# Pre-requisites

## Supported OS

The PostgreSQL component type is supported on:

* Red Hat Enterprise Linux 8/9
* Debian 11/12
* SUSE Linux Enterprise Server 15
  * Installation from source only. No pre-compiled binary available at the moment.

{% hint style="danger" %}
Other derivative Linux distributions (e.g Rocky Linux, Oracle Linux, openSUSE,...) are not officially supported.
{% endhint %}

## Networking requirements

The following port must be open on your local/enterprise/cloud firewall:

* PostgreSQL instance port (usually 5432/tcp - see [component references](https://dbi-services.gitbook.io/yak-user-doc/manage-components/component-types/postgresql/component-references/component-references))

[HA deployment](https://dbi-services.gitbook.io/yak-user-doc/manage-components/component-types/description#ha) requires more ports opening:

<table><thead><tr><th width="117">Port</th><th width="363">Usage</th><th>Target</th></tr></thead><tbody><tr><td>2379/tcp</td><td>etcd</td><td>All nodes</td></tr><tr><td>2380/tcp</td><td>etcd</td><td>All nodes</td></tr><tr><td>5000/tcp</td><td>HAProxy - to connect to the Master instance</td><td>Master and Replica nodes</td></tr><tr><td>5001/tcp</td><td>HAProxy - to connect to the Replica instance</td><td>Master and Replica nodes</td></tr><tr><td>7000/tcp</td><td>HAProxy - to connect to the monitoring Web page</td><td>Master and Replica nodes</td></tr><tr><td>8008/tcp</td><td>Patroni REST API</td><td>Master and Replica nodes</td></tr></tbody></table>

## External Repository Accessibility

Ensure that the official repositories of the Linux distribution used are accessible from the server. Additionally, internet access to the following Python Package Index (PyPI) repositories must be available to allow the installation of required Python packages:

* pypi.org
* pypi.python.org
* \*.pythonhosted.org

Make sure that no firewall or proxy settings are blocking access to these URLs.

## Artifacts

The artifacts **must** be uploaded into your [artifact provider](https://dbi-services.gitbook.io/yak-user-doc/configuration/manage-artifact-providers#upload-your-artifacts-to-the-repository).

{% hint style="warning" %}
The paths and names of the files uploaded must match exactly the structure defined in the release notes of the component type.

See [Artifacts requirements](https://dbi-services.gitbook.io/yak-user-doc/manage-components/artifacts-requirements) for more details.
{% endhint %}

## On-prem pre-requisites

Deploying a PostgreSQL component on on-premises servers requires a few prerequisites.

### Ansible user

Ansible needs a user that can use `sudo` without password. Here is an example of how to accomplish that:

```shell
echo 'ansible        ALL=(ALL)       NOPASSWD: ALL' > /etc/sudoers.d/ansible
```

This user must be able to access remotely to the server with a SSH key defined in the [secret](https://dbi-services.gitbook.io/yak-user-doc/configuration/manage-secrets) section.

### File systems

As a best practice, the binaries, the PostgreSQL instance data directory and the archived WAL files should be on different file systems. The PostgreSQL component type is configured to use the following directories structure by default:

* /u01 : to store binaries of PostgreSQL, pgBackRest and DMK
* /u02 : to store the data directory of the PostgreSQL instance
* /u90 : to store dumps, backups and archived WALs of the PostgreSQL instance

Therefore /u01, /u02 and /u90 should, at least, be mounted on different file systems and ideally on different physical disks, whenever possible.

## Requirements for deployment without root privileges

Some steps of the deployment of PostgreSQL components require root privileges.

Following steps can be skipped if the installer **has root privileges,** as they will be taken care of automatically by the Ansible playbooks. In this case, simply **check** the *"Deployment with root privilege"* checkbox in the "*Advanced*" tab of the component declaration form and skip the rest of this chapter.\
\
However, when installing the component as a user **not having root privileges**, please **uncheck** the *"Deployment with root privilege"* checkbox in the advanced tab.

{% hint style="danger" %}
Nevertheless, make sure that the following steps have been performed by an administrator **as root**, beforehand.
{% endhint %}

### Step 1 - Create user and group

A user and a group `postgres:postgres` must be created on the server.

### Step 2 - Install packages

Some packages must be installed on the server before deploying the PostgreSQL component without root privileges.

For each OS, there is a list of required packages for deployment from sources and for deployment from bin (see "install\_type" in the [component references](https://dbi-services.gitbook.io/yak-user-doc/manage-components/component-types/postgresql/component-references/component-references)).

You can find the list in the following directory of the PostgreSQL component type archive :

<table><thead><tr><th width="273">OS</th><th width="591">Path in PostgreSQL component type archive</th></tr></thead><tbody><tr><td>RHEL</td><td>roles/linux_pg_rdbms_os_prereqs/vars/packages_list_for_rhel.yml</td></tr><tr><td>RHEL-based<br>(e.g. Rocky Linux, Alma Linux)</td><td>roles/linux_pg_rdbms_os_prereqs/vars/packages_list_for_rhel_based.yml</td></tr><tr><td>Debian and Debian-based<br>(e.g. Ubuntu)</td><td>roles/linux_pg_rdbms_os_prereqs/vars/packages_list_for_debian_based.yml</td></tr><tr><td>SLES</td><td>roles/linux_pg_rdbms_os_prereqs/vars/packages_list_for_suse.yml</td></tr><tr><td>SLES based<br>(e.g. openSUSE)</td><td>roles/linux_pg_rdbms_os_prereqs/vars/packages_list_for_suse_based.yml</td></tr><tr><td>Additional packages for HA deployment</td><td><p>The following packages must be installed on Master and Replica nodes :</p><ul><li>haproxy</li><li>keepalived</li></ul></td></tr></tbody></table>

### Step 3 - Temporarily disable SELinux - for HA deployment only

On **RHEL and RHEL based OS**, SELinux must temporarily be set to Permissive mode before the HA deployment:

```shell
# /usr/sbin/setenforce 0
```

SELinux can re-enabled post-deployment:

```shell
# /usr/sbin/setenforce 1
```