Complete Example - PostgreSQL HA Cluster This example deploys a complete PostgreSQL HA cluster on OCI including:
A dedicated compartment
KMS vault and encryption key
The PostgreSQL HA cluster module (2 PostgreSQL nodes + 1 etcd witness)
Network Load Balancer for client connections
OCI tenancy with appropriate permissions
An existing VCN and private subnet
SSH key pair for instance access
Terraform >= 1.5
OCI CLI configured (or API key credentials)
Copy the example tfvars file and fill in your values:
cp terraform.tfvars.example terraform.tfvars
# Edit terraform.tfvars with your OCI credentials and resource OCIDs
Initialize and deploy:
terraform init
terraform plan
terraform apply
After deployment (allow 5-10 minutes for user-data scripts):
# Check cluster status via SSH to any PostgreSQL node< node1_ip>
sudo -u postgres patronictl -c /etc/patroni.yml list
Name
Description
Type
Default
region
OCI region
string
-
tenancy_ocid
OCI Tenancy OCID
string
-
user_ocid
OCI User OCID
string
-
fingerprint
Base64-encoded API key fingerprint
string
-
oci_prv_key
Base64-encoded OCI API private key
string
-
compartment_id
OCI Compartment OCID
string
-
vcn_id
VCN OCID
string
-
subnet_id
Private subnet OCID
string
-
subnet_cidr
Subnet CIDR block
string
10.0.2.0/24
prefix
Resource name prefix
string
demo
environment
Environment name
string
dev
cluster_name
Patroni cluster name
string
POSTGRES-HA
family_shape
OCI compute shape
string
VM.Standard.E4.Flex
postgres_instance_specs
Instance CPU/memory
object
{ocpus=4, memory=32}
ssh_authorized_keys_postgres
Base64-encoded SSH public keys
list(string)
-
Name
Description
load_balancer_ip
NLB IP addresses
postgres_instance_ids
PostgreSQL instance OCIDs
postgres_private_ips
PostgreSQL instance private IPs
witness_instance_id
etcd witness instance OCID
witness_private_ip
etcd witness private IP
nsg_id
Network Security Group OCID