As the most popular DSM database, we always strive to improve our enterprise-ready version of PostgreSQL with each release. Data Services Manager v9.0.1 is no different. In this release, we have improved on the Disaster Recovery configuration. We want to enable Data Admins to seamlessly fail over and back between a Primary and a Secondary Postgres database, and make it easy to replicate in either direction. We also want this to occur without needing a full resync of the data. In this blog post, I will take a closer look at this new feature and describe the steps needed to…
Another new feature in Data Services Manager 9.0.1 is the ability to setup access to a Postgres database using Client Certificates. This security features removes the need for “password” based authentication. In order to be able to use this functionality, the Postgres database must already be configured with external/custom certificates. This includes the PEM formatted certificate chain that has the server leaf cert, any intermediate certs and of course the Certificate Authority (CA). It also includes the PEM Private Key. With the custom server certificates associated with the database in place, we can proceed with updating the pg_hba.conf (host based…
In this post, I will look at the steps involved in creating your own Harbor Registry, setting it up as a Supervisor Container Registry, and then pulling DSM Consumption Operator images for version 9.0.1 from the DSM appliance and pushing them up to the Harbor Registry. We will then deploy the Consumption Operator using the images in the Harbor registry, and modify the package.yaml and values.yaml to provide a true air-gapped environment for DSM 9.0.1. Other image registries can also be used. Overview of Steps If you operate in an air-gapped environment, you can use images and manifests bundled in…
In my most recent post, we saw how to setup a privileged user which would write SPNs for database users to enable Windows Authentication. We also saw how this user could update DNS entries automatically when a database is created. We followed these steps and provisioned a SQL Server instance. Once the instance was provisioned, we create a login for the owner and saw how the user could successfully login to the instance using Windows Auth. This is all great, but really one of the key points of DSM is self-service or DBaaS, database as a service. Therefore, what I…
Whilst Microsoft SQL Server is still in technical preview in Data Services Manager 9.0.1, our team continues to release significant enhancements for our customers as we gravitate towards full support. As I mentioned in the DSM 9.0.1 overview post, this release includes the ability to specify a privileged AD user who can create Service Principal Names (SPNs) for database users and update DNS entries. This means that the privileged user can now do the necessary tasks in Active Directory to allow Windows Authentication to work seamlessly on MS SQL Server instances and databases which have been provisioned via DSM. You…
The most visible feature in Data Services Manager (DSM) 9.0.1 is the appearance of some additional new objects in the navigation menu on the left hand side of the DSM UI. These are Namespaces and Data Services Policy. Customers who have already looked at VCF Automation, particularly as it integrates with DSM, may have some familiarity with these. Their purpose in DSM 9.0.1 is to align with RBAC features that are already in VCF Automation, specifically around multi-tenancy controls. Through the use of Namespaces and Data Service Policies in DSM 9.0.1, a DSM admin can now control which DSM users…
It gives me great pleasure to announce the availability of VMware Data Services Manager (DSM) version 9.0.1. Over the coming weeks I will be deep-diving into many of these new features, but for now I want to provide you all with a brief overview of the capabilities and enhancements that you can find in this release. Automated Active Directory integration for MS SQL Server We continue to enhance our MS SQL Server integration. Although the data service is still in tech preview in DSM 9.0.1, a significant enhancement in this release is the ability to specify a privileged Active Directory…