This +allows for TPA to initialise and manage configuration. Once the PostgreSQL +cluster has been created, Patroni will take the management over. TPA will then +remove any postgres configuration files used during setup. Once set up, Postgres can continue to be managed using TPA and settings in `config.yml` for the cluster. You can also use Patroni interfaces, @@ -45,21 +52,22 @@ recommended to use TPA methods wherever possible. These configuration variables can be used to control certain behaviours in the deployment of Patroni in TPA. -| Variable | Default value | Description | -| ------------------------------- | ------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| `patroni_super_user` | postgres | User to create in postgres for superuser role. | -| `patroni_replication_user` | replicator | Username to create in postgres for replication role. | -| `patroni_restapi_user` | patroni | Username to configure for the patroni REST API. | -| `patroni_rewind_user` | rewind | Username to create in postgres for pg_rewind function. | -| `patroni_installation_method` | pkg | Install patroni from packages or source (e.g. git repo or local source directory if docker). | -| `patroni_ssl_enabled` | no | Whether to enable SSL for REST API and ctl connection. Will use the cluster SSL cert and CA if available. | -| `patroni_rewind_enabled` | yes | Whether to enable postgres rewind, creates a user defined by patroni_rewind_user and adds config section. | -| `patroni_watchdog_enabled` | no | Whether to configure the kernel watchdog for additional split brain prevention. | -| `patroni_dcs` | etcd | What backend to use for the DCS. The only option is etcd at the moment. | -| `patroni_listen_port` | 8008 | REST API TCP port number | -| `patroni_conf_settings` | {} | A structured data object with overrides for patroni configuration.
Partial data can be provided and will be merged with the generated config.
Be careful to not override values that are generated based on instance information known at runtime. | -| `patroni_dynamic_conf_settings` | {} | Optional structured data just for DCS settings. This will be merged onto `patroni_conf_settings`. | -| `patroni_repl_max_lag` | None | This is used in the haproxy backend health check only when `haproxy_read_only_load_balancer_enabled` is true.
See [REST API documentation](https://patroni.readthedocs.io/en/latest/rest_api.html#health-check-endpoints) for possible values for `/replica?lag` | +| Variable | Default value | Description | +| ------------------------------- | ------------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `patroni_super_user` | postgres | User to create in postgres for superuser role. | +| `patroni_replication_user` | replicator | Username to create in postgres for replication role. | +| `patroni_restapi_user` | patroni | Username to configure for the patroni REST API. | +| `patroni_rewind_user` | rewind | Username to create in postgres for pg_rewind function. | +| `patroni_installation_method` | pkg | Install patroni from packages or source (e.g. git repo or local source directory if docker). | +| `patroni_package_flavour` | community if no EDB repository is configured, else edb | Whether to install `edb-patroni` package (`edb` flavour, requires EDB repositories) or `patroni` package (`community` flavour, requires PGDG and EPEL (RedHat based only) repositories). | +| `patroni_ssl_enabled` | no | Whether to enable SSL for REST API and ctl connection. Will use the cluster SSL cert and CA if available. | +| `patroni_rewind_enabled` | yes | Whether to enable postgres rewind, creates a user defined by patroni_rewind_user and adds config section. | +| `patroni_watchdog_enabled` | no | Whether to configure the kernel watchdog for additional split brain prevention. | +| `patroni_dcs` | etcd | What backend to use for the DCS. The only option is etcd at the moment. | +| `patroni_listen_port` | 8008 | REST API TCP port number | +| `patroni_conf_settings` | {} | A structured data object with overrides for patroni configuration.
Partial data can be provided and will be merged with the generated config.
Be careful to not override values that are generated based on instance information known at runtime. | +| `patroni_dynamic_conf_settings` | {} | Optional structured data just for DCS settings. This will be merged onto `patroni_conf_settings`. | +| `patroni_repl_max_lag` | None | This is used in the haproxy backend health check only when `haproxy_read_only_load_balancer_enabled` is true.
