8000 chore: fly fixes; PITR + logging + shutdown + perms by pcnc · Pull Request #665 · supabase/postgres · GitHub
[go: up one dir, main page]
Skip to content

chore: fly fixes; PITR + logging + shutdown + perms #665

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 7 commits into from
Jun 13, 2023
Merged

chore: fly fixes; PITR + logging + shutdown + perms #665

Show file tree
Hide file tree
Changes from 6 commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
b2add77
chore: remove folder creation
pcnc Jun 9, 2023
3b6138e
trigger build
pcnc Jun 9, 2023
39370e2
trigger build
pcnc Jun 9, 2023
bee3a36
chore: reorder symlinks
pcnc Jun 9, 2023
a830c08
Merge remote-tracking branch 'origin' into pcnc/fix-aio-pgdata-symlink
pcnc Jun 9, 2023
28c7cf5
chore: fly fixes; PITR + logging + shutdown + perms
pcnc Jun 9, 2023
17850ed
chore: rename shutdown script; refactoring
pcnc Jun 13, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .github/workflows/dockerhub-release-aio.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,10 +3,10 @@ name: Release AIO image on Dockerhub
on:
push:
branches:
- pcnc/migrate-all-in-one
- pcnc/fly-fixes
paths:
- ".github/workflows/dockerhub-release-aio.yml"
- "docker/all-in-one/Dockerfile"
- "docker/all-in-one/*"
- "common.vars*"
workflow_run:
workflows: [Release on Dockerhub]
Expand Down
1 change: 1 addition & 0 deletions ansible/files/postgresql_config/custom_walg.conf.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@

# - Recovery Target -

#recovery_target = 'immediate'
#recovery_target_time = ''
#recovery_target_action = 'promote'
#recovery_target_timeline = 'current'
Expand Down
2 changes: 1 addition & 1 deletion ansible/vars.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ postgres_exporter_release_checksum:
amd64: sha256:ff541bd3ee19c0ae003d71424a75edfcc8695e828dd20d5b4555ce433c89d60b

adminapi_release: 0.44.3
adminmgr_release: 0.4.0
adminmgr_release: 0.5.0

# Postgres Extensions
postgis_release: "3.3.2"
Expand Down
4 changes: 3 additions & 1 deletion docker/all-in-one/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ ARG postgrest_release=10.1.2
ARG gotrue_release=2.47.0
ARG kong_release=2.8.1
ARG adminapi_release=0.44.3
ARG adminmgr_release=0.4.0
ARG adminmgr_release=0.5.0
ARG vector_release=0.22.3
ARG postgres_exporter_release=0.9.0

Expand Down Expand Up @@ -230,4 +230,6 @@ HEALTHCHECK --interval=3s --timeout=2s --start-period=4s --retries=10 CMD [ "hea

COPY docker/all-in-one/init /init
COPY docker/all-in-one/entrypoint.sh /usr/local/bin/
COPY docker/all-in-one/postgres-entrypoint.sh /usr/local/bin/
COPY docker/all-in-one/shutdown.sh /usr/local/bin/supa-shutdown
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

any reason not to preserve the .sh ext?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

no reason - will add extension

ENTRYPOINT [ "entrypoint.sh" ]
63 changes: 59 additions & 4 deletions docker/all-in-one/entrypoint.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,8 @@ function configure_services {
PG_CONF=/etc/postgresql/postgresql.conf
SUPERVISOR_CONF=/etc/supervisor/supervisord.conf

export CONFIGURED_FLAG_PATH=${CONFIGURED_FLAG_PATH:-$DATA_VOLUME_MOUNTPOINT/machine.configured}

function setup_postgres {
tar -xzvf "$INIT_PAYLOAD_PATH" -C / ./etc/postgresql.schema.sql
mv /etc/postgresql.schema.sql /docker-entrypoint-initdb.d/migrations/99-schema.sql
Expand Down Expand Up @@ -75,6 +77,40 @@ function setup_postgres {
-e "s|ssl_key_file = ''|ssl_key_file = '$PGSSLKEY'|g" \
$PG_CONF

if [ "${DATA_VOLUME_MOUNTPOINT}" ]; then
# Preserve postgresql configs across restarts
POSTGRESQL_CUSTOM_DIR="${DATA_VOLUME_MOUNTPOINT}/etc/postgresql-custom"

mkdir -p "${POSTGRESQL_CUSTOM_DIR}"

if [ ! -f "${CONFIGURED_FLAG_PATH}" ]; then
echo "Copying existing custom postgresql config from /etc/postgresql-custom to ${POSTGRESQL_CUSTOM_DIR}"
cp -R "/etc/postgresql-custom/." "${POSTGRESQL_CUSTOM_DIR}/"
fi

rm -rf "/etc/postgresql-custom"
ln -s "${POSTGRESQL_CUSTOM_DIR}" "/etc/postgresql-custom"
chown -R postgres:postgres "/etc/postgresql-custom"
chown -R postgres:postgres "${POSTGRESQL_CUSTOM_DIR}"
chmod g+rx "${POSTGRESQL_CUSTOM_DIR}"

