单节点配置模板适用于在单台服务器上安装 Pigsty。
| 模板 | 说明 |
|---|---|
| meta | 默认模板,单节点在线安装,包含完整基础设施 |
| rich | 功能丰富模板,启用本地软件源、MinIO、更多扩展示例 |
| slim | 精简安装模板,不部署监控基础设施,直接安装 PostgreSQL |
| bare | 最精简配置模板,最小化必需配置 |
| pitr | 云端对象存储 PITR 备份配置模板 |
| infra | 仅基础设施配置模板,不含 PostgreSQL |
1 - meta
核心配置文件,Pigsty默认使用的单节点安装配置模板,带有较完善的关键配置参数说明,与最小可用功能集。
meta 配置模板是 Pigsty 默认使用的模板,它的目标是在当前单节点上完成 Pigsty 核心功能 —— PostgreSQL 的部署。
为了实现最好的兼容性,meta 模板仅下载安装包含 最小必需 软件集合,以便在所有操作系统发行版与芯片架构上实现这一目标。
配置概览
- 配置名称:
meta - 节点数量: 单节点
- 配置说明:Pigsty 默认使用的单节点安装配置模板,带有较完善的关键配置参数说明,与最小可用功能集合。
- 适用系统:
el8,el9,d12,u22,u24 - 适用架构:
x86_64,aarch64 - 相关配置:
rich,demo
使用方式:此配置模板为 Pigsty 默认配置模板,因此在 configure 时无需显式指定 -c meta 参数:
./configure [-i <primary_ip>]
例如,如果您想要安装 PG 17,而非默认的 PostgreSQL 18,可以在 configure 中使用 -v 参数:
./configure -v 17 # or 16,15,14,13....
配置内容
源文件地址:pigsty/conf/meta.yml
all:
children:
#----------------------------------------------#
# PGSQL : pg-meta 单节点 PostgreSQL 集群
#----------------------------------------------#
pg-meta:
hosts:
10.10.10.10: { pg_seq: 1, pg_role: primary } # <---- 主实例,可读可写
#x.xx.xx.xx: { pg_seq: 2, pg_role: replica } # <---- 从库实例,只读流量
#x.xx.xx.xy: { pg_seq: 3, pg_role: offline } # <---- 离线实例,ETL/交互查询
vars:
pg_cluster: pg-meta
# 安装并加载扩展: https://doc.pgsty.com/pgsql/extension
pg_extensions: [ postgis, pgvector ]
# 定义业务用户/角色 : https://doc.pgsty.com/pgsql/user
pg_users:
- { name: dbuser_meta ,password: DBUser.Meta ,pgbouncer: true ,roles: [dbrole_admin ] ,comment: pigsty admin user }
- { name: dbuser_view ,password: DBUser.Viewer ,pgbouncer: true ,roles: [dbrole_readonly] ,comment: read-only viewer }
# 定义业务数据库 : https://doc.pgsty.com/pgsql/db
pg_databases:
- name: meta
baseline: cmdb.sql
comment: "pigsty meta database"
schemas: [pigsty]
extensions: [ postgis, vector ]
# 定义 HBA 规则 : https://doc.pgsty.com/pgsql/hba
pg_hba_rules:
- { user: dbuser_view , db: all ,addr: infra ,auth: pwd ,title: 'allow grafana dashboard access cmdb from infra nodes' }
# 定义备份策略: https://doc.pgsty.com/pgsql/backup
node_crontab: [ '00 01 * * * postgres /pg/bin/pg-backup full' ] # 每天凌晨1点全量备份
# 定义(可选)L2 VIP 绑定到主库
#pg_vip_enabled: true
#pg_vip_address: 10.10.10.2/24
#pg_vip_interface: eth1
#----------------------------------------------#
# INFRA : 基础设施组件
#----------------------------------------------#
infra:
hosts:
10.10.10.10: { infra_seq: 1 }
vars:
repo_enabled: false # 单节点模式禁用本地软件源构建
#----------------------------------------------#
# ETCD : 高可用 DCS 服务
#----------------------------------------------#
etcd:
hosts:
10.10.10.10: { etcd_seq: 1 }
vars:
etcd_cluster: etcd
etcd_safeguard: false # 是否防止误删除运行中的etcd实例?