See [REST API documentation](https://patroni.readthedocs.io/en/latest/rest_api.html#health-check-endpoints) for possible values for `/replica?lag` | ## Patroni configuration file settings diff --git a/product_docs/docs/tpa/23/reference/pem.mdx b/product_docs/docs/tpa/23/reference/pem.mdx index 72351453ea4..487f26d1991 100644 --- a/product_docs/docs/tpa/23/reference/pem.mdx +++ b/product_docs/docs/tpa/23/reference/pem.mdx @@ -1,4 +1,5 @@ --- +description: Installing and configuring Postgres Enterprise Manager (PEM) with TPA. title: Configuring Postgres Enterprise Manager (PEM) originalFilePath: pem.md diff --git a/product_docs/docs/tpa/23/reference/pg-backup-api.mdx b/product_docs/docs/tpa/23/reference/pg-backup-api.mdx index 5fb1bb6d5fc..c1ecce75999 100644 --- a/product_docs/docs/tpa/23/reference/pg-backup-api.mdx +++ b/product_docs/docs/tpa/23/reference/pg-backup-api.mdx @@ -1,4 +1,5 @@ --- +description: Enabling the pg-backup-api and configuring client cert authentication. title: SSL Certificates originalFilePath: pg-backup-api.md diff --git a/product_docs/docs/tpa/23/reference/pg_hba.conf.mdx b/product_docs/docs/tpa/23/reference/pg_hba.conf.mdx index ebaff15e04a..f297727862e 100644 --- a/product_docs/docs/tpa/23/reference/pg_hba.conf.mdx +++ b/product_docs/docs/tpa/23/reference/pg_hba.conf.mdx @@ -1,4 +1,5 @@ --- +description: Customizing the pg_hba.conf file for your Postgres cluster. title: pg_hba.conf originalFilePath: pg_hba.conf.md diff --git a/product_docs/docs/tpa/23/reference/pg_ident.conf.mdx b/product_docs/docs/tpa/23/reference/pg_ident.conf.mdx index 1d9a8ca0136..aebc4242e56 100644 --- a/product_docs/docs/tpa/23/reference/pg_ident.conf.mdx +++ b/product_docs/docs/tpa/23/reference/pg_ident.conf.mdx @@ -1,4 +1,5 @@ --- +description: Working with pg_ident.conf. title: pg_ident.conf originalFilePath: pg_ident.conf.md diff --git a/product_docs/docs/tpa/23/reference/pgbouncer.mdx b/product_docs/docs/tpa/23/reference/pgbouncer.mdx index f7679d70b30..567d840caac 100644 --- a/product_docs/docs/tpa/23/reference/pgbouncer.mdx +++ b/product_docs/docs/tpa/23/reference/pgbouncer.mdx @@ -1,4 +1,5 @@ --- +description: Adding pgbouncer to your Postgres cluster. title: Configuring pgbouncer originalFilePath: pgbouncer.md diff --git a/product_docs/docs/tpa/23/reference/pgd-proxy.mdx b/product_docs/docs/tpa/23/reference/pgd-proxy.mdx index 6abfee989ea..c0e3c01b0f7 100644 --- a/product_docs/docs/tpa/23/reference/pgd-proxy.mdx +++ b/product_docs/docs/tpa/23/reference/pgd-proxy.mdx @@ -1,4 +1,5 @@ --- +description: Incorporating pgd-proxy into your TPA deployed PGD 5 cluster. title: Configuring pgd-proxy originalFilePath: pgd-proxy.md @@ -63,12 +64,14 @@ it is attached to, can be set under `default_pgd_proxy_options` under cluster_vars: default_pgd_proxy_options: listen_port: 6432 + read_listen_port: 6433 instances: - Name: someproxy vars: pgd_proxy_options: listen_port: 9000 + read_listen_port: 9001 ``` In this case, while other instances will get their `listen_port` setting from diff --git a/product_docs/docs/tpa/23/reference/pglogical.mdx b/product_docs/docs/tpa/23/reference/pglogical.mdx index 411a9e5a9c6..0205c4e418a 100644 --- a/product_docs/docs/tpa/23/reference/pglogical.mdx +++ b/product_docs/docs/tpa/23/reference/pglogical.mdx @@ -1,4 +1,5 @@ --- +description: Configuring pglogical replication with TPA. title: pglogical configuration originalFilePath: pglogical.md diff --git a/product_docs/docs/tpa/23/reference/pgpass.mdx b/product_docs/docs/tpa/23/reference/pgpass.mdx index f1c1eea411f..a95d286af61 100644 --- a/product_docs/docs/tpa/23/reference/pgpass.mdx +++ b/product_docs/docs/tpa/23/reference/pgpass.mdx @@ -1,4 +1,5 @@ --- +description: Defining the generated .pgpass file with TPA. title: Configuring .pgpass originalFilePath: pgpass.md diff --git a/product_docs/docs/tpa/23/reference/postgres_databases.mdx b/product_docs/docs/tpa/23/reference/postgres_databases.mdx index e8636445705..4b8b974d0fd 100644 --- a/product_docs/docs/tpa/23/reference/postgres_databases.mdx +++ b/product_docs/docs/tpa/23/reference/postgres_databases.mdx @@ -1,4 +1,5 @@ --- +description: Creating Postgres databases during deployment. title: Creating Postgres databases originalFilePath: postgres_databases.md diff --git a/product_docs/docs/tpa/23/reference/postgres_extension_configuration.mdx b/product_docs/docs/tpa/23/reference/postgres_extension_configuration.mdx index 71121d987d6..52ee6a54fa8 100644 --- a/product_docs/docs/tpa/23/reference/postgres_extension_configuration.mdx +++ b/product_docs/docs/tpa/23/reference/postgres_extension_configuration.mdx @@ -1,4 +1,5 @@ --- +description: Postgres extensions and how to configure them with TPA. title: Adding Postgres extensions originalFilePath: postgres_extension_configuration.md @@ -24,7 +25,7 @@ the package containing the extension. - [Adding the *vector* extension through configuration](reconciling-local-changes/) - [Specifying