I recently has a question about retrieving the Certificate Authority (CA) from a PostgreSQL database which has been provisioned by Data Services Manager (DSM). The customer in question wanted his clients to use the verify-ca option on database connections for additional security. To allow secure connections with verify-ca, the CA needs to be downloaded from the database to the device where the client is making the connection from. In this post, we will go through how to get the certificate so that the Verify-CA option is used to make client connections to a PostgreSQL database secure. Note that this is…
We have recently released a new update to Data Services Manager (DSM), bringing the latest version to 2.1.3. In the release notes, you will find reference to a new customer-requested feature, namely feature called Postgres Host-Based Authentication Configuration API. In a nutshell, this features enables users to make updates to the pg_hba.conf file via the gateway API available in DSM. This file essentially controls who can access a particular database, and from which network. Definitely a useful feature, and so I wanted to try it out and provide the steps on how to use this new hbaRef API. I created…
Autumn has arrived in Europe. That can only mean one thing – VMware Explore is almost here. This year, it is once again back in the beautiful city of Barcelona, and I am delighted to be presenting again. This year I only have one two speaking slots. The first is VCFB1809BCN – Accelerate App Innovation with VMware Cloud Foundation Data Services. I’ll be delivering this session with the Data Services Manager (DSM) Product Manager, Junchi Zhang. So if you are looking at a way to provision, manage and monitor open source, modern databases such as PostgreSQL and MySQL running on…
In my previous blog posts on Data Services Manager, I showed how to integrate DSM with both Aria Automation and the Cloud Consumption Interface (CCI). However, another DSM integration available to our customers is through VMware Cloud Director extension for Data Solutions. Customers, especially Cloud Service Providers (CSPs), can now leverage this integration to allow their tenants to provision both Postgres and MySQL databases through DSM, whilst at the same time getting all of the day 2 features of DSM managed databases. This includes lifecycle-management, automatic backup and restore, LDAPS integrated access control to the database and so on. Now,…
Today sees the release of VMware Data Services Manager (DSM) v2.1.1. To coincide with his release, I decided to create a few short videos to highlight some of the updates we have made to the product. This video demonstrates how to get started with DSM v2.1.1. It shows the how to download the product from the support portal and talks about the use of vSphere client plugins to deploy DSM to your on-premises vSphere infrastructure. It goes on to show how to create your first infrastructure policy to guard-rail your vSphere resources when provisioning databases and data services. The video…
Hey all! Quick note to let you know that we are running another 1 hour Data Services Manager webinar. This one is part of the VCF webinar series and will take place on August 14th, 2024 at 11am PST. This is 7pm for those of us in Ireland and the UK, and 8pm for most of western Europe. This webinar will be technical and is focused at practitioners – essentially VI Admins and anyone responsible for managing data and data services on vSphere infrastructure. For those of you who are not aware, Data Services Manager is a way to deploy,…
Following on from last weeks post on encrypting Kubernetes Persistent Volumes, I now wanted to see if I could use the vSphere Native Key Provider to encrypt databases provisioned by Data Services Manager version 2.1. The good news is that this is indeed possible, but we need to make some changes to the DSM Administrator Role’s privileges to enable it to perform encryption operations. Of course, the infrastructure policy used to provision the databases must also have a storage policy that has encryption. And, as stated in the previous article, this functionality is dependent on vSphere 8.0U3. This applies to…