#----------------------------------------------#
# MINIO : 可选的备份存储 (默认禁用)
#----------------------------------------------#
#minio:
# hosts:
# 10.10.10.10: { minio_seq: 1 }
# vars:
# minio_cluster: minio
# minio_users:
# - { access_key: pgbackrest ,secret_key: S3User.Backup ,policy: pgsql }
# - { access_key: s3user_meta ,secret_key: S3User.Meta ,policy: meta }
# - { access_key: s3user_data ,secret_key: S3User.Data ,policy: data }
#----------------------------------------------#
# DOCKER & APP : Docker 与应用程序
#----------------------------------------------#
# 使用 ./app.yml 启动 pgadmin (http://10.10.10.10:8885 admin@pigsty.cc / pigsty)
app:
hosts: { 10.10.10.10: {} }
vars:
docker_enabled: true # 使用 ./docker.yml 启用 Docker
app: pgadmin # 指定默认安装的应用
apps:
pgadmin:
conf:
PGADMIN_DEFAULT_EMAIL: admin@pigsty.cc
PGADMIN_DEFAULT_PASSWORD: pigsty
#==============================================================#
# 全局参数
#==============================================================#
vars:
#----------------------------------------------#
# INFRA 基础设施参数
#----------------------------------------------#
version: v4.0.0 # Pigsty 版本号
admin_ip: 10.10.10.10 # 管理节点 IP 地址
region: china # 上游镜像区域: default|china|europe
proxy_env: # 下载软件包时的全局代理环境变量
no_proxy: "localhost,127.0.0.1,10.0.0.0/8,192.168.0.0/16,*.pigsty,*.aliyun.com,mirrors.*,*.myqcloud.com,*.tsinghua.edu.cn"
# http_proxy: # 在此设置您的代理: 例如 http://user:pass@proxy.xxx.com
infra_portal: # 通过 Portal 暴露的基础设施服务
home : { domain: i.pigsty }
pgadmin : { domain: adm.pigsty ,endpoint: "${admin_ip}:8885" }
#minio : { domain: m.pigsty ,endpoint: "${admin_ip}:9001" ,scheme: https ,websocket: true }
#----------------------------------------------#
# NODE 节点参数
#----------------------------------------------#
nodename_overwrite: false # 单节点模式不覆盖主机名
node_tune: oltp # 节点调优规格: oltp,olap,tiny,crit
node_etc_hosts: [ '${admin_ip} i.pigsty sss.pigsty' ]
node_repo_modules: 'node,infra,pgsql' # 直接将这些仓库添加到单节点
node_repo_remove: true # 移除 Pigsty 管理节点上的现有软件源
#----------------------------------------------#
# PGSQL PostgreSQL 参数
#----------------------------------------------#
pg_version: 18 # 默认 PostgreSQL 版本
pg_conf: oltp.yml # PostgreSQL 调优模板: {oltp,olap,tiny,crit}.yml
pg_safeguard: false # 是否防止误删除运行中的 PostgreSQL 实例?
pg_packages: [ pgsql-main, pgsql-common ] # PG 内核和常用工具
#pg_extensions: [ pg18-time ,pg18-gis ,pg18-rag ,pg18-fts ,pg18-olap ,pg18-feat ,pg18-lang ,pg18-type ,pg18-util ,pg18-func ,pg18-admin ,pg18-stat ,pg18-sec ,pg18-fdw ,pg18-sim ,pg18-etl]
#----------------------------------------------#
# 备份配置 (可选 MinIO)
#----------------------------------------------#
# 如需使用 MinIO 作为备份仓库,请取消下方注释
#pgbackrest_method: minio
#pgbackrest_repo:
# local:
# path: /pg/backup
# retention_full_type: count
# retention_full: 2
# minio:
# type: s3
# s3_endpoint: sss.pigsty
# s3_region: us-east-1
# s3_bucket: pgsql
# s3_key: pgbackrest
# s3_key_secret: S3User.Backup
# ...
#----------------------------------------------#
# 密码配置 : https://doc.pgsty.com/config/security
#----------------------------------------------#
grafana_admin_password: pigsty
grafana_view_password: DBUser.Viewer
pg_admin_password: DBUser.DBA
pg_monitor_password: DBUser.Monitor
pg_replication_password: DBUser.Replicator
patroni_password: Patroni.API
haproxy_admin_password: pigsty
minio_secret_key: S3User.MinIO
etcd_root_password: Etcd.Root
配置解读
meta 模板是 Pigsty 的默认入门配置,专为快速上手设计。
适用场景:
- 首次体验 Pigsty 的用户
- 开发测试环境的快速部署
- 单机运行的小型生产环境
- 作为更复杂部署的基础模板
关键特性:
- 在线安装模式,不构建本地软件源(
repo_enabled: false) - 默认安装 PostgreSQL 18,带有
postgis和pgvector扩展 - 包含完整的监控基础设施(Grafana、Prometheus、Loki 等)
- 预置 Docker 与 pgAdmin 应用示例
- MinIO 备份存储默认禁用,可按需启用
注意事项:
- 默认密码为示例密码,生产环境务必修改
- 单节点模式的 etcd 无高可用保障,适合开发测试
- 如需构建本地软件源,请使用
rich模板
2 - rich
功能丰富的单节点配置,构建本地软件源,下载所有扩展,启用 MinIO 备份,预置完整示例
配置模板 rich 是 meta 的增强版本,专为需要完整功能体验的用户设计。
如果您希望构建本地软件源、使用 MinIO 存储备份、运行 Docker 应用,或需要预置业务数据库,可以使用此模板。
配置概览
- 配置名称:
rich - 节点数量: 单节点
- 配置说明:功能丰富的单节点配置,在
meta基础上增加本地软件源、MinIO 备份、完整扩展、Docker 应用示例 - 适用系统:
el8,el9,d12,u22,u24 - 适用架构:
x86_64(ARM 部分扩展不可用) - 相关配置:
meta,demo
此模板相比 meta 的主要增强:
- 构建本地软件源(
repo_enabled: true),下载所有 PG 扩展 - 启用单节点 MinIO 作为 PostgreSQL 备份存储
- 预置 TimescaleDB、pgvector、pg_wait_sampling 等扩展
- 包含详细的用户/数据库/服务定义注释示例
- 添加 Redis 主从实例示例
- 预置 pg-test 三节点高可用集群配置存根
启用方式:
./configure -c rich [-i <primary_ip>]
配置内容
源文件地址:pigsty/conf/rich.yml
all:
children:
#----------------------------------------------#
# PGSQL : pg-meta 单节点 PostgreSQL 集群
#----------------------------------------------#
pg-meta:
hosts:
10.10.10.10: { pg_seq: 1, pg_role: primary }
vars:
pg_cluster: pg-meta
# 安装并加载扩展
pg_extensions: [ postgis, timescaledb, pgvector, pg_wait_sampling ]
pg_libs: 'timescaledb, pg_stat_statements, auto_explain, pg_wait_sampling'
# 定义业务用户(含完整属性注释示例)
pg_users:
- name: dbuser_meta # 必填:用户名
password: DBUser.Meta # 可选:密码,支持 scram-sha-256 哈希或明文
login: true # 可选:是否允许登录,默认 true
superuser: false # 可选:是否超级用户,默认 false
createdb: false # 可选:是否可创建数据库,默认 false
createrole: false # 可选:是否可创建角色,默认 false
inherit: true # 可选:是否继承角色权限,默认 true
replication: false # 可选:是否可复制,默认 false
bypassrls: false # 可选:是否绕过行级安全,默认 false
pgbouncer: true # 可选:是否加入 pgbouncer 用户列表,默认 false
connlimit: -1 # 可选:连接数限制,默认 -1 不限制
expire_in: 3650 # 可选:N 天后过期(覆盖 expire_at)
expire_at: '2030-12-31' # 可选:过期时间戳(被 expire_in 覆盖)
comment: pigsty admin user # 可选:用户注释
roles: [dbrole_admin] # 可选:所属角色
parameters: {} # 可选:用户级参数
pool_mode: transaction # 可选:pgbouncer 池模式
pool_connlimit: -1 # 可选:pgbouncer 连接限制
- { name: dbuser_view ,password: DBUser.Viewer ,pgbouncer: true ,roles: [dbrole_readonly], comment: read-only viewer }
# 定义业务数据库(含完整属性注释示例)
pg_databases:
- name: meta # 必填:数据库名
baseline: cmdb.sql # 可选:初始化 SQL 脚本
schemas: [ pigsty ] # 可选:额外创建的 schema
extensions: # 可选:安装的扩展
- vector
- postgis
- timescaledb
- { name: pg_wait_sampling, schema: monitor }
comment: pigsty meta database # 可选:数据库注释
#pgbouncer: true # 可选:是否加入 pgbouncer,默认 true
#owner: postgres # 可选:所有者,默认 postgres
#template: template1 # 可选:模板库,默认 template1
#encoding: UTF8 # 可选:编码,默认 UTF8
#locale: C # 可选:区域设置,默认 C
#tablespace: pg_default # 可选:默认表空间
#revokeconn: false # 可选:撤销公共连接权限
#connlimit: -1 # 可选:连接数限制
#pool_mode: transaction # 可选:pgbouncer 池模式
# 定义 HBA 规则
pg_hba_rules:
- { user: dbuser_view , db: all ,addr: infra ,auth: pwd ,title: 'allow grafana access' }
# 备份策略
node_crontab: [ '00 01 * * * postgres /pg/bin/pg-backup full' ]
# L2 VIP(可选)
#pg_vip_enabled: true
