grape/devops
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ъеъ

Browse Source
This commit is contained in:
Penguin Grape 2025-08-20 12:05:57 +03:00
parent 6da2f01366
commit f9ffc53a86
13 changed files with 302 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ansible/host_vars/87.228.113.211.yml Normal file
View File

@ -0,0 +1,2 @@
etcd_node: etcd1
node_local_ip: 192.168.1.66

1
ansible/host_vars/87.228.113.250.yml Normal file
View File

@ -0,0 +1 @@
etcd_node: etcd3

2
ansible/host_vars/87.228.113.45.yml Normal file
View File

@ -0,0 +1,2 @@
etcd_node: etcd2
node_local_ip: 192.168.1.4

13
ansible/inventory.ini Normal file
View File

@ -0,0 +1,13 @@
[all]
87.228.113.211
87.228.113.45
87.228.113.250
[etcd]
87.228.113.211
87.228.113.45
87.228.113.250
[psql]
87.228.113.211
87.228.113.45

13
ansible/playbooks/patroni.yml Normal file
View File

@ -0,0 +1,13 @@
- name: Install etcd on all nodes
hosts: etcd
roles:
- role: etcd
tags: [ etcd ]
- name: Install psql + patroni on nodes 1 and 2
hosts: psql
roles:
- role: psql
tags: [ psql ]
- role: patroni
tags: [ patroni ]

16
ansible/roles/etcd/files/etcd.service Normal file
View File

@ -0,0 +1,16 @@
[Unit]
Description=etcd key-value store
Documentation=https://etcd.io/docs/
Wants=network-online.target
After=network-online.target
[Service]
User=etcd
Type=notify
ExecStart=/usr/bin/etcd --config-file=/etc/etcd/etcd.conf.yml
Restart=always
RestartSec=5
LimitNOFILE=40000
[Install]
WantedBy=multi-user.target

5
ansible/roles/etcd/files/hosts Normal file
View File

@ -0,0 +1,5 @@
127.0.0.1 localhost
192.168.1.66 etcd1
192.168.1.4 etcd2
192.168.1.5 etcd3

93
ansible/roles/etcd/tasks/main.yml Normal file
View File

@ -0,0 +1,93 @@
- name: Ensure all dependecies are presented
apt:
name: "{{ item }}"
state: present
loop:
- tar
# - xz-utils
- name: Create etcd group
group:
name: etcd
state: present
system: true
- name: Cretae etcd user
user:
name: etcd
group: etcd
system: yes
shell: /sbin/nologin
home: /var/lib/etcd
create_home: yes
state: present
- name: Make your own dns (aka hosts)
copy:
src: hosts
dest: /etc/hosts
owner: root
group: root
mode: 0644
- name: Download etcd
get_url:
url: https://github.com/etcd-io/etcd/releases/download/v3.6.4/etcd-v3.6.4-linux-amd64.tar.gz
dest: /tmp/etcd.tar.gz
mode: 0644
- name: Cretae tmp dir
file:
path: /tmp/etcd
state: directory
mode: 0755
- name: create etc dir
file:
path: /etc/etcd
state: directory
owner: etcd
group: etcd
mode: 0755
- name: Unpack etcd
unarchive:
src: /tmp/etcd.tar.gz
remote_src: true
dest: /tmp/etcd
extra_opts: [--strip-components=1]
owner: etcd
group: etcd
- name: Move bins to path
copy:
src: "/tmp/etcd/{{ item }}"
dest: "/usr/bin/{{ item }}"
mode: 0755
remote_src: true
loop:
- etcd
- etcdctl
- etcdutl
- name: put etcd config
template:
src: etcd.conf.yml.j2
dest: /etc/etcd/etcd.conf.yml
owner: etcd
group: etcd
mode: 0644
- name: put systemd unit file for etcd
copy:
src: etcd.service
dest: /etc/systemd/system/etcd.service
owner: root
group: root
mode: 0644
- name: start and enable etcd
service:
name: etcd
enabled: true
state: started

12
ansible/roles/etcd/templates/etcd.conf.yml.j2 Normal file
View File

@ -0,0 +1,12 @@
# /etc/etcd/etcd.conf.yml
name: {{ etcd_node }}
data-dir: /var/lib/etcd/default
listen-peer-urls: http://0.0.0.0:2380
listen-client-urls: http://0.0.0.0:2379
advertise-client-urls: http://{{ etcd_node }}:2379
initial-advertise-peer-urls: http://{{ etcd_node }}:2380
initial-cluster-token: etcd_scope
initial-cluster: etcd1=http://etcd1:2380,etcd2=http://etcd2:2380,etcd3=http://etcd3:2380
initial-cluster-state: new
election-timeout: 5000
heartbeat-interval: 500

