The validate_db_connection class takes a user to connect as, but if we're
using the progresql::server::db defined type then the user might not be
created yet, and might not have any permissions granted yet. This patch
users a collector to ensure that the that the user and grants are active
before validating.
On FreeBSD systems the $user variable is not 'postgres' so does not
match the default database correctly. These changes use the existing
default_database parameter to replace instances where $user is passed as
the database to be connected to.
These changes are in server::database, server::role and
server::grant.
At present, the ownership of pg_hba.conf is hardwired to be uid 0. It should have the same ownership as all of the other postgressql configuration files in the same cluster so that they can be managed/edited by the postgres role user (system) account.
The warnings are as follows:
Warning: Scope(Concat::Fragment[pg_hba_rule_deny access to postgresql user]): The $mode parameter to concat::fragment is deprecated and has no effect
Warning: Scope(Concat::Fragment[pg_hba_rule_deny access to postgresql user]): The $owner parameter to concat::fragment is deprecated and has no effect
E.g. pe-postgresql does NOT use postgres as the default database name.
It uses pe-postgres. So if there is no way to specify a default database
name, the postgesql::validate_db_connection resource in
postgresql::server::service will ALWAYS fail. This commit exposes the
parameter in order to avoid that situation.
Since the class is now throwing an error when you use the class directly,
I'm just removing it.
We left this in from the last rewrite as someone reported an issue a long
time ago, but alas we have been unable to prove its a problem.
Signed-off-by: Ken Barber <ken@bob.sh>
This patch is a fix for the race condition that keeps occuring during
postgresql setup. Its very rare on its own, but when you are using this
module in a CI environment it happens quite frequently.
Basically what happens is that sometimes the service will announce the
database has started, but really it is still working in the background.
Sometimes the unix socket may not be listening, and sometimes the
system is still loading and you get a weird client error.
The fix itself is a modification to postgresql::validate_db_connection
so that it is able to connect on the local unix socket, plus retry
until the database is available.
This new and improved validate_db_connection can then be put into the
build pipeline (in the service class in particular) to ensure the
database is started before continuing on with the remaining steps.
This in effect blocks the puppet module from continuing until the
postgresql database is fully started and able to receive connections
which is perfect.
Tests and documentation provided.
Signed-off-by: Ken Barber <ken@bob.sh>
The stdlib join() function takes an array and a string as parameters, it then joins all the elements of the array using the string as a separator.
On Centos 6.4 the join() function fails if given just an array but not a string.