PG-1127 Rewamped HA solution (17)

docs/apt.md

@@ -140,12 +140,17 @@ Run all the commands in the following sections as root or using the `sudo` comma
 
           Install `pg_gather`
 
-
           ```{.bash data-prompt="$"}
           $ sudo apt install percona-pg-gather
           ```
 
-          Some extensions require additional setup in order to use them with Percona Distribution for PostgreSQL. For more information, refer to [Enabling extensions](enable-extensions.md).
+          Install `pgvector`
+
+          ```{.bash data-prompt="$"}
+-         $ sudo apt install percona-postgresql-{{pgversion}}-pgvector
+          ```
+
+        Some extensions require additional setup in order to use them with Percona Distribution for PostgreSQL. For more information, refer to [Enabling extensions](enable-extensions.md).
 
 ### Start the service
 

docs/css/design.css

@@ -142,6 +142,16 @@
     --md-typeset-table-color: hsla(var(--md-hue),0%,100%,0.25)
 }
 
+[data-md-color-scheme="percona-light"] img[src$="#only-dark"],
+[data-md-color-scheme="percona-light"] img[src$="#gh-dark-mode-only"] {
+  display: none; /* Hide dark images in light mode */
+}
+
+[data-md-color-scheme="percona-dark"] img[src$="#only-light"],
+[data-md-color-scheme="percona-dark"] img[src$="#gh-light-mode-only"] {
+  display: none; /* Hide light images in dark mode */
+}
+
 /* Typography */
 
 .md-typeset {
@@ -269,6 +279,7 @@
     vertical-align: baseline;
     padding: 0 0.2em 0.1em;
     border-radius: 0.15em;
+    white-space: pre-wrap;   /* Ensure long lines wrap */
 }
 .md-typeset .highlight code span,
 .md-typeset code,

docs/docker.md

@@ -27,6 +27,7 @@ For more information about using Docker, see the [Docker Docs :octicons-link-ext
     | `percona-pgaudit{{pgversion}}_set_user`| An additional layer of logging and control when unprivileged users must escalate themselves to superuser or object owner roles in order to perform needed maintenance tasks.|
     | `percona-pg_repack{{pgversion}}`| rebuilds PostgreSQL database objects.| 
     | `percona-wal2json{{pgversion}}` | a PostgreSQL logical decoding JSON output plugin.|
+    | `percona-pgvector`              |  A vector similarity search for PostgreSQL|
 
 ## Start the container {.power-number}
 
@@ -97,6 +98,71 @@ Where:
 `tag-multi` is the tag specifying the version you need. For example, `{{dockertag}}-multi`. The `multi` part of the tag serves to identify the architecture (x86_64 or ARM64) and pull the respective image. 
 * `address` is the network address where your database container is running. Use 127.0.0.1, if the database container is running on the local machine/host.   
 
+## Enable encryption
+
+Percona Distribution for PostgreSQL Docker image includes the `pg_tde` extension to provide data encryption. You must explicitly enable it when you start the container. 
+
+Here's how to do this:
+{.power-number}
+
+1. Start the container with the `ENABLE_PG_TDE=1` environment variable:
+
+    ```{.bash data-prompt="$"}
+    $ docker run --name container-name -e ENABLE_PG_TDE=1 -e POSTGRES_PASSWORD=sUpers3cRet  -d percona/percona-distribution-postgresql:{{dockertag}}-multi
+    ```
+
+    where:
+
+    * `container-name` is the name you assign to your container
+    * `ENABLE_PG_TDE=1` adds the `pg_tde` to the `shared_preload_libraries` and enables the custom storage manager
+    * `POSTGRES_PASSWORD` is the superuser password 
+
+
+2. Connect to the container and start the interactive `psql` session:
+
+    ```{.bash data-prompt="$"}
+    $ docker exec -it container-name psql
+    ```
+
+    ??? example "Sample output"
+
+        ```{.text .no-copy}
+        psql ({{dockertag}} - Percona Server for PostgreSQL {{dockertag}}.1)
+        Type "help" for help.
+
+        postgres=#
+        ```
+
+3. Create the extension in the database where you want to encrypt data. This requires superuser privileges.
+
+    ```sql
+    CREATE EXTENSION pg_tde;
+    ```
+
+4. Configure a key provider. In this sample configuration intended for testing and development purpose, we use a local keyring provider. 
+
+    For production use, set up an external key management store and configure an external key provider. Refer to the [Setup :octicons-link-external-16:](https://percona.github.io/pg_tde/main/setup.html#key-provider-configuration) chapter in the `pg_tde` documentation.
