Add support for major upgrades
This commit is contained in:
parent
79642188b4
commit
c8bb48b3ef
Binary file not shown.
|
@ -1,27 +0,0 @@
|
||||||
FROM danielberteaud/alpine:24.4-1
|
|
||||||
MAINTAINER Daniel Berteaud <dbd@ehtrace.com>
|
|
||||||
|
|
||||||
ARG PG_FROM= \
|
|
||||||
PG_TO=
|
|
||||||
|
|
||||||
ENV LANG=fr_FR.utf8 \
|
|
||||||
TZ=Europe/Paris
|
|
||||||
|
|
||||||
COPY --from=walg /usr/local/bin/wal-g /usr/local/bin/wal-g
|
|
||||||
|
|
||||||
RUN set -eux &&\
|
|
||||||
apk --no-cache upgrade &&\
|
|
||||||
for VER in 12 13 14 15; do \
|
|
||||||
apk --no-cache add postgresql${PG_VERSION} \
|
|
||||||
postgresql${PG_VERSION}-client \
|
|
||||||
postgresql${PG_VERSION}-contrib \
|
|
||||||
done
|
|
||||||
apk --no-cache add icu-data-full \
|
|
||||||
tzdata &&\
|
|
||||||
mkdir -p /run/postgresql &&\
|
|
||||||
chown -R postgres:postgres /run/postgresql
|
|
||||||
|
|
||||||
COPY root/ /
|
|
||||||
|
|
||||||
USER postgres
|
|
||||||
CMD ["pg-major-upgrade"]
|
|
|
@ -1,56 +0,0 @@
|
||||||
#!/bin/sh
|
|
||||||
|
|
||||||
set -euo pipefail
|
|
||||||
|
|
||||||
if [ -z "${PG_FROM}" ]; then
|
|
||||||
echo "You must set PG_FROM env var to the source version"
|
|
||||||
exit 1
|
|
||||||
elif [ -z "${PG_TO}" ]; then
|
|
||||||
echo "You must set PG_TO env var to the destination version"
|
|
||||||
exit 1
|
|
||||||
elif [ ! -d "${PG_BASE_DATA}/${PG_FROM}" ]; then
|
|
||||||
echo "Source data dir ${PG_BASE_DATA}/${PG_FROM} must already exist"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ -z "${DO_PG_UPGRADE}" -o "${DO_PG_UPGRADE}" != "1" ]; then
|
|
||||||
echo "Not running the upgrade. Please set DO_PG_UPGRADE=1"
|
|
||||||
fi
|
|
||||||
|
|
||||||
cd ${PG_BASE_DATA}
|
|
||||||
|
|
||||||
echo "Creating new data dir for version ${PG_TO}"
|
|
||||||
mkdir -p ${PG_BASE_DATA}/${PG_TO}
|
|
||||||
chmod 700 ${PG_BASE_DATA}/${PG_TO}
|
|
||||||
|
|
||||||
echo "Commenting SSL directives (SSL cert not available, nor needed in the upgrade context)"
|
|
||||||
cp ${PG_BASE_DATA}/${PG_FROM}/postgresql.conf ${PG_BASE_DATA}/${PG_FROM}/postgresql.conf.old
|
|
||||||
sed -i -r 's/^(ssl.*)/#\1/g' ${PG_BASE_DATA}/${PG_FROM}/postgresql.conf
|
|
||||||
|
|
||||||
echo "Replacing pg_hba with a custom one"
|
|
||||||
cp ${PG_BASE_DATA}/${PG_FROM}/pg_hba.conf ${PG_BASE_DATA}/${PG_FROM}/pg_hba.conf.old
|
|
||||||
cat <<_EOF > ${PG_BASE_DATA}/${PG_FROM}/pg_hba.conf
|
|
||||||
local all postgres peer
|
|
||||||
_EOF
|
|
||||||
|
|
||||||
echo "Initializing new PG cluster"
|
|
||||||
/usr/libexec/postgresql${PG_TO}/bin/initdb --pgdata=${PG_BASE_DATA}/${PG_TO} --auth-host=scram-sha-256 --auth-local=peer --icu-locale=${LANG} --data-checksums --encoding=UTF8 --locale-provider=icu
|
|
||||||
|
|
||||||
echo "Upgrading PG data from ${PG_BASE_DATA}/${PG_FROM} to ${PG_BASE_DATA}/${PG_TO}"
|
|
||||||
/usr/libexec/postgresql${PG_TO}/bin/pg_upgrade \
|
|
||||||
--clone \
|
|
||||||
--old-datadir ${PG_BASE_DATA}/${PG_FROM} \
|
|
||||||
--new-datadir ${PG_BASE_DATA}/${PG_TO} \
|
|
||||||
--old-bindir /usr/libexec/postgresql${PG_FROM}/bin \
|
|
||||||
--new-bindir /usr/libexec/postgresql${PG_TO}/bin
|
|
||||||
|
|
||||||
echo "Keep old patroni.dynamic.json config"
|
|
||||||
if [ -e "${PG_BASE_DATA}/${PG_FROM}/patroni.dynamic.json" ]; then
|
|
||||||
cp ${PG_BASE_DATA}/${PG_FROM}/patroni.dynamic.json ${PG_BASE_DATA}/${PG_TO}/
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo "Restoring configuration"
|
|
||||||
