4.2. Installation in the High Availability Mode #
This section provides an example of installing and setting up PPEM in the high availability mode. The following software is used in the example:
Debian Linux 12 OS
HAProxy 2.6.12 (included in the Debian repository)
keepalived 2.2.7 (included in the Debian repository)
Postgres Pro Enterprise 17.2.2 + BiHA (included in the
postgrespro-ent-17-contribpackage)
The recommended high availability PPEM architecture includes the following components:
High availability cluster based on the BiHA solution available in Postgres Pro Enterprise 16 and higher.
BiHA cluster consists of three or more nodes. One of the nodes acts as the leader. The manager automatically connects to the leader. If the leader fails, one of the remaining nodes automatically becomes the new leader.
Cluster of HAProxy servers + keepalived.
A virtual IP address is automatically activated on one of the servers using the keepalived service. Users and agents interact with managers using this virtual IP address. If the server with the virtual IP address fails, the virtual IP address is activated on one of the remaining servers.
HAProxy also balances client HTTP requests between available managers. For sending requests of a specific client to the same manager, the HAProxy IP-based stickiness or cookie session stickiness functionality is used.
You can deploy this component on separate servers and managers.
Manager.
Two or more servers in the active mode.
The components required for implementation of the recommended architecture are described in the table below.
| Component | Amount | Minimum Requirements |
|---|---|---|
| Manager server + HAProxy + keepalived | 2 | 2 CPU, 4 GB RAM, 20 GB HDD. |
| Postgres Pro BiHA server | 3 | 2 CPU, 4 GB RAM, 20 GB HDD. |
| Virtual static IP address | 1 | The IP address must be excluded from the DHCP pool. You can also create a DNS A record for this IP address. |
To install PPEM in the high availability mode:
To provide PPEM servers with access to DBMS, edit the
pg_hba.confconfiguration file, for example:# cat /var/lib/pgpro/ent-17/data/pg_hba.conf host all all 192.168.1.0/24 scram-sha-256
# cat /etc/ppem-manager.yml http: server: address: "network_address_for_incoming_connections" port: "port_for_incoming_connections" repo: url: postgres://ppem:DBMS_user_password@biha-server-1/ppem fallback_addresses: -biha_server_2-biha_server_3target_session_attrs: read-writeWhere:
http.server.addressandhttp.server.port: The network address of the server and the port number for incoming network connections.In terms of HAProxy these are backend parameters.
repo.url: The network address of the first BiHA cluster node.fallback_addresses: The network addresses of the remaining BiHA cluster nodes.target_session_attrs: The session attribute condition that determines when the manager can automatically connect to the BiHA cluster leader.Specify
read-write.
On HAProxy servers, install haproxy, keepalived, and the required tools:
sudo apt-get install haproxy keepalived psmisc
Configure HAProxy using the
haproxy.cfgconfiguration file, for example:global log /dev/log local0 log /dev/log local1 notice stats socket /var/lib/haproxy/stats level admin chroot /var/lib/haproxy user haproxy group haproxy daemon defaults log global mode http option httplog option dontlognull timeout connect 5000 timeout client 50000 timeout server 50000 errorfile 400 /etc/haproxy/errors/400.http errorfile 403 /etc/haproxy/errors/403.http errorfile 408 /etc/haproxy/errors/408.http errorfile 500 /etc/haproxy/errors/500.http errorfile 502 /etc/haproxy/errors/502.http errorfile 503 /etc/haproxy/errors/503.http errorfile 504 /etc/haproxy/errors/504.http frontend hafrontend bind *:80 mode http default_backend habackend backend habackend mode http balance roundrobin option forwardfor option httpchk http-check send meth HEAD uri / cookie SERVERID insert indirect server ppem-server-1
PPEM_server_address-1:8080 cookie ppem-server-1 check server ppem-server-2PPEM_server_address-2:8080 cookie ppem-server-2 checkThe cookie-based persistence method is used in the example. It assigns a cookie with the PPEM server name to users. This is required for sending all queries within the HTTP session to a single manager server.
Configure the
HAProxy-1server using thekeepalived.confconfiguration file:global_defs { enable_script_security } vrrp_script chk_haproxy { script "/usr/bin/killall -0 haproxy" interval 3 fall 2 rise 3 timeout 3 user root } vrrp_instance internal { interfaceinterfacestate MASTER virtual_router_id 124 priority 100 unicast_src_ipHAproxy-1_server_IP_addressunicast_peer {HAproxy-2_server_IP_address} virtual_ipaddress {virtual_IP_address/subnet_class_(for_example_16_or_24)devinterface} track_script { chk_haproxy } }The configuration is the same for the
HAProxy-2server, but the IP addresses in theunicast_src_ipandunicast_peerparameters are switched.On all BiHA servers, configure agents.
The connection to the manager must be configured via a virtual IP address.
Perform healthcheck by ensuring that:
The BiHA cluster database is available on all PPEM servers.
The
ppemsystem server is running on all PPEM servers:systemctl status ppem
The web application is available on all PPEM servers:
on port 8080:
curl http://
PPEM_server_IP_address:8080on port 80 via HAProxy:
curl http://
PPEM_server_IP_address:80via a virtual IP address:
curl http://
virtual_IP_address:80
The HAProxy and keepalived services are running on all PPEM servers:
systemctl status haproxy systemctl status keepalived