We will learn how to make Database Cluster using Patroni. This is Prerequisites (section 1).
Patroni is an open-source tool designed to help manage high availability for PostgreSQL databases. It simplifies the setup, management, and failover of PostgreSQL clusters by automating tasks that otherwise require manual intervention. Patroni works as a high-availability framework that helps PostgreSQL achieve fault tolerance. It also provides tools to easily add or remove nodes.
This article will have two section:
- Prerequisites (This section)
- Build PostgreSQL Database Cluster using Patroni
So, Don’t missed section two !
Prerequisites
We need to make sure every node has root access login. Do below step for every node in cluster (except for vm0 as load balancer)
Cluster Node
Setup SSH Root Login
Allowing SSH root login means permitting direct access to a server as the root user, which has unrestricted administrative rights on the system. However, direct SSH root login is generally discouraged in production environments because of security risks.
But, Initial System Setup process needed When a new server is provisioned, SSH root access can simplify initial configuration, as you have full access to install software, configure services, and modify system files without setting up additional users.
# edit file sshd_config
sudo nano /etc/ssh/sshd_config
# Change PermitRootLogin prohibit-password to PermitRootLogin yes
PermitRootLogin yes
# set password root with somethingPass@word
sudo passwd root
# restart ssh
sudo systemctl restart sshAllow Port needed
using IPtables we can allow some ports need to be open during process
# Allow port
sudo iptables -A INPUT -p tcp --dport 5432 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 6432 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 8008 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 2379 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 2380 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 5000 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 5001 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 5002 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 5003 -j ACCEPT
# Make rule always active even after reboot
sudo iptables-save | sudo tee /etc/iptables/rules.v4
# Check rules was added:
sudo iptables -LLoad Balancer node
Install Ansible
Ansible is an open-source IT automation tool developed by Red Hat that simplifies tasks such as configuration management, application deployment, and provisioning of infrastructure. It’s widely used to automate repetitive tasks, manage complex deployments, and streamline IT workflows.
# change to root
sudo su
# update system
apt update
# install software properties
apt install -y software-properties-common
# add ansible PPA
add-apt-repository ppa:ansible/ansible
# update packgae list
apt update
# enable, start dan lihat service docker
apt install -y ansible
# cek version
ansible --versionSetup SSH Root Login
Allowing SSH root login means permitting direct access to a server as the root user, which has unrestricted administrative rights on the system. However, direct SSH root login is generally discouraged in production environments because of security risks.
But, Initial System Setup process needed When a new server is provisioned, SSH root access can simplify initial configuration, as you have full access to install software, configure services, and modify system files without setting up additional users.
# edit file sshd_config
sudo nano /etc/ssh/sshd_config
# Change PermitRootLogin prohibit-password to PermitRootLogin yes
PermitRootLogin yes
# set password root with somethingPass@word
sudo passwd root
# restart ssh
sudo systemctl restart sshAllow Port
using IPtables we can allow some ports need to be open during process
sudo iptables -A INPUT -p tcp --dport 7000 -j ACCEPT
# Make rule always active even after reboot
sudo iptables-save | sudo tee /etc/iptables/rules.v4
# Check rules was added:
sudo iptables -LWhat Next ?
Follow this articel for section two: Build PostgreSQL Database Cluster using Patroni
