Pre-requisites

Supported OS

The PostgreSQL component type is supported on:

  • Red Hat Enterprise Linux 8/9

  • Debian 11/12

  • SUSE Linux Enterprise Server 15

    • Installation from source only. No pre-compiled binary available at the moment.

Networking requirements

The following port must be open on your local/enterprise/cloud firewall:

HA deployment requires more ports opening:

Port
Usage
Target

2379/tcp

etcd

All nodes

2380/tcp

etcd

All nodes

5000/tcp

HAProxy - to connect to the Master instance

Master and Replica nodes

5001/tcp

HAProxy - to connect to the Replica instance

Master and Replica nodes

7000/tcp

HAProxy - to connect to the monitoring Web page

Master and Replica nodes

8008/tcp

Patroni REST API

Master and Replica nodes

External Repository Accessibility

Ensure that the official repositories of the Linux distribution used are accessible from the server. Additionally, internet access to the following Python Package Index (PyPI) repositories must be available to allow the installation of required Python packages:

  • pypi.org

  • pypi.python.org

  • *.pythonhosted.org

Make sure that no firewall or proxy settings are blocking access to these URLs.

Artifacts

The artifacts must be uploaded into your artifact provider.

On-prem pre-requisites

Deploying a PostgreSQL component on on-premises servers requires a few prerequisites.

Ansible user

Ansible needs a user that can use sudo without password. Here is an example of how to accomplish that:

echo 'ansible        ALL=(ALL)       NOPASSWD: ALL' > /etc/sudoers.d/ansible

This user must be able to access remotely to the server with a SSH key defined in the secret section.

File systems

As a best practice, the binaries, the PostgreSQL instance data directory and the archived WAL files should be on different file systems. The PostgreSQL component type is configured to use the following directories structure by default:

  • /u01 : to store binaries of PostgreSQL, pgBackRest and DMK

  • /u02 : to store the data directory of the PostgreSQL instance

  • /u90 : to store dumps, backups and archived WALs of the PostgreSQL instance

Therefore /u01, /u02 and /u90 should, at least, be mounted on different file systems and ideally on different physical disks, whenever possible.

Requirements for deployment without root privileges

Some steps of the deployment of PostgreSQL components require root privileges.

Following steps can be skipped if the installer has root privileges, as they will be taken care of automatically by the Ansible playbooks. In this case, simply check the "Deployment with root privilege" checkbox in the "Advanced" tab of the component declaration form and skip the rest of this chapter. However, when installing the component as a user not having root privileges, please uncheck the "Deployment with root privilege" checkbox in the advanced tab.

Step 1 - Create user and group

A user and a group postgres:postgres must be created on the server.

Step 2 - Install packages

Some packages must be installed on the server before deploying the PostgreSQL component without root privileges.

For each OS, there is a list of required packages for deployment from sources and for deployment from bin (see "install_type" in the component references).

You can find the list in the following directory of the PostgreSQL component type archive :

OS
Path in PostgreSQL component type archive

RHEL

roles/linux_pg_rdbms_os_prereqs/vars/packages_list_for_rhel.yml

RHEL-based (e.g. Rocky Linux, Alma Linux)

roles/linux_pg_rdbms_os_prereqs/vars/packages_list_for_rhel_based.yml

Debian and Debian-based (e.g. Ubuntu)

roles/linux_pg_rdbms_os_prereqs/vars/packages_list_for_debian_based.yml

SLES

roles/linux_pg_rdbms_os_prereqs/vars/packages_list_for_suse.yml

SLES based (e.g. openSUSE)

roles/linux_pg_rdbms_os_prereqs/vars/packages_list_for_suse_based.yml

Additional packages for HA deployment

The following packages must be installed on Master and Replica nodes :

  • haproxy

  • keepalived

Step 3 - Temporarily disable SELinux - for HA deployment only

On RHEL and RHEL based OS, SELinux must temporarily be set to Permissive mode before the HA deployment:

# /usr/sbin/setenforce 0

SELinux can re-enabled post-deployment:

# /usr/sbin/setenforce 1

Last updated