Infrastructure as Code

Treat infrastructure & database as code. Manage them in a declarative manner with GitOps-friendly workflows.

Declarative
Configuration
Idempotent
Playbooks
GitOps
Ready

Declarative API

Define your entire infrastructure in YAML configuration files, similar to Kubernetes CRDs.

Database as Code

Manage databases, users, and access control through version-controlled configuration.

GitOps Workflow

Version control your infrastructure with Git, enabling collaborative and auditable changes.

Declare Module

Define infrastructure modules with a simple YAML configuration. Here's an example of declaring basic infrastructure nodes:

# infra cluster for proxy, monitor, alert, etc...
infra: { hosts: { 10.10.10.10: { infra_seq: 1 } } }

# minio cluster, s3 compatible object storage
minio: { hosts: { 10.10.10.10: { minio_seq: 1 } }, vars: { minio_cluster: minio } }

# etcd cluster for ha postgres DCS
etcd: { hosts: { 10.10.10.10: { etcd_seq: 1 } }, vars: { etcd_cluster: etcd } }

# postgres example cluster: pg-meta
pg-meta: { hosts: { 10.10.10.10: { pg_seq: 1, pg_role: primary }, vars: { pg_cluster: pg-meta } }

Declare Cluster

Create multi-node PostgreSQL clusters with high availability using declarative configuration:

pg-test:
  hosts:
    10.10.10.11: { pg_seq: 1, pg_role: primary }
    10.10.10.12: { pg_seq: 2, pg_role: replica }
    10.10.10.13: { pg_seq: 3, pg_role: replica }
  vars: { pg_cluster: pg-test }

Declare Cluster Internals

Configure databases, users, and access control within your clusters:

pg_databases:
  - name: meta
    baseline: cmdb.sql
    schemas: [pigsty]
    extensions:
      - { name: postgis, schema: public }
      - { name: timescaledb }
    comment: pigsty meta database

pg_users:
  - name: dbuser_meta
    password: DBUser.Meta
    login: true
    roles: [dbrole_admin]
    pgbouncer: true
    comment: pigsty admin user

Declare Access Control

Define comprehensive security policies and access rules:

pg_hba_rules:
  - {user: '${dbsu}', db: all, addr: local, auth: ident}
  - {user: '+dbrole_readonly', db: all, addr: intra, auth: ssl}
  - {user: '+dbrole_offline', db: all, addr: intra, auth: ssl}

pg_vip_enabled: true
pg_vip_address: 10.10.10.2/24
pg_vip_interface: eth1
patroni_ssl_enabled: true
pgbouncer_sslmode: require
Pigsty LogoPIGSTY
版权所有 © 2020-2025 冯若航 (@Vonng)
All rights reserved
浙ICP备15016890号
定价社区支持
国际站点开源协议隐私政策发布注记
GitHubTwitterWeChatDiscordLinkedIn

PIGSTY