#pg_vip_address: 10.10.10.2/24
#pg_vip_interface: eth1
#----------------------------------------------#
# 高可用集群存根示例(需取消注释)
#----------------------------------------------#
#pg-test:
# hosts:
# 10.10.10.11: { pg_seq: 1, pg_role: primary }
# 10.10.10.12: { pg_seq: 2, pg_role: replica }
# 10.10.10.13: { pg_seq: 3, pg_role: replica, pg_offline_query: true }
# vars:
# pg_cluster: pg-test
# pg_users: [{ name: test , password: test , pgbouncer: true , roles: [ dbrole_admin ] }]
# pg_databases: [{ name: test }]
# pg_vip_enabled: true
# pg_vip_address: 10.10.10.3/24
# pg_vip_interface: eth1
#----------------------------------------------#
# INFRA : 基础设施(构建本地软件源)
#----------------------------------------------#
infra:
hosts:
10.10.10.10: { infra_seq: 1 }
vars:
repo_enabled: true # 构建本地软件源
repo_extra_packages: [ pg18-main ,pg18-time ,pg18-gis ,pg18-rag ,pg18-fts ,pg18-olap ,pg18-feat ,pg18-lang ,pg18-type ,pg18-util ,pg18-func ,pg18-admin ,pg18-stat ,pg18-sec ,pg18-fdw ,pg18-sim ,pg18-etl]
#----------------------------------------------#
# ETCD : DCS 服务
#----------------------------------------------#
etcd:
hosts:
10.10.10.10: { etcd_seq: 1 }
vars:
etcd_cluster: etcd
etcd_safeguard: false
#----------------------------------------------#
# MINIO : 备份存储
#----------------------------------------------#
minio:
hosts:
10.10.10.10: { minio_seq: 1 }
vars:
minio_cluster: minio
minio_users:
- { access_key: pgbackrest ,secret_key: S3User.Backup ,policy: pgsql }
- { access_key: s3user_meta ,secret_key: S3User.Meta ,policy: meta }
- { access_key: s3user_data ,secret_key: S3User.Data ,policy: data }
#----------------------------------------------#
# DOCKER & APP
#----------------------------------------------#
app:
hosts: { 10.10.10.10: {} }
vars:
docker_enabled: true
app: pgadmin
apps:
pgadmin:
conf:
PGADMIN_DEFAULT_EMAIL: admin@pigsty.cc
PGADMIN_DEFAULT_PASSWORD: pigsty
bytebase:
conf:
BB_DOMAIN: http://ddl.pigsty
BB_PGURL: "postgresql://dbuser_bytebase:DBUser.Bytebase@10.10.10.10:5432/bytebase?sslmode=prefer"
#----------------------------------------------#
# REDIS 示例
#----------------------------------------------#
redis-ms:
hosts: { 10.10.10.10: { redis_node: 1 , redis_instances: { 6379: { }, 6380: { replica_of: '10.10.10.10 6379' } } } }
vars: { redis_cluster: redis-ms ,redis_password: 'redis.ms' ,redis_max_memory: 64MB }
#==============================================================#
# 全局参数
#==============================================================#
vars:
version: v4.0.0
admin_ip: 10.10.10.10
region: default # 使用默认上游镜像
certbot_sign: false # 启用 certbot 签发 HTTPS 证书
certbot_email: your@email.com # 接收证书过期通知的邮箱
infra_portal:
home : { domain: i.pigsty }
pgadmin : { domain: adm.pigsty ,endpoint: "${admin_ip}:8885" }
bytebase : { domain: ddl.pigsty ,endpoint: "${admin_ip}:8887" }
minio : { domain: m.pigsty ,endpoint: "${admin_ip}:9001" ,scheme: https ,websocket: true }
#----------------------------------------------#
# NODE
#----------------------------------------------#
nodename_overwrite: false
node_tune: oltp
node_etc_hosts:
- '${admin_ip} i.pigsty sss.pigsty'
- '${admin_ip} adm.pigsty ddl.pigsty repo.pigsty supa.pigsty'
node_repo_modules: local # 使用本地软件源
node_repo_remove: true
#----------------------------------------------#
# PGSQL
#----------------------------------------------#
pg_version: 18
pg_conf: oltp.yml
pg_safeguard: false
pg_packages: [ pgsql-main, pgsql-common ]
#----------------------------------------------#
# BACKUP
#----------------------------------------------#
pgbackrest_method: minio # 使用 MinIO 作为备份存储
pgbackrest_repo:
local:
path: /pg/backup
retention_full_type: count
retention_full: 2
minio:
type: s3