cp -f ${PG_BASE_DATA}/${PG_FROM}/pg_hba.conf.old ${PG_BASE_DATA}/${PG_FROM}/pg_hba.conf
|
|
||||||
cp -f ${PG_BASE_DATA}/${PG_FROM}/postgresql.conf.old ${PG_BASE_DATA}/${PG_FROM}/postgresql.conf
|
|
||||||
cp -f ${PG_BASE_DATA}/${PG_FROM}/pg_hba.conf ${PG_BASE_DATA}/${PG_TO}/pg_hba.conf
|
|
||||||
cp -f ${PG_BASE_DATA}/${PG_FROM}/postgresql.conf ${PG_BASE_DATA}/${PG_TO}/postgresql.conf
|
|
|
@ -1,16 +1,21 @@
|
||||||
FROM danielberteaud/alma:9.24.4-1
|
FROM danielberteaud/alma:9.24.4-1
|
||||||
MAINTAINER Daniel Berteaud <dbd@ehtrace.com>
|
MAINTAINER Daniel Berteaud <dbd@ehtrace.com>
|
||||||
|
|
||||||
ENV PG_BASE_DATA=/data/db/
|
ENV PG_BASE_DATA=/data/db/ \
|
||||||
|
PG_INITDB_OPTS="--data-checksum --encoding UTF-8"
|
||||||
|
|
||||||
RUN set -eux \
|
RUN set -eux &&\
|
||||||
dnf update -y &&\
|
|
||||||
rpm -i https://download.postgresql.org/pub/repos/yum/reporpms/EL-9-x86_64/pgdg-redhat-repo-latest.noarch.rpm &&\
|
rpm -i https://download.postgresql.org/pub/repos/yum/reporpms/EL-9-x86_64/pgdg-redhat-repo-latest.noarch.rpm &&\
|
||||||
dnf module -y disable postgresql &&\
|
dnf module -y disable postgresql &&\
|
||||||
dnf install -y --setopt=install_weak_deps=0 glibc-langpack-fr glibc-langpack-en &&\
|
dnf -y install glibc-langpack-fr glibc-langpack-en &&\
|
||||||
for VER in 11 12 13 14 15 16; do dnf install -y postgresql${VER} postgresql${VER}-server postgresql${VER}-contrib; done &&\
|
dnf install -y postgresql15 postgresql15-server postgresql15-contrib; \
|
||||||
|
dnf install -y postgresql16 postgresql16-server postgresql16-contrib; \
|
||||||
dnf clean all &&\
|
dnf clean all &&\
|
||||||
rm -rf /var/cache/yum/* /var/log/yum/* /var/lib/yum/history*
|
rm -rf /var/cache/yum/* /var/log/yum/* /var/lib/yum/history*
|
||||||
|
COPY --from=danielberteaud/postgres:15.24.4-1 /usr/pgsql-15/share/extension/vectors* /usr/pgsql-15/share/extension/
|
||||||
|
COPY --from=danielberteaud/postgres:15.24.4-1 /usr/pgsql-15/lib/vectors.so /usr/pgsql-15/lib/vectors.so
|
||||||
|
COPY --from=danielberteaud/postgres:16.24.4-1 /usr/pgsql-16/share/extension/vectors* /usr/pgsql-16/share/extension/
|
||||||
|
COPY --from=danielberteaud/postgres:16.24.4-1 /usr/pgsql-16/lib/vectors.so /usr/pgsql-16/lib/vectors.so
|
||||||
|
|
||||||
COPY root/ /
|
COPY root/ /
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,8 @@
|
||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
|
|
||||||
set -euxo pipefail
|
set -euo pipefail
|
||||||
|
|
||||||
|
mkdir -p /data/db
|
||||||
|
|
||||||
if [ -z "${PG_FROM}" ]; then
|
if [ -z "${PG_FROM}" ]; then
|
||||||
echo "You must set PG_FROM env var to the source version"
|
echo "You must set PG_FROM env var to the source version"
|
||||||
|
@ -13,8 +15,8 @@ elif [ ! -d "${PG_BASE_DATA}/${PG_FROM}" ]; then
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -z "${DO_PG_UPGRADE}" -o "${DO_PG_UPGRADE}" != "1" ]; then
|
if [ -z "${DO_PG_UPGRADE}" -o "${DO_PG_UPGRADE}" != "true" ]; then
|
||||||
echo "Not running the upgrade. Please set DO_PG_UPGRADE=1"
|
echo "Not running the upgrade. Please set DO_PG_UPGRADE=true"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
cd "${PG_BASE_DATA}"
|
cd "${PG_BASE_DATA}"
|
||||||
|
@ -27,6 +29,15 @@ echo "Commenting SSL directives (SSL cert not available, nor needed in the upgra
|
||||||
cp "${PG_BASE_DATA}/${PG_FROM}/postgresql.conf" "${PG_BASE_DATA}/${PG_FROM}/postgresql.conf.old"
|
cp "${PG_BASE_DATA}/${PG_FROM}/postgresql.conf" "${PG_BASE_DATA}/${PG_FROM}/postgresql.conf.old"
|
||||||
