levis/help365
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
production
help365/platform/configure-postgresql.html
koziavin 00717a92fb
All checks were successful
Deploy Static Site / deploy (push) Successful in 6m6s
Details
update
2025-05-29 16:42:45 +04:00

805 lines
90 KiB
HTML
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<html lang="en">
<head>
<title>PostgreSQL cluster</title>
<meta name="generator" content="Help+Manual" />
<meta name="keywords" content="" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="To ensure the correct operation of the system, PostgreSQL version 1015 is required. The article describes the installation of PostgreSQL 13 for Ubuntu Linux 20.04 and 22.04...." />
<meta name="picture" content="" />
<meta property="og:type" content="website" />
<meta property="og:title" content="Full documentation for BRIX365 platform. Low-code developer guide. User guide. Admin guide. Developer guide." />
<meta property="og:url" content="https://brix365.com/en/help" />
<meta property="og:image" content="" />
<link rel="icon" href="favicon.png" type="image/png" />
<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap" rel="stylesheet" />
<link rel="stylesheet" href="./jquery-ui.min.css" />
<link rel="stylesheet" href="default.css" />
<link rel="stylesheet" href="./search-yandex.css" />
<link rel="stylesheet" href="./article.css" />
<link rel="stylesheet" href="./glossary.css" />
<link rel="stylesheet" href="./theme.css" />
<script type="text/javascript" src="jquery.js"></script>
<script type="text/javascript" src="helpman_settings.js"></script>
<script type="text/javascript" src="helpman_topicinit.js"></script>
<script type="text/javascript" src="highlight.js"></script>
<script type="text/javascript">
$(document).ready(function(){highlight();});
</script>
</head>
<body>
<script>!function(e,t,c,n,r,a,m){e.ym=e.ym||function(){(e.ym.a=e.ym.a||[]).push(arguments)},e.ym.l=1*new Date;for(var s=0;s<document.scripts.length;s++)if(document.scripts[s].src===n)return;a=t.createElement(c),m=t.getElementsByTagName(c)[0],a.async=1,a.src=n,m.parentNode.insertBefore(a,m)}(window,document,"script","https://mc.yandex.ru/metrika/tag.js"),ym(83179930,"init",{clickmap:!0,trackLinks:!0,accurateTrackBounce:!0,webvisor:!0})</script><noscript><div><img alt=""src=https://mc.yandex.ru/watch/83179930 style=position:absolute;left:-9999px></div></noscript>
<header class="header elma-365">
<div class="container">
<a class="header__logo" href="https://brix365.com/en/help">
<img src="./logo-en.svg" alt="header logo">
</a>
<!-- <div class="hero__search-form" id="search-panel">
<form class="search-form" onsubmit="ym(83180416,'reachGoal','poisk')">
<label class="search-form__label">
<span id="reset-search" class="search__icon"></span>
<input class="search-form__input" type="text">
</label>
<input class="search-form__submit" type="submit" value="Submit">
</form>
</div> -->
<div class="hero__search-form" id="search-panel"> <form class="search-form"> <label class="search-form__label"> <span id="reset-search" class="search__icon"></span> <input class="search-form__input" type="text"> </label> <input class="search-form__submit" type="submit" value="Submit"> </form> </div>
<div class="hero__search">
<a href="#" id="search-icon" class="hero__search-icon">
<img src="search-icon-white.svg" alt="search string">
</a>
<a href="#" id="side-menu-icon" class="hero__side-icon">
<img src="side_menu.svg" alt="side menu">
</a>
</div>
<div class="header__navi">
<ul class="header__list"><li><span class="solution-select"><span class="solution-select__selected"></span><svg width="7" height="4" viewBox="0 0 7 4" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M1 1L3.5 3.5L6 1" stroke="white" stroke-linecap="round" stroke-linejoin="round"/></svg><ul class="solution-select__list"><li><a class="project-link" href="https://brix365.com/en/help/platform/get-trial.html">Platform</a></li><li><a class="project-link" href="https://brix365.com/en/help/ecm/ecm-functions.html">ECM</a></li><li><a class="project-link" href="https://brix365.com/en/help/crm/crm_overview.html">CRM</a></li><li><a class="project-link" href="https://brix365.com/en/help/service/service-functions.html">Service</a></li><li><a class="project-link" href="https://brix365.com/en/help/projects/projects-functions.html">Projects</a></li><li><a class="project-link" href="https://brix365.com/en/help/business_solutions/-elma365-store.html">Business Solutions</a></li></ul></span></li><li><a href="https://api.brix365.com/en/" target="_blank">API</a></li><li><a href="https://tssdk.brix365.com/" target="_blank">SDK</a></li></ul>
</div>
</div>
</header>
<main class="main container">
<aside class="sidebar" id="sidebar">
<div class="sidebar__header">
<a class="header__logo" href="https://brix365.com/en/help">
<img src="./logo-light-en.svg">
</a>
<span class="sidebar__close elma-365-close" id="close"></span>
</div>
<div class="sidebar__wrapper" id="side-menu">
</div>
</aside>
<article class="article" id="article">
<div class="article-inner">
<div class="content">
<header class="article__header">
<div class="article__bread" style="display:flex; gap:10px;">
<span id="subcategory" class="search-res__item-category search-res__item-category_subcategory subcategory article__badge"></span>
<div class="topic__breadcrumbs">
<p><a href="elma365-on-premises.html">BRIX On-Premises</a> &gt; <a href="infrastructure-preparation.html">Prepare infrastructure</a> &gt; Databases &gt; High availability infrastructure / PostgreSQL cluster</p>
</div>
</div>
<div class="topic__title"><h1 class="p_Heading1"><span class="f_Heading1">PostgreSQL cluster</span></h1>
</div>
</header>
<section class="article__content">
<div class="scroll-top-inner">
<a href="#h1-article" class="scroll-top"></a>
</div>
<!-- Placeholder for topic body. -->
<p class="p_Normal" style="line-height: 1.20;">To ensure the correct operation of the system, PostgreSQL version 1015 is required. The article describes the installation of PostgreSQL 13 for Ubuntu Linux 20.04 and 22.04. You can also refer to the <a href="https://www.postgresql.org/docs/13/high-availability.html" target="_blank" class="weblink">official PostgreSQL documentation</a>.</p>
<p class="p_Normal" style="line-height: 1.20;">The installation consists of 10 steps:</p>
<ol style="list-style-type:decimal">
<li value="1" class="p_Normal" style="line-height: 1.20;"><a href="configure-postgresql.html#preparation-node" class="topiclink">Prepare nodes (servers)</a>.</li><li value="2" class="p_Normal" style="line-height: 1.20;"><a href="configure-postgresql.html#preparation-etcd" class="topiclink">Prepare the etcd cluster</a>.</li><li value="3" class="p_Normal" style="line-height: 1.20;"><a href="configure-postgresql.html#install-postgresql" class="topiclink">Install PostgreSQL</a>.</li><li value="4" class="p_Normal" style="line-height: 1.20;"><a href="configure-postgresql.html#setting-postgresql" class="topiclink">Configure PostgreSQL</a>.</li><li value="5" class="p_Normal" style="line-height: 1.20;"><a href="configure-postgresql.html#install-patroni" class="topiclink">Install Patroni</a>.</li><li value="6" class="p_Normal" style="line-height: 1.20;"><a href="configure-postgresql.html#setting-patroni" class="topiclink">Configure Patroni</a>.</li><li value="7" class="p_Normal" style="line-height: 1.20;"><a href="configure-postgresql.html#preparation-postgresql-patroni" class="topiclink">Prepare the PostgreSQL+Patroni cluster</a>.</li><li value="8" class="p_Normal" style="line-height: 1.20;"><a href="configure-postgresql.html#prepare-pgbouncer" class="topiclink">Prepare PGBouncer (optional)</a>.</li><li value="9" class="p_Normal" style="line-height: 1.20;"><a href="configure-postgresql.html#haproxy-configuration" class="topiclink">Configure HAProxy (postgres block)</a>.</li><li value="10" class="p_Normal" style="line-height: 1.20;"><a href="configure-postgresql.html#connecting-to-postgresql" class="topiclink">Connect to PostgreSQL</a>.</li></ol>
<h2 class="p_Heading2"><a id="preparation-node" class="hmanchor"></a><span class="f_Heading2">Step 1: Prepare nodes (servers)</span></h2>
<p class="p_Normal">Create three nodes (servers) with sequentially numbered host names.</p>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">начало&nbsp;внимание</span></p>
<p class="p_Normal">The minimum number of servers for organizing a cluster is three.</p>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">конец&nbsp;внимание</span></p>
<p class="p_Normal" style="line-height: 1.50;"><span style="font-size: 15px;">In this example, three nodes with the following hostnames and IP addresses are used:</span></p>
<ul style="list-style-type:disc">
<li class="p_Normal"><span style="font-weight: bold;">postgres-server1.your_domain, 192.168.1.1</span>;</li><li class="p_Normal"><span style="font-weight: bold;">postgres-server2.your_domain, 192.168.1.2</span>;</li><li class="p_Normal"><span style="font-weight: bold;">postgres-server3.your_domain, 192.168.1.3</span>.</li></ul>
<p class="p_Normal">Create the necessary host name mappings in DNS. If not possible, add the required entries in <code><b>/etc/hosts</b></code>.</p>
<h2 class="p_Heading2"><a id="preparation-etcd" class="hmanchor"></a><span class="f_Heading2">Step 2: Prepare the etcd cluster</span></h2>
<ol style="list-style-type:upper-roman">
<li value="1" class="p_Normal" style="line-height: 1.68; margin-top: 10px; margin-right: 0; margin-bottom: 0;">Install <code><b>etcd</b></code> on all nodes:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo&nbsp;apt-</span><span class="f_CodeExample" style="font-weight: bold;">get</span><span class="f_CodeExample">&nbsp;install&nbsp;etcd&nbsp;-y</span></p>
<ol style="list-style-type:upper-roman" start="2">
<li value="2" class="p_Normal" style="line-height: 1.68;">Stop <code><b>etcd</b></code> on all nodes:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo&nbsp;systemctl&nbsp;stop&nbsp;etcd</span></p>
<ol style="list-style-type:upper-roman" start="2">