extensions for configured databases](postgres_databases/) -- [Including shared preload entries for extensions](postgresql.conf/#shared_preload_libraries) +- [Including shared preload entries for extensions](postgresql.conf/#shared-preload-libraries) - [Installing Postgres-related packages](postgres_installation_method_pkg/) ## TPA recognized extensions diff --git a/product_docs/docs/tpa/23/reference/postgres_installation_method_pkg.mdx b/product_docs/docs/tpa/23/reference/postgres_installation_method_pkg.mdx index 4554a377456..2e41b8d27ee 100644 --- a/product_docs/docs/tpa/23/reference/postgres_installation_method_pkg.mdx +++ b/product_docs/docs/tpa/23/reference/postgres_installation_method_pkg.mdx @@ -1,4 +1,5 @@ --- +description: Adding extra packages that depend on Postgres to your cluster. title: Installing Postgres-related packages originalFilePath: postgres_installation_method_pkg.md diff --git a/product_docs/docs/tpa/23/reference/postgres_installation_method_src.mdx b/product_docs/docs/tpa/23/reference/postgres_installation_method_src.mdx index 53131011b81..6f8a3d5a825 100644 --- a/product_docs/docs/tpa/23/reference/postgres_installation_method_src.mdx +++ b/product_docs/docs/tpa/23/reference/postgres_installation_method_src.mdx @@ -1,4 +1,5 @@ --- +description: Building Postgres from source using TPA. title: Postgres source installation originalFilePath: postgres_installation_method_src.md diff --git a/product_docs/docs/tpa/23/reference/postgres_tablespaces.mdx b/product_docs/docs/tpa/23/reference/postgres_tablespaces.mdx index 76629222027..9fb75bd8a3e 100644 --- a/product_docs/docs/tpa/23/reference/postgres_tablespaces.mdx +++ b/product_docs/docs/tpa/23/reference/postgres_tablespaces.mdx @@ -1,4 +1,5 @@ --- +description: Tablespaces in Postgres and how to configure them with TPA. title: Creating Postgres tablespaces originalFilePath: postgres_tablespaces.md diff --git a/product_docs/docs/tpa/23/reference/postgres_user.mdx b/product_docs/docs/tpa/23/reference/postgres_user.mdx index 6ec95dec094..4b83467e164 100644 --- a/product_docs/docs/tpa/23/reference/postgres_user.mdx +++ b/product_docs/docs/tpa/23/reference/postgres_user.mdx @@ -1,4 +1,5 @@ --- +description: How TPA configures the Postgres system user title: The postgres Unix user originalFilePath: postgres_user.md diff --git a/product_docs/docs/tpa/23/reference/postgres_users.mdx b/product_docs/docs/tpa/23/reference/postgres_users.mdx index ea54bc0c01d..270f18b35a3 100644 --- a/product_docs/docs/tpa/23/reference/postgres_users.mdx +++ b/product_docs/docs/tpa/23/reference/postgres_users.mdx @@ -1,4 +1,5 @@ --- +description: Creating Postgres users during deployment. title: Creating Postgres users originalFilePath: postgres_users.md diff --git a/product_docs/docs/tpa/23/reference/postgresql.conf.mdx b/product_docs/docs/tpa/23/reference/postgresql.conf.mdx index 5109ffe9dd4..3c7092ff2ec 100644 --- a/product_docs/docs/tpa/23/reference/postgresql.conf.mdx +++ b/product_docs/docs/tpa/23/reference/postgresql.conf.mdx @@ -1,4 +1,5 @@ --- +description: Modifying postgresql.conf on a TPA-managed Postgres cluster. title: postgresql.conf originalFilePath: postgresql.conf.md diff --git a/product_docs/docs/tpa/23/reference/python.mdx b/product_docs/docs/tpa/23/reference/python.mdx index 4d744672f43..31575f326c8 100644 --- a/product_docs/docs/tpa/23/reference/python.mdx +++ b/product_docs/docs/tpa/23/reference/python.mdx @@ -1,4 +1,5 @@ --- +description: The Python environment used by TPA and how to configure it. title: Python environment originalFilePath: python.md diff --git a/product_docs/docs/tpa/23/reference/reconciling-local-changes.mdx b/product_docs/docs/tpa/23/reference/reconciling-local-changes.mdx index 3e11587288c..2c2dae0f94e 100644 --- a/product_docs/docs/tpa/23/reference/reconciling-local-changes.mdx +++ b/product_docs/docs/tpa/23/reference/reconciling-local-changes.mdx @@ -1,4 +1,7 @@ --- +description: >- + How to reconcile changes made outside of TPA with the configuration in + `config.yml`. title: Reconciling changes made outside of TPA originalFilePath: reconciling-local-changes.md @@ -133,6 +136,7 @@ of the nodes. This is because TPA will not overwrite the metadata which tells PGD the node is parted. !!!Note + It is not possible to reconcile the `config.yml` with this cluster state because TPA, and indeed PGD itself, has no mechanism to initiate a node in the 'parted' state. In principle you could continue to use TPA to @@ -175,6 +179,7 @@ still has metadata that refers to `node-2` as a node whose state is cluster functionality. !!!Note + If you wish to join the original `node-2` back to the cluster after having removed it from `config.yml`, you