├── README.md
├── defaults
    └── main.yml
├── meta
    └── main.yml
├── role.yml
├── tasks
    ├── configure.yml
    ├── install.yml
    ├── main.yml
    └── post-install.yml
└── templates
    ├── pgbouncer.ini.j2
    └── pgbouncer.j2


/README.md:
--------------------------------------------------------------------------------
 1 | ### README: install-pgbouncer
 2 | 
 3 | #### Features:
 4 | - supported distributions: Redhat 6, CentOS 6, Scientific Linux 6, Oracle Linux.
 5 | - allow specify pools, allowed users and other pgbouncer settings.
 6 | - supported only md5, any or trust auth types.
 7 | - add logrotate config
 8 | 
 9 | #### Known issues:
10 | - plain and crypt auth types does not implemented and not tested.
11 | 
12 | #### Todo:
13 | 
14 | #### How-to use:
15 | - download repo with git clone;
16 | - cd into role directory;
17 | - change hosts: variable in role.yml;
18 | - start ansible-playbook with role.yml and your inventory file.
19 | ```
20 | ansible-playbook -i /etc/ansible/staging role.yml
21 | ```
22 | 


--------------------------------------------------------------------------------
/defaults/main.yml:
--------------------------------------------------------------------------------
 1 | # file: role/install-pgbouncer/defaults/main.yml
 2 | 
 3 | # Basic settings
 4 | pgbouncer_ini: /etc/pgbouncer/pgbouncer.ini
 5 | pgbouncer_pool_mode: transaction
 6 | enable_logrotate: yes
 7 | 
 8 | # Pools
 9 | pgbouncer_pools:
10 |   - { name: "db1", conninfo: "host=127.0.0.1 port=5432 user=johndoe password=test1234" }
11 | 
12 | # Internal user management
13 | pgbouncer_admin_user: pgbouncer
14 | pgbouncer_admin_group: postgres
15 | pgbouncer_stats_users:
16 |  - zabbix
17 |  - munin
18 | 
19 | # PostgreSQL users which allowed connecting to the pools
20 | pgbouncer_allowed_users:
21 |  - johndoe
22 |  - vpupkin
23 | 
24 | # pgbouncer.ini settings
25 | pgbouncer_logfile: /var/log/pgbouncer.log
26 | pgbouncer_pidfile: /var/run/pgbouncer/pgbouncer.pid
27 | pgbouncer_listen_addr: '*'
28 | pgbouncer_listen_port: 6432
29 | pgbouncer_auth_type: md5
30 | pgbouncer_auth_file: /etc/pgbouncer/userlist.txt
31 | pgbouncer_max_client_conn: 10000
32 | pgbouncer_default_pool_size: 30
33 | 


--------------------------------------------------------------------------------
/meta/main.yml:
--------------------------------------------------------------------------------
 1 | # file: roles/install-postgresql-on-el6/meta/main.yml
 2 | 
 3 | galaxy_info:
 4 |   author: "Alexey Lesovsky"
 5 |   description: A role to install PgBouncer on RedHat/CentOS/Scientific/Oracle Enterprise Linux.
 6 |   license: as-is
 7 |   min_ansible_version: 1.4
 8 |   version: 1.0
 9 |   platforms:
10 |     - name: EL
11 |       versions:
12 |       - 6
13 |   categories:
14 |    - database
15 |    - database:sql
16 | dependencies: []
17 | 


--------------------------------------------------------------------------------
/role.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | # Install Pgbouncer
 3 | - hosts: localhost
 4 |   sudo: yes
 5 |   sudo_user: root
 6 |   vars_files: 
 7 |     - 'defaults/main.yml'
 8 |   tasks:
 9 |     - include: 'tasks/main.yml'
10 | 


