I may have gotten lucky on an initial master-slave replication installation where things booted up. But upon trying anew, the set-up is not replicating data.
Upon examining matters and sifting through various documentation, I realise there are some unclear areas related to roles and security of data replication.
Upon installation of postgresql, the default status has a the base user with the following privileges
postgres | Superuser, Create role, Create DB, Replication | {}
and by inference this includes LOGIN.
If postgres has replication and login functions, is it really necessary or just preferable to create a replicator user for that function which is then defined in pg_hba.conf ?
host replication replicator slave_ip/32 trust
The default postgresql.conf has three instructions regarding ssl, the on/off switch, plus pointers to the keys. I understood postgre uses port 5432. So what is this /32 stand for? Finally, will the replication need ssl and the certificates to run the replication - or is it just preferable?
Sorry if this seems like 3 questions, however to me they appear tightly linked
It is not necessary to create a new user for replication, but it's strongly preferred, because it reduces the privilege of the replication role.
You have to store the credentials of the replication role somewhere, or configure Pg so no stored credentials are required (as in the example above, which relies on IP addresses). You really don't want the superuser login just lying around on a replica, where anyone who has access to that machine or can compromise it can use it to attack your main server.
/32 is a subnet mask in CIDR notation, as if you'd written /255.255.255.255. It's how you write a single IP address in a field that can take a network address range.
Replication works without SSL. Use SSL if you're going over a network you do not completely trust.