can do so by restoring the deleted lines of `config.yml`, stopping Postgres, deleting the @@ -251,6 +256,7 @@ reinstalled. To reconcile `config.yml`, simply remove the lines added previously. !!!Note + As noted previously, TPA will not honour destructive changes. So simply removing the lines from `config.yml` will not remove the extension. It is necessary to perform this operation manually then diff --git a/product_docs/docs/tpa/23/reference/repmgr.mdx b/product_docs/docs/tpa/23/reference/repmgr.mdx index e7b133da638..0c3ffd84a4e 100644 --- a/product_docs/docs/tpa/23/reference/repmgr.mdx +++ b/product_docs/docs/tpa/23/reference/repmgr.mdx @@ -1,4 +1,5 @@ --- +description: How to install and configure repmgr with TPA. title: Configuring repmgr originalFilePath: repmgr.md diff --git a/product_docs/docs/tpa/23/reference/ssh_key_file.mdx b/product_docs/docs/tpa/23/reference/ssh_key_file.mdx index 652e293105e..c9240c8bb81 100644 --- a/product_docs/docs/tpa/23/reference/ssh_key_file.mdx +++ b/product_docs/docs/tpa/23/reference/ssh_key_file.mdx @@ -1,4 +1,7 @@ --- +description: >- + About the ssh_key_file setting in config.yml and how to use an existing SSH + keypair for a cluster. title: ssh_key_file originalFilePath: ssh_key_file.md diff --git a/product_docs/docs/tpa/23/reference/sysctl_values.mdx b/product_docs/docs/tpa/23/reference/sysctl_values.mdx index d2409e03b63..b9abde0d4ba 100644 --- a/product_docs/docs/tpa/23/reference/sysctl_values.mdx +++ b/product_docs/docs/tpa/23/reference/sysctl_values.mdx @@ -1,4 +1,5 @@ --- +description: Setting sysctl values for target instances. title: Setting sysctl values originalFilePath: sysctl_values.md diff --git a/product_docs/docs/tpa/23/reference/target_environment.mdx b/product_docs/docs/tpa/23/reference/target_environment.mdx index dbe4e3349db..4152ff89c76 100644 --- a/product_docs/docs/tpa/23/reference/target_environment.mdx +++ b/product_docs/docs/tpa/23/reference/target_environment.mdx @@ -1,4 +1,5 @@ --- +description: Controlling the target instances environment during deployment. title: Environment originalFilePath: target_environment.md diff --git a/product_docs/docs/tpa/23/reference/tpa_2q_repositories.mdx b/product_docs/docs/tpa/23/reference/tpa_2q_repositories.mdx index 5d86d28e93e..f780a37cade 100644 --- a/product_docs/docs/tpa/23/reference/tpa_2q_repositories.mdx +++ b/product_docs/docs/tpa/23/reference/tpa_2q_repositories.mdx @@ -1,4 +1,5 @@ --- +description: How to configure 2ndQuadrant package repositories on any system. title: Configuring 2ndQuadrant repositories originalFilePath: tpa_2q_repositories.md diff --git a/product_docs/docs/tpa/23/reference/tpaexec-archive-logs.mdx b/product_docs/docs/tpa/23/reference/tpaexec-archive-logs.mdx index 62fbb732c62..6f9fc2ae5e9 100644 --- a/product_docs/docs/tpa/23/reference/tpaexec-archive-logs.mdx +++ b/product_docs/docs/tpa/23/reference/tpaexec-archive-logs.mdx @@ -1,4 +1,5 @@ --- +description: How to archive logs from a TPA cluster. title: tpaexec archive-logs originalFilePath: tpaexec-archive-logs.md diff --git a/product_docs/docs/tpa/23/reference/tpaexec-commands.mdx b/product_docs/docs/tpa/23/reference/tpaexec-commands.mdx index 7f3aec312eb..ffe3034a1ff 100644 --- a/product_docs/docs/tpa/23/reference/tpaexec-commands.mdx +++ b/product_docs/docs/tpa/23/reference/tpaexec-commands.mdx @@ -1,4 +1,7 @@ --- +description: >- + Creating custom commands for TPA to perform tasks specific to your + environment. title: TPA custom commands originalFilePath: tpaexec-commands.md diff --git a/product_docs/docs/tpa/23/reference/tpaexec-deprovision.mdx b/product_docs/docs/tpa/23/reference/tpaexec-deprovision.mdx index c0fcb31be58..3f696463392 100644 --- a/product_docs/docs/tpa/23/reference/tpaexec-deprovision.mdx +++ b/product_docs/docs/tpa/23/reference/tpaexec-deprovision.mdx @@ -1,4 +1,5 @@ --- +description: The command that destroys a cluster and associated resources. title: tpaexec deprovision originalFilePath: tpaexec-deprovision.md diff --git a/product_docs/docs/tpa/23/reference/tpaexec-download-packages.mdx b/product_docs/docs/tpa/23/reference/tpaexec-download-packages.mdx index 33b577a7a56..b548d2c526e 100644 --- a/product_docs/docs/tpa/23/reference/tpaexec-download-packages.mdx +++ b/product_docs/docs/tpa/23/reference/tpaexec-download-packages.mdx @@ -1,4 +1,5 @@ --- +description: The command that downloads packages for a TPA cluster. title: tpaexec download-packages originalFilePath: tpaexec-download-packages.md @@ -17,12 +18,13 @@ exclusively to build clusters. At this time package managers Apt and YUM are supported. !!! Note + The download-packages feature requires Docker to be installed on the TPA host. This is because the