14
ansible/roles/patroni/files/patroni.service Normal file
View File

@ -0,0 +1,14 @@
[Unit]
Description=Patroni high-availability PostgreSQL
After=network.target
[Service]
User=postgres
Type=simple
ExecStart=/opt/patroni/bin/patroni /etc/patroni/config.yml
Restart=always
RestartSec=5
LimitNOFILE=1024
[Install]
WantedBy=multi-user.target

26
ansible/roles/patroni/tasks/main.yml Normal file
View File

@ -0,0 +1,26 @@
- name: Install patroni
apt:
name: patroni
state: latest
- name: put patroni config
template:
src: config.yml.j2
dest: /etc/patroni/config.yml
owner: root
group: root
mode: 0644
- name: put systemd unit file
copy:
src: patroni.service
dest: /etc/systemd/system/patroni.service
owner: root
group: root
mode: 0644
- name: start and enable patroni
service:
name: patroni
enabled: true
state: started

94
ansible/roles/patroni/templates/config.yml.j2 Normal file
View File

@ -0,0 +1,94 @@
patroni:
scope: patroni_cluster
namespace: /patroni
name: {{ etcd_node }}
log:
level: INFO
dir: /data/log/patroni
file_size: 50000000
file_num: 10
restapi:
listen: 0.0.0.0:8008
connect_address: {{ etcd_node }}:8008 # Изменить на 2 ноде
verify_client: none
etcd3:
hosts: ["etcd1:2379", "etcd2:2379", "etcd3:2379"]
protocol: http
watchdog:
mode: off # Если настроен, можно включить
bootstrap:
dcs:
failsafe_mode: true
ttl: 30
loop_wait: 10
retry_timeout: 10
maximum_lag_on_failover: 1048576
synchronous_mode: true
synchronous_mode_strict: true
synchronous_mode_count: 1
master_start_timeout: 30
slots:
prod_replica1:
type: physical
postgresql:
use_pg_rewind: true
use_slots: true
parameters:
shared_buffers: '512MB'
wal_level: 'replica'
wal_keep_size: '512MB'
max_connections: 100
effective_cache_size: '1GB'
maintenance_work_mem: '256MB'
max_wal_senders: 5
max_replication_slots: 5
checkpoint_completion_target: 0.7
log_connections: 'on'
log_disconnections: 'on'
log_statement: 'ddl'
log_line_prefix: '%m [%p] %q%u@%d '
logging_collector: 'on'
log_destination: 'stderr'
log_directory: '/data/log'
log_filename: 'postgresql-%Y-%m-%d.log'
log_rotation_size: '100MB'
log_rotation_age: '1d'
log_min_duration_statement: -1
log_min_error_statement: 'error'
log_min_messages: 'warning'
log_error_verbosity: 'verbose'
log_hostname: 'off'
log_duration: 'off'
log_timezone: 'Europe/Moscow'
timezone: 'Europe/Moscow'
lc_messages: 'C.UTF-8'
password_encryption: 'scram-sha-256'
debug_print_parse: 'off'
debug_print_rewritten: 'off'
debug_print_plan: 'off'
superuser_reserved_connections: 3
synchronous_commit: 'on'
synchronous_standby_names: '*'
hot_standby: 'on'
compute_query_id: 'on'
pg_hba:
- local all all peer
- host all all 127.0.0.1/32 scram-sha-256
- host all all 0.0.0.0/0 md5
- host replication replicator 127.0.0.1/32 scram-sha-256
- host replication replicator 192.168.60.0/24 scram-sha-256
pg_hba:
- local all all peer
- host all all 127.0.0.1/32 scram-sha-256
- host all all 0.0.0.0/0 md5
- host replication replicator 127.0.0.1/32 scram-sha-256
- host replication replicator 192.168.60.0/24 scram-sha-256
initdb: ["encoding=UTF8", "data-checksums", "username=postgres", "auth=scram-sha-256"]
users:
admin:
password: 'new_secure_password1'
options: ["createdb"]
postgresql:
listen: 0.0.0.0
connect_address: {{ node_local_ip }}:5432
use

11
ansible/roles/psql/tasks/main.yml Normal file
View File

@ -0,0 +1,11 @@
- name: install psql
apt:
name: postgresql
state: latest
update_cache: true
- name: stop psql just in case
service:
name: postgresql
enabled: false
state: stopped