From 6f5ae8d13dc6c0252059e9ae6de77f1c1ed58340 Mon Sep 17 00:00:00 2001 From: Alex Vandiver Date: Fri, 11 Mar 2022 02:39:34 +0000 Subject: [PATCH] puppet: wal-g backups are required for replication. Previously, it was possible to configure `wal-g` backups without replication enabled; this resulted in only daily backups, not streaming backups. It was also possible to enable replication without configuring the `wal-g` backups bucket; this simply failed to work. Make `wal-g` backups always streaming, and warn loudly if replication is enabled but `wal-g` is not configured. --- docs/production/deployment.md | 26 ++++--------------- puppet/zulip/manifests/profile/postgresql.pp | 9 ++++++- .../12/postgresql.conf.template.erb | 4 +-- .../13/postgresql.conf.template.erb | 4 +-- .../14/postgresql.conf.template.erb | 4 +-- 5 files changed, 19 insertions(+), 28 deletions(-) diff --git a/docs/production/deployment.md b/docs/production/deployment.md index 029ffc41cc..ec3f798e2b 100644 --- a/docs/production/deployment.md +++ b/docs/production/deployment.md @@ -508,23 +508,15 @@ things you need to be careful about when configuring it: Zulip's configuration allows for [warm standby database replicas][warm-standby] as a disaster recovery solution; see the linked PostgreSQL documentation for details on this type of -deployment. Zulip's configuration leverages `wal-g`, our [database -backup solution][wal-g], and thus requires that it be configured for -the primary and all secondary warm standby replicas. +deployment. Zulip's configuration builds on top of `wal-g`, our +[database backup solution][wal-g], and thus requires that it be +configured for the primary and all secondary warm standby replicas. -The primary should have log-shipping enabled, with: +Warm spare replicas should also have `wal-g` backups configured, and +their primary replica and replication username set: ```ini [postgresql] -replication = yes -``` - -Warm spare replicas should have log-shipping enabled, and their -primary replica and replication username configured: - -```ini -[postgresql] -replication = yes replication_user = replicator replication_primary = hostname-of-primary.example.com ``` @@ -688,14 +680,6 @@ setting](https://www.postgresql.org/docs/current/runtime-config-connection.html# Override PostgreSQL's [`random_page_cost` setting](https://www.postgresql.org/docs/current/runtime-config-query.html#GUC-RANDOM-PAGE-COST) -#### `replication` - -Set to true to enable replication to enable [log shipping replication -between PostgreSQL servers](#postgresql-warm-standby). This should be -enabled on the primary, as well as any replicas, and further requires -configuration of -[wal-g](export-and-import.md#backup-details). - #### `replication_primary` On the [warm standby replicas](#postgresql-warm-standby), set to the diff --git a/puppet/zulip/manifests/profile/postgresql.pp b/puppet/zulip/manifests/profile/postgresql.pp index c12d60a762..7c24174614 100644 --- a/puppet/zulip/manifests/profile/postgresql.pp +++ b/puppet/zulip/manifests/profile/postgresql.pp @@ -13,7 +13,7 @@ class zulip::profile::postgresql { $listen_addresses = zulipconf('postgresql', 'listen_addresses', undef) - $replication = zulipconf('postgresql', 'replication', undef) + $s3_backups_bucket = zulipsecret('secrets', 's3_backups_bucket', '') $replication_primary = zulipconf('postgresql', 'replication_primary', undef) $replication_user = zulipconf('postgresql', 'replication_user', undef) @@ -38,6 +38,13 @@ class zulip::profile::postgresql { } if $replication_primary != '' and $replication_user != '' { + if $s3_backups_bucket == '' { + $message = @(EOT/L) + Replication is enabled, but s3_backups_bucket is not set in zulip-secrets.conf! \ + Streaming replication requires wal-g backups be configured. + |-EOT + warning($message) + } if $zulip::postgresql_common::version in ['10', '11'] { # PostgreSQL 11 and below used a recovery.conf file for replication file { "${zulip::postgresql_base::postgresql_confdir}/recovery.conf": diff --git a/puppet/zulip/templates/postgresql/12/postgresql.conf.template.erb b/puppet/zulip/templates/postgresql/12/postgresql.conf.template.erb index be3a659ac8..935c37eb96 100644 --- a/puppet/zulip/templates/postgresql/12/postgresql.conf.template.erb +++ b/puppet/zulip/templates/postgresql/12/postgresql.conf.template.erb @@ -787,8 +787,8 @@ effective_io_concurrency = <%= @effective_io_concurrency %> listen_addresses = <%= @listen_addresses %> <% end -%> -<% if @replication != '' || (@replication_primary != '' && @replication_user != '') -%> -# Replication +<% if @s3_backups_bucket != '' -%> +# Streaming backups and replication max_wal_senders = 5 archive_mode = on archive_command = '/usr/bin/timeout 10m /usr/local/bin/env-wal-g wal-push %p' diff --git a/puppet/zulip/templates/postgresql/13/postgresql.conf.template.erb b/puppet/zulip/templates/postgresql/13/postgresql.conf.template.erb index 80dd31a241..0f6327d7a8 100644 --- a/puppet/zulip/templates/postgresql/13/postgresql.conf.template.erb +++ b/puppet/zulip/templates/postgresql/13/postgresql.conf.template.erb @@ -818,8 +818,8 @@ effective_io_concurrency = <%= @effective_io_concurrency %> listen_addresses = <%= @listen_addresses %> <% end -%> -<% if @replication != '' || (@replication_primary != '' && @replication_user != '') -%> -# Replication +<% if @s3_backups_bucket != '' -%> +# Streaming backups and replication max_wal_senders = 5 archive_mode = on archive_command = '/usr/bin/timeout 10m /usr/local/bin/env-wal-g wal-push %p' diff --git a/puppet/zulip/templates/postgresql/14/postgresql.conf.template.erb b/puppet/zulip/templates/postgresql/14/postgresql.conf.template.erb index 030624fe65..c591906203 100644 --- a/puppet/zulip/templates/postgresql/14/postgresql.conf.template.erb +++ b/puppet/zulip/templates/postgresql/14/postgresql.conf.template.erb @@ -839,8 +839,8 @@ effective_io_concurrency = <%= @effective_io_concurrency %> listen_addresses = <%= @listen_addresses %> <% end -%> -<% if @replication != '' || (@replication_primary != '' && @replication_user != '') -%> -# Replication +<% if @s3_backups_bucket != '' -%> +# Streaming backups and replication max_wal_senders = 5 archive_mode = on archive_command = '/usr/bin/timeout 10m /usr/local/bin/env-wal-g wal-push %p'