我的书签
添加书签
移除书签Deploying EdgeDB to Azure
In this guide we show how to deploy EdgeDB using Azure’s Postgres Flexible Server as the backend.
Prerequisites
Valid Azure Subscription with billing enabled or credits (free trial).
Azure CLI (install).
Provision an EdgeDB instance
Login to your Microsoft Azure account.
$
az login
Create a new resource group.
$
GROUP=my-group-name
$
az group create --name $GROUP --location westus
Provision a PostgreSQL server.
If you already have a database provisioned you can skip this step.
For convenience, assign a value to the PG_SERVER_NAME environment variable; we’ll use this variable in multiple later commands.
$
PG_SERVER_NAME=postgres-for-edgedb
Use the read command to securely assign a value to the PASSWORD environment variable.
$
echo -n "> " && read -s PASSWORD
Then create a Postgres Flexible server.
$
az postgres flexible-server create \--resource-group $GROUP \--name $PG_SERVER_NAME \--location westus \--admin-user edgedb \--admin-password $PASSWORD \--sku-name Standard_D2s_v3 \--version 13 \--yes
If you get an error saying "Specified server name is already used."" change the value of PG_SERVER_NAME and rerun the command.
Allow other Azure services access to the Postgres instance.
$
az postgres flexible-server firewall-rule create \--resource-group $GROUP \--name $PG_SERVER_NAME \--rule-name allow-azure-internal \--start-ip-address 0.0.0.0 \--end-ip-address 0.0.0.0
EdgeDB requires postgres’ uuid-ossp extension which needs to be enabled.
$
az postgres flexible-server parameter set \--resource-group $GROUP \--server-name $PG_SERVER_NAME \--name azure.extensions \--value uuid-ossp
Start an EdgeDB container.
$
PG_HOST=$(az postgres flexible-server list \--resource-group $GROUP \--query "[?name=='$PG_SERVER_NAME'].fullyQualifiedDomainName | [0]" \--output tsv)
$
DSN="postgresql://edgedb:$PASSWORD@$PG_HOST/postgres?sslmode=require"
$
az container create \--resource-group $GROUP \--name edgedb-container-group \--image edgedb/edgedb \--dns-name-label edgedb \--ports 5656 \--secure-environment-variables \"EDGEDB_SERVER_PASSWORD=$PASSWORD" \"EDGEDB_SERVER_BACKEND_DSN=$DSN" \--environment-variables \EDGEDB_SERVER_TLS_CERT_MODE=generate_self_signed \
Persist the SSL certificate. We have configured EdgeDB to generate a self signed SSL certificate when it starts. However, if the container is restarted a new certificate would be generated. To preserve the certificate across failures or reboots copy the certificate files and use their contents in the EDGEDB_SERVER_TLS_KEY and EDGEDB_SERVER_TLS_CERT environment variables.
$
key="$( az container exec \--resource-group $GROUP \--name edgedb-container-group \--exec-command "cat /tmp/edgedb/edbprivkey.pem" \| tr -d "\r" )"
$
cert="$( az container exec \--resource-group $GROUP \--name edgedb-container-group \--exec-command "cat /tmp/edgedb/edbtlscert.pem" \| tr -d "\r" )"
$
az container delete \--resource-group $GROUP \--name edgedb-container-group \--yes
$
az container create \--resource-group $GROUP \--name edgedb-container-group \--image edgedb/edgedb \--dns-name-label edgedb \--ports 5656 \--secure-environment-variables \"EDGEDB_SERVER_BACKEND_DSN=$DSN" \"EDGEDB_SERVER_TLS_KEY=$key" \--environment-variables \"EDGEDB_SERVER_TLS_CERT=$cert"
To access the EdgeDB instance you’ve just provisioned on Azure from your local machine link the instance.
$
printf $PASSWORD | edgedb instance link \--password-from-stdin \--non-interactive \--trust-tls-cert \--host $( \az container list \--resource-group $GROUP \--query "[?name=='edgedb-container-group'].ipAddress.fqdn | [0]" \--output tsv ) \azure
You can now connect to your instance.
$
edgedb -I azure