+
+    <i warning>:material-information: Warning:</i> This example is for testing purposes only:
+
+	```sql
+	SELECT pg_tde_add_key_provider_file('file-keyring','/tmp/pg_tde_test_local_keyring.per');
+    ```
+
+5. Add a principal key
+
+    ```sql
+    SELECT pg_tde_set_principal_key('test-db-master-key','file-keyring');
+    ```
+
+    The key is autogenerated. You are ready to use data encryption.
+
+6. Create a table with encryption enabled. Pass the `USING tde_heap` clause to the `CREATE TABLE` command:
+
+    ```sql
+    CREATE TABLE <table_name> (<field> <datatype>) USING tde_heap;
+    ```
+
 ## Enable `pg_stat_monitor`
 
 To enable the `pg_stat_monitor` extension after launching the container, do the following:

docs/enable-extensions.md

@@ -137,6 +137,14 @@ wal_level = logical
 
 Start / restart the server to apply the changes.
 
+## pgvector
+
+To get started, enable the extension for the database where you want to use it:
+
+```sql
+CREATE EXTENSION vector;
+```
+
 ## Next steps 
 
 [Connect to PostgreSQL :material-arrow-right:](connect.md){.md-button}

docs/minor-upgrade.md

@@ -24,6 +24,24 @@ Minor upgrade of Percona Distribution for PostgreSQL includes the following step
 
     Before the upgrade, [update the `percona-release` :octicons-link-external-16:](https://www.percona.com/doc/percona-repo-config/percona-release.html#updating-percona-release-to-the-latest-version) utility to the latest version. This is required to install the new version packages of Percona Distribution for PostgreSQL. 
 
+## Before you start
+
+1. [Update the `percona-release` :octicons-link-external-16:](https://www.percona.com/doc/percona-repo-config/percona-release.html#updating-percona-release-to-the-latest-version) utility to the latest version. This is required to install the new version packages of Percona Distribution for PostgreSQL. 
+
+2. Starting with version 17.2.1, `pg_tde` is part of the Percona Server for PostgreSQL package. If you installed `pg_tde` from its dedicated package, do the following to avoid conflicts during the upgrade:
+
+    * Drop the extension using the `DROP EXTENSION` with `CASCADE` command.
+
+       <i warning>:material-alert: Warning:</i> The use of the `CASCADE` parameter deletes all tables that were created in the database with `pg_tde` enabled and also all dependencies upon the encrypted table (e.g. foreign keys in a non-encrypted table used in the encrypted one).    
+
+       ```sql
+       DROP EXTENSION pg_tde CASCADE
+       ```
+
+    * Uninstall the `percona-postgresql-17-pg-tde` package for Debian/Ubuntu or the `percona-pg_tde_17` package for RHEL and derivatives. 
+
+## Procedure
+
 Run **all** commands as root or via **sudo**:
 {.power-number}
 

docs/release-notes-v17.2.md

@@ -0,0 +1,48 @@
+# Percona Distribution for PostgreSQL 17.2.1 ({{date.17_2}})
+
+--8<-- "release-notes-intro.md"
+
+This release of Percona Distribution for PostgreSQL is based on Percona Server for PostgreSQL 17.2.1 - a binary compatible, open source drop in replacement of [PostgreSQL Community 17.2](https://www.postgresql.org/docs/17/release-17-2.html). 
+
+## Release Highlights
+
+* This release includes fixes for [CVE-2024-10978](https://www.postgresql.org/support/security/CVE-2024-10978/) and for certain PostgreSQL extensions that break because they depend on the modified Application Binary Interface (ABI). These regressions were introduced in PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21. For this reason, the release of Percona Distribution for PostgreSQL 17.1.1 has been skipped. 
+* Percona Distribution for PostgreSQL includes [`pgvector` :octicons-link-external-16](https://github.com/pgvector/pgvector) - an open source extension that enables you to use PostgreSQL as a vector database. It brings vector data type and vector operations (mainly similarity search) to PostgreSQL. You can install `pgvector` from repositories, tarballs, and it is also available as a Docker image.
+* The new version of `pg_tde` extension features index encryption and the support of storing encryption keys in KMIP-compatible servers. These feature come with the Beta version of the `tde_heap` access method. Learn more in the [pg_tde release notes :octicons-link-external-16:](https://percona.github.io/pg_tde/main/release-notes/release-notes.html)
+* The `pg_tde` extension itself is now a part of the Percona Server for PostgreSQL server package and a Docker image. If you installed the extension before, from its individual package, uninstall it first to avoid conflicts during the upgrade. See the [Minor Upgrade of Percona Distribution for PostgreSQL](minor-upgrade.md#preconditions) for details.
+For how to run `pg_tde` in Docker, check the [Enable encryption](docker.md#enable-encryption) section in the documentation.
+*  Percona Distribution for PostgreSQL now statically links `llvmjit.so` library for Red Hat Enterprise Linux 8 and 9 and compatible derivatives. This resolves the conflict between the LLVM version required by Percona Distribution for PostgreSQL and the one supplied with the operating system. This also enables you to use the LLVM modules supplied with the operating system for other software you require.
+* Percona Monitoring and Management (PMM) 2.43.2 is now compatible with `pg_stat_monitor` 2.1.0 to monitor PostgreSQL 17. 
+
+------------------------------------------------------------------------------
+
+
+The following is the list of extensions available in Percona Distribution for PostgreSQL.
+
+| Extension           | Version        | Description                  |
+| ------------------- | -------------- | ---------------------------- |
+| [etcd](https://etcd.io/)| 3.5.16 | A distributed, reliable key-value store for setting up high available Patroni clusters |
+|[HAProxy :octicons-link-external-16:](http://www.haproxy.org/) | 2.8.11 | a high-availability and load-balancing solution |
+| [Patroni :octicons-link-external-16:](https://patroni.readthedocs.io/en/latest/) | 4.0.3 | a HA (High Availability) solution for PostgreSQL |
+| [PgAudit :octicons-link-external-16:](https://www.pgaudit.org/)             | 17.0   | provides detailed session or object audit logging via the standard logging facility provided by PostgreSQL                |
+| [pgAudit set_user :octicons-link-external-16:](https://github.com/pgaudit/set_user)| 4.1.0 | provides an additional layer of logging and control when unprivileged users must escalate themselves to superusers or object owner roles in order to perform needed maintenance tasks.|
+| [pgBackRest :octicons-link-external-16:](https://pgbackrest.org/)           | 2.54.0    | a backup and restore solution for PostgreSQL       |
+|[pgBadger :octicons-link-external-16:](https://github.com/darold/pgbadger)   | 12.4     | a fast PostgreSQL Log Analyzer.|
+|[PgBouncer :octicons-link-external-16:](https://www.pgbouncer.org/)          |1.23.1    | a lightweight connection pooler for PostgreSQL|
+| [pg_gather :octicons-link-external-16:](https://github.com/jobinau/pg_gather)| v28     | an SQL script for running the diagnostics of the health of PostgreSQL cluster |
+| [pgpool2 :octicons-link-external-16:](https://git.postgresql.org/gitweb/?p=pgpool2.git;a=summary) | 4.5.4 | a middleware between PostgreSQL server and client for high availability, connection pooling and load balancing.|
+| [pg_repack :octicons-link-external-16:](https://github.com/reorg/pg_repack) | 1.5.1   | rebuilds PostgreSQL database objects           |
+| [pg_stat_monitor :octicons-link-external-16:](https://github.com/percona/pg_stat_monitor)|{{pgsmversion}} | collects and aggregates statistics for PostgreSQL and provides histogram information.|
+|[pgvector :octicons-link-external-16:](https://github.com/pgvector/pgvector)| v0.8.0 | A vector similarity search for PostgreSQL|
+| [PostGIS :octicons-link-external-16:](https://github.com/postgis/postgis) | 3.3.7 | a spatial extension for PostgreSQL.|
+| [PostgreSQL Common :octicons-link-external-16:](https://salsa.debian.org/postgresql/postgresql-common)| 265 | PostgreSQL database-cluster manager. It provides a structure under which multiple versions of PostgreSQL may be installed and/or multiple clusters maintained at one time.|
+|[wal2json :octicons-link-external-16:](https://github.com/eulerto/wal2json)  |2.6       | a PostgreSQL logical decoding JSON output plugin|
+
+For Red Hat Enterprise Linux 8 and 9 and compatible derivatives, Percona Distribution for PostgreSQL also includes the following packages:
+
+* `llvm` 17.0.6 packages. This fixes compatibility issues with LLVM from upstream.
+* supplemental `python3-etcd` 0.4.5 packages, which can be used for setting up Patroni clusters. 
+
+Percona Distribution for PostgreSQL is also shipped with the [libpq](https://www.postgresql.org/docs/17/libpq.html) library. It contains "a set of
+library functions that allow client programs to pass queries to the PostgreSQL
+backend server and to receive the results of these queries." 

docs/release-notes.md

@@ -1,3 +1,4 @@
 # Percona Distribution for PostgreSQL release notes 
 
-* [Percona Distribution for PostgreSQL 17](release-notes-v17.0.md) ({{date.17_0}})
+* [Percona Distribution for PostgreSQL 17.2.1](release-notes-v17.2.md) ({{date.17_2}})
+* [Percona Distribution for PostgreSQL 17.0.1](release-notes-v17.0.md) ({{date.17_0}})

docs/solutions/dr-pgbackrest-setup.md

@@ -239,7 +239,7 @@ log-level-console=info
 log-level-file=debug
 
 [prod_backup]
-pg1-path=/var/lib/postgresql/14/main
+pg1-path=/var/lib/postgresql/{{pgversion}}/main
 ```