s3_endpoint: sss.pigsty
s3_region: us-east-1
s3_bucket: pgsql
s3_key: pgbackrest
s3_key_secret: S3User.Backup
s3_uri_style: path
path: /pgbackrest
storage_port: 9000
storage_ca_file: /etc/pki/ca.crt
block: y # 块级增量备份
bundle: y # 小文件打包
cipher_type: aes-256-cbc # AES 加密
cipher_pass: pgBackRest
retention_full_type: time
retention_full: 14 # 保留 14 天全量备份
#----------------------------------------------#
# PASSWORD
#----------------------------------------------#
grafana_admin_password: pigsty
grafana_view_password: DBUser.Viewer
pg_admin_password: DBUser.DBA
pg_monitor_password: DBUser.Monitor
pg_replication_password: DBUser.Replicator
patroni_password: Patroni.API
haproxy_admin_password: pigsty
minio_secret_key: S3User.MinIO
etcd_root_password: Etcd.Root
配置解读
rich 模板是 Pigsty 的完整功能展示配置,适合需要深入体验所有功能的用户。
适用场景:
- 需要构建本地软件源的离线环境
- 需要使用 MinIO 作为 PostgreSQL 备份存储
- 需要预先规划多个业务数据库和用户
- 需要运行 Docker 应用(pgAdmin、Bytebase 等)
- 希望了解配置参数完整用法的学习者
与 meta 的主要区别:
- 启用本地软件源构建(
repo_enabled: true) - 启用 MinIO 存储备份(
pgbackrest_method: minio) - 预装 TimescaleDB、pg_wait_sampling 等额外扩展
- 包含详细的参数注释,便于理解配置含义
- 预置高可用集群存根配置(pg-test)
注意事项:
- ARM64 架构部分扩展不可用,请按需调整
- 构建本地软件源需要较长时间和较大磁盘空间
- 默认密码为示例密码,生产环境务必修改
3 - slim
精简安装配置模板,不部署监控基础设施,直接从互联网安装 PostgreSQL
slim 配置模板提供精简安装能力,在不部署 Infra 监控基础设施的前提下,直接从互联网安装 PostgreSQL 高可用集群。
当您只需要一个可用的数据库实例,不需要监控系统时,可以考虑使用 精简安装 模式。
配置概览
- 配置名称:
slim - 节点数量: 双节点
- 配置说明:精简安装配置模板,不部署监控基础设施
- 适用系统:
el8,el9,d12,u22,u24 - 适用架构:
x86_64,aarch64 - 相关配置:
dual
启用方式:
./configure -c slim [-i <primary_ip>]
配置生成后,需要将占位 IP 10.10.10.11 修改为实际的从库节点 IP 地址。
配置内容
源文件地址:pigsty/conf/slim.yml
all:
children:
# 占位符:infra 组定义但不使用
infra: { hosts: { 10.10.10.10: { infra_seq: 1 } } }
# ETCD DCS 服务
etcd:
hosts:
10.10.10.10: { etcd_seq: 1 }
vars:
etcd_cluster: etcd
# PostgreSQL 双节点高可用集群
pg-meta:
hosts:
10.10.10.10: { pg_seq: 1, pg_role: primary }
10.10.10.11: { pg_seq: 2, pg_role: replica }
vars:
pg_cluster: pg-meta
pg_databases: [ { name: meta ,baseline: cmdb.sql ,comment: pigsty meta database ,schemas: [pigsty] ,extensions: [{name: vector}]}]
pg_users:
- { name: dbuser_meta ,password: DBUser.Meta ,pgbouncer: true ,roles: [ dbrole_admin ] ,comment: pigsty admin user }
- { name: dbuser_view ,password: DBUser.Viewer ,pgbouncer: true ,roles: [ dbrole_readonly ] ,comment: read-only viewer for meta database }
node_crontab: [ '00 01 * * * postgres /pg/bin/pg-backup full' ]
vars:
version: v4.0.0
admin_ip: 10.10.10.10
region: default
node_tune: oltp
pg_conf: oltp.yml
# 精简安装设置:禁用监控基础设施
nginx_enabled: false
dns_enabled: false
prometheus_enabled: false
grafana_enabled: false
pg_exporter_enabled: false
pgbouncer_exporter_enabled: false
pg_vip_enabled: false
# 软件包配置
repo_modules: infra,node,pgsql
repo_remove: true
node_repo_modules: local
node_repo_remove: true
repo_packages: [ node-bootstrap, infra-package, infra-addons, node-package1, node-package2, pgsql-common ]
repo_extra_packages: [ pg18-main ]
#----------------------------------------------#
# PASSWORD
#----------------------------------------------#
pg_admin_password: DBUser.DBA
pg_monitor_password: DBUser.Monitor
pg_replication_password: DBUser.Replicator
patroni_password: Patroni.API
haproxy_admin_password: pigsty
minio_secret_key: S3User.MinIO
etcd_root_password: Etcd.Root
配置解读
slim 模板是 Pigsty 的最小化安装配置,专为资源受限或仅需数据库功能的场景设计。
适用场景:
- 仅需要 PostgreSQL 数据库,不需要监控系统
- 资源有限的小型服务器或边缘设备
- 嵌入式场景或容器化部署
- 快速部署测试用的临时数据库
关键特性:
- 禁用所有监控组件(Prometheus、Grafana、Loki 等)
- 禁用 Nginx 反向代理和 DNS 服务
- 禁用 PostgreSQL Exporter 和 PgBouncer Exporter
- 保留核心 PostgreSQL 高可用能力(Patroni + etcd)
- 最小化软件包下载,加快安装速度
注意事项:
- 精简模式不提供监控能力,无法通过 Grafana 查看数据库状态
- 如需恢复监控功能,需要重新部署 Infra 模块
- 生产环境建议使用完整安装模式(
meta或rich)
4 - bare
Pigsty 最精简的单节点配置,最小必需参数集合
