In this post, we will take a look at another new feature of VCF Automation, IaaS Resource Policies. I will demonstrate how these IaaS policies can be used with Data Service Policies and DSM provisioned databases to fine-tune certain parameters related to the database. You may have already seen the concept of Data Service Policies in previous posts. These are policies set at the Provider level which can dictate which database engines, which database versions and which backup locations a tenant of an organization can consume. However additional validations or constraints in an IaaS policy can be applied at an…
In my previous post, I showed how the VCF Consumption CLI could be used to provision a MySQL database when Data Services Manager is integrated with VCF Automation. We could use the same VCF Consumption CLI to provision Postgres databases also. However, I wanted to show you another way that databases could be provisioned using blueprints in VCF Automation (VCFA). Readers may find this useful as it will allow you to track MySQL database instances provisioned via VCF Automation, even though the MySQL Data Service Policy and MySQL databases are not currently plumbed up into the VCFA UI (his will…
In Data Services Manager 9.0.1, we decided to remove the ability to create MySQL Data Service Policies (DSP) from VCF Automation (VCFA) UI until we can also provision MySQL databases end-to-end. Even though you could create a Data Service Policy via the UI in VCFA 9.0/DSM 9.0, you still had to use the API to create the database. We decided this might be a little confusing, so we disabled the MySQL DSP step in the UI for now and will re-enable it when we can provide the ability to create both MySQL DSP and MySQL database. However, for those of…
As the most popular DSM database, we always strive to improve our enterprise-ready version of PostgreSQL with each release. Data Services Manager v9.0.1 is no different. In this release, we have improved on the Disaster Recovery configuration. We want to enable Data Admins to seamlessly fail over and back between a Primary and a Secondary Postgres database, and make it easy to replicate in either direction. We also want this to occur without needing a full resync of the data. In this blog post, I will take a closer look at this new feature and describe the steps needed to…
Another new feature in Data Services Manager 9.0.1 is the ability to setup access to a Postgres database using Client Certificates. This security features removes the need for “password” based authentication. In order to be able to use this functionality, the Postgres database must already be configured with external/custom certificates. This includes the PEM formatted certificate chain that has the server leaf cert, any intermediate certs and of course the Certificate Authority (CA). It also includes the PEM Private Key. With the custom server certificates associated with the database in place, we can proceed with updating the pg_hba.conf (host based…
In this post, I will look at the steps involved in creating your own Harbor Registry, setting it up as a Supervisor Container Registry, and then pulling DSM Consumption Operator images for version 9.0.1 from the DSM appliance and pushing them up to the Harbor Registry. We will then deploy the Consumption Operator using the images in the Harbor registry, and modify the package.yaml and values.yaml to provide a true air-gapped environment for DSM 9.0.1. Other image registries can also be used. Overview of Steps If you operate in an air-gapped environment, you can use images and manifests bundled in…
In my most recent post, we saw how to setup a privileged user which would write SPNs for database users to enable Windows Authentication. We also saw how this user could update DNS entries automatically when a database is created. We followed these steps and provisioned a SQL Server instance. Once the instance was provisioned, we create a login for the owner and saw how the user could successfully login to the instance using Windows Auth. This is all great, but really one of the key points of DSM is self-service or DBaaS, database as a service. Therefore, what I…