From 4a869998d1541714b9c606e3799b1e77d74500e2 Mon Sep 17 00:00:00 2001
From: Hao Liu <44379968+TheRealHaoLiu@users.noreply.github.com>
Date: Thu, 4 May 2023 13:11:33 -0400
Subject: [PATCH] Add ability to configure postgres keepalives settings

Co-Authored-By: Gabriel Muniz <gmuniz@redhat.com>
Co-Authored-By: Rick Elrod <rick@elrod.me>
---
 config/crd/bases/awx.ansible.com_awxs.yaml    | 19 ++++++++++++++++++
 .../awx-operator.clusterserviceversion.yaml   | 20 +++++++++++++++++++
 roles/installer/defaults/main.yml             |  6 ++++++
 .../templates/settings/credentials.py.j2      |  8 ++++++++
 4 files changed, 53 insertions(+)

diff --git a/config/crd/bases/awx.ansible.com_awxs.yaml b/config/crd/bases/awx.ansible.com_awxs.yaml
index 53bf64ff..728d6eee 100644
--- a/config/crd/bases/awx.ansible.com_awxs.yaml
+++ b/config/crd/bases/awx.ansible.com_awxs.yaml
@@ -1596,6 +1596,25 @@ spec:
                 type: array
                 items:
                   type: string
+              postgres_keepalives:
+                description: Controls whether client-side TCP keepalives are used for Postgres connections.
+                default: true
+                type: boolean
+              postgres_keepalives_count:
+                description: Controls the number of TCP keepalives that can be lost before the client's connection to the server is considered dead.
+                type: integer
+                default: 5
+                format: int32
+              postgres_keepalives_idle:
+                description: Controls the number of seconds of inactivity after which TCP should send a keepalive message to the server.
+                type: integer
+                default: 5
+                format: int32
+              postgres_keepalives_interval:
+                description: Controls the number of seconds after which a TCP keepalive message that is not acknowledged by the server should be retransmitted.
+                type: integer
+                default: 5
+                format: int32
               ca_trust_bundle:
                 description: Path where the trusted CA bundle is available
                 type: string
diff --git a/config/manifests/bases/awx-operator.clusterserviceversion.yaml b/config/manifests/bases/awx-operator.clusterserviceversion.yaml
index eaeba90c..8ca91e99 100644
--- a/config/manifests/bases/awx-operator.clusterserviceversion.yaml
+++ b/config/manifests/bases/awx-operator.clusterserviceversion.yaml
@@ -483,6 +483,26 @@ spec:
         x-descriptors:
         - urn:alm:descriptor:com.tectonic.ui:advanced
         - urn:alm:descriptor:com.tectonic.ui:hidden
+      - displayName: Enable Postgres Keepalives
+        path: postgres_keepalives
+        x-descriptors:
+        - urn:alm:descriptor:com.tectonic.ui:advanced
+        - urn:alm:descriptor:com.tectonic.ui:hidden
+      - displayName: Postgres Keepalives Count
+        path: postgres_keepalives_count
+        x-descriptors:
+        - urn:alm:descriptor:com.tectonic.ui:advanced
+        - urn:alm:descriptor:com.tectonic.ui:hidden
+      - displayName: Postgres Keepalives Idle
+        path: postgres_keepalives_idle
+        x-descriptors:
+        - urn:alm:descriptor:com.tectonic.ui:advanced
+        - urn:alm:descriptor:com.tectonic.ui:hidden
+      - displayName: Postgres Keepalives Interval
+        path: postgres_keepalives_interval
+        x-descriptors:
+        - urn:alm:descriptor:com.tectonic.ui:advanced
+        - urn:alm:descriptor:com.tectonic.ui:hidden
       - displayName: Certificate Authorirty Trust Bundle
         path: ca_trust_bundle
         x-descriptors:
diff --git a/roles/installer/defaults/main.yml b/roles/installer/defaults/main.yml
index 70f27785..242c6e83 100644
--- a/roles/installer/defaults/main.yml
+++ b/roles/installer/defaults/main.yml
@@ -384,6 +384,12 @@ projects_existing_claim: ''
 # Define postgres configuration arguments to use
 postgres_extra_args: ''
 
+# Configure postgres connection keepalive
+postgres_keepalives: true
+postgres_keepalives_idle: 5
+postgres_keepalives_interval: 5
+postgres_keepalives_count: 5
+
 # Define the storage_class, size and access_mode
 # when not using an existing claim
 projects_storage_size: 8Gi
diff --git a/roles/installer/templates/settings/credentials.py.j2 b/roles/installer/templates/settings/credentials.py.j2
index 53e8fde1..9b3241d2 100644
--- a/roles/installer/templates/settings/credentials.py.j2
+++ b/roles/installer/templates/settings/credentials.py.j2
@@ -10,6 +10,14 @@ DATABASES = {
         'OPTIONS': { 'sslmode': '{{ awx_postgres_sslmode }}',
 {% if awx_postgres_sslmode in ['verify-ca', 'verify-full'] %}
                      'sslrootcert': '{{ ca_trust_bundle }}',
+{% endif %}
+{% if postgres_keepalives %}
+                     'keepalives': 1,
+                     'keepalives_idle': {{ postgres_keepalives_idle }},
+                     'keepalives_interval': {{ postgres_keepalives_interval }},
+                     'keepalives_count': {{ postgres_keepalives_count }},
+{% else %}
+                     'keepalives': 0,
 {% endif %}
         },
     }