sed -i -r 's/^(ssl.*)/#\1/g' "${PG_BASE_DATA}/${PG_FROM}/postgresql.conf"
|
sed -i -r 's/^(ssl.*)/#\1/g' "${PG_BASE_DATA}/${PG_FROM}/postgresql.conf"
|
||||||
|
|
||||||
|
echo "Commenting Socket directive"
|
||||||
|
sed -i -r 's/^(unix_socket_directories.*)/#\1/g' "${PG_BASE_DATA}/${PG_FROM}/postgresql.conf"
|
||||||
|
|
||||||
|
#echo "Commenting shared_preload_libraries directive"
|
||||||
|
#sed -i -r 's/^(shared_preload_libraries.*)/#\1/g' "${PG_BASE_DATA}/${PG_FROM}/postgresql.conf"
|
||||||
|
|
||||||
|
echo "Commenting log_XXX directives"
|
||||||
|
sed -i -r 's/^(log_.*)/#\1/g' "${PG_BASE_DATA}/${PG_FROM}/postgresql.conf"
|
||||||
|
|
||||||
echo "Replacing pg_hba with a custom one"
|
echo "Replacing pg_hba with a custom one"
|
||||||
cp "${PG_BASE_DATA}/${PG_FROM}/pg_hba.conf" "${PG_BASE_DATA}/${PG_FROM}/pg_hba.conf.old"
|
cp "${PG_BASE_DATA}/${PG_FROM}/pg_hba.conf" "${PG_BASE_DATA}/${PG_FROM}/pg_hba.conf.old"
|
||||||
cat <<_EOF > "${PG_BASE_DATA}/${PG_FROM}/pg_hba.conf"
|
cat <<_EOF > "${PG_BASE_DATA}/${PG_FROM}/pg_hba.conf"
|
||||||
|
@ -34,11 +45,11 @@ local all postgres peer
|
||||||
_EOF
|
_EOF
|
||||||
|
|
||||||
echo "Initializing new PG cluster"
|
echo "Initializing new PG cluster"
|
||||||
/usr/pgsql-${PG_TO}/bin/initdb --pgdata=${PG_BASE_DATA}/${PG_TO} --data-checksums --encoding UTF-8
|
/usr/pgsql-${PG_TO}/bin/initdb --pgdata=${PG_BASE_DATA}/${PG_TO} ${PG_INITDB_OPTS}
|
||||||
|
|
||||||
echo "Upgrading PG data from ${PG_BASE_DATA}/${PG_FROM} to ${PG_BASE_DATA}/${PG_TO}"
|
echo "Upgrading PG data from ${PG_BASE_DATA}/${PG_FROM} to ${PG_BASE_DATA}/${PG_TO}"
|
||||||
/usr/pgsql-${PG_TO}/bin/pg_upgrade \
|
/usr/pgsql-${PG_TO}/bin/pg_upgrade \
|
||||||
--clone \
|
${PG_UPGRADE_OPTS} \
|
||||||
--old-datadir "${PG_BASE_DATA}/${PG_FROM}" \
|
--old-datadir "${PG_BASE_DATA}/${PG_FROM}" \
|
||||||
--new-datadir "${PG_BASE_DATA}/${PG_TO}" \
|
--new-datadir "${PG_BASE_DATA}/${PG_TO}" \
|
||||||
--old-bindir /usr/pgsql-${PG_FROM}/bin \
|
--old-bindir /usr/pgsql-${PG_FROM}/bin \
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
job "postgres" {
|
job "postgres-server" {
|
||||||
|
|
||||||
|
|
||||||
datacenters = ["dc1"]
|
datacenters = ["dc1"]
|
||||||
|
@ -93,8 +93,8 @@ job "postgres" {
|
||||||
port = "patroni"
|
port = "patroni"
|
||||||
path = "/health"
|
path = "/health"
|
||||||
protocol = "https"
|
protocol = "https"
|
||||||
interval = "20s"
|
interval = "30s"
|
||||||
timeout = "10s"
|
timeout = "5s"
|
||||||
# Patroni REST API is using a cert from a private CA
|
# Patroni REST API is using a cert from a private CA
|
||||||
tls_skip_verify = true
|
tls_skip_verify = true
|
||||||
}
|
}
|
||||||
|
@ -105,15 +105,15 @@ job "postgres" {
|
||||||
type = "script"
|
type = "script"
|
||||||
command = "/local/update_tags.sh"
|
command = "/local/update_tags.sh"
|
||||||
task = "postgres"
|
task = "postgres"
|
||||||
interval = "20s"
|
interval = "30s"
|
||||||
timeout = "10s"
|
timeout = "5s"
|
||||||
}
|
}
|
||||||
|
|
||||||
check {
|
check {
|
||||||
name = "ready"
|
name = "ready"
|
||||||
type = "script"
|
type = "script"
|
||||||
interval = "30s"
|
interval = "30s"
|
||||||
timeout = "10s"
|
timeout = "5s"
|
||||||
task = "postgres"
|
task = "postgres"
|
||||||
command = "pg_isready"
|
command = "pg_isready"
|
||||||
}
|
}
|
||||||
|
@ -332,8 +332,6 @@ bootstrap:
|
||||||
initdb:
|
initdb:
|
||||||
- data-checksum
|
- data-checksum
|
||||||
- encoding: UTF-8
|
- encoding: UTF-8
|
||||||
#- locale-provider: icu
