Infrastructure as Code

Describe and materialize everything with Code & Data

Manage your entire PostgreSQL infrastructure declaratively. Version control, GitOps workflows, and reproducible deployments.

Declarative API

Define infrastructure as YAML. What you see is what you get - predictable and versionable.

Idempotent Operations

Run playbooks multiple times safely. Converge to desired state regardless of current state.

GitOps Ready

Version control everything. Review changes, rollback mistakes, collaborate with confidence.

The Power of Declarative Infrastructure

🎯 Intent, Not Implementation

Describe what you want, not how to get there. Pigsty figures out the steps to transform current state to desired state.

# Simply declare what you want
pg_cluster: pg-app
pg_databases:
  - { name: app }
pg_users:
  - { name: app_user }

🔄 Reproducible Everywhere

Same configuration produces identical infrastructure. Dev, staging, production - all from the same source of truth.

# Deploy anywhere
./pgsql.yml -i dev.yml    # Development
./pgsql.yml -i stage.yml  # Staging
./pgsql.yml -i prod.yml   # Production

From Zero to Production in One File

Complete production cluster configuration in a single YAML file:

---
# Infrastructure Nodes
infra:
  hosts:
    10.10.10.10: { infra_seq: 1 }
  vars:
    # Monitoring stack configuration
    prometheus_data_dir: /data/prometheus
    grafana_admin_password: admin
    loki_data_dir: /data/loki

# Etcd Cluster for HA
etcd:
  hosts:
    10.10.10.10: { etcd_seq: 1 }
    10.10.10.11: { etcd_seq: 2 }
    10.10.10.12: { etcd_seq: 3 }
  vars:
    etcd_cluster: etcd

# PostgreSQL Application Cluster
pg-app:
  hosts:
    10.10.10.20: { pg_seq: 1, pg_role: primary }
    10.10.10.21: { pg_seq: 2, pg_role: replica }
    10.10.10.22: { pg_seq: 3, pg_role: replica, pg_offline_query: true }
  vars:
    pg_cluster: pg-app
    
    # Cluster Configuration
    pg_version: 16
    pg_vip_enabled: true
    pg_vip_address: 10.10.10.25/24
    pg_vip_interface: eth0
    
    # Databases
    pg_databases:
      - name: app
        owner: app_owner
        template: template1
        encoding: UTF8
        locale: en_US.UTF-8
        extensions:
          - { name: pg_stat_statements, schema: public }
          - { name: pgvector, schema: public }
          - { name: timescaledb }
    
    # Users
    pg_users:
      - name: app_owner
        password: SecurePass123
        superuser: false
        roles: [dbrole_admin]
        
      - name: app_user
        password: AppPass456
        login: true
        roles: [dbrole_readwrite]
        pgbouncer: true
        
      - name: app_reader
        password: ReadOnly789
        login: true
        roles: [dbrole_readonly]
        pgbouncer: true
    
    # Access Control
    pg_hba_rules:
      - { user: app_owner, db: app, addr: 10.10.10.0/24, auth: md5 }
      - { user: app_user, db: app, addr: 10.10.10.0/24, auth: md5 }
      - { user: app_reader, db: app, addr: 10.10.10.0/24, auth: md5 }
    
    # Backup Configuration
    pgbackrest_enabled: true
    pgbackrest_method: minio
    pg_backup_retention_days: 7
    
    # Performance Tuning
    pg_conf: oltp.yml  # Use OLTP optimized configuration
    
    # Monitoring
    pg_exporter_enabled: true
    pg_exporter_port: 9630

# Deploy with one command:
# ./install.yml -i production.yml

GitOps Workflow

📝 Edit

Modify YAML configuration in your IDE

🔍 Review

Create PR for team review

✅ Test

CI/CD validates changes

🚀 Deploy

Merge triggers deployment

📊 Monitor

Observe infrastructure state

Advanced IaC Features

Database Migration

Schema migrations as code. Version control DDL changes with baseline scripts and migrations.

Security Policies

Define ACLs, SSL requirements, and encryption policies declaratively. Audit trail included.

Configuration Templates

Pre-built templates for OLTP, OLAP, and specialized workloads. Customize and extend as needed.

Rolling Updates

Zero-downtime configuration changes. Update clusters without service interruption.

Environment Promotion

Promote configurations from dev to prod. Environment-specific overrides supported.

API Integration

REST API for programmatic control. Integrate with CI/CD pipelines and automation tools.

IaC Approach Comparison

Aspect	Manual Scripts	Kubernetes Operators	Pigsty IaC
Learning Curve	Low	High	Medium
Reproducibility	Poor	Good	Excellent
Idempotency	❌	✅	✅
GitOps Support	Manual	Native	Native
Infrastructure Scope	Database Only	Kubernetes Only	Full Stack
Bare Metal Support	✅	❌	✅
Database Features	Basic	Limited	Complete

Transform Your Infrastructure Management

Stop clicking through UIs and running ad-hoc scripts. Define your infrastructure once, deploy anywhere, version everything.

Learn IaC Concepts View Examples

PIGSTY

PostgreSQL In Great STYle