<li value="3" class="p_Normal" style="line-height: 1.68;">Remove the data directory:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo&nbsp;rm&nbsp;-rf&nbsp;/</span><span class="f_CodeExample" style="font-weight: bold;">var</span><span class="f_CodeExample">/lib/etcd</span><span class="f_CodeExample" style="font-style: italic;">/*</span></p>
<ol style="list-style-type:upper-roman" start="2">
<li value="4" class="p_Normal" style="line-height: 1.68;">Move the default configuration file:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo&nbsp;mv&nbsp;/etc/default/etcd{,.original}</span></p>
<ol style="list-style-type:upper-roman" start="5">
<li value="5" class="p_Normal" style="line-height: 1.68;">Create and open a new configuration file for editing:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo&nbsp;nano&nbsp;/etc/default/etcd</span></p>
<ol style="list-style-type:upper-roman" start="6">
<li value="6" class="p_Normal" style="line-height: 1.68;">Add the example configurations for the<span style="font-weight: bold;"> postgres-server1.your_domain</span> node:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">ETCD_NAME=&quot;postgres-server1&quot;</span><br />
<span class="f_CodeExample">ETCD_DATA_DIR=&quot;/var/lib/etcd/default&quot;</span><br />
<span class="f_CodeExample">ETCD_HEARTBEAT_INTERVAL=&quot;1000&quot;</span><br />
<span class="f_CodeExample">ETCD_ELECTION_TIMEOUT=&quot;5000&quot;</span><br />
<span class="f_CodeExample">ETCD_LISTEN_PEER_URLS=&quot;http://192.168.1.1:2380&quot;</span><br />
<span class="f_CodeExample">ETCD_LISTEN_CLIENT_URLS=&quot;http://192.168.1.1:2379,http://localhost:2379&quot;</span><br />
<span class="f_CodeExample">ETCD_INITIAL_ADVERTISE_PEER_URLS=&quot;http://192.168.1.1:2380&quot;</span><br />
<span class="f_CodeExample">ETCD_INITIAL_CLUSTER=&quot;postgres-server1=http://192.168.1.1:2380,postgres-server2=http://192.168.1.2:2380,postgres-server3=http://192.168.1.3:2380&quot;</span><br />
<span class="f_CodeExample">ETCD_INITIAL_CLUSTER_STATE=&quot;new&quot;</span><br />
<span class="f_CodeExample">ETCD_INITIAL_CLUSTER_TOKEN=&quot;etcd-postgres-cluster&quot;</span><br />
<span class="f_CodeExample">ETCD_ADVERTISE_CLIENT_URLS=&quot;http://192.168.1.1:2379&quot;</span><br />
<span class="f_CodeExample">ETCD_ENABLE_V2=&quot;true&quot;</span><br />
<span class="f_CodeExample">ETCD_INITIAL_ELECTION_TICK_ADVANCE=&quot;false&quot;</span></p>
<p class="p_Normal"><a class="dropdown-toggle" style="font-style: normal; font-weight: normal; color: #000000; background-color: transparent; text-decoration: none;" href="javascript:HMToggle('toggle','TOGGLE0186A1')">Example configurations with enabling TLS/SSL for the postgres-server1.your_domain node:</a></p>
<div id="TOGGLE0186A1" class="dropdown-toggle-body" style="text-align: left; text-indent: 0; line-height: 1.80; padding: 0 0 0 0; margin: 0 0 0 0;"><table style="border:none; border-spacing:0;">
<tr>
<td style="vertical-align:top; padding:0; border:none"><p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">ETCD_NAME=&quot;postgres-server1&quot;</span><br />
<span class="f_CodeExample">ETCD_DATA_DIR=&quot;/var/lib/etcd/default&quot;</span><br />
<span class="f_CodeExample">ETCD_HEARTBEAT_INTERVAL=&quot;1000&quot;</span><br />
<span class="f_CodeExample">ETCD_ELECTION_TIMEOUT=&quot;5000&quot;</span><br />
<span class="f_CodeExample">ETCD_LISTEN_PEER_URLS=&quot;https://192.168.1.1:2380&quot;</span><br />
<span class="f_CodeExample">ETCD_LISTEN_CLIENT_URLS=&quot;https://192.168.1.1:2379,https://localhost:2379&quot;</span><br />
<span class="f_CodeExample">ETCD_INITIAL_ADVERTISE_PEER_URLS=&quot;https://postgres-server1.your_domain:2380&quot;</span><br />
<span class="f_CodeExample">ETCD_INITIAL_CLUSTER=&quot;postgres-server1=https://postgres-server1.your_domain:2380,postgres-server2=https://postgres-server2.your_domain:2380,postgres-server3=https://postgres-server3.your_domain:2380&quot;</span><br />
<span class="f_CodeExample">ETCD_INITIAL_CLUSTER_STATE=&quot;new&quot;</span><br />
<span class="f_CodeExample">ETCD_INITIAL_CLUSTER_TOKEN=&quot;etcd-postgres-cluster&quot;</span><br />
<span class="f_CodeExample">ETCD_ADVERTISE_CLIENT_URLS=&quot;https://postgres-server1.your_domain:2379&quot;</span><br />
<span class="f_CodeExample">ETCD_ENABLE_V2=&quot;true&quot;</span><br />
<span class="f_CodeExample">ETCD_CERT_FILE=&quot;/path/to/public.crt&quot;</span><br />
<span class="f_CodeExample">ETCD_KEY_FILE=&quot;/path/to/private.key&quot;</span><br />
<span class="f_CodeExample">ETCD_CLIENT_CERT_AUTH=&quot;true&quot;</span><br />
<span class="f_CodeExample">ETCD_TRUSTED_CA_FILE=&quot;/path/to/certCA.pem&quot;</span><br />
<span class="f_CodeExample">ETCD_PEER_CERT_FILE=&quot;/path/to/public.crt&quot;</span><br />
<span class="f_CodeExample">ETCD_PEER_KEY_FILE=&quot;/path/to/private.key&quot;</span><br />
<span class="f_CodeExample">ETCD_PEER_CLIENT_CERT_AUTH=&quot;true&quot;</span><br />
<span class="f_CodeExample">ETCD_PEER_TRUSTED_CA_FILE=&quot;/path/to/certCA.pem&quot;</span><br />
<span class="f_CodeExample">ETCD_INITIAL_ELECTION_TICK_ADVANCE=&quot;false&quot;</span></p>
</td>
</tr>
</table>
</div>
<ol style="list-style-type:upper-roman" start="7">
<li value="7" class="p_Normal" style="line-height: 1.68;">Add the example configurations to the file for the <span style="font-weight: bold;">postgres-server2.your_domain </span>node:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">ETCD_NAME=&quot;postgres-server2&quot;</span><br />
<span class="f_CodeExample">ETCD_DATA_DIR=&quot;/var/lib/etcd/default&quot;</span><br />
<span class="f_CodeExample">ETCD_HEARTBEAT_INTERVAL=&quot;1000&quot;</span><br />
<span class="f_CodeExample">ETCD_ELECTION_TIMEOUT=&quot;5000&quot;</span><br />
<span class="f_CodeExample">ETCD_LISTEN_PEER_URLS=&quot;http://192.168.1.2:2380&quot;</span><br />
<span class="f_CodeExample">ETCD_LISTEN_CLIENT_URLS=&quot;http://192.168.1.2:2379,http://127.0.0.1:2379&quot;</span><br />
<span class="f_CodeExample">ETCD_INITIAL_ADVERTISE_PEER_URLS=&quot;http://192.168.1.2:12380&quot;</span><br />
<span class="f_CodeExample">ETCD_INITIAL_CLUSTER=&quot;postgres-server1=http://192.168.1.1:12380,postgres-server2=http://192.168.1.2:12380,postgres-server3=http://192.168.1.3:2380&quot;</span><br />
<span class="f_CodeExample">ETCD_INITIAL_CLUSTER_STATE=&quot;new&quot;</span><br />
<span class="f_CodeExample">ETCD_INITIAL_CLUSTER_TOKEN=&quot;etcd-postgres-cluster&quot;</span><br />
<span class="f_CodeExample">ETCD_ADVERTISE_CLIENT_URLS=&quot;http://192.168.1.2:2379&quot;</span><br />
<span class="f_CodeExample">ETCD_ENABLE_V2=&quot;true&quot;</span><br />
<span class="f_CodeExample">ETCD_INITIAL_ELECTION_TICK_ADVANCE=&quot;false&quot;</span></p>
<p class="p_Normal"><a class="dropdown-toggle" style="font-style: normal; font-weight: normal; color: #000000; background-color: transparent; text-decoration: none;" href="javascript:HMToggle('toggle','TOGGLE0186A2')">Example configurations with enabling TLS/SSL for the postgres-server2.your_domain:</a></p>
<div id="TOGGLE0186A2" class="dropdown-toggle-body" style="text-align: left; text-indent: 0; line-height: 1.80; padding: 0 0 0 0; margin: 0 0 0 0;"><table style="border:none; border-spacing:0;">
<tr>
<td style="vertical-align:top; padding:0; border:none"><p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">ETCD_NAME=&quot;postgres-server2&quot;</span><br />
<span class="f_CodeExample">ETCD_DATA_DIR=&quot;/var/lib/etcd/default&quot;</span><br />
<span class="f_CodeExample">ETCD_HEARTBEAT_INTERVAL=&quot;1000&quot;</span><br />
<span class="f_CodeExample">ETCD_ELECTION_TIMEOUT=&quot;5000&quot;</span><br />
<span class="f_CodeExample">ETCD_LISTEN_PEER_URLS=&quot;https://192.168.1.2:2380&quot;</span><br />
<span class="f_CodeExample">ETCD_LISTEN_CLIENT_URLS=&quot;https://192.168.1.2:2379,https://localhost:2379&quot;</span><br />
<span class="f_CodeExample">ETCD_INITIAL_ADVERTISE_PEER_URLS=&quot;https://postgres-server2.your_domain:2380&quot;</span><br />
<span class="f_CodeExample">ETCD_INITIAL_CLUSTER=&quot;postgres-server1=https://postgres-server1.your_domain:2380,postgres-server2=https://postgres-server2.your_domain:2380,postgres-server3=https://postgres-server3.your_domain:2380&quot;</span><br />
<span class="f_CodeExample">ETCD_INITIAL_CLUSTER_STATE=&quot;new&quot;</span><br />
<span class="f_CodeExample">ETCD_INITIAL_CLUSTER_TOKEN=&quot;etcd-postgres-cluster&quot;</span><br />
<span class="f_CodeExample">ETCD_ADVERTISE_CLIENT_URLS=&quot;https://postgres-server2.your_domain:2379&quot;</span><br />
<span class="f_CodeExample">ETCD_ENABLE_V2=&quot;true&quot;</span><br />
<span class="f_CodeExample">ETCD_CERT_FILE=&quot;/path/to/public.crt&quot;</span><br />
<span class="f_CodeExample">ETCD_KEY_FILE=&quot;/path/to/private.key&quot;</span><br />
<span class="f_CodeExample">ETCD_CLIENT_CERT_AUTH=&quot;true&quot;</span><br />
<span class="f_CodeExample">ETCD_TRUSTED_CA_FILE=&quot;/path/to/certCA.pem&quot;</span><br />
<span class="f_CodeExample">ETCD_PEER_CERT_FILE=&quot;/path/to/public.crt&quot;</span><br />
<span class="f_CodeExample">ETCD_PEER_KEY_FILE=&quot;/path/to/private.key&quot;</span><br />
<span class="f_CodeExample">ETCD_PEER_CLIENT_CERT_AUTH=&quot;true&quot;</span><br />
<span class="f_CodeExample">ETCD_PEER_TRUSTED_CA_FILE=&quot;/path/to/certCA.pem&quot;</span><br />
<span class="f_CodeExample">ETCD_INITIAL_ELECTION_TICK_ADVANCE=&quot;false&quot;</span></p>
</td>
</tr>
</table>
</div>
<ol style="list-style-type:upper-roman" start="8">
<li value="8" class="p_Normal" style="line-height: 1.68;">Add the example configurations to the file for the <span style="font-weight: bold;">postgres-server3.your_domain </span>node:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">ETCD_NAME=&quot;postgres-server3&quot;</span><br />
<span class="f_CodeExample">ETCD_DATA_DIR=&quot;/var/lib/etcd/default&quot;</span><br />
<span class="f_CodeExample">ETCD_HEARTBEAT_INTERVAL=&quot;1000&quot;</span><br />
<span class="f_CodeExample">ETCD_ELECTION_TIMEOUT=&quot;5000&quot;</span><br />
<span class="f_CodeExample">ETCD_LISTEN_PEER_URLS=&quot;http://192.168.1.3:2380&quot;</span><br />
<span class="f_CodeExample">ETCD_LISTEN_CLIENT_URLS=&quot;http://192.168.1.3:2379,http://localhost:2379&quot;</span><br />
<span class="f_CodeExample">ETCD_INITIAL_ADVERTISE_PEER_URLS=&quot;http://192.168.1.3:2380&quot;</span><br />
<span class="f_CodeExample">ETCD_INITIAL_CLUSTER=&quot;postgres-server1=http://192.168.1.1:2380,postgres-server2=http://192.168.1.2:2380,postgres-server3=http://192.168.1.3:2380&quot;</span><br />
<span class="f_CodeExample">ETCD_INITIAL_CLUSTER_STATE=&quot;new&quot;</span><br />
<span class="f_CodeExample">ETCD_INITIAL_CLUSTER_TOKEN=&quot;etcd-postgres-cluster&quot;</span><br />
<span class="f_CodeExample">ETCD_ADVERTISE_CLIENT_URLS=&quot;http://192.168.1.3:2379&quot;</span><br />
<span class="f_CodeExample">ETCD_ENABLE_V2=&quot;true&quot;</span><br />
<span class="f_CodeExample">ETCD_INITIAL_ELECTION_TICK_ADVANCE=&quot;false&quot;</span></p>
<p class="p_CodeExample" style="page-break-inside: avoid;"><a class="dropdown-toggle" style="font-style: normal; font-weight: normal; color: #000000; background-color: transparent; text-decoration: none;" href="javascript:HMToggle('toggle','TOGGLE0186A3')">Example&nbsp;configurations&nbsp;with&nbsp;enabling&nbsp;TLS/SSL&nbsp;for&nbsp;the&nbsp;postgres-server3.your_domain:</a></p>
<div id="TOGGLE0186A3" class="dropdown-toggle-body" style="text-align: left; text-indent: 0; line-height: 1.0; page-break-inside: avoid; padding: 0 0 0 0; margin: 0 0 0 0;"><table style="border:none; border-spacing:0;">
<tr>
<td style="vertical-align:top; padding:0; border:none"><p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">ETCD_NAME=&quot;postgres-server3&quot;</span><br />
<span class="f_CodeExample">ETCD_DATA_DIR=&quot;/var/lib/etcd/default&quot;</span><br />
<span class="f_CodeExample">ETCD_HEARTBEAT_INTERVAL=&quot;1000&quot;</span><br />
<span class="f_CodeExample">ETCD_ELECTION_TIMEOUT=&quot;5000&quot;</span><br />
<span class="f_CodeExample">ETCD_LISTEN_PEER_URLS=&quot;https://192.168.1.3:2380&quot;</span><br />
<span class="f_CodeExample">ETCD_LISTEN_CLIENT_URLS=&quot;https://192.168.1.3:2379,https://localhost:2379&quot;</span><br />
<span class="f_CodeExample">ETCD_INITIAL_ADVERTISE_PEER_URLS=&quot;https://postgres-server3.your_domain:2380&quot;</span><br />
<span class="f_CodeExample">ETCD_INITIAL_CLUSTER=&quot;postgres-server1=https://postgres-server1.your_domain:2380,postgres-server2=https://postgres-server2.your_domain:2380,postgres-server3=https://postgres-server3.your_domain:2380&quot;</span><br />
<span class="f_CodeExample">ETCD_INITIAL_CLUSTER_STATE=&quot;new&quot;</span><br />
<span class="f_CodeExample">ETCD_INITIAL_CLUSTER_TOKEN=&quot;etcd-postgres-cluster&quot;</span><br />
<span class="f_CodeExample">ETCD_ADVERTISE_CLIENT_URLS=&quot;https://postgres-server3.your_domain:2379&quot;</span><br />
<span class="f_CodeExample">ETCD_ENABLE_V2=&quot;true&quot;</span><br />
<span class="f_CodeExample">ETCD_CERT_FILE=&quot;/path/to/public.crt&quot;</span><br />
<span class="f_CodeExample">ETCD_KEY_FILE=&quot;/path/to/private.key&quot;</span><br />
<span class="f_CodeExample">ETCD_CLIENT_CERT_AUTH=&quot;true&quot;</span><br />
<span class="f_CodeExample">ETCD_TRUSTED_CA_FILE=&quot;/path/to/certCA.pem&quot;</span><br />
<span class="f_CodeExample">ETCD_PEER_CERT_FILE=&quot;/path/to/public.crt&quot;</span><br />
<span class="f_CodeExample">ETCD_PEER_KEY_FILE=&quot;/path/to/private.key&quot;</span><br />
<span class="f_CodeExample">ETCD_PEER_CLIENT_CERT_AUTH=&quot;true&quot;</span><br />
<span class="f_CodeExample">ETCD_PEER_TRUSTED_CA_FILE=&quot;/path/to/certCA.pem&quot;</span><br />
<span class="f_CodeExample">ETCD_INITIAL_ELECTION_TICK_ADVANCE=&quot;false&quot;</span></p>
</td>
</tr>
</table>
</div>
<p class="p_Normal" style="line-height: 1.68;">Let's review the provided parameters:</p>
<ul style="list-style-type:disc">
<li class="p_Normal" style="line-height: 1.68;"><code><b>ETCD_NAME</b></code>: Unique name within the cluster;</li><li class="p_Normal" style="line-height: 1.68;"><code><b>ETCD_LISTEN_CLIENT_URLS</b></code>: Connection point for clients in the cluster;</li><li class="p_Normal" style="line-height: 1.68;"><code><b>ETCD_ADVERTISE_CLIENT_URLS</b></code>: URLs through which other cluster nodes can be found.;</li><li class="p_Normal" style="line-height: 1.68;"><code><b>ETCD_LISTEN_PEER_URLS</b></code>: Connection point for other nodes in the cluster;</li><li class="p_Normal" style="line-height: 1.68;"><code><b>ETCD_INITIAL_ADVERTISE_PEER_URLS</b></code>: Initial URLs through which other nodes can find it;</li><li class="p_Normal" style="line-height: 1.68;"><code><b>ETCD_INITIAL_CLUSTER_TOKEN</b></code>: Token for the cluster, must be the same on all nodes.;</li><li class="p_Normal" style="line-height: 1.68;"><code><b>ETCD_INITIAL_CLUSTER</b></code>: List of nodes in the cluster at startup;</li><li class="p_Normal" style="line-height: 1.68;"><code><b>ETCD_INITIAL_CLUSTER_STATE</b></code>: Can take two values: <code><b>new</b></code> and <code><b>existing</b></code>;</li><li class="p_Normal" style="line-height: 1.68;"><code><b>ETCD_DATA_DIR</b></code>: Location of the cluster's data directory;</li><li class="p_Normal" style="line-height: 1.68;"><code><b>ETCD_ELECTION_TIMEOUT</b></code>: Time in milliseconds between the last received notification from the cluster leader and attempting to take over the leader role on the follower node;</li><li class="p_Normal" style="line-height: 1.68;"><code><b>ETCD_HEARTBEAT_INTERVAL</b></code>: Time in milliseconds between leader notifications sent by the leader node to inform others that it is still the leader;</li><li class="p_Normal" style="line-height: 1.68;"><code><b>ETCD_CERT_FILE</b></code>: Path to the server certificate file;</li><li class="p_Normal" style="line-height: 1.68;"><code><b>ETCD_KEY_FILE</b></code>: Path to the private key file;</li><li class="p_Normal" style="line-height: 1.68;"><code><b>ETCD_TRUSTED_CA_FILE</b></code>: Path to the root CA file;</li><li class="p_Normal" style="line-height: 1.68;"><code><b>ETCD_CLIENT_CERT_AUTH</b></code>: Can take two values: <code><b>true</b></code> and <code><b>false</b></code>;</li><li class="p_Normal" style="line-height: 1.68;"><code><b>ETCD_PEER_CERT_FILE</b></code>: Path to the server certificate file;</li><li class="p_Normal" style="line-height: 1.68;"><code><b>ETCD_PEER_KEY_FILE</b></code>: Path to the private key file;</li><li class="p_Normal" style="line-height: 1.68;"><code><b>ETCD_PEER_TRUSTED_CA_FILE</b></code>: Path to the root CA file;</li><li class="p_Normal" style="line-height: 1.68;"><code><b>ETCD_PEER_CLIENT_CERT_AUTH</b></code>: Can take two values: <code><b>true</b></code> and <code><b>false</b></code>;</li></ul>
<ol style="list-style-type:upper-roman" start="9">
<li value="9" class="p_Normal" style="line-height: 1.68;">Restart <code><b>etcd</b></code> on all nodes:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo&nbsp;systemctl&nbsp;restart&nbsp;etcd</span></p>
<ol style="list-style-type:upper-roman" start="10">
<li value="10" class="p_Normal" style="line-height: 1.68;">Check the cluster status.</li></ol>
<p class="p_Normal" style="line-height: 1.68;">For a cluster without TLS:</p>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo&nbsp;etcdctl&nbsp;cluster-health</span></p>
<p class="p_Normal">For a cluster with TLS:</p>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo&nbsp;etcdctl&nbsp;-C&nbsp;https:</span><span class="f_CodeExample">//postgres-server1.your_domain:2379&nbsp;--key-file&nbsp;/path/to/private.key&nbsp;--cert-file&nbsp;/path/to/public.crt&nbsp;--ca-file&nbsp;/path/to/certCA.pem&nbsp;cluster-health</span></p>
<h2 class="p_Heading2"><a id="install-postgresql" class="hmanchor"></a><span class="f_Heading2">Step 3: Install PostgreSQL</span></h2>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">начало&nbsp;внимание</span></p>
<p class="p_Normal">Hardware requirements for BRIX on PostgreSQL can be found in <a href="elma365-enterprise-on-premises.html#postgresql" class="topiclink">System requirements for BRIX On-Premises Enterprise</a>.</p>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">конец&nbsp;внимание</span></p>
<ol style="list-style-type:upper-roman">
<li value="1" class="p_Normal">To install PostgreSQL, add the official repository <code><b>postgresql</b></code>:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo&nbsp;sh&nbsp;-c&nbsp;'echo&nbsp;&quot;deb&nbsp;http://apt.postgresql.org/pub/repos/apt&nbsp;$(lsb_release&nbsp;-cs)-pgdg&nbsp;main&quot;&nbsp;&gt;&nbsp;/etc/apt/sources.list.d/pgdg.list'</span><br />
<span class="f_CodeExample">wget&nbsp;--quiet&nbsp;-O&nbsp;-&nbsp;https:</span><span class="f_CodeExample">//www.postgresql.org/media/keys/ACCC4CF8.asc&nbsp;|&nbsp;sudo&nbsp;apt-key&nbsp;add&nbsp;-</span></p>
<ol style="list-style-type:upper-roman" start="2">
<li value="2" class="p_Normal">Update package cache:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo&nbsp;apt&nbsp;update</span></p>
<ol style="list-style-type:upper-roman" start="3">
<li value="3" class="p_Normal">Install PostgreSQL on all nodes:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo&nbsp;apt&nbsp;install&nbsp;postgresql-13&nbsp;-y</span></p>
<h2 class="p_Heading2"><a id="setting-postgresql" class="hmanchor"></a><span class="f_Heading2">Step 4: Configure PostgreSQL</span></h2>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">начало&nbsp;примечание</span></p>
<p class="p_Normal"><span style="font-weight: bold;">Note</span></p>
<p class="p_Normal">For the password, the following characters are allowed:</p>
<ul style="list-style-type:disc">
<li class="p_Normal">Uppercase Latin letters: A to Z</li><li class="p_Normal">Lowercase Latin letters: a to z</li><li class="p_Normal">Digits: 0 to 9</li><li class="p_Normal">Symbols: -_</li></ul>
<p class="p_Normal">Reserved (invalid) symbols:</p>
<p class="p_Normal">! * ' ( ) ; : @ &amp; = + $ , / ? % # [ ]</p>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">конец&nbsp;примечание</span></p>
<h4 class="p_Heading4"><span class="f_Heading4">Actions for the node postgres-server1.your_domain:</span></h4>
<ol style="list-style-type:upper-roman">
<li value="1" class="p_Normal">Create a new role <code><b>elma365</b></code> with the password <span style="font-weight: bold;">SecretPassword</span>:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo&nbsp;-u&nbsp;postgres&nbsp;psql&nbsp;-c&nbsp;\</span><br />
<span class="f_CodeExample">&quot;CREATE&nbsp;ROLE&nbsp;elma365&nbsp;WITH&nbsp;login&nbsp;password&nbsp;'SecretPassword';&quot;</span></p>
<ol style="list-style-type:upper-roman" start="2">
<li value="2" class="p_Normal">Create a database <code><b>elma365</b></code> with owner <span style="font-weight: bold;">elma365</span>:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo&nbsp;-u&nbsp;postgres&nbsp;psql&nbsp;-c&nbsp;\</span><br />
<span class="f_CodeExample">&quot;CREATE&nbsp;DATABASE&nbsp;elma365&nbsp;WITH&nbsp;OWNER&nbsp;elma365;&quot;</span></p>
<ol style="list-style-type:upper-roman" start="3">
<li value="3" class="p_Normal">Add necessary extensions for the database <code><b>elma365</b></code>:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo&nbsp;-u&nbsp;postgres&nbsp;psql&nbsp;-d&nbsp;elma365&nbsp;-c&nbsp;\</span><br />
<span class="f_CodeExample">&quot;CREATE&nbsp;EXTENSION&nbsp;\&quot;uuid-ossp\&quot;;&nbsp;CREATE&nbsp;EXTENSION&nbsp;pg_trgm;&quot;</span></p>
<ol style="list-style-type:upper-roman" start="4">
<li value="4" class="p_Normal">Create a new role <code><b>replicator</b></code> with the password <span style="font-weight: bold;">ReplicatorPassword</span> for working with replicas. It must match the Patroni settings in the block <code><b>postgresql - authentication - replication</b></code> and the list of allowed PostgreSQL hosts in the file <code><b>pg_hba.conf</b></code>:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo&nbsp;-u&nbsp;postgres&nbsp;psql&nbsp;-c&nbsp;\</span><br />
<span class="f_CodeExample">&quot;CREATE&nbsp;USER&nbsp;replicator&nbsp;WITH&nbsp;REPLICATION&nbsp;ENCRYPTED&nbsp;PASSWORD&nbsp;'ReplicatorPassword';&quot;</span></p>
<ol style="list-style-type:upper-roman" start="5">
<li value="5" class="p_Normal">Set a password for the <span style="font-weight: bold;">postgres</span> user:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo&nbsp;-u&nbsp;postgres&nbsp;psql&nbsp;-c&nbsp;&quot;ALTER&nbsp;USER&nbsp;postgres&nbsp;PASSWORD&nbsp;'PostgresPassword';&quot;</span></p>
<ol style="list-style-type:upper-roman" start="6">
<li value="6" class="p_Normal">Stop PostgreSQL:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">systemctl&nbsp;stop&nbsp;postgresql</span></p>
<h4 class="p_Heading4"><span class="f_Heading4">Actions for the nodes postgres-server2.your_domain and postgres-server3.your_domain:</span></h4>
<ol style="list-style-type:upper-roman">
<li value="1" class="p_Normal"> Stop PostgreSQL:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">systemctl&nbsp;stop&nbsp;postgresql</span></p>
<ol style="list-style-type:upper-roman" start="2">
<li value="2" class="p_Normal">Remove the data directory on the nodes <span style="font-weight: bold;">postgres-server2.your_domain</span> and <span style="font-weight: bold;">postgres-server3.your_domain</span>:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">rm&nbsp;-rf&nbsp;/</span><span class="f_CodeExample" style="font-weight: bold;">var</span><span class="f_CodeExample">/lib/postgresql/13/main</span></p>
<h2 class="p_Heading2"><a id="install-patroni" class="hmanchor"></a><span class="f_Heading2">Step 5: Install Patroni</span></h2>
<ol style="list-style-type:upper-roman">
<li value="1" class="p_Normal">Install Patroni and PIP on all nodes:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo&nbsp;apt-get&nbsp;install&nbsp;python3-pip&nbsp;python3-dev&nbsp;libpq-dev&nbsp;-y</span><br />
<span class="f_CodeExample">sudo&nbsp;apt-get&nbsp;install&nbsp;patroni&nbsp;-y</span></p>
<ol style="list-style-type:upper-roman" start="2">
<li value="2" class="p_Normal">Install dependencies for Patroni to work on all nodes:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">pip3&nbsp;install&nbsp;psycopg2-binary</span><br />
<span class="f_CodeExample">pip3&nbsp;install&nbsp;wheel</span><br />
<span class="f_CodeExample">pip3&nbsp;install&nbsp;python-etcd</span></p>
<h2 class="p_Heading2"><a id="setting-patroni" class="hmanchor"></a><span class="f_Heading2">Step 6: Configure Patroni</span></h2>
<ol style="list-style-type:upper-roman">
<li value="1" class="p_Normal">Create a configuration file:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo&nbsp;nano&nbsp;/etc/patroni/config.yml</span></p>
<ol style="list-style-type:upper-roman" start="2">
<li value="2" class="p_Normal">Place an example initial configuration in the created <code><b>/etc/patroni/config.yml</b></code> file, changing the IP addresses for each node in the cluster. Pay attention to the comments in this file.</li></ol>
<p class="p_Normal"><a class="dropdown-toggle" style="font-style: normal; font-weight: normal; color: #000000; background-color: transparent; text-decoration: none;" href="javascript:HMToggle('toggle','TOGGLE0186A4')">Example initial configuration </a></p>
<div id="TOGGLE0186A4" class="dropdown-toggle-body" style="text-align: left; text-indent: 0; line-height: 1.80; padding: 0 0 0 0; margin: 0 0 0 0;"><table style="border:none; border-spacing:0;">
<tr>
<td style="vertical-align:top; padding:0; border:none"><p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">scope:&nbsp;postgres-cluster&nbsp;#&nbsp;the&nbsp;same&nbsp;value&nbsp;on&nbsp;all&nbsp;nodes</span><br />
<span class="f_CodeExample">name:&nbsp;postgresql-server1&nbsp;#&nbsp;different&nbsp;values&nbsp;on&nbsp;all&nbsp;nodes</span><br />
<span class="f_CodeExample">namespace:&nbsp;/service/&nbsp;#&nbsp;the&nbsp;same&nbsp;value&nbsp;on&nbsp;all&nbsp;nodes</span><br />
<span class="f_CodeExample">&nbsp;</span><br />
<span class="f_CodeExample">restapi:</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;listen:&nbsp;postgres-server1.your_domain:8008&nbsp;#&nbsp;address&nbsp;of&nbsp;the&nbsp;node&nbsp;where&nbsp;the&nbsp;file&nbsp;is</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;connect_address:&nbsp;postgres-server1.your_domain:8008&nbsp;#&nbsp;address&nbsp;of&nbsp;the&nbsp;node&nbsp;where&nbsp;the&nbsp;file&nbsp;is</span><br />
<span class="f_CodeExample">&nbsp;</span><br />
<span class="f_CodeExample">etcd:</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;hosts:&nbsp;postgres-server1.your_domain:2379,postgres-server2.your_domain:2379,postgres-server3.your_domain:2379&nbsp;#&nbsp;list&nbsp;of&nbsp;all&nbsp;the&nbsp;nodes&nbsp;with&nbsp;installed&nbsp;etcd</span><br />
<span class="f_CodeExample">&nbsp;</span><br />
<span class="f_CodeExample">bootstrap:</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;method:&nbsp;initdb</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;dcs:</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;ttl:&nbsp;30</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;loop_wait:&nbsp;10</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;retry_timeout:&nbsp;10</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;maximum_lag_on_failover:&nbsp;1048576</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;master_start_timeout:&nbsp;300</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;synchronous_mode:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">false</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;synchronous_mode_strict:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">false</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;synchronous_node_count:&nbsp;1</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;postgresql:</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;use_pg_rewind:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">true</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;use_slots:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">true</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;parameters:</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;max_connections:&nbsp;2000</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;superuser_reserved_connections:&nbsp;5</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;max_locks_per_transaction:&nbsp;64</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;max_prepared_transactions:&nbsp;0</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;huge_pages:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">try</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;shared_buffers:&nbsp;512MB</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;work_mem:&nbsp;128MB</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;maintenance_work_mem:&nbsp;256MB</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;effective_cache_size:&nbsp;4GB</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;checkpoint_timeout:&nbsp;15min</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;checkpoint_completion_target:&nbsp;0.9</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;wal_compression:&nbsp;on</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;min_wal_size:&nbsp;2GB</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;max_wal_size:&nbsp;4GB</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;wal_buffers:&nbsp;32MB</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;default_statistics_target:&nbsp;1000</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;seq_page_cost:&nbsp;1</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;random_page_cost:&nbsp;4</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;effective_io_concurrency:&nbsp;2</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;synchronous_commit:&nbsp;on</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;autovacuum:&nbsp;on</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;autovacuum_max_workers:&nbsp;5</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;autovacuum_vacuum_scale_factor:&nbsp;0.01</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;autovacuum_analyze_scale_factor:&nbsp;0.02</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;autovacuum_vacuum_cost_limit:&nbsp;200</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;autovacuum_vacuum_cost_delay:&nbsp;20</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;autovacuum_naptime:&nbsp;1s</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;max_files_per_process:&nbsp;4096</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;archive_mode:&nbsp;on</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;archive_timeout:&nbsp;1800s</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;archive_command:&nbsp;cd&nbsp;.