|
|
||||||
#- icu-locale: fr_FR.utf8
|
|
||||||
|
|
||||||
post_bootstrap: /local/create_users.sh
|
post_bootstrap: /local/create_users.sh
|
||||||
|
|
|
@ -0,0 +1,74 @@
|
||||||
|
job "postgres-upgrade" {
|
||||||
|
|
||||||
|
datacenters = ["dc1"]
|
||||||
|
region = "global"
|
||||||
|
priority = 80
|
||||||
|
|
||||||
|
type = "batch"
|
||||||
|
|
||||||
|
meta {
|
||||||
|
# Force job to be different for each execution
|
||||||
|
run_uuid = "${uuidv4()}"
|
||||||
|
}
|
||||||
|
# Postgres upgrader not explicitely enabled
|
||||||
|
# Add a constraint to ensure it can't run
|
||||||
|
constraint {
|
||||||
|
attribute = "${attr.kernel.name}"
|
||||||
|
value = "nonexistant"
|
||||||
|
}
|
||||||
|
|
||||||
|
group "upgrade" {
|
||||||
|
|
||||||
|
|
||||||
|
volume "backup" {
|
||||||
|
source = "postgres-backup"
|
||||||
|
type = "csi"
|
||||||
|
access_mode = "multi-node-multi-writer"
|
||||||
|
attachment_mode = "file-system"
|
||||||
|
}
|
||||||
|
|
||||||
|
volume "data" {
|
||||||
|
source = "postgres-data"
|
||||||
|
type = "csi"
|
||||||
|
access_mode = "single-node-writer"
|
||||||
|
attachment_mode = "file-system"
|
||||||
|
per_alloc = true
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
network {
|
||||||
|
mode = "bridge"
|
||||||
|
}
|
||||||
|
|
||||||
|
task "upgrade" {
|
||||||
|
driver = "docker"
|
||||||
|
|
||||||
|
config {
|
||||||
|
image = "danielberteaud/postgres-major-upgrade:latest"
|
||||||
|
force_pull = true
|
||||||
|
readonly_rootfs = true
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
env {
|
||||||
|
PG_FROM = ""
|
||||||
|
PG_TO = ""
|
||||||
|
PG_INITDB_OPTS = "--data-checksum --encoding UTF-8 "
|
||||||
|
PG_UPGRADE_OPTS = "--new-options=-c --new-options=shared_preload_libraries=vectors.so --clone "
|
||||||
|
DO_PG_UPGRADE = "false"
|
||||||
|
}
|
||||||
|
|
||||||
|
volume_mount {
|
||||||
|
volume = "data"
|
||||||
|
destination = "/data"
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
resources {
|
||||||
|
cpu = 1000
|
||||||
|
memory = 1024
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
|
@ -1,27 +0,0 @@
|
||||||
FROM [[ .docker.repo ]][[ .docker.base_images.alpine.image ]]
|
|
||||||
MAINTAINER [[ .docker.maintainer ]]
|
|
||||||
|
|
||||||
ARG PG_FROM= \
|
|
||||||
PG_TO=
|
|
||||||
|
|
||||||
ENV LANG=[[ .locale.lang ]] \
|
|
||||||
TZ=[[ .locale.tz ]]
|
|
||||||
|
|
||||||
COPY --from=walg /usr/local/bin/wal-g /usr/local/bin/wal-g
|
|
||||||
|
|
||||||
RUN set -eux &&\
|
|
||||||
apk --no-cache upgrade &&\
|
|
||||||
for VER in 12 13 14 15; do \
|
|
||||||
apk --no-cache add postgresql${PG_VERSION} \
|
|
||||||
postgresql${PG_VERSION}-client \
|
|
||||||
postgresql${PG_VERSION}-contrib \
|
|
||||||
done
|
|
||||||
apk --no-cache add icu-data-full \
|
|
||||||
tzdata &&\
|
|
||||||
mkdir -p /run/postgresql &&\
|
|
||||||
chown -R postgres:postgres /run/postgresql
|
|
||||||
|
|
||||||
COPY root/ /
|
|
||||||
|
|
||||||
USER postgres
|
|
||||||
CMD ["pg-major-upgrade"]
|
|
|
@ -1,56 +0,0 @@
|
||||||
#!/bin/sh
|
|
||||||
|
|
||||||
set -euo pipefail
|
|
||||||
|
|
||||||
if [ -z "${PG_FROM}" ]; then
|
|
||||||
echo "You must set PG_FROM env var to the source version"
|
|
||||||
exit 1
|
|
||||||
elif [ -z "${PG_TO}" ]; then
|
|
||||||
echo "You must set PG_TO env var to the destination version"
|
|
||||||
exit 1
|
|
||||||
elif [ ! -d "${PG_BASE_DATA}/${PG_FROM}" ]; then
|
|
||||||