downloader operates by creating a container of the target operating system and uses that system's package manager to resolve dependencies and download all necessary packages. The required Docker setup for download-packages is the same as that for - [using Docker as a deployment platform](../platform-docker/). + [using Docker as a deployment platform](#platform-docker). ## Usage diff --git a/product_docs/docs/tpa/23/reference/tpaexec-info.mdx b/product_docs/docs/tpa/23/reference/tpaexec-info.mdx index 6a3a0c4aa35..92e81ca4406 100644 --- a/product_docs/docs/tpa/23/reference/tpaexec-info.mdx +++ b/product_docs/docs/tpa/23/reference/tpaexec-info.mdx @@ -1,4 +1,5 @@ --- +description: A command to output information about the TPA installation. title: tpaexec info originalFilePath: tpaexec-info.md diff --git a/product_docs/docs/tpa/23/reference/tpaexec-reconfigure.mdx b/product_docs/docs/tpa/23/reference/tpaexec-reconfigure.mdx index 130fef4d6a0..fd9a3944ad3 100644 --- a/product_docs/docs/tpa/23/reference/tpaexec-reconfigure.mdx +++ b/product_docs/docs/tpa/23/reference/tpaexec-reconfigure.mdx @@ -1,4 +1,7 @@ --- +description: >- + The command that reads config.yml, changes the cluster in various ways and + outputs a new config.yml. title: tpaexec reconfigure originalFilePath: tpaexec-reconfigure.md diff --git a/product_docs/docs/tpa/23/reference/tpaexec-support.mdx b/product_docs/docs/tpa/23/reference/tpaexec-support.mdx index 196c050140f..3e2bd223c7d 100644 --- a/product_docs/docs/tpa/23/reference/tpaexec-support.mdx +++ b/product_docs/docs/tpa/23/reference/tpaexec-support.mdx @@ -1,4 +1,5 @@ --- +description: What software can be installed and configured by TPA. title: TPA capabilities and supported software originalFilePath: tpaexec-support.md diff --git a/product_docs/docs/tpa/23/reference/tpaexec-tests.mdx b/product_docs/docs/tpa/23/reference/tpaexec-tests.mdx index b26b2f69f26..1fe205a14fa 100644 --- a/product_docs/docs/tpa/23/reference/tpaexec-tests.mdx +++ b/product_docs/docs/tpa/23/reference/tpaexec-tests.mdx @@ -1,4 +1,5 @@ --- +description: How to write custom tests for TPA clusters. title: TPA custom tests originalFilePath: tpaexec-tests.md diff --git a/product_docs/docs/tpa/23/reference/volumes.mdx b/product_docs/docs/tpa/23/reference/volumes.mdx index 037be4d25a8..47cfecd5624 100644 --- a/product_docs/docs/tpa/23/reference/volumes.mdx +++ b/product_docs/docs/tpa/23/reference/volumes.mdx @@ -1,4 +1,5 @@ --- +description: Configuring volumes for instances in a TPA cluster. title: Filesystem configuration originalFilePath: volumes.md diff --git a/product_docs/docs/tpa/23/reference/yum_repositories.mdx b/product_docs/docs/tpa/23/reference/yum_repositories.mdx index 459fead6f85..068cf28c6ea 100644 --- a/product_docs/docs/tpa/23/reference/yum_repositories.mdx +++ b/product_docs/docs/tpa/23/reference/yum_repositories.mdx @@ -1,4 +1,5 @@ --- +description: Configuring YUM package repositories on RedHat systems. title: Configuring YUM repositories originalFilePath: yum_repositories.md diff --git a/product_docs/docs/tpa/23/rel_notes/index.mdx b/product_docs/docs/tpa/23/rel_notes/index.mdx index 2ab7e45198f..b9a05882a2f 100644 --- a/product_docs/docs/tpa/23/rel_notes/index.mdx +++ b/product_docs/docs/tpa/23/rel_notes/index.mdx @@ -2,6 +2,7 @@ title: Trusted Postgres Architect release notes navTitle: "Release notes" navigation: + - tpa_23.33_rel_notes - tpa_23.32_rel_notes - tpa_23.31_rel_notes - tpa_23.30_rel_notes @@ -30,6 +31,7 @@ The Trusted Postgres Architect documentation describes the latest version of Tru | Version | Release date | | ---------------------------- | ------------ | +| [23.33](tpa_23.33_rel_notes) | 24 Jun 2024 | | [23.32](tpa_23.32_rel_notes) | 15 May 2024 | | [23.31](tpa_23.31_rel_notes) | 19 Mar 2024 | | [23.30](tpa_23.30_rel_notes) | 19 Mar 2024 | diff --git a/product_docs/docs/tpa/23/rel_notes/tpa_23.33_rel_notes.mdx b/product_docs/docs/tpa/23/rel_notes/tpa_23.33_rel_notes.mdx new file mode 100644 index 00000000000..7dadfbcf6a1 --- /dev/null +++ b/product_docs/docs/tpa/23/rel_notes/tpa_23.33_rel_notes.mdx @@ -0,0 +1,24 @@ +--- +title: Trusted Postgres Architect 23.33 release notes +navTitle: "Version 23.33" +--- + +Released: 24 Jun 2024 + +New features, enhancements, bug fixes, and other changes in Trusted Postgres Architect 23.33 include the following: + +| Type | Description | +|---------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| Enhancement | TPA now supports Debian 12 Bookworm on the ARM64 CPU architecture. | +| Enhancement | PGD version 5.5 allows for proxy nodes to be configured as read endpoints, which direct read-only queries to a shadow node. TPA supports this configuration option by setting a `read_listen_port` parameter under `default_pgd_proxy_options` and `pgd_proxy_options` in `config.yml`. This parameter is included by default when the PGD version is 5.5 or greater. Users can also specify the port numbers by passing `--proxy-listen-port` and `proxy-read-listen-port` arguments to the `tpaexec configure` command. | +| Enhancement | Added support for `postgres_wal_dir` in Patroni deployments. When a custom `postgres_wal_dir` is specified in TPA configuration, TPA will make sure to relay that option to the corresponding settings in the Patroni configuration file. That way, if Patroni ever needs to rebuild a standby on its own, out of TPA, the standby will be properly set up with a custom WAL directory. | +| Enhancement | When adding PgBouncer nodes in a Patroni cluster, TPA now configures Patroni with a `on_role_change` callback. That callback takes care of updating the primary connection info in the PgBouncer nodes in response to failover and switchover events. | +| Enhancement | EDB now produces its own `edb-patroni` package instead of rebuilding the `patroni` packages from PGDG. TPA now allows users to select between `patroni` and `edb-patroni` packages. The selection is made through the new TPA setting `patroni_package_flavour`. | +| Change | To work around broken Barman 3.10 packages in the PGDG repos, TPA now installs version 3.9 of Barman if using PGDG repos on an RHEL-family system. This behavior can be overridden by explicitly setting barman_package_version in config.yml . | +| Change | The `haproxy_bind_address` is now set to `0.0.0.0` when Patroni is the failover manager. This resolves an issue with the general default of `127.0.0.1` preventing communication between Postgres nodes and HA Proxy nodes. Users should change this value to something more restrictive and appropriate for their cluster networking. | +| Change | Task selectors are now consistently applied in the final stage of deployment. Consistency of task selectors in the tests is improved and the examples of task selectors in the docs are now correct. All deploy-time hooks now have corresponding task selectors. | +| Change | If `barman_package_version` is set, TPA will now look at it when looking for the barman-cli package as well as for Barman itself. This resolves an inconsistency which caused clusters using the downloader to fail when `barman_package_version` was used. | +| Bug Fix | Fixed an issue whereby required permissions on functions in the BDR database were not being granted to the HARP DCS user on a witness node. | +| Bug Fix | Fixed an issue whereby docker provisioning failed with "read-only file system". On host systems running cgroup1 with docker containers running recent OS images, `tpaexec provision` could fail to provision containers with an error message like "mkdir /sys/fs/cgroup/tpa.scope: read-only file system". TPA will now detect this case and avoid it. | +| Bug Fix | TPA now provides a clear error message if the user runs `tpaexec cmd` or `tpaexec ping` before provision. | + diff --git a/product_docs/docs/tpa/23/task-selection.mdx b/product_docs/docs/tpa/23/task-selection.mdx index 936b6928a4e..2373f379489 100644 --- a/product_docs/docs/tpa/23/task-selection.mdx +++ b/product_docs/docs/tpa/23/task-selection.mdx @@ -1,5 +1,6 @@ --- navTitle: Task selection +description: Selecting which tasks TPA should run during deployment. title: Selective task execution originalFilePath: task-selection.md @@ -27,19 +28,19 @@ available for `tpaexec test`. To deploy without running barman-related tasks: ``` -[tpa]$ tpaexec deploy --excluded_tasks barman +[tpa]$ tpaexec deploy --excluded_tasks=barman ``` To deploy running only repmgr-related tasks: ``` -[tpa]$ tpaexec deploy --included_tasks repmgr +[tpa]$ tpaexec deploy --included_tasks=repmgr ``` To deploy without trying to set hostnames on the instances: ``` -[tpa]$ tpaexec deploy --excluded_tasks hostname +[tpa]$ tpaexec deploy --excluded_tasks=hostname ``` To prevent bootstrap and ssh tasks from ever running, put the following @@ -123,6 +124,10 @@ The following selectors are supported for either inclusion or exclusion: Tasks which install packages using the system package manager. +- post-deploy + + The post-deploy hook, if one is defined. + - postgres Tasks related to postgres. @@ -159,6 +164,22 @@ The following selectors are supported only for exclusion: Tasks which clean up the Barman build directory if Barman is being built from source. +- barman-pre-config + + The barman-pre-config hook, if one is defined. + +- bdr-pre-node-creation + + The bdr-pre-node-creation hook, if one is defined. + +- bdr-post-group-creation + + The bdr-post-group-creation hook, if one is defined. + +- bdr-pre-group-join + + The bdr-pre-group-join hook, if one is defined. + - bootstrap Tasks which ensure that python and other minimal dependencies are @@ -232,11 +253,31 @@ The following selectors are supported only for exclusion: Tasks which create the [.pgpass](reference/pgpass/) file. +- post-repo + + The post-repo hook, if one is defined. + - postgres-clean Tasks which clean up the build directory if postgres is being built from source. +- postgres-config + + The postgres-config hook, if one is defined. + +- postgres-config-final + + The postgres-config-final hook, if one is defined. + +- pre-deploy + + The pre-deploy hook, if one is defined. + +- pre-initdb + + The pre-initdb hook, if one is defined. + - replication-sets Tasks related to witness-only replication sets on a BDR3 cluster. diff --git a/product_docs/docs/tpa/23/tower.mdx b/product_docs/docs/tpa/23/tower.mdx index 05f2768ffa7..e639cb3c98c 100644 --- a/product_docs/docs/tpa/23/tower.mdx +++ b/product_docs/docs/tpa/23/tower.mdx @@ -1,5 +1,8 @@ --- navTitle: Ansible Tower (Automation Controller) +description: >- + Deploying and managing TPA clusters using Ansible Tower/Ansible Automation + Platform. title: TPA and Ansible Tower/Ansible Automation Platform originalFilePath: tower.md @@ -30,6 +33,7 @@ TPA dependencies, you will need an EE that includes TPA so your AAP can use it when running deployments and upgrades. !!! Note Get an EE + See [Build an EE for TPA](#build-an-ee-for-tpa) for instructions on building your own image. @@ -123,6 +127,7 @@ Add a project in AAP using the git repository as the source. Set the default EE of the project to use the TPA EE image. !!! Note Project options + To ensure changes are correctly synced before running a job, we strongly recommend using **Update Revision on Launch**. @@ -135,6 +140,7 @@ Add an empty inventory. Use the project as an external source to populate it using `inventory/00-cluster_name` as the inventory file. !!! Note Inventory options + To ensure changes are correctly synced, we strongly recommend using **Overwrite local groups and hosts from remote inventory source**. @@ -272,6 +278,7 @@ additional_build_steps: ``` !!! Note Base image + Base image used here requires access to registry.redhat.io (should be provided alongside AAP license). This image already comes with most of the requirements for AAP 2.4 such as `python 3.9.*`, diff --git a/product_docs/docs/tpa/23/tpaexec-configure.mdx b/product_docs/docs/tpa/23/tpaexec-configure.mdx index 92f7ee45c79..4f7d6db7380 100644 --- a/product_docs/docs/tpa/23/tpaexec-configure.mdx +++ b/product_docs/docs/tpa/23/tpaexec-configure.mdx @@ -1,5 +1,6 @@ --- navTitle: Configuration +description: The command that creates and configures a new cluster. title: Cluster configuration originalFilePath: tpaexec-configure.md @@ -400,6 +401,13 @@ Use the `--use-ansible-tower` and `--tower-git-repository` options to create a cluster adapted for deployment with Ansible Tower. See [Ansible Tower](tower/) for details. +## Beacon agent + +Use the `--enable-beacon-agent` and `--beacon-agent-project-id` options +to install the beacon agent, which enables you to view your cluster in +the EDB Postgres AI Console. See [Configuring the beacon +agent](reference/beacon-agent/) for details. + ## Git repository By default, a git repository is created with an initial branch named diff --git a/product_docs/docs/tpa/23/tpaexec-deploy.mdx b/product_docs/docs/tpa/23/tpaexec-deploy.mdx index 5781de142cf..1d748667348 100644 --- a/product_docs/docs/tpa/23/tpaexec-deploy.mdx +++ b/product_docs/docs/tpa/23/tpaexec-deploy.mdx @@ -1,5 +1,6 @@ --- navTitle: Deployment +description: The command that starts a TPA deploying to a cluster. title: tpaexec deploy originalFilePath: tpaexec-deploy.md diff --git a/product_docs/docs/tpa/23/tpaexec-hooks.mdx b/product_docs/docs/tpa/23/tpaexec-hooks.mdx index 2ce4199c92b..7be91213a3b 100644 --- a/product_docs/docs/tpa/23/tpaexec-hooks.mdx +++ b/product_docs/docs/tpa/23/tpaexec-hooks.mdx @@ -1,5 +1,6 @@ --- navTitle: Deployment hooks +description: Extending TPA with hooks to execute arbitrary Anisible tasks. title: TPA hooks originalFilePath: tpaexec-hooks.md diff --git a/product_docs/docs/tpa/23/tpaexec-provision.mdx b/product_docs/docs/tpa/23/tpaexec-provision.mdx index fadc3a6a03e..e53d2f6349f 100644 --- a/product_docs/docs/tpa/23/tpaexec-provision.mdx +++ b/product_docs/docs/tpa/23/tpaexec-provision.mdx @@ -1,5 +1,6 @@ --- navTitle: Provisioning +description: The command to provision instances and resources for a TPA cluster. title: tpaexec provision originalFilePath: tpaexec-provision.md diff --git a/product_docs/docs/tpa/23/tpaexec-rehydrate.mdx b/product_docs/docs/tpa/23/tpaexec-rehydrate.mdx