</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;wal_level:&nbsp;replica</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;wal_keep_segments:&nbsp;130</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;max_wal_senders:&nbsp;10</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;max_replication_slots:&nbsp;10</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;hot_standby:&nbsp;on</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;hot_standby_feedback:&nbsp;True</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;wal_log_hints:&nbsp;on</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;shared_preload_libraries:&nbsp;pg_stat_statements,auto_explain</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;pg_stat_statements.max:&nbsp;10000</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;pg_stat_statements.track:&nbsp;all</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;pg_stat_statements.save:&nbsp;off</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;auto_explain.log_min_duration:&nbsp;10s</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;auto_explain.log_analyze:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">true</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;auto_explain.log_buffers:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">true</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;auto_explain.log_timing:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">false</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;auto_explain.log_triggers:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">true</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;auto_explain.log_verbose:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">true</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;auto_explain.log_nested_statements:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">true</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;standard_conforming_strings:&nbsp;true</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;track_io_timing:&nbsp;on</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;log_lock_waits:&nbsp;on</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;log_temp_files:&nbsp;3</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;track_activities:&nbsp;on</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;track_counts:&nbsp;on</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;track_functions:&nbsp;all</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;log_checkpoints:&nbsp;on</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;logging_collector:&nbsp;on</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;log_truncate_on_rotation:&nbsp;on</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;log_rotation_age:&nbsp;1d</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;log_rotation_size:&nbsp;0</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;log_line_prefix:&nbsp;'%t&nbsp;[%p-%l]&nbsp;%r&nbsp;%q%u@%d&nbsp;'</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;log_filename:&nbsp;'postgresql-%a.log'</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;log_directory:&nbsp;/</span><span class="f_CodeExample" style="font-weight: bold;">var</span><span class="f_CodeExample">/log/postgresql</span><br />
<span class="f_CodeExample">&nbsp;</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;initdb:&nbsp;#&nbsp;List&nbsp;options&nbsp;to&nbsp;be&nbsp;passed&nbsp;on&nbsp;to&nbsp;initdb</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;encoding:&nbsp;UTF8</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;locale:&nbsp;en_US.UTF-8</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;data-checksums</span><br />
<span class="f_CodeExample">&nbsp;</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;pg_hba:&nbsp;#&nbsp;must&nbsp;contain&nbsp;addresses&nbsp;of&nbsp;ALL&nbsp;the&nbsp;machines&nbsp;used&nbsp;in&nbsp;the&nbsp;cluster</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;local&nbsp;all&nbsp;postgres&nbsp;peer</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;local&nbsp;all&nbsp;all&nbsp;peer</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;host&nbsp;all&nbsp;all&nbsp;0.0.0.0/0&nbsp;md5</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;host&nbsp;replication&nbsp;replicator&nbsp;localhost&nbsp;trust</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;host&nbsp;replication&nbsp;replicator&nbsp;192.168.1.1/32&nbsp;md5</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;host&nbsp;replication&nbsp;replicator&nbsp;192.168.1.2/32&nbsp;md5</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;host&nbsp;replication&nbsp;replicator&nbsp;192.168.1.3/32&nbsp;md5</span><br />
<span class="f_CodeExample">&nbsp;</span><br />
<span class="f_CodeExample">postgresql:</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;listen:&nbsp;192.168.1.1,127.0.0.1:5432&nbsp;#&nbsp;address&nbsp;of&nbsp;the&nbsp;node&nbsp;where&nbsp;the&nbsp;file&nbsp;is</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;connect_address:&nbsp;192.168.1.1:5432&nbsp;#&nbsp;address&nbsp;of&nbsp;the&nbsp;node&nbsp;where&nbsp;the&nbsp;file&nbsp;is</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;use_unix_socket:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">true</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;data_dir:&nbsp;/</span><span class="f_CodeExample" style="font-weight: bold;">var</span><span class="f_CodeExample">/lib/postgresql/13/main&nbsp;#&nbsp;data&nbsp;directory</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;bin_dir:&nbsp;/usr/lib/postgresql/13/bin</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;config_dir:&nbsp;/etc/postgresql/13/main</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;pgpass:&nbsp;/</span><span class="f_CodeExample" style="font-weight: bold;">var</span><span class="f_CodeExample">/lib/postgresql/.pgpass_patroni</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;authentication:</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;replication:</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;username:&nbsp;replicator</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;password:&nbsp;ReplicatorPassword</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;superuser:</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;username:&nbsp;postgres</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;password:&nbsp;PostgresPassword</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;parameters:</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;unix_socket_directories:&nbsp;/</span><span class="f_CodeExample" style="font-weight: bold;">var</span><span class="f_CodeExample">/run/postgresql</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;pg_hba:&nbsp;#&nbsp;must&nbsp;contain&nbsp;addresses&nbsp;of&nbsp;ALL&nbsp;the&nbsp;machines&nbsp;used&nbsp;in&nbsp;the&nbsp;cluster</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;local&nbsp;all&nbsp;postgres&nbsp;peer</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;local&nbsp;all&nbsp;all&nbsp;peer</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;host&nbsp;all&nbsp;all&nbsp;0.0.0.0/0&nbsp;md5</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;host&nbsp;replication&nbsp;replicator&nbsp;localhost&nbsp;trust</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;host&nbsp;replication&nbsp;replicator&nbsp;192.168.1.1/32&nbsp;md5</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;host&nbsp;replication&nbsp;replicator&nbsp;192.168.1.2/32&nbsp;md5</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;host&nbsp;replication&nbsp;replicator&nbsp;192.168.1.3/32&nbsp;md5</span><br />
<span class="f_CodeExample">&nbsp;</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;remove_data_directory_on_rewind_failure:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">false</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;remove_data_directory_on_diverged_timelines:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">false</span><br />
<span class="f_CodeExample" style="font-weight: bold;">&nbsp;</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;create_replica_methods:</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;basebackup</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;basebackup:</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;max-rate:&nbsp;'100M'</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;checkpoint:&nbsp;'fast'</span><br />
<span class="f_CodeExample">&nbsp;</span><br />
<span class="f_CodeExample">watchdog:</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;mode:&nbsp;off&nbsp;#&nbsp;Allowed&nbsp;values:&nbsp;off,&nbsp;automatic,&nbsp;required</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;device:&nbsp;/dev/watchdog</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;safety_margin:&nbsp;5</span><br />
<span class="f_CodeExample">&nbsp;</span><br />
<span class="f_CodeExample">tags:</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;nofailover:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">false</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;noloadbalance:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">false</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;clonefrom:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">false</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;nosync:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">false</span></p>
