v4.0.0-b3 #665

Vonng · 2025-12-26T15:20:58Z

Vonng
Dec 26, 2025
Maintainer

curl https://pigsty.cc/get | bash

GitHub Release: https://github.com/pgsty/pigsty/releases/tag/v4.0.0-b3

Highlights

Complete Infra module overhaul with Victoria Observability stack delivering 10x performance improvement!
Logging solution upgraded to VictoriaLogs + Vector with epic performance and usability enhancements!
Pigsty UI integration providing a seamless unified experience
Global security improvements with firewall, SELinux, and permission hardening
Docker container version available for quick evaluation
Instant database cloning capability

Software Versions

Infrastructure Packages

MinIO now uses Pigsty-maintained RPM/DEB packages:

victoria-metrics: 1.132.0
victoria-logs: 1.41.0
blackbox_exporter: 0.28.0
duckdb: 1.4.3
rclone: 1.72.1
pev2: 1.19.0
pg_exporter: 1.1.0
pig: 0.8.0
genai-toolbox: 0.23.0
minio: 20251203120000
uv: 0.9.18 (new package)
ccm (claude mgr): 2.0.76

PostgreSQL Extension Packages

pg_textsearch: 0.1.0 (new extension)
pg_clickhouse: 0.1.0 (new extension)
pg_ai_query: 0.1.1 (new extension)
timescaledb: 2.23.1 -> 2.24.0
pg_search: 0.20.0 -> 0.20.4
pg_duckdb: 1.1.0 -> 1.1.1 (official release)
pg_biscuit: 1.0 -> 2.0.1 (repository renamed)
pg_convert: 0.0.4 -> 0.0.5 (removed PG13 support)
pgdd: 0.6.0 -> 0.6.1 (removed PG13 support)
pglinter: 1.0.0 -> 1.0.1
pg_session_jwt: 0.3.3 -> 0.4.0
pg_anon: 2.4.1 -> 2.5.1
pg_enigma: 0.4.0 -> 0.5.0
wrappers: 0.5.6 -> 0.5.7
pg_vectorize: 0.25.0 -> 0.26.0
vchord_bm25: 0.2.2 -> 0.3.0
pg_timeseries: 0.1.7 -> 0.1.8

Fixed PG18 Deb packages: pg_vectorize, pg_tiktoken, pg_tzf, pglite_fusion, pgsmcrypto, pgx_ulid, plprql, pg_summarize, supautils

Observability

Replaced Prometheus with VictoriaMetrics for 10x performance with a fraction of the resources
New logging solution: VictoriaLogs + Vector replacing Promtail + Loki
Unified log format across all components, PG logs use UTC timestamps (log_timezone)
Adjusted PostgreSQL log rotation to weekly truncation mode
Log temp files larger than 1MB, enable PG17/18 log params in specific templates
Added Vector log parsing for Nginx Access/Error, Syslog, PG CSV, Pgbackrest
Datasource registration now runs on all Infra nodes, Victoria datasources auto-register in Grafana
New grafana_pgurl parameter to specify PostgreSQL as Grafana metadata backend
New grafana_view_pgpass parameter for Grafana Meta datasource password

Parameter Optimization

pg_io_method parameter: auto, sync, worker, io_uring options, defaults to worker
idle_replication_slot_timeout: default 7d, 3d for crit template
log_lock_failures: enabled in oltp, crit templates
track_cost_delay_timing: enabled in olap, crit templates
log_connections: auth logging for oltp/olap, full logging for crit
maintenance_io_concurrency set to 100 for SSD
effective_io_concurrency reduced from 1000 to 200
file_copy_method set to clone for PG18 enabling instant database cloning
For PG17+, explicitly disable checksums in patroni init when pg_checksums is off
Fixed duckdb.allow_community_extensions always being active
Allow specifying trusted "intranet" segments via node_firewall_intranet
pg_hba and pgbouncer_hba now support IPv6 localhost access

Architecture Improvements

Fixed /infra symlink on Infra nodes pointing to /data/infra
Infra data now placed in /data/infra by default for easier container usage
Local repo now at /data/nginx/pigsty, /www symlinks to /data/nginx for compatibility
DNS records placed in /infra/hosts to resolve Ansible SELinux race conditions
pg_remove/pg_pitr etcd metadata tasks now run on etcd cluster instead of admin_ip
36-node simu template simplified to 20 nodes
Removed PGDG sysupdate repo and all llvmjit packages on EL systems
Using full OS version numbers (major.minor) for EPEL 10 / PGDG 9/10 repos
Allow specifying meta parameter in repo definitions to override yum repo metadata
Allow strategy parameter in pg_databases definitions to specify clone method
Add /pg/bin/pg-fork script to fork current instance with xfs reflink on same node
make vagrant libvirt templates has a default 128GB disk, xfs on /data.

