Hello all, I have recently been working with PostgreSQL and HAProxy to provide seamless load balancing to a group of database servers. This on it's own isn't a hard thing: I have an implementation finished and am now thinking about the best way to bring it to a production ready state which could be used by others, and used in load-balancers other than HAProxy with minimal config changes.
My initial requirements were: Given a group of PostgreSQL servers check each x seconds and: - Allow read/write access only to the master server (via IPA / portA) - Disallow access if there are multiple master servers - Allow read access to all servers (via IPB / portB) as long as the following holds: - They are attached to the current master server via streaming replication (or they are the current master server) - They can currently contact the master server (safest option, disallow all access when master-less) - They are in the same timeline as the master server (do I need this check?) - The master server reports that they have less than x bytes lag HAProxy can talk to PostgreSQL for a health check via TCP or PSQL (connection check only). Neither of these allow the logic above - therefore this logic has to be hosted outside of HAProxy. This might change in the future if HAProxy gets the ability to send SQL statements (like an F5 can). Today the best way to provide this information to HAProxy (and many other load balancers, application frameworks, proxies, monitoring solutions) is via HTTP, where HTTP 200 is pass the check and HTTP 503 is fail the check (and don't load balance to this node). In my case I have a script which accepts HTTP requests to /read to check if this node is available for read only and /write which checks if this node is available for read/writes. The options as I see them are: - Implement a script / small app which connects to PostgreSQL and executes these checks - Implemented and proven today at many independent sites - Should it run on HAProxy server or PSQL server? - Integrated HTTP server or x.inetd script? - Platform independence? - What if it dies? - Implement a custom PostgreSQL BGworker which provides this information over HTTP - No outside of PostgreSQL config needed - No reliance on another daemon / interface being up - libmicrohttpd or similar should help with platform independence - Security / acceptance by community? - Only newer versions of PostgreSQL - Spend the time working on getting SQL checks into HAProxy - What about other platforms which only support HTTP? I think all of the options would benefit from a PSQL extension which does the following: - Encapsulates the check logic (easier to upgrade, manipulate) - Stores historic check data for a number of hours / days / months - Stores defaults (override via HTTP could be possible for things like lag) Does anyone else have any thoughts on this topic? Eventually many cool features could flow out of this kind of work: - Integration with High Availability products - I have this working with EnterpriseDB EFM now. - Locate the current master using the HA product - more than one master doesn't cause loss of service as long as HA state is sane - Locate all clustered standby servers using the HA product - if a standby is removed from the HA cluster, it is removed from load balancing - if a standby is not part of the cluster, it is removed from load balancing (even if it is part of streaming replication) - HTTP replication status requests which facilitate dynamically managing HAProxy (or other) PostgreSQL server pools - Add a node to streaming replication, it automatically shows up in the pool and starts being checked to see if it can service reads - Great for cloud scale out - Allocation of additional load balancer groups based on some criteria (?), for example - read/write (as above) - read only (as above) - data warehouse (reporting reads only) - DR (replica with no reads or writes - until it becomes a master) Keen to hear comments. Cheers, James Sewell, Solutions Architect ______________________________________ Level 2, 50 Queen St, Melbourne VIC 3000 *P *(+61) 3 8370 8000 *W* www.lisasoft.com *F *(+61) 3 8370 8099 -- ------------------------------ The contents of this email are confidential and may be subject to legal or professional privilege and copyright. No representation is made that this email is free of viruses or other defects. If you have received this communication in error, you may not copy or distribute any part of it or otherwise disclose its contents to anyone. Please advise the sender of your incorrect receipt of this correspondence.