echo "Source data dir ${PG_BASE_DATA}/${PG_FROM} must already exist"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ -z "${DO_PG_UPGRADE}" -o "${DO_PG_UPGRADE}" != "1" ]; then
|
|
||||||
echo "Not running the upgrade. Please set DO_PG_UPGRADE=1"
|
|
||||||
fi
|
|
||||||
|
|
||||||
cd ${PG_BASE_DATA}
|
|
||||||
|
|
||||||
echo "Creating new data dir for version ${PG_TO}"
|
|
||||||
mkdir -p ${PG_BASE_DATA}/${PG_TO}
|
|
||||||
chmod 700 ${PG_BASE_DATA}/${PG_TO}
|
|
||||||
|
|
||||||
echo "Commenting SSL directives (SSL cert not available, nor needed in the upgrade context)"
|
|
||||||
cp ${PG_BASE_DATA}/${PG_FROM}/postgresql.conf ${PG_BASE_DATA}/${PG_FROM}/postgresql.conf.old
|
|
||||||
sed -i -r 's/^(ssl.*)/#\1/g' ${PG_BASE_DATA}/${PG_FROM}/postgresql.conf
|
|
||||||
|
|
||||||
echo "Replacing pg_hba with a custom one"
|
|
||||||
cp ${PG_BASE_DATA}/${PG_FROM}/pg_hba.conf ${PG_BASE_DATA}/${PG_FROM}/pg_hba.conf.old
|
|
||||||
cat <<_EOF > ${PG_BASE_DATA}/${PG_FROM}/pg_hba.conf
|
|
||||||
local all postgres peer
|
|
||||||
_EOF
|
|
||||||
|
|
||||||
echo "Initializing new PG cluster"
|
|
||||||
/usr/libexec/postgresql${PG_TO}/bin/initdb --pgdata=${PG_BASE_DATA}/${PG_TO} --auth-host=scram-sha-256 --auth-local=peer --icu-locale=${LANG} --data-checksums --encoding=UTF8 --locale-provider=icu
|
|
||||||
|
|
||||||
echo "Upgrading PG data from ${PG_BASE_DATA}/${PG_FROM} to ${PG_BASE_DATA}/${PG_TO}"
|
|
||||||
/usr/libexec/postgresql${PG_TO}/bin/pg_upgrade \
|
|
||||||
--clone \
|
|
||||||
--old-datadir ${PG_BASE_DATA}/${PG_FROM} \
|
|
||||||
--new-datadir ${PG_BASE_DATA}/${PG_TO} \
|
|
||||||
--old-bindir /usr/libexec/postgresql${PG_FROM}/bin \
|
|
||||||
--new-bindir /usr/libexec/postgresql${PG_TO}/bin
|
|
||||||
|
|
||||||
echo "Keep old patroni.dynamic.json config"
|
|
||||||
if [ -e "${PG_BASE_DATA}/${PG_FROM}/patroni.dynamic.json" ]; then
|
|
||||||
cp ${PG_BASE_DATA}/${PG_FROM}/patroni.dynamic.json ${PG_BASE_DATA}/${PG_TO}/
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo "Restoring configuration"
|
|
||||||
cp -f ${PG_BASE_DATA}/${PG_FROM}/pg_hba.conf.old ${PG_BASE_DATA}/${PG_FROM}/pg_hba.conf
|
|
||||||
cp -f ${PG_BASE_DATA}/${PG_FROM}/postgresql.conf.old ${PG_BASE_DATA}/${PG_FROM}/postgresql.conf
|
|
||||||
cp -f ${PG_BASE_DATA}/${PG_FROM}/pg_hba.conf ${PG_BASE_DATA}/${PG_TO}/pg_hba.conf
|
|
||||||
cp -f ${PG_BASE_DATA}/${PG_FROM}/postgresql.conf ${PG_BASE_DATA}/${PG_TO}/postgresql.conf
|
|
|
@ -1,17 +1,26 @@
|
||||||
FROM [[ .docker.repo ]][[ .docker.base_images.alma9.image ]]
|
FROM [[ .docker.repo ]][[ .docker.base_images.alma9.image ]]
|
||||||
MAINTAINER [[ .docker.maintainer ]]
|
MAINTAINER [[ .docker.maintainer ]]
|
||||||
|
|
||||||
ENV PG_BASE_DATA=/data/db/
|
ENV PG_BASE_DATA=/data/db/ \
|
||||||
|
PG_INITDB_OPTS="--data-checksum --encoding UTF-8"
|
||||||
|
|
||||||
RUN set -eux \
|
[[- $pg_ver := coll.Slice "15" "16" ]]
|
||||||
dnf update -y &&\
|
|
||||||
|
RUN set -eux &&\
|
||||||
rpm -i https://download.postgresql.org/pub/repos/yum/reporpms/EL-9-x86_64/pgdg-redhat-repo-latest.noarch.rpm &&\
|
rpm -i https://download.postgresql.org/pub/repos/yum/reporpms/EL-9-x86_64/pgdg-redhat-repo-latest.noarch.rpm &&\
|
||||||
dnf module -y disable postgresql &&\
|
dnf module -y disable postgresql &&\
|
||||||
dnf install -y --setopt=install_weak_deps=0 glibc-langpack-fr glibc-langpack-en &&\
|
dnf -y install glibc-langpack-fr glibc-langpack-en &&\
|
||||||
for VER in 11 12 13 14 15 16; do dnf install -y postgresql${VER} postgresql${VER}-server postgresql${VER}-contrib; done &&\