配置模板 bare 是 Pigsty 所需的最精简配置
比这更少的配置模板将无法正常工作。
配置概览
- 配置名称:
bare - 节点数量: 单节点,
pigsty/vagrant/spec/meta.rb - 配置说明:Pigsty 最精简的单节点配置
- 配置内容:
pigsty/conf/demo/bare.yml - 适用系统:
el8,el9,d12,u22,u24 - 适用架构:
x86_64,aarch64 - 相关配置:
meta
./configure -c bare [-i <primary_ip>]
配置内容
源文件地址:pigsty/conf/demo/bare.yml
all:
children:
infra: { hosts: { 10.10.10.10: { infra_seq: 1 } } }
etcd: { hosts: { 10.10.10.10: { etcd_seq: 1 } }, vars: { etcd_cluster: etcd } }
pg-meta: { hosts: { 10.10.10.10: { pg_seq: 1, pg_role: primary } }, vars: { pg_cluster: pg-meta } }
vars:
version: v3.2.2
admin_ip: 10.10.10.10
region: default
5 - pitr
单节点云端对象存储 PITR 配置,使用远程S3进行持续备份与恢复
配置模板 pitr 演示了在云上如何在只有单个 EC2 / ECS 服务器的情况下,
使用对象存储对数据库进行兜底性容灾。
配置概览
- 配置名称:
pitr - 节点数量: 单节点,
pigsty/vagrant/spec/meta.rb - 配置说明:单节点,利用云上远程对象存储进行持续备份与PITR,从而确保基础的 RTO/PRO。
- 配置内容:
pigsty/conf/pitr.yml - 适用系统:
el8,el9,d12,u22,u24 - 适用架构:
x86_64,aarch64 - 相关配置:
meta - Terraform 模板(阿里云):
terraform/spec/aliyun-meta-s3.tf
./configure -c pitr [-i <primary_ip>]
配置内容
源文件地址:pigsty/conf/pitr.yml
# This 1-node template will use an external S3 (OSS) as backup storage
# which provide a basic level RTO / PRO in case of single point failure
# terraform template: terraform/spec/aliyun-meta-s3.tf
all:
#==============================================================#
# Clusters, Nodes, and Modules
#==============================================================#
children:
#----------------------------------#
# infra: monitor, alert, repo, etc..
#----------------------------------#
infra:
hosts:
10.10.10.10: { infra_seq: 1 }
#----------------------------------#
# etcd cluster for HA postgres DCS
#----------------------------------#
etcd:
hosts:
10.10.10.10: { etcd_seq: 1 }
vars:
etcd_cluster: etcd
#----------------------------------#
# minio (OPTIONAL backup repo)
#----------------------------------#
#minio:
# hosts:
# 10.10.10.10: { minio_seq: 1 }
# vars:
# minio_cluster: minio
#----------------------------------#
# pgsql (singleton on current node)
#----------------------------------#
# this is an example single-node postgres cluster with postgis & timescaledb installed, with one biz database & two biz users
pg-meta:
hosts:
10.10.10.10: { pg_seq: 1, pg_role: primary }
vars:
pg_cluster: pg-meta # required identity parameter, usually same as group name
# define business databases here: https://pigsty.io/docs/pgsql/config/db/
pg_databases: # define business databases on this cluster, array of database definition
- name: meta # REQUIRED, `name` is the only mandatory field of a database definition
baseline: cmdb.sql # optional, database sql baseline path, (relative path among ansible search path, e.g: files/)
schemas: [ pigsty ] # optional, additional schemas to be created, array of schema names
extensions: # optional, additional extensions to be installed: array of `{name[,schema]}`
- { name: vector } # install pgvector extension on this database by default
comment: pigsty meta database # optional, comment string for this database
#pgbouncer: true # optional, add this database to pgbouncer database list? true by default
#owner: postgres # optional, database owner, postgres by default
#template: template1 # optional, which template to use, template1 by default
#encoding: UTF8 # optional, database encoding, UTF8 by default. (MUST same as template database)
#locale: C # optional, database locale, C by default. (MUST same as template database)
#lc_collate: C # optional, database collate, C by default. (MUST same as template database)
#lc_ctype: C # optional, database ctype, C by default. (MUST same as template database)
#tablespace: pg_default # optional, default tablespace, 'pg_default' by default.