# Preserve wal-g configs across restarts
WALG_CONF_DIR="${DATA_VOLUME_MOUNTPOINT}/etc/wal-g"
mkdir -p "${WALG_CONF_DIR}"

if [ ! -f "${CONFIGURED_FLAG_PATH}" ]; then
echo "Copying existing custom wal-g config from /etc/wal-g to ${WALG_CONF_DIR}"
cp -R "/etc/wal-g/." "${WALG_CONF_DIR}/"
fi

rm -rf "/etc/wal-g"
ln -s "${WALG_CONF_DIR}" "/etc/wal-g"
chown -R adminapi:adminapi "/etc/wal-g"
chown -R adminapi:adminapi "${WALG_CONF_DIR}"
chmod g+rx "/etc/wal-g"
chmod g+rx "${WALG_CONF_DIR}"
fi

# TODO: define instance size and type for running optimizations
# /opt/supabase-admin-api optimize db --destination-config-file-path /etc/postgresql-custom/generated-optimizations.conf
# /opt/supabase-admin-api optimize pgbouncer --destination-config-file-path /etc/pgbouncer-custom/generated-optimizations.ini
Expand Down Expand Up @@ -121,14 +157,15 @@ fi
if [ "${PGDATA_REAL:-}" ]; then
mkdir -p "${PGDATA_REAL}"
chown -R postgres:postgres "${PGDATA_REAL}"
chmod g+rx "${PGDATA_REAL}"
chmod -R g+rx "${PGDATA_REAL}"
fi

if [ "${PGDATA:-}" ]; then
if [ "${PGDATA_REAL:-}" ]; then
mkdir -p "$(dirname "${PGDATA}")"
rm -rf "${PGDATA}"
ln -s "${PGDATA_REAL}" "${PGDATA}"
chmod -R g+rx "${PGDATA}"
else
mkdir -p "$PGDATA"
chown postgres:postgres "$PGDATA"
Expand All @@ -138,10 +175,28 @@ fi

# Download and extract init payload from s3
export INIT_PAYLOAD_PATH=${INIT_PAYLOAD_PATH:-/tmp/payload.tar.gz}
export CONFIGURED_FLAG_PATH=${CONFIGURED_FLAG_PATH:-$PGDATA/../machine.configured}

if [ "${INIT_PAYLOAD_PRESIGNED_URL:-}" ]; then
curl -sSL "$INIT_PAYLOAD_PRESIGNED_URL" -o "$INIT_PAYLOAD_PATH"
curl -sSL "$INIT_PAYLOAD_PRESIGNED_URL" -o "/tmp/payload.tar.gz"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

-f as well?

mv "/tmp/payload.tar.gz" "$INIT_PAYLOAD_PATH"
fi

if [ "${DATA_VOLUME_MOUNTPOINT}" ]; then
LOGS_FOLDER="${DATA_VOLUME_MOUNTPOINT}/logs"

mkdir -p "${LOGS_FOLDER}/postgresql"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

could be a loop over postgresql, services, wal-g, but this is fine too

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fair point - refactored into a loop

mkdir -p "${LOGS_FOLDER}/services"
mkdir -p "${LOGS_FOLDER}/wal-g"

rm -rf "/var/log/postgresql"
rm -rf "/var/log/services"
rm -rf "/var/log/wal-g"

ln -s "${LOGS_FOLDER}/postgresql" "/var/log/postgresql"
ln -s "${LOGS_FOLDER}/services" "/var/log/services"
ln -s "${LOGS_FOLDER}/wal-g" "/var/log/wal-g"

chown -R postgres:postgres "${LOGS_FOLDER}"
fi

# Process init payload
Expand All @@ -152,7 +207,7 @@ else
echo "Skipped extracting init payload: $INIT_PAYLOAD_PATH does not exist"
fi

mkdir /var/log/services
mkdir -p /var/log/services

SUPERVISOR_CONF=/etc/supervisor/supervisord.conf
find /etc/supervisor/ -type d -exec chmod 0770 {} +
Expand Down
2 changes: 2 additions & 0 deletions docker/all-in-one/etc/postgresql/logging.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,3 +31,5 @@ log_rotation_size = 0 # Automatic rotation of logfiles will
# or size-driven rotation. Default is
# off, meaning append to existing files
# in all cases.

log_disconnections = on # log end of a session, including duration
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

intentional?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes.
This param is disabled by default and can't track disconnections any other way since the connections are terminated and thus not available in pg_stat_activity.
This allows the shutdown script to track when the last disconnection happened and shutdown the machine after X minutes.

Postgres output related to disconnections is filtered out by Vector, so it won't additionally be shipped to Logflare.

This approach diverges the configs, thus we could have the shutdown script run an ALTER SYSTEM at startup to set log_disconnections to on, since it's a shutdown script dependency after all.

2 changes: 1 addition & 1 deletion docker/all-in-one/etc/supervisor/db-only/postgresql.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
[program:postgresql]
command=/usr/local/bin/docker-entrypoint.sh postgres -D /etc/postgresql
command=/usr/local/bin/postgres-entrypoint.sh postgres -D /etc/postgresql
user=postgres
stopsignal=INT
autorestart=true
Expand Down
9 changes: 9 additions & 0 deletions docker/all-in-one/etc/supervisor/db-only/supa-shutdown.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
[program:supa-shutdown]
command=/usr/local/bin/supa-shutdown
user=root
autorestart=true
autostart=true
stdout_logfile=/var/log/services/supa-shutdown.log
redirect_stderr=true
stdout_logfile_maxbytes=10MB
priority=50
Loading
0