|
[[- range $ver := $pg_ver ]]
|
||||||
|
dnf install -y postgresql[[ $ver ]] postgresql[[ $ver ]]-server postgresql[[ $ver ]]-contrib; \
|
||||||
|
[[- end ]]
|
||||||
dnf clean all &&\
|
dnf clean all &&\
|
||||||
rm -rf /var/cache/yum/* /var/log/yum/* /var/lib/yum/history*
|
rm -rf /var/cache/yum/* /var/log/yum/* /var/lib/yum/history*
|
||||||
|
|
||||||
|
[[- range $ver := $pg_ver ]]
|
||||||
|
COPY --from=[[ $.docker.repo ]][[ (index $.docker.base_images (printf "postgres%s" $ver)).image ]] /usr/pgsql-[[ $ver ]]/share/extension/vectors* /usr/pgsql-[[ $ver ]]/share/extension/
|
||||||
|
COPY --from=[[ $.docker.repo ]][[ (index $.docker.base_images (printf "postgres%s" $ver)).image ]] /usr/pgsql-[[ $ver ]]/lib/vectors.so /usr/pgsql-[[ $ver ]]/lib/vectors.so
|
||||||
|
[[- end ]]
|
||||||
|
|
||||||
COPY root/ /
|
COPY root/ /
|
||||||
|
|
||||||
USER postgres
|
USER postgres
|
||||||
|
|
|
@ -1,6 +1,8 @@
|
||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
|
|
||||||
set -euxo pipefail
|
set -euo pipefail
|
||||||
|
|
||||||
|
mkdir -p /data/db
|
||||||
|
|
||||||
if [ -z "${PG_FROM}" ]; then
|
if [ -z "${PG_FROM}" ]; then
|
||||||
echo "You must set PG_FROM env var to the source version"
|
echo "You must set PG_FROM env var to the source version"
|
||||||
|
@ -13,8 +15,8 @@ elif [ ! -d "${PG_BASE_DATA}/${PG_FROM}" ]; then
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -z "${DO_PG_UPGRADE}" -o "${DO_PG_UPGRADE}" != "1" ]; then
|
if [ -z "${DO_PG_UPGRADE}" -o "${DO_PG_UPGRADE}" != "true" ]; then
|
||||||
echo "Not running the upgrade. Please set DO_PG_UPGRADE=1"
|
echo "Not running the upgrade. Please set DO_PG_UPGRADE=true"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
cd "${PG_BASE_DATA}"
|
cd "${PG_BASE_DATA}"
|
||||||
|
@ -27,6 +29,15 @@ echo "Commenting SSL directives (SSL cert not available, nor needed in the upgra
|
||||||
cp "${PG_BASE_DATA}/${PG_FROM}/postgresql.conf" "${PG_BASE_DATA}/${PG_FROM}/postgresql.conf.old"
|
cp "${PG_BASE_DATA}/${PG_FROM}/postgresql.conf" "${PG_BASE_DATA}/${PG_FROM}/postgresql.conf.old"
|
||||||
sed -i -r 's/^(ssl.*)/#\1/g' "${PG_BASE_DATA}/${PG_FROM}/postgresql.conf"
|
sed -i -r 's/^(ssl.*)/#\1/g' "${PG_BASE_DATA}/${PG_FROM}/postgresql.conf"
|
||||||
|
|
||||||
|
echo "Commenting Socket directive"
|
||||||
|
sed -i -r 's/^(unix_socket_directories.*)/#\1/g' "${PG_BASE_DATA}/${PG_FROM}/postgresql.conf"
|
||||||
|
|
||||||
|
#echo "Commenting shared_preload_libraries directive"
|
||||||
|
#sed -i -r 's/^(shared_preload_libraries.*)/#\1/g' "${PG_BASE_DATA}/${PG_FROM}/postgresql.conf"
|
||||||
|
|
||||||
|
echo "Commenting log_XXX directives"
|
||||||
|
sed -i -r 's/^(log_.*)/#\1/g' "${PG_BASE_DATA}/${PG_FROM}/postgresql.conf"
|
||||||
|
|
||||||
echo "Replacing pg_hba with a custom one"
|
echo "Replacing pg_hba with a custom one"
|
||||||
cp "${PG_BASE_DATA}/${PG_FROM}/pg_hba.conf" "${PG_BASE_DATA}/${PG_FROM}/pg_hba.conf.old"
|
cp "${PG_BASE_DATA}/${PG_FROM}/pg_hba.conf" "${PG_BASE_DATA}/${PG_FROM}/pg_hba.conf.old"
|
||||||
cat <<_EOF > "${PG_BASE_DATA}/${PG_FROM}/pg_hba.conf"
|
cat <<_EOF > "${PG_BASE_DATA}/${PG_FROM}/pg_hba.conf"
|
||||||
|
@ -34,11 +45,11 @@ local all postgres peer
|
||||||
_EOF
|
_EOF
|
||||||
|
|
||||||
echo "Initializing new PG cluster"
|
echo "Initializing new PG cluster"
|
||||||
/usr/pgsql-${PG_TO}/bin/initdb --pgdata=${PG_BASE_DATA}/${PG_TO} --data-checksums --encoding UTF-8
|
/usr/pgsql-${PG_TO}/bin/initdb --pgdata=${PG_BASE_DATA}/${PG_TO} ${PG_INITDB_OPTS}
|
||||||
|
|
||||||
echo "Upgrading PG data from ${PG_BASE_DATA}/${PG_FROM} to ${PG_BASE_DATA}/${PG_TO}"
|
echo "Upgrading PG data from ${PG_BASE_DATA}/${PG_FROM} to ${PG_BASE_DATA}/${PG_TO}"
|
||||||
/usr/pgsql-${PG_TO}/bin/pg_upgrade \
|
/usr/pgsql-${PG_TO}/bin/pg_upgrade \
|
||||||
--clone \
|
${PG_UPGRADE_OPTS} \
|
||||||
--old-datadir "${PG_BASE_DATA}/${PG_FROM}" \
|
--old-datadir "${PG_BASE_DATA}/${PG_FROM}" \
|
||||||
--new-datadir "${PG_BASE_DATA}/${PG_TO}" \
|
--new-datadir "${PG_BASE_DATA}/${PG_TO}" \
|
||||||
--old-bindir /usr/pgsql-${PG_FROM}/bin \
|
--old-bindir /usr/pgsql-${PG_FROM}/bin \
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
job "[[ .instance ]]" {
|
job "[[ .instance ]]-server" {
|
||||||
|
|
||||||
[[- $c := merge .pg . ]]
|
[[- $c := merge .pg . ]]
|
||||||
|
|
||||||
|
@ -53,8 +53,8 @@ job "[[ .instance ]]" {
|
||||||
port = "patroni"
|
port = "patroni"
|
||||||
path = "/health"
|
path = "/health"
|
||||||
protocol = "https"
|
protocol = "https"
|
||||||
interval = "20s"
|
interval = "[[ $c.consul.check.interval ]]"
|
||||||
timeout = "10s"
|
timeout = "[[ $c.consul.check.timeout ]]"
|
||||||
# Patroni REST API is using a cert from a private CA
|
# Patroni REST API is using a cert from a private CA
|
||||||
tls_skip_verify = true
|
tls_skip_verify = true
|
||||||
}
|
}
|
||||||
|
@ -65,15 +65,15 @@ job "[[ .instance ]]" {
|
||||||
type = "script"
|
type = "script"
|
||||||
command = "/local/update_tags.sh"
|
command = "/local/update_tags.sh"
|
||||||
task = "postgres"
|
task = "postgres"
|
||||||
interval = "20s"
|
interval = "[[ $c.consul.check.interval ]]"
|
||||||
timeout = "10s"
|
timeout = "[[ $c.consul.check.timeout ]]"
|
||||||
}
|
}
|
||||||
|
|
||||||
check {
|
check {
|
||||||
name = "ready"
|
name = "ready"
|
||||||
type = "script"
|
type = "script"
|
||||||
interval = "30s"
|
interval = "[[ $c.consul.check.interval ]]"
|
||||||
timeout = "10s"
|
timeout = "[[ $c.consul.check.timeout ]]"
|
||||||
task = "postgres"
|
task = "postgres"
|
||||||
command = "pg_isready"
|
command = "pg_isready"
|
||||||
}
|
}
|
|
@ -0,0 +1,51 @@
|
||||||
|
job "[[ .instance ]]-upgrade" {
|
||||||
|
[[- $c := merge .pg . ]]
|
||||||
|
[[ template "common/job_start" $c ]]
|
||||||
|
type = "batch"
|
||||||
|
|
||||||
|
meta {
|
||||||
|
# Force job to be different for each execution
|
||||||
|
run_uuid = "${uuidv4()}"
|
||||||
|
}
|
||||||
|
|
||||||
|
[[- if (not $c.upgrade.enabled) ]]
|
||||||
|
# Postgres upgrader not explicitely enabled
|
||||||
|
# Add a constraint to ensure it can't run
|
||||||
|
constraint {
|
||||||
|
attribute = "${attr.kernel.name}"
|
||||||
|
value = "nonexistant"
|
||||||
|
}
|
||||||
|
[[- end ]]
|
||||||
|
|
||||||
|
group "upgrade" {
|
||||||
|
[[- $c := merge $c.upgrade $c ]]
|
||||||
|
[[ template "common/volumes" $c ]]
|
||||||
|
|
||||||
|
network {
|
||||||
|
mode = "bridge"
|
||||||
|
}
|
||||||
|
|
||||||
|
task "upgrade" {
|
||||||
|
driver = "[[ $c.nomad.driver ]]"
|
||||||
|
|
||||||
|
config {
|
||||||
|
[[ template "common/image" $c ]]
|
||||||
|
}
|
||||||
|
|
||||||
|
env {
|
||||||
|
PG_FROM = "[[ $c.from ]]"
|
||||||
|
PG_TO = "[[ $c.to ]]"
|
||||||
|
PG_INITDB_OPTS = "[[ range $idx, $opt := .pg.server.initdb ]]--[[ $opt | regexp.Replace ":(\\s+)" "$1" ]] [[ end ]]"
|
||||||
|
PG_UPGRADE_OPTS = "[[ range $idx, $opt := $c.options ]]--[[ $opt | regexp.Replace ":(\\s+)" "$1" | regexp.Replace "\"" "\\\"" ]] [[ end ]]"
|
||||||
|