</td>
</tr>
</table>
</div>
<p class="p_Normal"><a class="dropdown-toggle" style="font-style: normal; font-weight: normal; color: #000000; background-color: transparent; text-decoration: none;" href="javascript:HMToggle('toggle','TOGGLE0186A5')">Example initial configuration to enable TLS/SSL support in Patroni</a></p>
<div id="TOGGLE0186A5" class="dropdown-toggle-body" style="text-align: left; text-indent: 0; line-height: 1.80; padding: 0 0 0 0; margin: 0 0 0 0;"><table style="border:none; border-spacing:0;">
<tr>
<td style="vertical-align:top; padding:0; border:none"><p class="p_Normal">Place the example initial configuration with TLS/SSL in the file <code><b>/etc/patroni/config.yml</b></code>. Pay attention to the comments in this file:</p>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">scope:&nbsp;postgres-cluster&nbsp;#&nbsp;the&nbsp;same&nbsp;value&nbsp;on&nbsp;all&nbsp;nodes</span><br />
<span class="f_CodeExample">name:&nbsp;postgresql-server1&nbsp;#&nbsp;different&nbsp;values&nbsp;on&nbsp;all&nbsp;nodes</span><br />
<span class="f_CodeExample">namespace:&nbsp;/service/&nbsp;#&nbsp;the&nbsp;same&nbsp;value&nbsp;on&nbsp;all&nbsp;nodes</span><br />
<span class="f_CodeExample">&nbsp;</span><br />
<span class="f_CodeExample">restapi:</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;listen:&nbsp;postgres-server1.your_domain:8008&nbsp;#&nbsp;address&nbsp;of&nbsp;the&nbsp;node&nbsp;where&nbsp;the&nbsp;file&nbsp;is</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;connect_address:&nbsp;postgres-server1.your_domain:8008&nbsp;#&nbsp;address&nbsp;of&nbsp;the&nbsp;node&nbsp;where&nbsp;the&nbsp;file&nbsp;is</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;cafile:&nbsp;/path/to/pgCA.pem</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;certfile:&nbsp;/path/to/pg.crt&nbsp;#&nbsp;path&nbsp;to&nbsp;the&nbsp;server&nbsp;certificate&nbsp;file</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;keyfile:&nbsp;/path/to/pg.key&nbsp;#&nbsp;path&nbsp;to&nbsp;the&nbsp;private&nbsp;key&nbsp;file</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;verify_client:&nbsp;required&nbsp;#&nbsp;path&nbsp;to&nbsp;the&nbsp;root&nbsp;CA&nbsp;file</span><br />
<span class="f_CodeExample">&nbsp;</span><br />
<span class="f_CodeExample">etcd:</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;protocol:&nbsp;https</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;cert:&nbsp;/path/to/</span><span class="f_CodeExample" style="font-weight: bold;">public</span><span class="f_CodeExample">.crt&nbsp;#&nbsp;path&nbsp;to&nbsp;the&nbsp;server&nbsp;certificate&nbsp;file</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;key:&nbsp;/path/to/</span><span class="f_CodeExample" style="font-weight: bold;">private</span><span class="f_CodeExample">.key&nbsp;#&nbsp;path&nbsp;to&nbsp;the&nbsp;private&nbsp;key&nbsp;file</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;cacert:&nbsp;/path/to/certCA.pem&nbsp;#&nbsp;path&nbsp;to&nbsp;the&nbsp;root&nbsp;CA&nbsp;file</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;hosts:&nbsp;postgres-server1.your_domain:2379,postgres-server2.your_domain:2379,postgres-server3.your_domain:2379&nbsp;#&nbsp;list&nbsp;of&nbsp;all&nbsp;the&nbsp;nodes&nbsp;with&nbsp;installed&nbsp;etcd</span><br />
<span class="f_CodeExample">&nbsp;</span><br />
<span class="f_CodeExample">ctl:</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;insecure:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">false</span><span class="f_CodeExample">&nbsp;#&nbsp;Allow&nbsp;connections&nbsp;to&nbsp;SSL&nbsp;sites&nbsp;without&nbsp;certs</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;certfile:&nbsp;/path/to/pg.crt&nbsp;#&nbsp;path&nbsp;to&nbsp;the&nbsp;server&nbsp;certificate&nbsp;file</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;keyfile:&nbsp;/path/to/pg.key&nbsp;#&nbsp;path&nbsp;to&nbsp;the&nbsp;private&nbsp;key&nbsp;file</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;cacert:&nbsp;/path/to/pgCA.pem&nbsp;#&nbsp;path&nbsp;to&nbsp;the&nbsp;root&nbsp;CA&nbsp;file</span><br />
<span class="f_CodeExample">&nbsp;</span><br />
<span class="f_CodeExample">bootstrap:</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;method:&nbsp;initdb</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;dcs:</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;ttl:&nbsp;30</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;loop_wait:&nbsp;10</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;retry_timeout:&nbsp;10</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;maximum_lag_on_failover:&nbsp;1048576</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;master_start_timeout:&nbsp;300</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;synchronous_mode:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">false</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;synchronous_mode_strict:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">false</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;synchronous_node_count:&nbsp;1</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;postgresql:</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;use_pg_rewind:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">true</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;use_slots:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">true</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;parameters:</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;max_connections:&nbsp;2000</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;superuser_reserved_connections:&nbsp;5</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;max_locks_per_transaction:&nbsp;64</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;max_prepared_transactions:&nbsp;0</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;huge_pages:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">try</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;shared_buffers:&nbsp;512MB</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;work_mem:&nbsp;128MB</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;maintenance_work_mem:&nbsp;256MB</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;effective_cache_size:&nbsp;4GB</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;checkpoint_timeout:&nbsp;15min</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;checkpoint_completion_target:&nbsp;0.9</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;wal_compression:&nbsp;on</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;min_wal_size:&nbsp;2GB</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;max_wal_size:&nbsp;4GB</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;wal_buffers:&nbsp;32MB</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;default_statistics_target:&nbsp;1000</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;seq_page_cost:&nbsp;1</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;random_page_cost:&nbsp;4</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;effective_io_concurrency:&nbsp;2</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;synchronous_commit:&nbsp;on</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;autovacuum:&nbsp;on</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;autovacuum_max_workers:&nbsp;5</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;autovacuum_vacuum_scale_factor:&nbsp;0.01</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;autovacuum_analyze_scale_factor:&nbsp;0.02</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;autovacuum_vacuum_cost_limit:&nbsp;200</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;autovacuum_vacuum_cost_delay:&nbsp;20</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;autovacuum_naptime:&nbsp;1s</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;max_files_per_process:&nbsp;4096</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;archive_mode:&nbsp;on</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;archive_timeout:&nbsp;1800s</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;archive_command:&nbsp;cd&nbsp;.</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;wal_level:&nbsp;replica</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;wal_keep_segments:&nbsp;130</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;max_wal_senders:&nbsp;10</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;max_replication_slots:&nbsp;10</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;hot_standby:&nbsp;on</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;hot_standby_feedback:&nbsp;True</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;wal_log_hints:&nbsp;on</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;shared_preload_libraries:&nbsp;pg_stat_statements,auto_explain</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;pg_stat_statements.max:&nbsp;10000</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;pg_stat_statements.track:&nbsp;all</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;pg_stat_statements.save:&nbsp;off</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;auto_explain.log_min_duration:&nbsp;10s</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;auto_explain.log_analyze:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">true</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;auto_explain.log_buffers:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">true</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;auto_explain.log_timing:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">false</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;auto_explain.log_triggers:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">true</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;auto_explain.log_verbose:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">true</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;auto_explain.log_nested_statements:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">true</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;standard_conforming_strings:&nbsp;true</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;track_io_timing:&nbsp;on</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;log_lock_waits:&nbsp;on</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;log_temp_files:&nbsp;3</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;track_activities:&nbsp;on</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;track_counts:&nbsp;on</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;track_functions:&nbsp;all</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;log_checkpoints:&nbsp;on</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;logging_collector:&nbsp;on</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;log_truncate_on_rotation:&nbsp;on</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;log_rotation_age:&nbsp;1d</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;log_rotation_size:&nbsp;0</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;log_line_prefix:&nbsp;'%t&nbsp;[%p-%l]&nbsp;%r&nbsp;%q%u@%d&nbsp;'</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;log_filename:&nbsp;'postgresql-%a.log'</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;log_directory:&nbsp;/</span><span class="f_CodeExample" style="font-weight: bold;">var</span><span class="f_CodeExample">/log/postgresql</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;ssl:&nbsp;on</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;ssl_ca_file:&nbsp;'/path/to/pgCA.pem'</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;ssl_cert_file:&nbsp;'/path/to/pg.crt'</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;ssl_key_file:&nbsp;'/path/to/pg.key'</span><br />
<span class="f_CodeExample">&nbsp;</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;initdb:&nbsp;#&nbsp;List&nbsp;options&nbsp;to&nbsp;be&nbsp;passed&nbsp;on&nbsp;to&nbsp;initdb</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;encoding:&nbsp;UTF8</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;locale:&nbsp;en_US.UTF-8</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;data-checksums</span><br />
<span class="f_CodeExample">&nbsp;</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;pg_hba:&nbsp;#&nbsp;must&nbsp;contain&nbsp;addresses&nbsp;of&nbsp;ALL&nbsp;the&nbsp;machines&nbsp;used&nbsp;in&nbsp;the&nbsp;cluster</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;local&nbsp;all&nbsp;postgres&nbsp;peer</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;local&nbsp;all&nbsp;all&nbsp;peer</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;hostssl&nbsp;all&nbsp;all&nbsp;0.0.0.0/0&nbsp;md5</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;hostssl&nbsp;replication&nbsp;replicator&nbsp;localhost&nbsp;trust</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;hostssl&nbsp;replication&nbsp;replicator&nbsp;192.168.1.1/32&nbsp;md5</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;hostssl&nbsp;replication&nbsp;replicator&nbsp;192.168.1.2/32&nbsp;md5</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;hostssl&nbsp;replication&nbsp;replicator&nbsp;192.168.1.3/32&nbsp;md5</span><br />
<span class="f_CodeExample">&nbsp;</span><br />
<span class="f_CodeExample">postgresql:</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;listen:&nbsp;192.168.1.1,127.0.0.1:5432&nbsp;#&nbsp;address&nbsp;of&nbsp;the&nbsp;node&nbsp;where&nbsp;the&nbsp;file&nbsp;is</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;connect_address:&nbsp;192.168.1.1:5432&nbsp;#&nbsp;address&nbsp;of&nbsp;the&nbsp;node&nbsp;where&nbsp;the&nbsp;file&nbsp;is</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;use_unix_socket:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">true</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;data_dir:&nbsp;/</span><span class="f_CodeExample" style="font-weight: bold;">var</span><span class="f_CodeExample">/lib/postgresql/13/main&nbsp;#&nbsp;data&nbsp;directory</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;bin_dir:&nbsp;/usr/lib/postgresql/13/bin</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;config_dir:&nbsp;/etc/postgresql/13/main</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;pgpass:&nbsp;/</span><span class="f_CodeExample" style="font-weight: bold;">var</span><span class="f_CodeExample">/lib/postgresql/.pgpass_patroni</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;authentication:</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;replication:</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;username:&nbsp;replicator</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;password:&nbsp;ReplicatorPassword</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;sslcert:&nbsp;/path/to/pg.crt&nbsp;#&nbsp;path&nbsp;to&nbsp;the&nbsp;server&nbsp;certificate&nbsp;file</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;sslkey:&nbsp;/path/to/pg.key&nbsp;#&nbsp;path&nbsp;to&nbsp;the&nbsp;private&nbsp;key&nbsp;file</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;sslrootcert:&nbsp;/path/to/pgCA.pem&nbsp;#&nbsp;path&nbsp;to&nbsp;the&nbsp;root&nbsp;CA&nbsp;file</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;superuser:</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;username:&nbsp;postgres</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;password:&nbsp;PostgresPassword</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;sslcert:&nbsp;/path/to/pg.crt&nbsp;#&nbsp;path&nbsp;to&nbsp;the&nbsp;server&nbsp;certificate&nbsp;file</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;sslkey:&nbsp;/path/to/pg.key&nbsp;#&nbsp;path&nbsp;to&nbsp;the&nbsp;private&nbsp;key&nbsp;file</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;sslrootcert:&nbsp;/path/to/pgCA.pem&nbsp;#&nbsp;path&nbsp;to&nbsp;the&nbsp;root&nbsp;CA&nbsp;file</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;parameters:</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;unix_socket_directories:&nbsp;/</span><span class="f_CodeExample" style="font-weight: bold;">var</span><span class="f_CodeExample">/run/postgresql</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;pg_hba:&nbsp;#&nbsp;must&nbsp;contain&nbsp;addresses&nbsp;of&nbsp;ALL&nbsp;the&nbsp;machines&nbsp;used&nbsp;in&nbsp;the&nbsp;cluster</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;local&nbsp;all&nbsp;postgres&nbsp;peer</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;local&nbsp;all&nbsp;all&nbsp;peer</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;hostssl&nbsp;all&nbsp;all&nbsp;0.0.0.0/0&nbsp;md5</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;hostssl&nbsp;replication&nbsp;replicator&nbsp;localhost&nbsp;trust</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;hostssl&nbsp;replication&nbsp;replicator&nbsp;192.168.1.1/32&nbsp;md5</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;hostssl&nbsp;replication&nbsp;replicator&nbsp;192.168.1.2/32&nbsp;md5</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;hostssl&nbsp;replication&nbsp;replicator&nbsp;192.168.1.3/32&nbsp;md5</span><br />
<span class="f_CodeExample">&nbsp;</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;remove_data_directory_on_rewind_failure:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">false</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;remove_data_directory_on_diverged_timelines:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">false</span><br />
<span class="f_CodeExample" style="font-weight: bold;">&nbsp;</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;create_replica_methods:</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;basebackup</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;basebackup:</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;max-rate:&nbsp;'100M'</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;&nbsp;&nbsp;checkpoint:&nbsp;'fast'</span><br />
<span class="f_CodeExample">&nbsp;</span><br />
<span class="f_CodeExample">watchdog:</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;mode:&nbsp;off&nbsp;#&nbsp;Allowed&nbsp;values:&nbsp;off,&nbsp;automatic,&nbsp;required</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;device:&nbsp;/dev/watchdog</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;safety_margin:&nbsp;5</span><br />
<span class="f_CodeExample">&nbsp;</span><br />
<span class="f_CodeExample">tags:</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;nofailover:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">false</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;noloadbalance:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">false</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;clonefrom:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">false</span><br />
<span class="f_CodeExample">&nbsp;&nbsp;nosync:&nbsp;</span><span class="f_CodeExample" style="font-weight: bold;">false</span></p>
<p class="p_Normal">Make the <span style="font-weight: bold;">postgres</span> user the owner of the private key file <code><b>pg.key</b></code>:</p>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">Начало&nbsp;внимание</span></p>
<p class="p_Normal">The private key file <code><b>pg.key</b></code> specified in the section <code><b>postgresql</b></code> must have permissions of u=rw (0600) or less if it belongs to the PostgreSQL database user, or permissions of u=rw, g=r (0640) or less if it belongs to the root .</p>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">Конец&nbsp;внимание</span></p>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo&nbsp;chown&nbsp;postgres:postgres&nbsp;-R&nbsp;/path/to/pg.key</span><br />
<span class="f_CodeExample">sudo&nbsp;chmod&nbsp;600&nbsp;/path/to/pg.key</span></p>
<p class="p_Normal">For more details on TLS/SSL configuration in Patroni, refer to the <a href="https://patroni.readthedocs.io/en/latest/yaml_configuration.html" target="_blank" class="weblink">official Patroni documentation</a>.</p>
</td>
</tr>
</table>
</div>
<ol style="list-style-type:upper-roman" start="3">
<li value="3" class="p_Normal">Make the <span style="font-weight: bold;">postgres</span> user the owner of the configuration directory:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo&nbsp;chown&nbsp;postgres:postgres&nbsp;-R&nbsp;/etc/patroni</span><br />
<span class="f_CodeExample">sudo&nbsp;chmod&nbsp;700&nbsp;/etc/patroni</span></p>
<h2 class="p_Heading2"><a id="preparation-postgresql-patroni" class="hmanchor"></a><span class="f_Heading2">Step 7: Prepare PostgreSQL+Patroni cluster</span></h2>
<ol style="list-style-type:upper-roman">
<li value="1" class="p_Normal">Start the Patroni service on the <span style="font-weight: bold;">postgres-server1.your_domain</span> node, and then on the nodes <span style="font-weight: bold;">postgres-server2.your_domain</span> and <span style="font-weight: bold;">postgres-server3.your_domain</span>:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo&nbsp;systemctl&nbsp;enable&nbsp;--now&nbsp;patroni.service</span></p>
<ol style="list-style-type:upper-roman" start="2">
<li value="2" class="p_Normal">Check the cluster status:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">patronictl&nbsp;-c&nbsp;/etc/patroni/config.yml&nbsp;list</span></p>
<h2 class="p_Heading2"><a id="prepare-pgbouncer" class="hmanchor"></a><span class="f_Heading2">Step 8: Prepare PGBouncer (optional)</span></h2>
<p class="p_Normal">PGBouncer is designed to manage a connection pool to PostgreSQL, minimizing the overhead associated with establishing new connections to PostgreSQL. For information on installing and configuring PGBouncer, refer to <a href="pgbouncer-installation.html" class="topiclink">Install PGBouncer</a>.</p>
<h2 class="p_Heading2"><a id="haproxy-configuration" class="hmanchor"></a><span class="f_Heading2">Step 9: Configure HAProxy (postgres block)</span></h2>
<p class="p_Normal">Configure a <a href="fail-safe-haproxy.html" class="topiclink">high availablility HAProxy</a> &nbsp;to handle requests to PostgreSQL and load balance between the nodes of the PostgreSQL cluster. For more details, refer to <a href="haproxy-postgresql.html" class="topiclink">Configure HAProxy for PostgreSQL</a>.</p>
<h2 class="p_Heading2"><a id="connecting-to-postgresql" class="hmanchor"></a><span class="f_Heading2">Step 10: Connecto to PostgreSQL</span></h2>
<p class="p_Normal">Connection string to connect to the PostgreSQL cluster:</p>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">psqlUrl:&nbsp;postgresql:</span><span class="f_CodeExample">//elma365:SecretPassword@haproxy-server.your_domain:5000/elma365?sslmode=disable</span></p>
<p class="p_Normal">Connection string to connect to the PostgreSQL cluster for read-only access:</p>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">psqlUrl:&nbsp;postgresql:</span><span class="f_CodeExample">//elma365:SecretPassword@haproxy-server.your_domain:5001/elma365?sslmode=disable</span></p>
<p class="p_Normal"><a class="dropdown-toggle" style="font-style: normal; font-weight: normal; color: #000000; background-color: transparent; text-decoration: none;" href="javascript:HMToggle('toggle','TOGGLE0186A6')">Connecting to the PostgreSQL cluster with TLS/SSL</a></p>
<div id="TOGGLE0186A6" class="dropdown-toggle-body" style="text-align: left; text-indent: 0; line-height: 1.80; padding: 0 0 0 0; margin: 0 0 0 0;"><table style="border:none; border-spacing:0;">
<tr>
<td style="vertical-align:top; padding:0; border:none"><p class="p_Normal">Connection string to connect to the PostgreSQL cluster with TLS/SS:</p>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">psqlUrl:&nbsp;postgresql:</span><span class="f_CodeExample">//elma365:SecretPassword@haproxy-server.your_domain:5000/elma365?sslmode=require</span></p>
<p class="p_Normal">Connection string to connect to the PostgreSQL cluster with TLS/SSL for read-only access:</p>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">psqlUrl:&nbsp;postgresql:</span><span class="f_CodeExample">//elma365:SecretPassword@haproxy-server.your_domain:5001/elma365?sslmode=require</span></p>
</td>
</tr>
</table>
</div>
<h2 class="p_Heading2"><span class="f_Heading2">Prepare a PostgreSQL database for restoration</span></h2>
<p class="p_Normal">If you need to restore a database from backup, first prepare the database for restoration. For more details, refer to the article <a href="postgresql.html#prepare-to-restore" class="topiclink">PostgreSQL</a>.</p>
<div class="bottom-nav">
<a id="prev-link" class="topic__navi_prev" href="configure-system.html">
<span class="bottom-nav__arrow bottom-nav__arrow--prev"></span> <span
class="bottom-nav__link">configure-system.html</span>
</a>
<a id="next-link" class="topic__navi_next" href="configure-hot-standby-postgresql.html">
<span class="bottom-nav__link">configure-hot-standby-postgresql.html</span> <span
class="bottom-nav__arrow bottom-nav__arrow--next"></span>
</a>
</div>
<!-- добавляет на страницу строку блок Была ли статья полезной? -->
<div class="feedback" id="feedback"><div class="feedback-help"><span><b>Was this helpful?</b></span><form action="" method="POST" class="feedback-form" id="feedback-form"><div class="feedback__popup feedback__popup-response" id="feedback__popup_thx" style="display: none;">Thanks for your feedback!</div><div class="feedback__popup" id="feedback__popup_why" style="display: none;"><div class="feedback__popup-header">Please specify why:</div><input type="radio" name="category" id="bad_recommendation" value="bad_recommendation"><label for="bad_recommendation">Recommendations did not help me</label><input type="radio" name="category" id="difficult_text" value="difficult_text"><label for="difficult_text">Article is hard to understand</label><input type="radio" name="category" id="no_answer" value="no_answer"><label for="no_answer">Didn`t answer my question</label><input type="radio" name="category" id="bad_header" value="bad_header"><label for="bad_header">Content does not match the topic</label><input type="radio" name="category" id="other_reason" value="other_reason"><label for="other_reason">Other</label></div><div class="feedback__popup" id="feedback__popup-other" style="display: none;"><div class="feedback__popup-header">How we can improve it?</div><textarea class="feedback__textarea" name="other" id=""></textarea><input type="submit" class="feedback__other-btn" value="Submit"></div><div class="feedback-form__btn-group"><input type="radio" name="useful" id="feedback__useful_yes" value="true"><label for="feedback__useful_yes"><img src="like.svg" class="small-img" alt="like"><spanclass="feedback-form__btn-group_yes-btn">Yes</spanclass="feedback-form__btn-group_yes-btn"></label><input type="radio" name="useful" id="feedback__useful_no" value="false"><label for="feedback__useful_no"><img src="dislike.svg" class="small-img" alt="dislike"><spanclass="feedback-form__btn-group_no-btn">No</spanclass="feedback-form__btn-group_no-btn"></label></div><select name="category"><option disabled="">Please specify why</option><option value="bad_recommendation" selected="">Recommendations did not help me</option><option value="difficult_text">Article is hard to understand</option><option value="no_answer">Didn`t answer my question</option><option value="bad_header">Content does not match the topic</option><option value="other_reason">Other</option></select><input type="submit"></form></div><div class="found_typo"><p style="margin: 0px; margin-top: 16px !important;"><span><b>Found a typo?</b></span> Select it and press <i>Ctrl+Enter</i> to send us feedback</p></div></div>
</section>
</div>
<aside class="article__sidebar" style="display:none">
<input type="checkbox" />
<div class="article__arrow"></div>
<div class="table-of-contents elma365-right" id="toc2Content">
<h3 class="h3-toc">In this topic</h3>
<nav id="toc2"></nav>
</div>
</aside>
</div>
</article>
</main>
<footer class="footer">
<div class="footer-container">
<div class="footer-mobile">
<ul class="footer-mobile__list"><li><a href="https://brix365.com/en/" target="_blank">BRIX</a></li><li><a href="https://tssdk.brix365.com/en/latest/" target="_blank">SDK</a></li><li><a href="https://api.brix365.com/en/" target="_blank">API</a></li></ul><ul class="footer-mobile__list"><li><a href="https://brix365.com/en/help/platform/get-trial.html">Platform</a></li><li><a href="https://brix365.com/en/help/ecm/ecm-functions.html">ECM</a></li><li><a href="https://brix365.com/en/help/service/service-functions.html">Service</a></li><li><a href="https://brix365.com/en/help/projects/projects-functions.html">Projects</a></li></ul>
</div>
<div class="footer-wrap">
<div><span class="mobile-question-popup">Send feedback</span><form method="POST" action class="question__popup question-xs" id="question__popup"><div class="question-wrap"><span class="close"></span><span class="title">Ask a question</span><label for="help_question" style="display: none;"></label><textarea name="help_question" id="help_question"></textarea><input type="submit" value="Send"></div></form><div class="hidden fade-in question-success-xs">Sent</div></div>
<div class="footer-flex-b">
<span class="footer-copy">&copy; 2025 BRIX</span>
<ul class="footer-list">
<li class="footer-item">
<a href="#" class="arrow-top" style="display: block;"></a>
</li>
</ul>
</div>
</div>
</div>
</footer>
<iframe name="hmnavigation" style="display:none!important"></iframe>
<script src="./jquery-ui.js"></script>
<!--script src="//cdn.jsdelivr.net/npm/featherlight@1.7.14/release/featherlight.min.js" type="text/javascript" charset="utf-8"></script-->
<script src="./jquery.tocify.min.js"></script>
<script src="./TypoReporter.min.js"></script>
<script src="./google-search.js"></script>
<script src="./main.js"></script>
<script type="text/javascript">
HMInitToggle('TOGGLE0186A1','hm.type','dropdown','hm.state','0');
HMInitToggle('TOGGLE0186A2','hm.type','dropdown','hm.state','0');
HMInitToggle('TOGGLE0186A3','hm.type','dropdown','hm.state','0');
HMInitToggle('TOGGLE0186A4','hm.type','dropdown','hm.state','0');
HMInitToggle('TOGGLE0186A5','hm.type','dropdown','hm.state','0');
HMInitToggle('TOGGLE0186A6','hm.type','dropdown','hm.state','0');
</script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink