Table of Contents Previous Next


3 Installing the EDB Ark Console : 3.3 Installing EDB Ark for Azure

To provide sufficient privileges for an Azure user account to access the Ark administrative console, navigate to the Azure Resource groups panel, highlight the name of the resource group in which your instance will reside, and select Access control (IAM) from the Resources panel; then, click the +Add button to access the Add permissions panel.
On the Add permissions panel, use the drop-down listbox in the Role field to select Owner; use the drop-down listbox in the Select field to select the user(s) that should have administrative access to the Ark console. When you've made your selections, click Save.
To limit the Scope of the access to the resource group in which the image resides, use the ResourcesAccess control (IAM) panel to specify a value of This resource in the Scope field for the specified user(s).
Use the Name field to provide a name for the security group.
Use the drop-down listbox in the Subscription field to select a subscription plan.
Use the Resource group field to provide a name for the associated resource group, or highlight the Use existing radio button and use the drop-down listbox in the Resource group field to select an existing resource group.
Use the Location drop-down listbox to specify a location.
When you've finished, click Create to create a network security group.
After creating the network security group, you must provide the inbound rules that will allow the Ark console to manage your instance. On the Network security groups page, click the name of the security group that you wish to modify; click Inbound security rules (in the SETTINGS section of the details panel) to modify the inbound rules for the group.
To add a new rule, click the Add button, and provide details about the rule; after providing rule details, click OK. The Azure console will notify you that it is creating the new rule. When defining the security group, include the rules listed below:
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\0b1045a6\Screen Shot 2017-06-07 at 10.37.28 AM.png
Figure 3.52 – Reviewing security group rules.
Select Overview to review the rules defined for a security group (see Figure 3.52).
The rule that opens ports 7800 through 7999 provides enough ports for 200 cluster connections; you can extend the upper limit of the port range if more than 200 clusters are required.
To add an Azure storage account, navigate to the Azure All resources page, and click the Add button. In the MARKETPLACE edit box enter Storage account, and hit return. Highlight the Storage accountblob, file, table, queue entry.
C:\Users\susan\Desktop\Screen Shot 2017-07-03 at 2.32.42 PM.png
Click the Create button located on the bottom of the Storage account-blob, file, table, queue panel to open the Create storage account panel. Use fields on the Create storage account panel to define the storage account (see Figure 3.53).
When you've defined your storage account, click Create; the Azure dashboard will keep you informed as the storage account is deployed, and send you a notification when the account creation is finished.
C:\Users\susan\Desktop\Screen Shot 2017-10-31 at 9.33.16 AM.png
When the Azure Marketplace opens, enter EDB Postgres Ark in the search box. Select the EDB Postgres Ark (published by EnterpriseDB Corp.) icon from the search results, and click Create to continue.
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\284e36e5\Screen Shot 2017-06-28 at 3.26.38 PM.png
Use fields on the Basics panel (see Figure 3.55) to provide general information about the new VM:
Use the drop-down listbox in the VM disk type field to select the disk type for the root volume.
Use the Authentication type switch to select an authentication type.
If applicable, use the drop-down listbox in the Resource group field to select a resource group.
If prompted, use the drop-down listbox in the Location field to select a location.
Click OK to continue.
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\a341e76f\Screen Shot 2017-06-28 at 3.34.15 PM.png
Use options on the Size panel (see Figure 3.56) to specify your preferences about the size of the VM instance:
Use the Supported disk type drop-down listbox to select the disk type for the machine.
Use the Minimum cores slider to specify the minimum number of cores allotted for the machine.
Use the Maximum memory slider to specify the maximum memory allotted for the machine.
Click Select to continue.
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\a3c3e6e9\Screen Shot 2017-06-28 at 3.35.39 PM.png
Use fields on the Settings panel (see Figure 3.57) to specify your configuration preferences for the virtual machine. When configuring an Azure virtual machine to use the Ark console, you should:
Open the Network security group pane and select the security group that you wish to use for the virtual machine.
Use the Extensions pane to identify a script that contains the password that allows access to the Ark console. Create a file named startup-password.sh that contains the following text:
#!/bin/sh
rm -f /var/ppcd/startup-password.txt
echo "
console_password" > /var/ppcd/startup-password.txt chown ppcd:ppcd /var/ppcd/startup-password.txt
chmod 600 /var/ppcd/startup-password.txt
Where console_password is replaced with the password you will provide when prompted for a password by the Ark setup dialog.
To provide the location of the script to the virtual machine, open the Extensions pane, and click Add extension; when the New resource pane opens, select Custom Script For Linux.
C:\Users\susan\Desktop\Screen Shot 2017-06-28 at 3.55.33 PM.png
Use the Install extension pane (see Figure 3.58) to identify the script file:
Use the button to the right of the Script files field to open a file browser and upload the script file.
Enter the command that will invoke your script in the Command field; for example, sh startup-password.sh.
Click OK to continue and return to the Settings panel; when you've finished updating the settings with your preferences, click OK to continue to the Summary panel.
C:\Users\susan\Desktop\Screen Shot 2017-06-28 at 4.33.23 PM.png
The Summary panel (see Figure 3.59) displays a detailed description of the configuration of the virtual machine that will host the Ark console. Select OK to begin deploying the virtual machine.
You can monitor the virtual machine's deployment from the Azure Operations page, the Resource group activity log, or the Virtual machine page. A notification will be generated when the deployment completes.
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\8cad8e28\Screen Shot 2017-06-06 at 1.27.32 PM.png
While the virtual machine deploys, you can register your application in the Azure Active Directory. You will need the Public IP address or DNS name of your server for the registration. To copy the IP address, click the copy icon to the right of the Public IP address on the VM Essentials panel (see Figure 3.60).