DO_PG_UPGRADE = "[[ $c.enabled | ternary "true" "false" ]]"
|
||||||
|
}
|
||||||
|
|
||||||
|
volume_mount {
|
||||||
|
volume = "data"
|
||||||
|
destination = "/data"
|
||||||
|
}
|
||||||
|
|
||||||
|
[[ template "common/resources" $c ]]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
|
@ -16,10 +16,9 @@ bootstrap:
|
||||||
[[- end ]]
|
[[- end ]]
|
||||||
|
|
||||||
initdb:
|
initdb:
|
||||||
- data-checksum
|
[[- range $idx, $opt := .initdb ]]
|
||||||
- encoding: UTF-8
|
- [[ $opt ]]
|
||||||
#- locale-provider: icu
|
[[- end ]]
|
||||||
#- icu-locale: [[ .locale.lang ]]
|
|
||||||
|
|
||||||
post_bootstrap: /local/create_users.sh
|
post_bootstrap: /local/create_users.sh
|
||||||
|
|
||||||
|
@ -43,8 +42,8 @@ postgresql:
|
||||||
on_start: /local/update_tags.sh
|
on_start: /local/update_tags.sh
|
||||||
|
|
||||||
connect_address: {{ env "NOMAD_HOST_ADDR_postgres" }}
|
connect_address: {{ env "NOMAD_HOST_ADDR_postgres" }}
|
||||||
bin_dir: /usr/pgsql-15/bin
|
bin_dir: /usr/pgsql-[[ .pg.server.pg_version ]]/bin
|
||||||
data_dir: /data/db/15
|
data_dir: /data/db/[[ .pg.server.pg_version ]]
|
||||||
listen: 0.0.0.0:{{ env "NOMAD_ALLOC_PORT_postgres" }}
|
listen: 0.0.0.0:{{ env "NOMAD_ALLOC_PORT_postgres" }}
|
||||||
use_pg_rewind: True
|
use_pg_rewind: True
|
||||||
#remove_data_directory_on_rewind_failure: True
|
#remove_data_directory_on_rewind_failure: True
|
||||||
|
|
|
@ -83,6 +83,10 @@ pg:
|
||||||
# How many nodes should use synchronous replication. No effect unless count > 1
|
# How many nodes should use synchronous replication. No effect unless count > 1
|
||||||
synchronous_node_count: 0
|
synchronous_node_count: 0
|
||||||
|
|
||||||
|
# Options to pass to initdb when initializing the cluster
|
||||||
|
initdb:
|
||||||
|
- "data-checksum"
|
||||||
|
- "encoding: UTF-8"
|
||||||
# Postgres parameters
|
# Postgres parameters
|
||||||
# The following memory related settings can be expressed as a percentage, and wil be computed based on the memory allocation of the container
|
# The following memory related settings can be expressed as a percentage, and wil be computed based on the memory allocation of the container
|
||||||
# shared_buffers effective_cache_size maintenance_work_mem wal_buffers work_mem
|
# shared_buffers effective_cache_size maintenance_work_mem wal_buffers work_mem
|
||||||
|
@ -365,14 +369,29 @@ pg:
|
||||||
|
|
||||||
# Settings for major upgrades
|
# Settings for major upgrades
|
||||||
upgrade:
|
upgrade:
|
||||||
image: danielberteaud/pg-major-upgrade:latest
|
|
||||||
|
|
||||||
|
# Set to true to run the upgrade
|
||||||
|
enabled: false
|
||||||
|
|
||||||
|
# Docker image to use
|
||||||
|
image: '[[ .docker.repo ]]postgres-major-upgrade:latest'
|
||||||
|
|
||||||
|
# Custom env var to set in the container
|
||||||
env: {}
|
env: {}
|
||||||
|
|
||||||
|
# Options to pass to pg_upgrade
|
||||||
|
options:
|
||||||
|
- new-options=-c
|
||||||
|
- new-options=shared_preload_libraries=vectors.so
|
||||||
|
- clone
|
||||||
|
|
||||||
|
# Major postgres versions, eg
|
||||||
|
# from: 15
|
||||||
|
# to: 16
|
||||||
from: ""
|
from: ""
|
||||||
to: ""
|
to: ""
|
||||||
do_upgrade: false
|
|
||||||
|
|
||||||
|
# Resource allocation
|
||||||
resources:
|
resources:
|
||||||
cpu: '[[ .pg.server.resources.cpu ]]'
|
cpu: '[[ .pg.server.resources.cpu ]]'
|
||||||
memory: '[[ .pg.server.resources.memory ]]'
|
memory: '[[ .pg.server.resources.memory ]]'
|
||||||
|
|
Loading…
Reference in New Issue