mirror of
https://github.com/neondatabase/neon.git
synced 2026-01-06 04:52:55 +00:00
fd440e7d79
pgbouncer 1.21.0 doesn't play nicely with DEALLOCATD/DISCARD ALL if
prepared statement support is enabled (max_prepared_statements > 0).
There's a patch[0] that improves this (it will be included in the next
release of pgbouncer).
This PR applies this patch on top of 1.21.0 release tarball.
For some reason, the tarball doesn't include `test/test_prepared.py`
(which is modified by the patch as well), so the patch can't be applied
clearly. I use `filterdiff` (from `patchutils` package) to apply
the required changes.
[0] a7b3c0a5f4
129 lines
4.5 KiB
YAML
129 lines
4.5 KiB
YAML
# Supplemental file for neondatabase/autoscaling's vm-builder, for producing the VM compute image.
|
|
---
|
|
commands:
|
|
- name: cgconfigparser
|
|
user: root
|
|
sysvInitAction: sysinit
|
|
shell: 'cgconfigparser -l /etc/cgconfig.conf -s 1664'
|
|
- name: pgbouncer
|
|
user: nobody
|
|
sysvInitAction: respawn
|
|
shell: '/usr/local/bin/pgbouncer /etc/pgbouncer.ini'
|
|
- name: postgres-exporter
|
|
user: nobody
|
|
sysvInitAction: respawn
|
|
shell: 'DATA_SOURCE_NAME="user=cloud_admin sslmode=disable dbname=postgres" /bin/postgres_exporter'
|
|
shutdownHook: |
|
|
su -p postgres --session-command '/usr/local/bin/pg_ctl stop -D /var/db/postgres/compute/pgdata -m fast --wait -t 10'
|
|
files:
|
|
- filename: pgbouncer.ini
|
|
content: |
|
|
[databases]
|
|
*=host=localhost port=5432 auth_user=cloud_admin
|
|
[pgbouncer]
|
|
listen_port=6432
|
|
listen_addr=0.0.0.0
|
|
auth_type=scram-sha-256
|
|
auth_user=cloud_admin
|
|
auth_dbname=postgres
|
|
client_tls_sslmode=disable
|
|
server_tls_sslmode=disable
|
|
pool_mode=transaction
|
|
max_client_conn=10000
|
|
default_pool_size=16
|
|
max_prepared_statements=0
|
|
- filename: cgconfig.conf
|
|
content: |
|
|
# Configuration for cgroups in VM compute nodes
|
|
group neon-postgres {
|
|
perm {
|
|
admin {
|
|
uid = postgres;
|
|
}
|
|
task {
|
|
gid = users;
|
|
}
|
|
}
|
|
memory {}
|
|
}
|
|
build: |
|
|
# Build cgroup-tools
|
|
#
|
|
# At time of writing (2023-03-14), debian bullseye has a version of cgroup-tools (technically
|
|
# libcgroup) that doesn't support cgroup v2 (version 0.41-11). Unfortunately, the vm-monitor
|
|
# requires cgroup v2, so we'll build cgroup-tools ourselves.
|
|
FROM debian:bullseye-slim as libcgroup-builder
|
|
ENV LIBCGROUP_VERSION v2.0.3
|
|
|
|
RUN set -exu \
|
|
&& apt update \
|
|
&& apt install --no-install-recommends -y \
|
|
git \
|
|
ca-certificates \
|
|
automake \
|
|
cmake \
|
|
make \
|
|
gcc \
|
|
byacc \
|
|
flex \
|
|
libtool \
|
|
libpam0g-dev \
|
|
&& git clone --depth 1 -b $LIBCGROUP_VERSION https://github.com/libcgroup/libcgroup \
|
|
&& INSTALL_DIR="/libcgroup-install" \
|
|
&& mkdir -p "$INSTALL_DIR/bin" "$INSTALL_DIR/include" \
|
|
&& cd libcgroup \
|
|
# extracted from bootstrap.sh, with modified flags:
|
|
&& (test -d m4 || mkdir m4) \
|
|
&& autoreconf -fi \
|
|
&& rm -rf autom4te.cache \
|
|
&& CFLAGS="-O3" ./configure --prefix="$INSTALL_DIR" --sysconfdir=/etc --localstatedir=/var --enable-opaque-hierarchy="name=systemd" \
|
|
# actually build the thing...
|
|
&& make install
|
|
|
|
FROM quay.io/prometheuscommunity/postgres-exporter:v0.12.0 AS postgres-exporter
|
|
|
|
# Build pgbouncer
|
|
#
|
|
FROM debian:bullseye-slim AS pgbouncer
|
|
RUN set -e \
|
|
&& apt-get update \
|
|
&& apt-get install -y \
|
|
build-essential \
|
|
curl \
|
|
libevent-dev \
|
|
libssl-dev \
|
|
patchutils \
|
|
pkg-config
|
|
|
|
ENV PGBOUNCER_VERSION 1.21.0
|
|
ENV PGBOUNCER_GITPATH 1_21_0
|
|
RUN set -e \
|
|
&& curl -sfSL https://github.com/pgbouncer/pgbouncer/releases/download/pgbouncer_${PGBOUNCER_GITPATH}/pgbouncer-${PGBOUNCER_VERSION}.tar.gz -o pgbouncer-${PGBOUNCER_VERSION}.tar.gz \
|
|
&& tar xzvf pgbouncer-${PGBOUNCER_VERSION}.tar.gz \
|
|
&& cd pgbouncer-${PGBOUNCER_VERSION} \
|
|
&& curl https://github.com/pgbouncer/pgbouncer/commit/a7b3c0a5f4caa9dbe92743d04cf1e28c4c05806c.patch | filterdiff --include a/src/server.c | patch -p1 \
|
|
&& LDFLAGS=-static ./configure --prefix=/usr/local/pgbouncer --without-openssl \
|
|
&& make -j $(nproc) \
|
|
&& make install
|
|
merge: |
|
|
# tweak nofile limits
|
|
RUN set -e \
|
|
&& echo 'fs.file-max = 1048576' >>/etc/sysctl.conf \
|
|
&& test ! -e /etc/security || ( \
|
|
echo '* - nofile 1048576' >>/etc/security/limits.conf \
|
|
&& echo 'root - nofile 1048576' >>/etc/security/limits.conf \
|
|
)
|
|
|
|
COPY cgconfig.conf /etc/cgconfig.conf
|
|
COPY pgbouncer.ini /etc/pgbouncer.ini
|
|
RUN set -e \
|
|
&& chown postgres:postgres /etc/pgbouncer.ini \
|
|
&& chmod 0644 /etc/pgbouncer.ini \
|
|
&& chmod 0644 /etc/cgconfig.conf
|
|
|
|
COPY --from=libcgroup-builder /libcgroup-install/bin/* /usr/bin/
|
|
COPY --from=libcgroup-builder /libcgroup-install/lib/* /usr/lib/
|
|
COPY --from=libcgroup-builder /libcgroup-install/sbin/* /usr/sbin/
|
|
COPY --from=postgres-exporter /bin/postgres_exporter /bin/postgres_exporter
|
|
COPY --from=pgbouncer /usr/local/pgbouncer/bin/pgbouncer /usr/local/bin/pgbouncer
|