How to update local files on all the postgres nodes
Question
I have a multi-node Postgres cluster running in High availability mode following the primary-standby architecture.
postgres-0 5/5 Running 0 111s
postgres-1 5/5 Running 0 3m4s
postgres-monitor-0 4/4 Running 0 13m
One of the pod is primary and the other pod is in standby mode which gets replicated from primary in a synchronous manner, while standby remains in the read-only mode.
I am running the following CRUD commands to update a local file:
-- Update pg_config to allow access to the users
create table hba ( lines text );
copy hba from '/pgsql/data/pg_hba.conf';
insert into hba (lines) values ('host all all 0.0.0.0/0 md5');
insert into hba (lines) values ('host all all ::/0 md5');
copy hba to '/pgsql/data/pg_hba.conf';
-- reload the config
select pg_reload_conf();
The issue is, the file /pgsql/data/pg_hba.conf is getting updated on the primary node and not on the standby node (as all queries go to master), this means when the primary node goes down and standby becomes a new primary the config changes will be missing.
2 answers
solution1
0 2022-02-04 05:12:20
If you don't create a table, but keep the lines in – say – an array, you should be able to run that code on the standby servers as well.
That will also get rid of the potential problem with your code, namely that the is no fixed order in a table and that your pg_hba.conf entries get written in the wrong order (I admit that the probability is low).
I must add that this approach does not look very secure to me.
solution2
0 ACCPTED 2022-03-19 01:21:45
The copy command can be executed on all the Postgres nodes:
psql -U postgres -h postgres-0.postgres-agent.default -c "copy hba to '/pgsql/data/pg_hba.conf'"
psql -U postgres -h postgres-1.postgres-agent.default -c "copy hba to '/pgsql/data/pg_hba.conf'"
The copy command can be executed on the standby node even though it's in ready-only mode.
Below are the complete sequence of steps after verifying all the nodes have joined the cluster and replication have started:
Step 1: (Execute on Primary node, this will get replicated to all the standby nodes)
-- Update pg_config to allow access to the users
create table hba ( lines text );
copy hba from '/pgsql/data/pg_hba.conf';
insert into hba (lines)
select 'host <database> all 0.0.0.0/0 scram-sha-256'
where not exists (
select 1 from hba where lines = 'host <database> all 0.0.0.0/0 scram-sha-256'
);
insert into hba (lines)
select 'host <database> all ::/0 scram-sha-256'
where not exists (
select 1 from hba where lines = 'host <database> all ::/0 scram-sha-256'
);
Step 2: (Depends on the number of replicas)
psql -U postgres -h postgres-0.postgres-agent.default -c "copy hba to '/pgsql/data/pg_hba.conf'"
psql -U postgres -h postgres-1.postgres-agent.default -c "copy hba to '/pgsql/data/pg_hba.conf'"
Step 3:
-- reload the config
select pg_reload_conf();
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.