pitrtools

{{toc}}

h1. How To Configure Warm Standby with PITRTools

This how-to demonstrates how to configure a warm standby using PostgreSQL 8.4 and PITRtools.

h1. What Is PITRtools and Why Would You Want To Use It?

Essentially, PITRtools is a wrapper around standard tools, such as rsync and PostgreSQL's internal functionality, that makes, among other things, creating and managing standby configurations and subsequent failover to a standby a snap.

With the help of PITRtools you could do more, namely:

* secure shipping of log files to configured standby server over SSL protected link;

* streaming replication;

* enable/disable archiving without the need to restart PostgreSQL;

* stay informed by generating alerts based on various levels of severity of events happening during the process on both ends of configuration;

* automatically take a base backup, including table spaces, restore archives and purge old ones (if PostgreSQL >8.3);

* failover to the latest restore point and point-in-time recovery (restore using timestamps);

* etc.

Obviously, PITRtools attempts to make things simpler, more secure and easier to manage.

h1. Naming Conventions

Master server can be referred to also as archiver.

Slave is often called standby.

These names are used interchangeably.

h1. The Test Setup

It's a good idea to first setup PITRtools and play with them before you actually go ahead and change configuration of your production servers. To show how PITRtools is configured and work, I'll describe the entire process using a 2 hosts test setup as an example.

So, there are 2 hosts named @bitarena@ and @bitarena-clone@, both being virtualized instances of Debian Squeeze. I assume you're experienced enough to install Debian yourself and know how to find your way around the system.

@bitarena@ is designated role of master server aka archiver, @bitarena-clone@ is a slave aka standby server. PITRtools is installed on both hosts, but each host uses different tools from the package.

h1. The Process

These are major steps in actual order of execution that one would have to follow to get PITRtools-enabled setup running:

On master server

		* Turn on archiving

		* @cmd_archiver -C $CONFIG -I@

On slave server

		* @cmd_standby -C $CONFIG -I@

		* @cmd_standby -C $CONFIG -B@

		* @cmd_standby -C $CONFIG -S@

h1. Installing and Configuring PITRtools

PITRtools project page can be found at https://public.commandprompt.com/projects/pitrtools. Of particular interest is a Wiki page https://public.commandprompt.com/projects/pitrtools/wiki where you can find information on how to obtain PITRtools, other useful notes and links.

You should use GIT version, because currently tarball offers an outdated version of PITRtools. I was told this is going to be fixed soon, but until then you should rely on the GIT repository. 

Note that essentially you need to have contents of this repository on both master and slave server. For the sake of brevity, I'm going to show the layout I use only on master server. You would then need to repeat the steps for slave server, because all that is going to change is the host where you clone PITRtools repository to.

<pre>root@bitarena ~/GIT# git clone git://github.com/commandprompt/PITRTools.git

Cloning into 'PITRTools'...

remote: Counting objects: 284, done.

remote: Compressing objects: 100% (183/183), done.

remote: Total 284 (delta 182), reused 203 (delta 101)

Receiving objects: 100% (284/284), 68.51 KiB, done.

Resolving deltas: 100% (182/182), done.

root@bitarena ~/GIT# ls

PITRTools

root@bitarena ~/GIT# cd PITRTools/

root@bitarena ~/GIT/PITRTools# ls

cmd_archiver             cmd_archiver.README  cmd_standby.ini.sample  cmd_standby.sql

cmd_archiver.ini.sample  cmd_standby          cmd_standby.README      cmd_worker.py

root@bitarena ~/GIT/PITRTools# mkdir -p /var/lib/postgresql/PITRtools/bin

root@bitarena ~/GIT/PITRTools# cp cmd_archiver cmd_standby cmd_worker.py /var/lib/postgresql/PITRtools/bin/

root@bitarena ~/GIT/PITRTools# cp *.ini.sample /var/lib/postgresql/PITRtools/

root@bitarena ~/GIT/PITRTools# cd /var/lib/postgresql/PITRtools/

root@bitarena /var/lib/postgresql/PITRtools# mv cmd_archiver.ini.sample cmd_archiver.ini

root@bitarena /var/lib/postgresql/PITRtools# mv cmd_standby.ini.sample cmd_standby.ini

root@bitarena /var/lib/postgresql/PITRtools# cd ~/GIT/PITRtools/

root@bitarena ~/GIT/PITRTools# chown -R postgres.postgres /var/lib/postgresql/PITRtools

root@bitarena:~#</pre>

h1. SSH Key-based Login for PITRtools

PITRtools relies on rsync and SSH heavily to do its work, e.g. making a base backup and shipping WAL log files from master to slave server -- all that happens over an SSL-protected communication channel. This is the area where PITRtools makes one's life easier, because otherwise you'd have to find a way to copy log files to a slave server somehow (most likely it would be some sort of networking mount point).

Therefore one of the prerequisites is to configure SSH key-based logins between the two hosts for postgres system user that don't require a password or a passphrase.

*Master*

<pre>root@bitarena:~# su - postgres

postgres@bitarena:~$ ssh-keygen -t rsa

... 

postgres@bitarena:~$ ls -la /var/lib/postgresql/.ssh/

total 16

drwx------ 2 postgres postgres 4096 Sep 28 09:17 .

drwxr-xr-x 5 postgres postgres 4096 Sep 28 09:17 ..

