github-personal/patroni
1
0
Fork 0
mirror of https://github.com/outbackdingo/patroni.git synced 2026-01-27 18:20:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
v2.1.4
patroni/kubernetes/openshift-example
History
Alexander Kukushkin 23dcfaab49 Make it possible to bypass kubernetes service (#1614) 
When running on K8s Patroni is communicating with API via the `kubernetes` service, which is address is exposed via the
`KUBERNETES_SERVICE_HOST` environment variable. Like any other service, the `kubernetes` service is handled by `kube-proxy`, that depending on configuration is either relying on userspace program or `iptables` for traffic routing.

During K8s upgrade, when master nodes are replaced, it is possible that `kube-proxy` doesn't update the service configuration in time and as a result Patroni fails to update the leader lock and demotes postgres.

In order to improve the user experience and get more control on the problem we make it possible to bypass the `kubernetes` service and connect directly to API nodes.
The strategy is very simple:
1. Resolve list IPs of API nodes from the kubernetes endpoint on every iteration of HA loop.
2. Stick to one of these IPs for API requests
3. Switch to a different IP if connected to IP is not from the list
4. If the request fails, switch to another IP and retry

Such a strategy is already used for Etcd and proven to work quite well.

In order to enable the feature, you need either to set to `true` `kubernetes.bypass_api_service` in the Patroni configuration file or `PATRONI_KUBERNETES_BYPASS_API_SERVICE` environment variable.

If for some reason `GET /default/endpoints/kubernetes` isn't allowed Patroni will disable the feature.
2020-08-14 12:39:47 +02:00
..
templates
Make it possible to bypass kubernetes service (#1614)
2020-08-14 12:39:47 +02:00
test
add openshift customizations, templates, and test (#871)
2018-11-21 18:01:39 +01:00
README.md
add openshift customizations, templates, and test (#871)
2018-11-21 18:01:39 +01:00

README.md

Patroni OpenShift Configuration

Patroni can be run in OpenShift. Based on the kubernetes configuration, the Dockerfile and Entrypoint has been modified to support the dynamic UID/GID configuration that is applied in OpenShift. This can be run under the standard restricted SCC.

Examples

Create test project

oc new-project patroni-test

Build the image

Note: Update the references when merged upstream. Note: If deploying as a template for multiple users, the following commands should be performed in a shared namespace like openshift.

oc import-image postgres:10 --confirm -n openshift
oc new-build https://github.com/zalando/patroni --context-dir=kubernetes -n openshift

Deploy the Image

Two configuration templates exist in templates directory:

  • Patroni Ephemeral
  • Patroni Persistent

The only difference is whether or not the statefulset requests persistent storage.

Create the Template

Install the template into the openshift namespace if this should be shared across projects:

oc create -f templates/template_patroni_ephemeral.yml -n openshift

Then, from your own project:

oc new-app patroni-pgsql-ephemeral

Once the pods are running, two configmaps should be available:

$ oc get configmap
NAME                DATA      AGE
patroniocp-config   0         1m
patroniocp-leader   0         1m
Reference in New Issue View Git Blame Copy Permalink