index cf0f39b6565..26e24488769 100644 --- a/product_docs/docs/tpa/23/tpaexec-rehydrate.mdx +++ b/product_docs/docs/tpa/23/tpaexec-rehydrate.mdx @@ -1,5 +1,6 @@ --- navTitle: Rehydration +description: Rehydrate an AWS EC2 instance with a new machine image (AMI). title: tpaexec rehydrate originalFilePath: tpaexec-rehydrate.md diff --git a/product_docs/docs/tpa/23/tpaexec-server-pool.mdx b/product_docs/docs/tpa/23/tpaexec-server-pool.mdx index 5e5094b8e1b..bde4f3a0b51 100644 --- a/product_docs/docs/tpa/23/tpaexec-server-pool.mdx +++ b/product_docs/docs/tpa/23/tpaexec-server-pool.mdx @@ -1,5 +1,6 @@ --- navTitle: Server pool management +description: Manage the HAProxy server pool for a BDR/HAProxy cluster. title: BDR/HAProxy server pool management originalFilePath: tpaexec-server-pool.md diff --git a/product_docs/docs/tpa/23/tpaexec-switchover.mdx b/product_docs/docs/tpa/23/tpaexec-switchover.mdx index 2c0801b9ef9..6857424c70c 100644 --- a/product_docs/docs/tpa/23/tpaexec-switchover.mdx +++ b/product_docs/docs/tpa/23/tpaexec-switchover.mdx @@ -1,5 +1,8 @@ --- navTitle: Switchover +description: >- + Perform a controlled switchover between a primary and a replica in a cluster + that uses streaming replication. title: tpaexec switchover originalFilePath: tpaexec-switchover.md diff --git a/product_docs/docs/tpa/23/tpaexec-test.mdx b/product_docs/docs/tpa/23/tpaexec-test.mdx index f520da45c89..d9322b67389 100644 --- a/product_docs/docs/tpa/23/tpaexec-test.mdx +++ b/product_docs/docs/tpa/23/tpaexec-test.mdx @@ -1,5 +1,6 @@ --- navTitle: Testing +description: Run architecture-specific tests against a deployed cluster. title: tpaexec test originalFilePath: tpaexec-test.md diff --git a/product_docs/docs/tpa/23/tpaexec-upgrade.mdx b/product_docs/docs/tpa/23/tpaexec-upgrade.mdx index 848037a9596..a52b2c4eb45 100644 --- a/product_docs/docs/tpa/23/tpaexec-upgrade.mdx +++ b/product_docs/docs/tpa/23/tpaexec-upgrade.mdx @@ -1,5 +1,6 @@ --- navTitle: Rolling upgrades +description: Upgrading your TPA cluster. title: Upgrading your cluster originalFilePath: tpaexec-upgrade.md @@ -20,6 +21,7 @@ install a different version of a package that is already installed. Instead, you must use `tpaexec upgrade` to perform software upgrades. !!!Note What can I do with `upgrade`? + Supported uses of the `upgrade` command include: - Upgrading Postgres and other cluster components to the latest minor version without modifying `config.yml` @@ -159,7 +161,23 @@ PGD logical standby or physical replica instances are updated without any haproxy or pgbouncer interaction. Non-Postgres instances in the cluster are left alone. -You can control the order in which the cluster's instances are updated +## M1 + +!!!Warning + +The `upgrade` command for M1 is affected by a known bug and will fail +where the failover manager is Patroni or EFM. TPA will provide full +upgrade functionality for M1 in a future release. +!!! + +For M1 clusters, `upgrade` will first update the streaming +replicas one by one, then perform a [switchover](tpaexec-switchover/) +from the primary to one of the replicas, update the primary, and +switchover back to it again. + +## Controlling the upgrade process + +You can control the order in which the cluster's instances are upgraded by defining the `update_hosts` variable: ``` @@ -167,28 +185,21 @@ $ tpaexec upgrade ~/clusters/speedy \ -e update_hosts=quirk,keeper,quaver ``` -This may be useful to minimise lead/shadow switchovers during the update +This may be useful to minimise lead/shadow switchovers during the upgrade by listing the active PGD primary instances last, so that the shadow -servers are updated first. +servers are upgraded first. + +You can upgrade a subset of the instances by specifying only these +instances in update_hosts. However, you must always include any +instances with the`harp-proxy`, `pgd-proxy`, or `pgbouncer` +roles in the list, otherwise the upgrade could fail with package +version conflicts. If your environment requires additional actions, the [postgres-pre-update and postgres-post-update hooks](tpaexec-hooks/) allow you to execute custom Ansible tasks before and after the package installation step. -## M1 - -!!!Warning -The `upgrade` command for M1 is affected by a known bug and will fail -where the failover manager is Patroni or EFM. TPA will provide full -upgrade functionality for M1 in a future release. -!!! - -For M1 clusters, `upgrade` will first update the streaming -replicas one by one, then perform a [switchover](tpaexec-switchover/) -from the primary to one of the replicas, update the primary, and -switchover back to it again. - ## Package version selection By default, `tpaexec upgrade` will update to the latest