#allowconn: true # optional, allow connection, true by default. false will disable connect at all
#revokeconn: false # optional, revoke public connection privilege. false by default. (leave connect with grant option to owner)
#register_datasource: true # optional, register this database to grafana datasources? true by default
#connlimit: -1 # optional, database connection limit, default -1 disable limit
#pool_auth_user: dbuser_meta # optional, all connection to this pgbouncer database will be authenticated by this user
#pool_mode: transaction # optional, pgbouncer pool mode at database level, default transaction
#pool_size: 64 # optional, pgbouncer pool size at database level, default 64
#pool_size_reserve: 32 # optional, pgbouncer pool size reserve at database level, default 32
#pool_size_min: 0 # optional, pgbouncer pool size min at database level, default 0
#pool_max_db_conn: 100 # optional, max database connections at database level, default 100
#- { name: grafana ,owner: dbuser_grafana ,revokeconn: true ,comment: grafana primary database } # define another database
# define business users here: https://pigsty.io/docs/pgsql/config/user/
pg_users: # define business users/roles on this cluster, array of user definition
- name: dbuser_meta # REQUIRED, `name` is the only mandatory field of a user definition
password: DBUser.Meta # optional, password, can be a scram-sha-256 hash string or plain text
login: true # optional, can log in, true by default (new biz ROLE should be false)
superuser: false # optional, is superuser? false by default
createdb: false # optional, can create database? false by default
createrole: false # optional, can create role? false by default
inherit: true # optional, can this role use inherited privileges? true by default
replication: false # optional, can this role do replication? false by default
bypassrls: false # optional, can this role bypass row level security? false by default
pgbouncer: true # optional, add this user to pgbouncer user-list? false by default (production user should be true explicitly)
connlimit: -1 # optional, user connection limit, default -1 disable limit
expire_in: 3650 # optional, now + n days when this role is expired (OVERWRITE expire_at)
expire_at: '2030-12-31' # optional, YYYY-MM-DD 'timestamp' when this role is expired (OVERWRITTEN by expire_in)
comment: pigsty admin user # optional, comment string for this user/role
roles: [dbrole_admin] # optional, belonged roles. default roles are: dbrole_{admin,readonly,readwrite,offline}
parameters: {} # optional, role level parameters with `ALTER ROLE SET`
pool_mode: transaction # optional, pgbouncer pool mode at user level, transaction by default
pool_connlimit: -1 # optional, max database connections at user level, default -1 disable limit
- { name: dbuser_view ,password: DBUser.Viewer ,pgbouncer: true ,roles: [dbrole_readonly], comment: read-only viewer for meta database }
# define pg extensions: https://pigsty.io/docs/pgext/
pg_libs: 'pg_stat_statements, auto_explain' # add timescaledb to shared_preload_libraries
pg_extensions: [ pgvector ] # available extensions: https://pgext.cloud/zh/list
# define HBA rules here: https://pigsty.io/docs/pgsql/config/hba/#define-hba
pg_hba_rules: # example hba rules
- {user: dbuser_view , db: all ,addr: infra ,auth: pwd ,title: 'allow grafana dashboard access cmdb from infra nodes'}
node_crontab: # make a full backup on monday 1am, and an incremental backup during weekdays
- '00 01 * * 1 postgres /pg/bin/pg-backup full'
- '00 01 * * 2,3,4,5,6,7 postgres /pg/bin/pg-backup'
#==============================================================#
# Global Parameters
#==============================================================#
vars:
#----------------------------------#
# Meta Data
#----------------------------------#
version: v3.2.2 # pigsty version string
admin_ip: 10.10.10.10 # admin node ip address