--------------------------------------------------------------------------------
/tasks/configure.yml:
--------------------------------------------------------------------------------
 1 | # file: roles/install-pgbouncer/tasks/configure.yml
 2 | 
 3 | - name: "Stage 2: stop pgbouncer service"
 4 |   service:
 5 |     name: pgbouncer
 6 |     state: stopped
 7 | 
 8 | - name: "Stage 2: create pgbouncer.ini"
 9 |   template:
10 |     src: pgbouncer.ini.j2
11 |     dest: "{{ pgbouncer_ini }}"
12 |     owner: "{{ pgbouncer_admin_user }}"
13 |     group: "{{ pgbouncer_admin_group }}"
14 |     mode: 0600
15 | 
16 | - name: "Stage 2: remove old userlist.txt"
17 |   file: state=absent dest={{ pgbouncer_auth_file }}
18 | 
19 | - name: "Stage 2: create new empty userlist.txt"
20 |   file: 
21 |     state: touch
22 |     dest: "{{ pgbouncer_auth_file }}"
23 |     owner: "{{ pgbouncer_admin_user }}"
24 |     group: "{{ pgbouncer_admin_group }}"
25 |     mode: 0660
26 |   
27 | - name: "Stage 2: add users into userlist.txt"
28 |   sudo: yes
29 |   sudo_user: postgres
30 |   shell: psql -qAtXF' ' -c "select rolname,rolpassword from pg_authid where rolname = '{{ item }}'" |sed -e 's/^/\"/' -e 's/$/\"/' -e 's/ /\" \"/' >> {{ pgbouncer_auth_file }}
31 |   with_items: pgbouncer_allowed_users
32 | 
33 | - name: "Stage 2: fix permissions userlist.txt"
34 |   file: 
35 |     state: file
36 |     dest: "{{ pgbouncer_auth_file }}"
37 |     mode: 0600
38 | 
39 | - name: "Stage 2: start pgbouncer"
40 |   service:
41 |     name: pgbouncer
42 |     state: started
43 |     enabled: yes
44 | 


--------------------------------------------------------------------------------
/tasks/install.yml:
--------------------------------------------------------------------------------
1 | # file: roles/install-pgbouncer/tasks/install.yml
2 | 
3 | - name: "Stage 1: install pgbouncer"
4 |   yum: pkg=pgbouncer state=latest
5 |   when: ansible_pkg_mgr == 'yum'
6 | 


--------------------------------------------------------------------------------
/tasks/main.yml:
--------------------------------------------------------------------------------
1 | # file: roles/install-postgresql/tasks/main.yml -- root task which includes others
2 | 
3 | - include: install.yml
4 | - include: configure.yml
5 | - include: post-install.yml
6 | 


--------------------------------------------------------------------------------
/tasks/post-install.yml:
--------------------------------------------------------------------------------
 1 | # file: roles/install-pgbouncer/tasks/post-install.yml
 2 | 
 3 | - name: "Stage 3: add logrotate configuration"
 4 |   template:
 5 |     src: pgbouncer.j2
 6 |     dest: /etc/logrotate.d/pgbouncer
 7 |     owner: root
 8 |     group: root
 9 |     mode: 0644
10 |   when: enable_logrotate
11 | 
12 | - name: "Stage 3: reload logrotate"
13 |   command: logrotate -s /var/lib/logrotate.status /etc/logrotate.conf
14 |   when: enable_logrotate
15 | 


--------------------------------------------------------------------------------
/templates/pgbouncer.ini.j2:
--------------------------------------------------------------------------------
  1 | [databases]
  2 | {% for pool in pgbouncer_pools %}
  3 | {{ pool.name }} = {{ pool.conninfo }}
  4 | {% endfor %}
  5 | 
  6 | [pgbouncer]
  7 | 
  8 | ;;;
  9 | ;;; Administrative settings
 10 | ;;;
 11 | 
 12 | logfile = {{ pgbouncer_logfile }}
 13 | pidfile = {{ pgbouncer_pidfile }}
 14 | 
 15 | ;;;
 16 | ;;; Where to wait for clients
 17 | ;;;
 18 | 
 19 | ; ip address or * which means all ip-s
 20 | listen_addr = {{ pgbouncer_listen_addr }}
 21 | listen_port = {{ pgbouncer_listen_port }}
 22 | 
 23 | ; unix socket is also used for -R.
 24 | ; On debian it should be /var/run/postgresql
 25 | ;unix_socket_dir = /tmp
 26 | ;unix_socket_mode = 0777
 27 | ;unix_socket_group =
 28 | 
 29 | ;;;
 30 | ;;; Authentication settings
 31 | ;;;
 32 | 
 33 | ; any, trust, plain, crypt, md5
 34 | auth_type = {{ pgbouncer_auth_type }}
 35 | auth_file = {{ pgbouncer_auth_file }}
 36 | 
 37 | ;;;
 38 | ;;; Users allowed into database 'pgbouncer'
 39 | ;;;
 40 | 
 41 | ; comma-separated list of users, who are allowed to change settings
 42 | admin_users = {{ pgbouncer_admin_user }}
 43 | 
 44 | ; comma-separated list of users who are just allowed to use SHOW command
 45 | stats_users = {{ pgbouncer_admin_user }},{{ pgbouncer_stats_users |join(",")}}
 46 | 
 47 | ;;;
 48 | ;;; Pooler personality questions
 49 | ;;;
 50 | 
 51 | ; When server connection is released back to pool:
 52 | ;   session      - after client disconnects
 53 | ;   transaction  - after transaction finishes
 54 | ;   statement    - after statement finishes
 55 | pool_mode = {{ pgbouncer_pool_mode }}
 56 | 
 57 | ;
 58 | ; Query for cleaning connection immediately after releasing from client.
 59 | ; No need to put ROLLBACK here, pgbouncer does not reuse connections
 60 | ; where transaction is left open.
 61 | ;
 62 | ; Query for 8.3+:
 63 | ;   DISCARD ALL;
 64 | ;
 65 | ; Older versions:
 66 | ;   RESET ALL; SET SESSION AUTHORIZATION DEFAULT
 67 | ;
 68 | ; Empty if transaction pooling is in use.
 69 | ;
 70 | server_reset_query = {{ 'DISCARD ALL' if pgbouncer_pool_mode == 'session' else '' }}
 71 | 
 72 | ;
 73 | ; Comma-separated list of parameters to ignore when given
 74 | ; in startup packet.  Newer JDBC versions require the
 75 | ; extra_float_digits here.
 76 | ;
 77 | ignore_startup_parameters = extra_float_digits
 78 | 
 79 | ;
 80 | ; When taking idle server into use, this query is ran first.
 81 | ;   SELECT 1
 82 | ;
 83 | ;server_check_query = select 1
 84 | 
 85 | ; If server was used more recently that this many seconds ago,
 86 | ; skip the check query.  Value 0 may or may not run in immediately.
 87 | ;server_check_delay = 30
 88 | 
 89 | ;;;
 90 | ;;; Connection limits
 91 | ;;;
 92 | 
 93 | ; total number of clients that can connect
 94 | max_client_conn = {{ pgbouncer_max_client_conn }}
 95 | 
 96 | ; default pool size.  20 is good number when transaction pooling
 97 | ; is in use, in session pooling it needs to be the number of
 98 | ; max clients you want to handle at any moment
 99 | default_pool_size = {{ pgbouncer_default_pool_size }}
100 | 
101 | ; how many additional connection to allow in case of trouble
102 | reserve_pool_size = 0
103 | 
104 | ; if a clients needs to wait more than this many seconds, use reserve pool
105 | ;reserve_pool_timeout = 3
106 | 
107 | ; log if client connects or server connection is made
108 | ;log_connections = 1
109 | 
110 | ; log if and why connection was closed
111 | ;log_disconnections = 1
112 | 
113 | ; log error messages pooler sends to clients
114 | log_pooler_errors = 1
115 | 
116 | 
117 | ; If off, then server connections are reused in LIFO manner
118 | ;server_round_robin = 0
119 | 
120 | ;;;
121 | ;;; Timeouts
122 | ;;;
123 | 
124 | ;; Close server connection if its been connected longer.
125 | server_lifetime = 7200
126 | 
127 | ;; Close server connection if its not been used in this time.
128 | ;; Allows to clean unnecessary connections from pool after peak.
129 | server_idle_timeout = 30
130 | 
131 | ;; Cancel connection attempt if server does not answer takes longer.
132 | server_connect_timeout = 10
133 | 
134 | ;; If server login failed (server_connect_timeout or auth failure)
135 | ;; then wait this many second.
136 | server_login_retry = 10
137 | 
138 | ;; Dangerous.  Server connection is closed if query does not return
139 | ;; in this time.  Should be used to survive network problems,
140 | ;; _not_ as statement_timeout. (default: 0)
141 | ;query_timeout = 0
142 | 
143 | ;; Dangerous.  Client connection is closed if the query is not assigned
144 | ;; to a server in this time.  Should be used to limit the number of queued
145 | ;; queries in case of a database or network failure. (default: 0)
146 | ;query_wait_timeout = 0
147 | 
148 | ;; Dangerous.  Client connection is closed if no activity in this time.
149 | ;; Should be used to survive network problems. (default: 0)
150 | ;client_idle_timeout = 0
151 | 
152 | ;; Disconnect clients who have not managed to log in after connecting
153 | ;; in this many seconds.
154 | ;client_login_timeout = 60
155 | 
156 | ;; Clean automatically created database entries (via "*") if they
157 | ;; stay unused in this many seconds.
158 | ; autodb_idle_timeout = 3600
159 | 
160 | ;;;
161 | ;;; Low-level tuning options
162 | ;;;
163 | 
164 | ;; buffer for streaming packets
165 | ;pkt_buf = 2048
166 | 
167 | ;; man 2 listen
168 | ;listen_backlog = 128
169 | 
170 | ;; networking options, for info: man 7 tcp
171 | 
172 | ;; Linux: notify program about new connection only if there
173 | ;; is also data received.  (Seconds to wait.)
174 | ;; On Linux the default is 45, on other OS'es 0.
175 | ;tcp_defer_accept = 0
176 | 
177 | ;; In-kernel buffer size (Linux default: 4096)
178 | ;tcp_socket_buffer = 0
179 | 
180 | ;; whether tcp keepalive should be turned on (0/1)
181 | tcp_keepalive = 1
182 | 
183 | ;; following options are Linux-specific.
184 | ;; they also require tcp_keepalive=1
185 | 
186 | ;; count of keepaliva packets
187 | ;tcp_keepcnt = 0
188 | 
189 | ;; how long the connection can be idle,
190 | ;; before sending keepalive packets
191 | ;tcp_keepidle = 0
192 | 
193 | ;; The time between individual keepalive probes.
194 | ;tcp_keepintvl = 0
195 | 
196 | ;; DNS lookup caching time
197 | ;dns_max_ttl = 15
198 | 
199 | ;; DNS zone SOA lookup period
200 | ;dns_zone_check_period = 0
201 | 


--------------------------------------------------------------------------------
/templates/pgbouncer.j2:
--------------------------------------------------------------------------------
 1 | {{ pgbouncer_logfile }} {
 2 |         missingok
 3 |         daily
 4 |         notifempty
 5 |         sharedscripts
 6 |         create 0640 {{ pgbouncer_admin_user }} {{ pgbouncer_admin_group }}
 7 |         postrotate
 8 |                 /etc/init.d/pgbouncer reload
 9 |         endscript
10 | }
11 | 


--------------------------------------------------------------------------------