[PDB-4637] Lock out the puppetdb data user during migration - Puppet Jira Server

XML

Word

Printable

Epic Link:
Multi-PuppetDB Migration Coordination
Team:
HA
Story Points:
1
Sprint:
HA Team 2020-03-11, HA Team 2020-03-25, HA Team 2020-04-08, HA Team 2020-04-22 (SS 4/15), HA Team 2020-05-05

Release Notes:
New Feature
Release Notes Summary:

Hide
PuppetDB can now be configured to attempt to prevent concurrent migrations or any access to a database that's in an unexpected format, either too new or too old. See the [documentation](https://puppet.com/docs/puppetdb/latest/configure.html#coordinating-database-migrations) for further information. ([~~PDB-4636~~](https://tickets.puppetlabs.com/browse/PDB-4636) [~~PDB-4637~~](https://tickets.puppetlabs.com/browse/PDB-4637) [~~PDB-4639~~](https://tickets.puppetlabs.com/browse/PDB-4639))

Show
PuppetDB can now be configured to attempt to prevent concurrent migrations or any access to a database that's in an unexpected format, either too new or too old. See the [documentation]( https://puppet.com/docs/puppetdb/latest/configure.html#coordinating-database-migrations ) for further information. ([ PDB-4636 ]( https://tickets.puppetlabs.com/browse/PDB-4636 ) [ PDB-4637 ]( https://tickets.puppetlabs.com/browse/PDB-4637 ) [ PDB-4639 ]( https://tickets.puppetlabs.com/browse/PDB-4639) )

When the puppetdb migrator is performing a migration it needs to ensure the data role is not connected to the database.

The new migration workflow should look like

To disconnect the data role's database connection(s)

SELECT pg_terminate_backend(pid)

FROM pg_stat_activity

WHERE datname='<puppetdb/pe-puppetdb>'

      AND usename!='<puppetdb migrator role>';

causes

PDB-4893 Migration User check fails for Azure based postgresql servers