diff --git a/inventory/host_vars/db-koji01.stg.phx2.fedoraproject.org b/inventory/host_vars/db-koji01.stg.phx2.fedoraproject.org index 80480a082c..63cd229f5d 100644 --- a/inventory/host_vars/db-koji01.stg.phx2.fedoraproject.org +++ b/inventory/host_vars/db-koji01.stg.phx2.fedoraproject.org @@ -27,7 +27,13 @@ kernel_shmmax: 68719476736 # # Only allow postgresql access from the frontend node and other db nodes # -custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.86 --dport 5432 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.5.126.188 --dport 5432 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.5.126.189 --dport 5432 -j ACCEPT' ] +custom_rules: [ + '-A INPUT -p tcp -m tcp -s 10.5.126.86 --dport 5432 -j ACCEPT', + '-A INPUT -p tcp -m tcp -s 10.5.126.188 --dport 5432 -j ACCEPT', + '-A INPUT -p tcp -m tcp -s 10.5.126.189 --dport 5432 -j ACCEPT', + '-A INPUT -d 224.0.0.0/8 -j ACCEPT', + '-A INPUT -p vrrp -j ACCEPT', +] # # Large updates pushes cause lots of db threads doing the tag moves, so up this from default. @@ -36,3 +42,8 @@ nrpe_procs_warn: 600 nrpe_procs_crit: 700 shared_buffers: "8GB" effective_cache_size: "24GB" + +# Keepalived variables +keepalived_interface: eth0 +keepalived_priority: 100 +keepalived_ipaddress: 10.5.125.190/24 diff --git a/inventory/host_vars/db-koji02.stg.phx2.fedoraproject.org b/inventory/host_vars/db-koji02.stg.phx2.fedoraproject.org index ba6c773166..abc1d5a0d2 100644 --- a/inventory/host_vars/db-koji02.stg.phx2.fedoraproject.org +++ b/inventory/host_vars/db-koji02.stg.phx2.fedoraproject.org @@ -27,7 +27,13 @@ kernel_shmmax: 68719476736 # # Only allow postgresql access from the frontend node. # -custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.5.126.86 --dport 5432 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.5.126.188 --dport 5432 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 10.5.126.189 --dport 5432 -j ACCEPT' ] +custom_rules: [ + '-A INPUT -p tcp -m tcp -s 10.5.126.86 --dport 5432 -j ACCEPT', + '-A INPUT -p tcp -m tcp -s 10.5.126.188 --dport 5432 -j ACCEPT', + '-A INPUT -p tcp -m tcp -s 10.5.126.189 --dport 5432 -j ACCEPT', + '-A INPUT -d 224.0.0.0/8 -j ACCEPT', + '-A INPUT -p vrrp -j ACCEPT', +] # # Large updates pushes cause lots of db threads doing the tag moves, so up this from default. @@ -36,3 +42,8 @@ nrpe_procs_warn: 600 nrpe_procs_crit: 700 shared_buffers: "8GB" effective_cache_size: "24GB" + +# Keepalived variables +keepalived_interface: eth0 +keepalived_priority: 50 +keepalived_ipaddress: 10.5.125.190/24 diff --git a/playbooks/groups/postgresql-server-bdr.yml b/playbooks/groups/postgresql-server-bdr.yml index a1c72e512c..42847ecc8e 100644 --- a/playbooks/groups/postgresql-server-bdr.yml +++ b/playbooks/groups/postgresql-server-bdr.yml @@ -25,6 +25,7 @@ - collectd/base - collectd/postgres # This requires a 'databases' var to be set in host_vars - sudo + - keepalived tasks: - include: "{{ tasks }}/yumrepos.yml"