Security Improvements

configure now auto-generates random strong passwords to avoid default password security risks
Removed node_disable_firewall, added node_firewall_mode supporting off, none, zone modes
Removed node_disable_selinux, added node_selinux_mode supporting disabled, permissive, enforcing
Added nginx basic auth support for optional HTTP Basic Auth on Nginx servers
Fixed ownca certificate validity to ensure Chrome recognizes self-signed certs
Changed MinIO module default password to avoid conflicts with well-known defaults
Enabled etcd RBAC, each cluster can only manage its own PostgreSQL cluster
etcd root password now stored in /etc/etcd/etcd.pass, readable only by admin
Configured proper SELinux contexts for HAProxy, Nginx, DNSMasq, Redis
Removed ownership of executable scripts from non-root users
Added admin_ip to Patroni API allowed IP whitelist
Always create admin system group, patronictl config restricted to admin group users
New node_admin_sudo parameter to specify/adjust DBA sudo permission mode (all/nopass)

Checksums

339bbad52a55e73f6b26c20cde69ab0b  pigsty-v4.0.0.tgz
c4d870e5ef61ed05724c15fbccd1220b  pigsty-pkg-v4.0.0.d12.aarch64.tgz
f7971d9d6aab1f8f307556c2f64b701c  pigsty-pkg-v4.0.0.d12.x86_64.tgz
8d7c9404b97a11066c00eb7fc1330181  pigsty-pkg-v4.0.0.d13.aarch64.tgz
408991c5ff028b5c0a86fac804d64b93  pigsty-pkg-v4.0.0.d13.x86_64.tgz
4b98b463e2ebc104c35ddc94097e5265  pigsty-pkg-v4.0.0.el10.aarch64.tgz
a333e8eb34bf93f475c85a9652605139  pigsty-pkg-v4.0.0.el10.x86_64.tgz
66e283c9f6bfa80654f7ed3ffb9b53e5  pigsty-pkg-v4.0.0.el8.aarch64.tgz
4f62851c9d79a490d403f59deb4823f4  pigsty-pkg-v4.0.0.el8.x86_64.tgz
85687cb56517acc2dce14245452fdc05  pigsty-pkg-v4.0.0.el9.aarch64.tgz
537839201c536a1211f0b794482d733b  pigsty-pkg-v4.0.0.el9.x86_64.tgz
5c81bdaa560dad4751840dec736fe404  pigsty-pkg-v4.0.0.u22.aarch64.tgz
87bb91ef703293b6ec5b77ae3bb33d54  pigsty-pkg-v4.0.0.u22.x86_64.tgz
a4fb30148a2d363bbfd3bec0daa14ab6  pigsty-pkg-v4.0.0.u24.aarch64.tgz
2a25eff283332d9006854f36af6602b2  pigsty-pkg-v4.0.0.u24.x86_64.tgz

This discussion was created from the release v4.0.0-b3.

Vonng · 2025-12-27T09:41:43Z

Vonng
Dec 27, 2025
Maintainer Author

fix a major issue on el9/el10 : https://www.postgresql.org/about/news/postgresql-rpm-repository-now-supports-multiple-rhel-minor-versions-3202/

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Pigsty

v4.0.0-b3 #665

Uh oh!

{{title}}

Uh oh!

Replies: 1 comment

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

Pigsty

v4.0.0-b3 #665

Uh oh!

Vonng Dec 26, 2025 Maintainer

Replies: 1 comment

Uh oh!

Vonng Dec 27, 2025 Maintainer Author

Vonng
Dec 26, 2025
Maintainer

Vonng
Dec 27, 2025
Maintainer Author