region: default # upstream mirror region: default|china|europe
node_tune: oltp # node tuning specs: oltp,olap,tiny,crit
pg_conf: oltp.yml # pgsql tuning specs: {oltp,olap,tiny,crit}.yml
proxy_env: # global proxy env when downloading packages
no_proxy: "localhost,127.0.0.1,10.0.0.0/8,192.168.0.0/16,*.pigsty,*.aliyun.com,mirrors.*,*.myqcloud.com,*.tsinghua.edu.cn"
# http_proxy: # set your proxy here: e.g http://user:pass@proxy.xxx.com
# https_proxy: # set your proxy here: e.g http://user:pass@proxy.xxx.com
# all_proxy: # set your proxy here: e.g http://user:pass@proxy.xxx.com
infra_portal: # domain names and upstream servers
home : { domain: h.pigsty }
grafana : { domain: g.pigsty ,endpoint: "${admin_ip}:3000" , websocket: true }
prometheus : { domain: p.pigsty ,endpoint: "${admin_ip}:9090" }
alertmanager : { domain: a.pigsty ,endpoint: "${admin_ip}:9093" }
blackbox : { endpoint: "${admin_ip}:9115" }
loki : { endpoint: "${admin_ip}:3100" }
#----------------------------------#
# MinIO Related Options
#----------------------------------#
# ADD YOUR AK/SK/REGION/ENDPOINT HERE
pgbackrest_method: s3 # if you want to use minio as backup repo instead of 'local' fs, uncomment this
pgbackrest_repo: # pgbackrest repo: https://pgbackrest.org/configuration.html#section-repository
s3: # aliyun oss (s3 compatible) object storage service
type: s3 # oss is s3-compatible
s3_endpoint: oss-cn-beijing-internal.aliyuncs.com
s3_region: oss-cn-beijing
s3_bucket: <your_bucket_name>
s3_key: <your_access_key>
s3_key_secret: <your_secret_key>
s3_uri_style: host
path: /pgbackrest
bundle: y # bundle small files into a single file
cipher_type: aes-256-cbc # enable AES encryption for remote backup repo
cipher_pass: PG.${pg_cluster} # AES encryption password, default is 'pgBackRest'
retention_full_type: time # retention full backup by time on minio repo
retention_full: 14 # keep full backup for last 14 days
#----------------------------------#
# Credential: CHANGE THESE PASSWORDS
#----------------------------------#
#grafana_admin_username: admin
grafana_admin_password: pigsty
#pg_admin_username: dbuser_dba
pg_admin_password: DBUser.DBA
#pg_monitor_username: dbuser_monitor
pg_monitor_password: DBUser.Monitor
#pg_replication_username: replicator
pg_replication_password: DBUser.Replicator
#patroni_username: postgres
patroni_password: Patroni.API
#haproxy_admin_username: admin
haproxy_admin_password: pigsty
#----------------------------------#
# Safe Guard
#----------------------------------#
# you can enable these flags after bootstrap, to prevent purging running etcd / pgsql instances
etcd_safeguard: false # prevent purging running etcd instance?
pg_safeguard: false # prevent purging running postgres instance? false by default
#----------------------------------#
# Repo, Node, Packages
#----------------------------------#
# if you wish to customize your own repo, change these settings:
repo_modules: infra,node,pgsql
repo_remove: true # remove existing repo on admin node during repo bootstrap
node_repo_modules: local # install the local module in repo_upstream for all nodes
node_repo_remove: true # remove existing node repo for node managed by pigsty
repo_packages: [ # default packages to be downloaded
node-bootstrap, infra-package, infra-addons, node-package1, node-package2, pgsql-common #,docker
]
repo_extra_packages: [ # default postgres packages to be downloaded
pg17-main # replace with the following line if you want all extensions
#pg17-core ,pg17-time ,pg17-gis ,pg17-rag ,pg17-fts ,pg17-olap ,pg17-feat ,pg17-lang ,pg17-type ,pg17-func ,pg17-admin ,pg17-stat ,pg17-sec ,pg17-fdw ,pg17-sim ,pg17-etl
]
pg_version: 17 # default postgres version
#pg_extensions: [ pg17-time ,pg17-gis ,pg17-rag ,pg17-fts ,pg17-olap ,pg17-feat ,pg17-lang ,pg17-type ,pg17-func ,pg17-admin ,pg17-stat ,pg17-sec ,pg17-fdw ,pg17-sim ,pg17-etl ]
...
注意事项
你需要在 pgbackrest_repo 中填入对象存储桶的访问信息。
6 - infra
仅安装可观测性基础设施,不包含 PostgreSQL 与 etcd 的专用配置模板