This section provides an example of installing and setting up PPEM in the high availability mode. The following software is used in the example:
Debian Linux 12 OS
HAProxy 2.6.12 (included in the Debian repository)
keepalived 2.2.7 (included in the Debian repository)
Postgres Pro Enterprise 17.2.2 +
BiHA (included in the
postgrespro-ent-17-contrib package)
The recommended high availability PPEM architecture includes the following components:
High availability cluster based on the BiHA solution available in Postgres Pro Enterprise 16 and higher.
BiHA cluster consists of three or more nodes. One of the nodes acts as the leader. The manager automatically connects to the leader. If the leader fails, one of the remaining nodes automatically becomes the new leader.
Cluster of HAProxy servers + keepalived.
A virtual IP address is automatically activated on one of the servers using the keepalived service. Users and agents interact with managers using this virtual IP address. If the server with the virtual IP address fails, the virtual IP address is activated on one of the remaining servers.
HAProxy also balances client HTTP requests between available managers. For sending requests of a specific client to the same manager, the HAProxy IP-based stickiness or cookie session stickiness functionality is used.
You can deploy this component on separate servers and managers.
Manager.
Two or more servers in the active mode.
The components required for implementation of the recommended architecture are described in the table below.
| Component | Amount | Minimum Requirements |
|---|---|---|
| Manager server + HAProxy + keepalived | 2 | 2 CPU, 4 GB RAM, 20 GB HDD. |
| Postgres Pro BiHA server | 3 | 2 CPU, 4 GB RAM, 20 GB HDD. |
| Virtual static IP address | 1 | The IP address must be excluded from the DHCP pool. You can also create a DNS A record for this IP address. |
To install PPEM in the high availability mode:
To provide PPEM servers with access to DBMS, edit the
pg_hba.conf configuration file, for example:
# cat /var/lib/pgpro/ent-17/data/pg_hba.conf host all all 192.168.1.0/24 scram-sha-256
# cat /etc/ppem-manager.yml
http:
server:
address: "network_address_for_incoming_connections"
port: "port_for_incoming_connections"
repo:
url: postgres://ppem:DBMS_user_password@biha-server-1/ppem
fallback_addresses:
- biha_server_2
- biha_server_3
target_session_attrs: read-write
Where:
http.server.address and
http.server.port: The network address
of the server and the port number for incoming network
connections.
In terms of HAProxy these are backend parameters.
repo.url: The network address of the first
BiHA cluster node.
fallback_addresses: The network addresses
of the remaining BiHA cluster nodes.
target_session_attrs: The session attribute condition
that determines when the manager can automatically connect to the
BiHA cluster leader.
Specify read-write.
On HAProxy servers, install haproxy, keepalived, and the required tools:
sudo apt-get install haproxy keepalived psmisc
Configure HAProxy using the haproxy.cfg
configuration file, for example:
global log /dev/log local0 log /dev/log local1 notice stats socket /var/lib/haproxy/stats level admin chroot /var/lib/haproxy user haproxy group haproxy daemon defaults log global mode http option httplog option dontlognull timeout connect 5000 timeout client 50000 timeout server 50000 errorfile 400 /etc/haproxy/errors/400.http errorfile 403 /etc/haproxy/errors/403.http errorfile 408 /etc/haproxy/errors/408.http errorfile 500 /etc/haproxy/errors/500.http errorfile 502 /etc/haproxy/errors/502.http errorfile 503 /etc/haproxy/errors/503.http errorfile 504 /etc/haproxy/errors/504.http frontend hafrontend bind *:80 mode http default_backend habackend backend habackend mode http balance roundrobin option forwardfor option httpchk http-check send meth HEAD uri / cookie SERVERID insert indirect server ppem-server-1PPEM_server_address-1:8080 cookie ppem-server-1 check server ppem-server-2PPEM_server_address-2:8080 cookie ppem-server-2 check
The cookie-based persistence method is used in the example. It assigns a cookie with the PPEM server name to users. This is required for sending all queries within the HTTP session to a single manager server.
Configure the HAProxy-1 server using the
keepalived.conf configuration file:
global_defs {
enable_script_security
}
vrrp_script chk_haproxy {
script "/usr/bin/killall -0 haproxy"
interval 3
fall 2
rise 3
timeout 3
user root
}
vrrp_instance internal {
interface interface
state MASTER
virtual_router_id 124
priority 100
unicast_src_ip HAproxy-1_server_IP_address
unicast_peer {
HAproxy-2_server_IP_address
}
virtual_ipaddress {
virtual_IP_address/subnet_class_(for_example_16_or_24) dev interface
}
track_script {
chk_haproxy
}
}
The configuration is the same for the HAProxy-2 server, but
the IP addresses in the unicast_src_ip and
unicast_peer parameters are switched.
On all BiHA servers, configure agents.
The connection to the manager must be configured via a virtual IP address.
Perform healthcheck by ensuring that:
The BiHA cluster database is available on all PPEM servers.
The ppem system server is running on all
PPEM servers:
systemctl status ppem
The web application is available on all PPEM servers:
on port 8080:
curl http://PPEM_server_IP_address:8080
on port 80 via HAProxy:
curl http://PPEM_server_IP_address:80
via a virtual IP address:
curl http://virtual_IP_address:80
The HAProxy and keepalived services are running on all PPEM servers:
systemctl status haproxy systemctl status keepalived