search

vitabaks / postgresql_cluster

Automated database platform for PostgreSQL® A modern, open-source alternative to cloud-managed databases.
https://postgresql-cluster.org
MIT License
1.83k stars 418 forks source link

Login to Azure using Service Principal #773

Closed vitabaks closed 1 month ago

vitabaks commented 1 month ago

We use Azure CLI because there is currently no Ansible module available to manage the list of IP addresses within a backend pool.

Previously, manual authentication via az login was required, which was not feasible when deploying the cluster through the Console (UI) or CI/CD. With this change, we now use a Service Principal to automate the authentication process in Azure, making the deployment fully automated and suitable for CI/CD pipelines.

Fixed:

TASK [cloud-resources : Azure: Add virtual machine IP addresses to Load Balancer backend pool] ***
failed: [localhost] (item=postgres-cluster-azure-primary-backend) => {"ansible_loop_var": "item", "changed": true, "cmd": "az network lb address-pool address add --resource-group postgres-cluster-resource-group-eastus --lb-name postgres-cluster-azure-primary --pool-name postgres-cluster-azure-primary-backend --vnet postgres-cluster-network --name address-10.0.1.4 --ip-address 10.0.1.4\n", "delta": "0:00:02.614384", "end": "2024-09-25 10:54:27.768540", "item": "primary", "msg": "non-zero return code", "rc": 1, "start": "2024-09-25 10:54:25.154156", "stderr": "ERROR: Please run 'az login' to setup account.", "stderr_lines": ["ERROR: Please run 'az login' to setup account."], "stdout": "", "stdout_lines": []}
vitabaks commented 1 month ago

Test

PLAY [Deploy PostgreSQL HA Cluster (based on "Patroni")] ***********************
...
TASK [cloud-resources : Check if Azure CLI is installed] ***********************
ok: [localhost -> 127.0.0.1]
TASK [cloud-resources : Login to Azure using Service Principal] ****************
changed: [localhost -> 127.0.0.1]
...
TASK [cloud-resources : Azure: Create or modify Load Balancer] *****************
ok: [localhost] => (item=postgres-cluster-azure-primary)
TASK [cloud-resources : Extract virtual machine private IPs] *******************
ok: [localhost] => (item=10.0.1.4)
TASK [cloud-resources : Azure: Add virtual machine IP addresses to Load Balancer backend pool] ***
changed: [localhost] => (item=postgres-cluster-azure-primary-backend)
...

passed