Hacker News new | past | comments | ask | show | jobs | submit login
Ask HN: Best way to set up self-managed Postgres clusters?
26 points by samokhvalov 8 months ago | hide | past | favorite | 16 comments
Imagine you need to set up 100 Postgres clusters on Linux machines – self-managed, not RDS or CloudSQL or Azure or anything.

What's the best path in YOUR opinion?

1) apt/yum/... install

2) docker / docker-compose

3) kubernetes




There's no amount of money you could pay me to do this with Kubernetes. Like, you could offer me double my salary, and I'd laugh.

The only answer that makes any sense here is Ansible.

Arguments:

Way simpler

Can fall back to using plain SSH if things goes really wrong

No vendor lock in

One less bit of technology in the mix to go wrong

Very boring, which means very reliable


What’s wrong with wrapping all in docker compose? Delivered to hosts by Ansible


Do they need to interconnect, or are they all standalone?

How big are these instances expected to get for the next few years?

OLTP, OLAP, warehouse, or a combo?

What's your budget?

What is your team most familiar with?

Will they be publicly exposed for shared hosting? Or behind a VPN/VPC serving only your employer?

Has anyone had a good time using Docker for something like this? (I haven't but the paravirt persistence may have gotten better?)


You may try kubeblocks(kubeblocks.io), a database control plane that can run almost any database on K8s.


Clusters? So with replication, leader election, load balancing, whole shebang? Kubernetes, with the help of one of the battle tested operators.


Yes

But why? Patroni is great for HA and it doesn't require k8s.


Because there's so much to properly running it. Individual component updates, network policies, certificates, backups, monitoring, authorization, authentication, secret management. Kubernetes makes it all relatively easy and k3s (or k0s) ain't that scary.

K3s, Calico (or whatever you prefer), Istio with cert-manager and self-manager CA (or whatever you prefer for your service mesh), kube-prometheus, OTEL or Jaeger for the mesh visibility, pick the operator (I used Crunchy Data operator but there are at least two other solid choices), will get one far at low cost. Of course, use reliable infrastructure provider of one's choice.

No need to think about placement (one still can if they want to), addressing, firewalling, DNS, IP assignment, and so on. Add nodes to the cluster as necessary and let it sort itself out.

Some understanding of Kubernetes is necessary, indeed. But it's a stack usable every time once learned.


~~

Context: https://twitter.com/samokhvalov/status/1771573110858269014

~1000 votes in just one day – obviously, this is an attractive topic to discuss, so wanted to have a thoughtful conversation here on HN.


Sorry but do you mean nodes or clusters? Anyway at this scale you are definitely looking into managed services from cloud providers or using Kubernetes. 1 and 2 is not an option because of the maintenance burden. Rolling out upgrades and resource allocation is going to be very hard without Kubernetes.


Clusters with HA, backups and so on


(after clicking through context...) There's no amount of money you could pay me to do this with Ansible. Like, you could offer me double my salary, and I'd laugh.

The only answer that makes any sense here is Kubernetes.


So... Ansible isn't the thing hosting the thing. It talks to APIs; K8s is one of many it can handle!

This reads like a brazen misunderstanding/misrepresentation of Ansible.

Like... imagine the position of Terraform, a Kubernetes darling, and that's it.

I could especially see Ansible being used when not buying toy clusters, but building your own. I don't know how useful CRUD on the objects like deployments would be. Enough to do the job.

Point being, Kubernetes doesn't exclude Ansible in the slightest, whatsoever.

This was just enough for me to post... they aren't mutually exclusive. It's yet another layer of yaml to throw at the declaration problem.

Where/what/how is entirely up to the user. I'll take your money and then move on to the next thing to manage


No, I know what Ansible is, thanks. I've written and maintained Ansible playbooks. I respect myself, my team, and my customers and deploy statelessly with NixOS. My life is significantly easier than it was in the salt/Ansible days and there's no amount of money worth those headaches.

> It's yet another layer of yaml to throw at the declaration problem.

Really, my head is already starting to hurt. I KNOW.

> This was just enough for me to post... they aren't mutually exclusive.

I'm sorry but there's no fucking good reason to templatize k8s yaml into Jinja/Ansible. Just hell no. Just more Ansible Things that look like a solution because folks don't actually know k8s.


This whole thing is based on a perceived false dichotomy of Ansible/K8s

I'm not saying using Ansible for K8s is necessarily a good idea, just that laughing because it's mentioned in the same neighborhood is hardly reasonable

I'd gladly use it for node-level tasks, for example - in the cluster I'd be less excited.

Custom facts are neat. The module library is neat. Possibilities are too, dismissive nature isn't


Why, indeed?


Why?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: