This approach is utilized for environments without Internet access and no satellite repositories. It involves using TPAexec to download all the necessary packages through Docker to a local directory. The local repository will only contain packages to build the same cluster or a similar cluster as defined in the config.yml
file referenced during the package download.
The steps below use a PGD 5 cluster as an example, but this approach also applies for any architecture and any version.
For this example, we need two TPAexec host machines: one with Internet access and the other without Internet access. In this example, they are both on the same local network, but the only requirement is that they are reachable to each other.
Environment (all machines are running RedHat 8):
Host name | IP address | Role |
---|---|---|
TPAWITHNET | 192.168.1.100 | TPAexec + Docker |
TPAWITHOUTNET | 192.168.1.101 | TPAexec |
NODE1 | 192.168.1.102 | PGD 5 data node |
NODE2 | 192.168.1.103 | PGD 5 data node |
NODE3 | 192.168.1.104 | PGD 5 data node |
BARMAN-SERVER | 192.168.1.105 | Barman |
Only the host TPAWITHNET
has Internet access, and we're going to use it to download the packages with the help of Docker. So, make sure to have Docker installed on the TPAexec host with Internet access.
The steps to create the local repository are then as follows.
1- Create a simple PGD 5 cluster directory in the user's home directory on the TPAWITHNET
host:
tpaexec configure ~/mycluster \
--architecture PGD-Always-ON \
--platform bare \
--edb-postgres-advanced 15 \
--redwood \
--location-names dc1 \
--pgd-proxy-routing global \
--keyring legacy \
--no-git
2- Create a local-repo
directory under your TPA cluster directory. For example, for RedHat 8:
mkdir -p ~/mycluster/local-repo/RedHat/8/repodata
Note that the local repository directory path must be created with the following nomenclature:
-
local-repo
: This is the directory name that TPAexec will look for, to store all the downloaded packages; -
RedHat
: The Linux distribution which you intend to download the compatible packages for; -
8
: The version of the Linux distribution; -
repodata
: Sub-directory that will contain the repository data.
3- Download the packages to the local-repo
directory:
tpaexec download-packages ~/mycluster --docker-image tpa/redhat:8
If we take a look at the config.yml
, we will see that we have the following repositories which all necessary packages to build our cluster will be downloaded from:
...
edb_repositories:
- enterprise
- postgres_distributed
...
yum_repository_list:
- EPEL
...
4- Access the TPAexec host TPAWITHOUTNET
and create a cluster directory (repeat step 1).
5- Copy the local-repo
directory from the TPAWITHNET
machine to TPAWITHOUTNET
. For example, considering that the two TPAexec hosts can communicate to each other using SSH:
scp -r root@192.168.1.100:~/mycluster/local-repo root@192.168.1.101:~/mycluster/
6- With the local-repo
directory now present in the TPA cluster of the TPA host without Internet access, we need to add some important settings to the config.yml
file to utilize the local repository:
cluster_vars:
...
use_local_repo_only: true
disable_repository_checks: true
edb_repositories: []
yum_repositories: []
...
instance_defaults:
platform: bare
vars:
local_source_directories:
- ~/mycluster/local-repo:/var/opt/tpa/local-repo:ro
ansible_user: root
...
The setting use_local_repo_only
will not remove the already existing repositories from the target machine. Instead, it will only disable them, allowing you to manually enable these repositories back if needed.
The setting local_source_directories
will copy the local-repo
directory from the TPAexec host to /var/opt/tpa/local-repo
of all the target machines. The :ro
means read-only.
If you are using the Docker platform to test the settings, you must configure the use_local_repo_only
under instance_defaults
and out of vars
, as shown in the example below:
instance_defaults:
platform: docker
image: tpa/redhat:8
local_source_directories:
- /mycluster/local-repo:/var/opt/tpa/local-repo:ro
vars:
ansible_user: root
7- This is a sample config.yml
file for a bare metal deployment:
---
architecture: PGD-Always-ON
cluster_name: mycluster2
cluster_tags: {}
keyring_backend: legacy
cluster_vars:
use_local_repo_only: true
disable_repository_checks: true
apt_repository_list: []
bdr_database: bdrdb
bdr_node_group: mycluster2
bdr_node_groups:
- name: mycluster2
options:
enable_proxy_routing: true
- name: dc1_subgroup
options:
location: dc1
parent_group_name: mycluster2
bdr_version: '5'
default_pgd_proxy_options:
listen_port: 6432
edb_repositories: []
epas_redwood_compat: true
failover_manager: pgd
postgres_coredump_filter: '0xff'
postgres_flavour: epas
postgres_version: '15'
preferred_python_version: python3
use_volatile_subscriptions: false
yum_repository_list: []
locations:
- Name: dc1
instance_defaults:
platform: bare
vars:
ansible_user: root
local_source_directories:
- ~/mycluster/local-repo:/var/opt/tpa/local-repo:ro
instances:
- Name: NODE1
backup: BARMAN-SERVER
ip_address: 192.168.1.102
location: dc1
node: 1
role:
- bdr
- pgd-proxy
vars:
bdr_child_group: dc1_subgroup
bdr_node_options:
route_priority: 100
- Name: NODE2
ip_address: 192.168.1.103
location: dc1
node: 2
role:
- bdr
- pgd-proxy
vars:
bdr_child_group: dc1_subgroup
bdr_node_options:
route_priority: 100
- Name: NODE3
ip_address: 192.168.1.104
location: dc1
node: 3
role:
- bdr
- pgd-proxy
vars:
bdr_child_group: dc1_subgroup
bdr_node_options:
route_priority: 100
- Name: BARMAN-SERVER
ip_address: 192.168.1.105
location: dc1
node: 4
role:
- barman
8- Run tpaexec provision
and then tpaexec deploy
. If you don't have SSH access correctly configured between the TPAexec host and the target nodes for a bare deployment, you must follow these instructions here: bare(-metal servers).
After the deployment, the target machines will have only the tpa-local-repo
available if you check them using the yum repolist
command. However, you can manually enable any repository back, as mentioned above. They are located in /etc/yum.repos.d/
in the case of RedHat-like distributions:
$ yum repolist
repo id repo name
tpa-local-repo Local repository (set up by TPA)