-rw------- 1 postgres postgres 1675 Sep 28 09:17 id_rsa

-rw-r--r-- 1 postgres postgres  399 Sep 28 09:17 id_rsa.pub

postgres@bitarena:~#

</pre>

*Slave*

<pre>root@bitarena-clone:~# su - postgres

postgres@bitarena-clone:~$ ssh-keygen -t rsa

... </pre>

Answer all the questions and ssh-keygen will create both private and public (*.pub file) RSA keys. For now just create the key pair, one on on each host (master and slave). When done, proceed to exchanging public keys between the hosts like this:

*Master*

<pre>postgres@bitarena:~$ exit

root@bitarena:~# scp /var/lib/postgresql/.ssh/id_rsa.pub root@bitarena-clone:/var/lib/postgresql/.ssh/authorized_keys2

root@bitarena-clone's password: 

id_rsa.pub                                                                               100%  399     0.4KB/s   00:00

root@bitarena:~#</pre>

This will copy postgres system user's public SSH key on master to standby into a file authorized_keys2, which will allow postgres on master to login to slave host without a password and also in a secure fashion.

Here we check that authorized_keys2 has indeed been created on slave host, and we also set correct ownership information for the file.

*Slave*

<pre>root@bitarena-clone:~# ls -la /var/lib/postgresql/.ssh/

total 20

drwx------ 2 postgres postgres 4096 Sep 28 09:30 .

drwxr-xr-x 5 postgres postgres 4096 Sep 28 09:23 ..

-rw-r--r-- 1 root     root      399 Sep 28 09:30 authorized_keys2

-rw------- 1 postgres postgres 1675 Sep 28 09:23 id_rsa

-rw-r--r-- 1 postgres postgres  405 Sep 28 09:23 id_rsa.pub

root@bitarena-clone:~# chown postgres.postgres /var/lib/postgresql/.ssh/authorized_keys2

root@bitarena:~#</pre>

Now, to check if it actually works we go back to master server, become postgres user and try to log into slave. As you can see RSA key is used this time and no password is prompted for. This is exactly what we need to make sure is configured on both hosts for PITRtools to work properly.

*Master*

<pre>root@bitarena:~# su - postgres

postgres@bitarena:~$ ssh bitarena-clone

The authenticity of host 'bitarena-clone (10.0.3.3)' can't be established.

RSA key fingerprint is dd:78:8e:fb:d6:c4:25:88:d9:57:b4:fb:49:22:de:de.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added 'bitarena-clone,10.0.3.3' (RSA) to the list of known hosts.

Linux bitarena 2.6.32-5-686 #1 SMP Sun May 6 04:01:19 UTC 2012 i686

The programs included with the Debian GNU/Linux system are free software;

the exact distribution terms for each program are described in the

individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent

permitted by applicable law.

postgres@bitarena-clone:~$ exit

logout

Connection to bitarena-clone closed.

root@bitarena:~#</pre>

Remember that this has been done on master server only. In a similar manner, you should take care of the slave host. The steps are identical, you just copy *.pub file to a master host and do the rest as described above.

It's worth noting that PITRtools runs some actions remotely. For example, when a base backup action is run on a slave host, cmd_standby script establishes SSH session to a master host and runs various psql commands to deal with checkpoints, copy log files, etc. This also requires PostgreSQL user password to access the database, and it is often needed to be entered 4 and more times for a base backup action to complete. 

Once you played around with PITRtools enough to get hang of things, you could avoid having to enter password manually each time by either using .pgpass file (which is a "standard feature of PostgreSQL":http://www.postgresql.org/docs/8.4/static/libpq-pgpass.html) or make sure there's a "trust relationship configured for localhost in pg_hba.conf file":http://www.postgresql.org/docs/8.4/static/auth-methods.html.

In the console output examples you're going to see below I entered password manually, but this, of course, is really inconvenient in production environment.

h1. Master Configuration File

Sample configuration files are pretty good as they are with the defaults they come. Chances are you're not going to change a lot in there. Make sure you read all *.README files, though, because they contain helpful extra information about PITRtools and configuration parameters that will help you decide how to best configure your servers.

We start with the master host by editing PITRtools configuration file for master/archiver.

*Master*

<pre>postgres@bitarena:~$ vim PITRtools/cmd_archiver.ini

	[DEFAULT]

	; online or offline

	state: online					

	; The base database directory

	pgdata: /var/lib/postgresql/8.4/main

	; where to remotely copy archives

	r_archivedir: /var/lib/postgresql/archive

	; where to locally copy archives

	l_archivedir: /var/lib/postgresql/archive

	; where is rsync				

	rsync_bin: /usr/bin/rsync			

	; extra rsync flags

	rsync_flags: -z

	; option 2 or 3, if running RHEL5 or similar it is likely 2

	; if you are running something that ships remotely modern software

	; it will be 3

	rsync_version = 3

	; IP of slave					

	slaves: bitarena-clone

	; the user that will be using scp				

	user: postgres				

	; if scp can't connect in 10 seconds error

	ssh_timeout: 10

	; command to process in ok					

	notify_ok: echo OK

	; command to process in warning

	notify_warning:  echo WARNING

	; command to process in critical

	notify_critical: echo CRITICAL

	; if you want to debug on/off only		 	

	debug: on

	; if you want ssh debug (warning noisy)

	ssh_debug: off

</pre>

Note that you can use domain names instead of IP addresses for slaves: parameter, it works either way just fine. You might also want to turn debugging on while you're learning PITRtools. It helps to see what software does, if you try to understand better how it works.

h1. Turn On and Configure Archiving

When your master configuration file has been created, we need to turn on archiving functionality in PostgreSQL. This is purely a PostgreSQL feature, but we can also take advantage of using PITRtools thanks to flexible design of PostgreSQL.