Add roles/templates/tasks for ansible

cluster-pgsql.yml

@@ -0,0 +1,6 @@
+---
+- hosts: main_centos
+
+  roles:
+     - ansible-role-patroni
+

host_vars/cluster-pgsql-01.local/main.yml

@@ -0,0 +1,6 @@
+---
+
+patroni_node_name: cluster_pgsql_01
+
+keepalived_priority: 99
+

host_vars/cluster-pgsql-02.local/main.yml

@@ -0,0 +1,5 @@
+---
+
+patroni_node_name: cluster_pgsql_02
+
+keepalived_priority: 100

host_vars/cluster-pgsql-03.local/main.yml

@@ -0,0 +1,5 @@
+---
+
+patroni_node_name: cluster_pgsql_03
+
+keepalived_priority: 101

hosts.ini

@@ -0,0 +1,17 @@
+[pgsql]
+main_centos    ansible_ssh_host=192.168.1.130   ansible_ssh_user=root
+slave_centos   ansible_ssh_host=192.168.1.44    ansible_ssh_user=root
+
+[pgsql:vars]
+patroni_scope="cluster-pgsql"
+patroni_rest_password="KAM9iPPgDfchMVJbhBEXKQ=="
+patroni_postgres_password="KAM9iPPgDfchMVJbhBEXKQ=="
+patroni_replicator_password="KAM9iPPgDfchMVJbhBEXKQ=="
+
+# please set you VIP here
+cluster_virtual_ip=192.168.1.130
+
+<spoiler title="host_vars/pgsql-cluster-01.local/main.yml">
+<source lang="yaml">
+patroni_node_name=192.168.1.130
+keepalived_priority=99

roles/ansible-role-patroni/tasks/haproxy.yml

@@ -0,0 +1,22 @@
+---
+
+- name: Install haproxy
+  yum: name={{ item }} state=latest
+  tags: 
+    - patroni
+    - haproxy
+  with_items:
+    - haproxy
+
+- name: put config
+  template: src=haproxy.cfg.j2 dest=/etc/haproxy/haproxy.cfg backup=yes
+  tags: 
+    - patroni
+    - haproxy
+
+- name: restart and enable
+  service: name=haproxy state=restarted enabled=yes
+  tags: 
+    - patroni
+    - haproxy
+

roles/ansible-role-patroni/tasks/keepalived.yml

@@ -0,0 +1,29 @@
+---
+
+- name: Install keepalived
+  yum: name={{ item }} state=latest
+  tags: 
+    - patroni
+    - keepalived
+  with_items:
+    - keepalived
+
+- name: put alert script
+  template: src=alert.sh.j2 dest=/usr/local/sbin/alert.sh backup=no mode=755
+  tags: 
+    - patroni
+    - keepalived
+
+- name: put config
+  template: src=keepalived.conf.j2 dest=/etc/keepalived/keepalived.conf backup=yes
+  tags: 
+    - patroni
+    - keepalived
+
+- name: restart and enable
+  service: name=keepalived state=restarted enabled=yes
+  tags: 
+    - patroni
+    - keepalived
+
+

roles/ansible-role-patroni/tasks/main.yml

@@ -0,0 +1,4 @@
+
+- include: postgres.yml
+- include: haproxy.yml
+- include: keepalived.yml

roles/ansible-role-patroni/tasks/postgres.yml

@@ -0,0 +1,57 @@
+---
+
+- name: Import Postgresql96 repo
+  yum: name=https://download.postgresql.org/pub/repos/yum/9.6/redhat/rhel-7-x86_64/pgdg-centos96-9.6-3.noarch.rpm state=present
+  tags: patroni
+
+- name: Install PGsql96
+  yum: name={{ item }} state=latest
+  tags: patroni
+  with_items:
+    - postgresql96
+    - postgresql96-contrib
+    - postgresql96-server
+    - python-psycopg2
+    - repmgr96
+
+- name: install python packages
+  pip: name={{ item }}
+  tags: patroni
+  with_items:
+    - python-etcd
+    - python-consul
+    - dnspython
+    - boto
+    - mock
+    - requests
+    - six
+    - kazoo
+    - click
+    - tzlocal
+    - prettytable
+    - PyYAML
+
+- name: checkout patroni
+  git: repo=https://github.com/zalando/patroni.git dest=/opt/patroni
+  tags: patroni
+
+- name: create /etc/patroni
+  file: state=directory dest=/etc/patroni
+  tags: patroni
+
+- name: put postgres.yml
+  template: src=postgres.yml.j2 dest=/etc/patroni/postgres.yml backup=yes
+  tags: patroni
+
+- name: put patroni.service systemd unit
+  template: src=patroni.service dest=/etc/systemd/system/patroni.service backup=yes
+  tags: patroni
+
+- name: Reload daemon definitions
+  command: /usr/bin/systemctl daemon-reload
+  tags: patroni
+
+- name: restart
+  service: name=patroni state=restarted enabled=yes
+  tags: patroni
+

roles/ansible-role-patroni/templates/alert.sh.j2

@@ -0,0 +1,10 @@
+#!/bin/bash
+
+# Common group chat's ID
+CHAT_ID="<telegram_group_id>"
+# Common token
+TOKEN="<telegram_auth_token>"
+
+/usr/bin/curl -s --header 'Content-Type: application/json' --request 'POST' --data \
+		"{\"chat_id\":\"$CHAT_ID\",\"text\":\"$1\"}" "https://api.telegram.org/bot$TOKEN/sendMessage" | grep -q '"ok":false,'
+if [ $? -eq 0 ] ; then exit 1 ; fi

roles/ansible-role-patroni/templates/haproxy.cfg.j2

@@ -0,0 +1,23 @@
+global
+maxconn 800
+
+defaults
+log global
+mode tcp
+retries 2
+timeout client 30m
+timeout connect 4s
+timeout server 30m
+timeout check 5s
+
+frontend ft_postgresql
+bind *:5000
+default_backend postgres-patroni
+
+backend postgres-patroni
+  option httpchk
+
+  http-check expect status 200
+  default-server inter 3s fall 3 rise 2
+
+  server cluster-pgsql-01 192.168.1.130:5432 maxconn 300 check port 8008

roles/ansible-role-patroni/templates/keepalived.conf.j2

@@ -0,0 +1,34 @@
+global_defs {
+   router_id {{ patroni_node_name }}
+}
+
+vrrp_script chk_haproxy {
+        script "killall -0 haproxy"
+        interval 1
+        weight -20
+        debug
+        fall 2
+        rise 2
+}
+
+vrrp_instance {{ patroni_node_name }} {
+        interface ens160
+        state BACKUP
+        virtual_router_id 150
+        priority {{ keepalived_priority }}
+#        smtp_alert
+        authentication {
+            auth_type PASS
+            auth_pass 23k4fsdkljfhlsdkfhjl
+        }
+        track_script {
+		chk_haproxy weight 20
+        }
+        virtual_ipaddress {
+                192.xx.xx.125/32 dev ens160
+        }
+        notify_master "/usr/bin/sh /usr/local/sbin/alert.sh '{{ patroni_node_name }} became MASTER'"
+        notify_backup "/usr/bin/sh /usr/local/sbin/alert.sh '{{ patroni_node_name }} became BACKUP'"
+        notify_fault "/usr/bin/sh /usr/local/sbin/alert.sh '{{ patroni_node_name }} became FAULT'"
+
+}