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\58d8b12a\Screen Shot 2017-06-06 at 2.33.41 PM.png
After copying the public IP address or DNS name of your server, select App registrations from the Active Directory page. Click the New application registration button located on the App registrations detail panel (see Figure 3.61).
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\07bf5b54\Screen Shot 2017-06-06 at 2.36.21 PM.png
Use fields on the Create panel (see Figure 3.62) to provide information about your application:
Click Create to register your application.
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\86af98b6\Screen Shot 2017-06-06 at 2.38.43 PM.png
Please note that you must be an Azure Global Administrator to grant permissions required by Ark. Navigate to the Required permissions page for the application, and select +Add from the Required permissions panel (see Figure 3.63).
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\adf2e3b0\Screen Shot 2017-06-06 at 2.40.20 PM.png
Click Select an API, and then highlight Windows Azure Service Management API (see Figure 3.64).
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\9425afc1\Screen Shot 2017-06-06 at 2.42.00 PM.png
Click Select permissions, and then Access Azure Service Management (see Figure 3.65); then, click Select.
C:\Users\susan\Desktop\Screen Shot 2017-07-05 at 3.20.40 PM.png
Then, click Grant Permissions (see Figure 3.66).
C:\Users\susan\Desktop\Screen Shot 2017-07-05 at 3.23.21 PM.png
When prompted, click Yes to confirm that you wish to grant access permissions (see Figure 3.67).
Repeat the process, adding permissions for Microsoft Graph. When adding permissions for Microsoft Graph, select a scope of Read all users' full profiles.
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\78a28b4d\Screen Shot 2017-07-11 at 10.33.02 AM.png
When you're finished granting permissions, the Required permissions list (see Figure 3.68) should include:
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\4c6fc750\Screen Shot 2017-06-07 at 10.32.05 AM.png
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\e68733b6\Screen Shot 2017-08-04 at 11.19.18 AM.png
Use fields on the setup dialog to provide provider specific information and configuration details for the Ark console.
Use the Azure Subscription ID field to specify the subscription ID for the Azure account that hosts the Ark console. You can locate the subscription ID on the Azure Subscriptions page.
Use the Azure Active Directory ID field to specify the directory ID associated with the Azure account that hosts the Ark console. To locate the directory ID, navigate to the Azure Active Directory and select Properties.
Use the Azure Application Registration ID field to specify the application ID associated with the Azure account that hosts the Ark console. To locate the application ID, select Enterprise applications or App registrations from the Azure Active Directory menu; use the application ID associated with the registration created for the Ark console.
Use the Service Account ID field to specify the name of the Azure service account. The service account must be an owner of the resource group in which the Ark server is deployed.
Use the Service Account Password field to specify the password associated with the service account.
Use the Azure Storage Account field to specify the name of the Azure block storage account you wish to use with this Ark server.
The fields in the General properties section set values that control Ark behaviors:
Use the Contact Email Address field to specify the address that will be included in the body of cluster status notification emails.
Use the Email From Address field to specify the return email address specified on cluster status notification emails.
Use the Notification Email field to specify the email address to which email notifications about the status of the Ark console will be sent.
Use the API Timeout field to specify the number of minutes that an authorization token will be valid for use within the API.
Use the WAL Archive Container field to specify the name of the storage container where WAL archives (used for point-in-time recovery) are stored. You must provide a value for this property; once set, this property must not be modified.
Use the Dashboard Docs URL field to specify the location of the content that will be displayed on the Dashboard tab of the Ark console. If your cluster resides on a network with Internet access, set the parameter to DEFAULT to display content (documentation) from EnterpriseDB; to display alternate content, provide the URL of the content. To display no content in the lower half of the Dashboard tab, leave the field blank.
Use the Dashboard Hot Topics URL field to specify the location of the content that will be displayed on the Dashboard tab of the Ark console. If your cluster resides on a network with Internet access, set the parameter to DEFAULT to display content (alerts) from EnterpriseDB; to display alternate content, provide the URL of the content. To display no content across the middle section of the Dashboard tab, leave the field blank.
Use the Storage Bucket field to specify the name of the container that will be used to store files for point-in-time recovery. This location should not change after the initial deployment of the Ark console.
Use the Console Backup Folder field to specify a folder in which the backups will be stored.
Use the drop-down listbox in the Timezone field to select the timezone that will be displayed by the Ark console.
When you've completed the setup dialog, click the Save button to validate your changes and restart the server.
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\5040b012\Screen Shot 2017-05-26 at 10.57.32 AM.png
When prompted, click the Restart button to restart the server and start the Ark console (see Figure 3.71). Ark will confirm that the server is restarting (see Figure 3.72).
C:\Users\susan\Desktop\restarting.png
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\495a8020\Screen Shot 2016-09-12 at 11.43.45 AM.png
Figure 3.73 - The Login dialog.
Enter the name of an administrative user in the User Name field, and the associated password in the Password field, and click Login to connect to the Ark console. If the user name and password provided are members of a role with administrative privileges, the Ark console will include the DBA tab and the Admin tab (as shown in Figure 3.74).
C:\Users\susan\Desktop\Screen Shot 2017-08-14 at 8.52.20 AM.png
Figure 3.74 - The EDB Ark Administrator’s console.
Update the User tab, providing a Notification Email. For more information about the User tab, see the EDB Ark Getting Started Guide.
Use the Admin tab to create the server images and database engines that will be used by non-administrative users. For more information about using the Admin tab, see Section 4.1.

3 Installing the EDB Ark Console : 3.3 Installing EDB Ark for Azure

Table of Contents Previous Next