A quick introduction to DBaaS
In this, one of our last examples, we introduce two Managed Database / DBaaS products: PostgreSQL and MongoDB (their corresponding entries in our Ansible Module's documentation can be found here and here, respectively).
In addition to creating one or both of the aforementioned DBaaS clusters, we will also create an SSH jumpbox that can be used to access the database clusters from 'the Internet'; given that, for security reasons, our DBaaS products are configured, out of the box, to only allow connections from private LANs within the virtual data center specified at their time of creation, this technique may come in handy for remote development and/or database administration tasks. (This example also comes with a minimal set of PostgreSQL and MongoDB client tools which can be used to connect directly to the newly-provisioned database clusters.)
Note: While there are several good reasons why one really shouldn't expose a database cluster to the Internet directly, if you really want to, you can set the variable
ENABLE_EXPLICITLY_UNSUPPORTED_CONFIGURATIONS
invars.yml
to true before running the playbooks in this example... This will then create a Network Load Balancer (NLB), together with the rules required to forward PostgreSQL and MongoDB client connections through to their respective clusters.Also note: unlike the cases where access is mediated via SSH port-forwarding or an actual router- / firewall-appliance, it is not possible to restrict access to these ports to specific IP addresses or subnets when using an NLB — i.e. if you enable this feature, you will literally be exposing your database cluster(s) to anyone who happens to discover them during a port scan.
What's in this example?
This example consists of the following files:
File | Description |
---|---|
| This playbook provisions a Cube-based jumpbox, before installing PostgreSQL and MongoDB clients on it. (If |
| This playbook creates a PostgreSQL cluster; the |
| This playbook creates a MongoDB cluster; the |
| This playbook deletes any DBaaS clusters that were provisioned by the previous playbooks, and then removes the remaining resources, including the IP address block that was reserved in Part 1 |
| This file contains the variable definitions common to all of this example's individual playbooks |
| This file is common to all of our Ansible examples and contains a set of more generally-used variable definitions |
More concretely, this example introduces the following IONOS Cloud modules:
ionoscloudsdk.ionoscloud.postgres_cluster
ionoscloudsdk.ionoscloud.mongo_cluster
andmongo_cluster_user
It also shows how a host can be added dynamically to the inventory (search for ansible.builtin.add_host
in 01__create_jumpbox_and_nlb.yml
) — an alternative to generating an inventory.yml
file and applying it to a separate / standalone playbook.
Usage
Note: As with all other 'executable' examples in this repository, an 'End User Licence Agreement'-like statement will be displayed, which must also be accepted before the tasks proper can be executed.
Please note that, while potentially quite minimal, you will incur charges for the resources based upon how long you keep them provisioned; for more information on the actual costs, you can follow the links displayed in the 'EULA' text. Also note that, if you run the following through to completion, the playbook should 'clean up' after itself, but we recommend you verify this, e.g., via the DCD or
ionosctl
to make sure you won't be charged for any unwanted resources.
To provision the jumpbox and the NLB, run the following command:
To provision one or both DBaaS clusters, run one or both of the following commands:
Note that these playbooks can be provisioned independently of each other, and that after each of them are run, they will also give you specific examples of how to connect to your newly-provisioned database clusters (see below).
Execute the following to delete the resources provisioned in the previous steps:
Between Steps 2 and 3, you can also run the commands output at the end of the 'create cluster' playbooks to connect to your newly-provisioned database cluster. E.g. after running ansible-playbook 02a__create_postgres_cluster.yml
with ENABLE_EXPLICITLY_UNSUPPORTED_CONFIGURATIONS
set to true
, you will see something of the form:
Summary
In this tutorial, we saw examples of:
how the
ionoscloudsdk.ionoscloud.postgres_cluster
,ionoscloudsdk.ionoscloud.mongo_cluster
andmongo_cluster_user
modules can be used to provision Postgres and MongoDB database clusters;how hosts can be added dynamically to the inventory, as an alternative to generating an
inventory.yml
file and using it with a separate / standalone playbook; andhow we can connect to said database clusters, both via a common, private LAN; via a jumpbox using an SSH key-pair; and optionally, via an open form of port-forwarding.
Last updated