roles/ansible-role-patroni/templates/patroni.service

@@ -0,0 +1,33 @@
+
+# This is an example systemd config file for Patroni
+# You can copy it to "/etc/systemd/system/patroni.service",
+
+[Unit]
+Description=Runners to orchestrate a high-availability PostgreSQL
+After=syslog.target network.target
+
+[Service]
+Type=simple
+
+User=postgres
+Group=postgres
+
+# Where to send early-startup messages from the server
+# This is normally controlled by the global default set by systemd
+# StandardOutput=syslog
+
+Environment=PATH=PATH=/usr/local/bin:/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/var/lib/pgsql/bin:/usr/pgsql-9.6/bin
+
+ExecStart=/opt/patroni/patroni.py /etc/patroni/postgres.yml
+
+# only kill the patroni process, not it's children, so it will gracefully stop postgres
+KillMode=process
+
+# Give a reasonable amount of time for the server to start up/shut down
+TimeoutSec=10
+
+# Do not restart the service if it crashes, we want to manually inspect database on failure
+Restart=no
+
+[Install]
+WantedBy=multi-user.target

roles/ansible-role-patroni/templates/postgres.yml.j2

@@ -0,0 +1,55 @@
+name: {{ patroni_node_name }}
+scope: &scope {{ patroni_scope }}
+
+consul:
+  host: 127.0.0.1:8400
+
+restapi:
+  listen: 0.0.0.0:8008
+  connect_address: {{ ansible_default_ipv4.address }}:8008
+  auth: 'username:{{ patroni_rest_password }}'
+
+bootstrap: 
+  dcs:
+    ttl: &ttl 30
+    loop_wait: &loop_wait 10
+    maximum_lag_on_failover: 1048576 # 1 megabyte in bytes
+    postgresql:
+      use_pg_rewind: true
+      use_slots: true
+      parameters:
+        archive_mode: "on"
+        wal_level: hot_standby
+        archive_command: mkdir -p ../wal_archive && cp %p ../wal_archive/%f
+        max_wal_senders: 10
+        wal_keep_segments: 8
+        archive_timeout: 1800s
+        max_replication_slots: 5
+        hot_standby: "on"
+        wal_log_hints: "on"
+
+pg_hba:  # Add following lines to pg_hba.conf after running 'initdb'
+  - host replication replicator 192.168.0.0/16 md5
+  - host all all 0.0.0.0/0 md5
+
+postgresql:
+  listen: 0.0.0.0:5432
+  connect_address: {{ ansible_default_ipv4.address }}:5432
+  data_dir: /var/lib/pgsql/9.6/data
+  pg_rewind:
+    username: superuser
+    password: {{ patroni_postgres_password }}
+  pg_hba:
+  - host all all 0.0.0.0/0 md5
+  - hostssl all all 0.0.0.0/0 md5
+  replication:
+    username: replicator
+    password: {{ patroni_replicator_password }}
+    network:  192.168.0.0/16
+  superuser:
+    username: superuser
+    password: {{ patroni_postgres_password }}
+  admin:
+    username: admin
+    password: {{ patroni_postgres_password }}
+  restore: /opt/patroni/patroni/scripts/restore.py

tasks/essentialsoftware.yml

@@ -0,0 +1,49 @@
+---
+
+- name: Enabling epel repository
+  yum: name={{ item }} state=latest
+  tags: software
+  with_items:
+   - epel-release
+
+- name: Install essential software
+  yum: name={{ item }} state=latest
+  tags: software
+  with_items:
+   - ntpdate
+   - bzip2
+   - zip
+   - unzip
+   - openssl-devel
+   - mc
+   - vim
+   - atop
+   - wget
+   - mytop
+   - screen
+   - net-tools
+   - rsync
+   - psmisc
+   - gdb
+   - subversion
+   - htop
+   - bind-utils
+   - sysstat
+   - nano
+   - iptraf
+   - nethogs
+   - ngrep
+   - tcpdump
+   - lm_sensors
+   - mtr
+   - s3cmd
+   - psmisc
+   - gcc
+   - git
+   - python2-pip
+   - python-devel
+
+- name: install the 'Development tools' package group
+  yum:
+    name: "@Development tools"
+    state: present

tasks/kernel4.yml

@@ -0,0 +1,9 @@
+---
+
+- name: Install new kernel
+  yum: name=kernel-ml enablerepo=elrepo-kernel
+  tags: kernel4
+
+- name: enable boot with new kernel
+  shell: grub2-set-default 0
+  tags: kernel4