Important: You must create the UAM service database before deploying the UAM service.
The UAM service database stores information about user credentials and configuration settings. You can deploy the UAM service database in one of these ways:
- Scenario 1. Deploy the database to the Operations database node.
- Scenario 2. Deploy the database using the PostgreSQL database service in Azure.
Scenario 1. Deploying the UAM Service Database to the Operations Database Node
To deploy the UAM service database to the Operations database node:
- Connect to the Operations database node under the
rootuser. -
Create the create_db.sql script file by running this command:
cat << EOF > /tmp/create_db.sql DO \$\$ BEGIN IF NOT EXISTS (SELECT FROM pg_catalog.pg_roles WHERE rolname = 'mservice_login') THEN CREATE ROLE mservice_login LOGIN; RAISE NOTICE 'Group mservice_login created'; END IF; END \$\$; CREATE USER :name PASSWORD :'password'; \echo User :name created GRANT mservice_login to :name; \echo User is a member of mservice_login group GRANT :name to CURRENT_USER; CREATE DATABASE a8n_:name OWNER :name; \echo Database a8n_:name created REVOKE :name from CURRENT_USER; SELECT pg_reload_conf(); EOF
-
Add the connect permissions for all the
mservice_logingroup members by adding the following lines to the/var/lib/pgsql/<PostgreSQL_Version>/data/pg_hba.confconfiguration file:host all mservice_login <uam_app_host_ip>/32 reject host all +mservice_login <uam_app_host_ip>/32 md5
where:
<uam_app_host_ip>is the BackNet IP address of the node where you deployed the Kubernetes cluster.
-
Create the database by running this command:
su - postgres -c "psql -f /tmp/create_db.sql --set ON_ERROR_STOP=on -q -o /dev/null -v name='uam' -v password='<db_user_password>'"
where:
<db_user_password>is the password of the UAM service database user.
UAM Service Database Connection Parameters
To connect to the UAM service database, provide the following parameters:
| Parameter | Value |
|---|---|
| BackNet IP address of the database host | The BackNet IP of the Operations database host |
| Database | a8n_uam |
Database user (name) |
uam |
Password of the database user (password) |
<db_user_password> is the password you specified in step 4 |
Scenario 2. Deploying the UAM Service Database Using the PostgreSQL Database Service in Azure
Prerequisites
- A corresponding Azure subscription.
- A configured PostgreSQL database service in Azure.
- The PostgreSQL client on Operations management node must have access to the PostgreSQL database service in Azure.
Deployment Procedure
To deploy the UAM service database using the PostgreSQL database service in Azure:
-
Connect to the Operations management node under the
rootuser. -
Create the create_db.sql script file by running this command:
cat << EOF > /tmp/create_db.sql DO \$\$ BEGIN IF NOT EXISTS (SELECT FROM pg_catalog.pg_roles WHERE rolname = 'mservice_login') THEN CREATE ROLE mservice_login LOGIN; RAISE NOTICE 'Group mservice_login created'; END IF; END \$\$; CREATE USER :name PASSWORD :'password'; \echo User :name created GRANT mservice_login to :name; \echo User is a member of mservice_login group GRANT :name to CURRENT_USER; CREATE DATABASE a8n_:name OWNER :name; \echo Database a8n_:name created REVOKE :name from CURRENT_USER; SELECT pg_reload_conf(); EOF
-
Create the database by running this command:
psql \ -h <db_postgresql_service_name_in_azure> \ -U <db_admin_login> \ -d postgres \ -f /tmp/create_db.sql \ --set ON_ERROR_STOP=on \ -v name='uam' \ -v password='<db_user_password>'
where:
<db_postgresql_service_name_in_azure>is the PostgreSQL database service name in Azure (provided by Azure as a result of the PostgreSQL database service configuration).<db_admin_login>is the admin log-in name to the PostgreSQL database service in Azure (provided by Azure as a result of the PostgreSQL database service configuration).
UAM Service Database Connection Parameters
To connect to the UAM service database in Azure, provide the following parameters:
| Parameter | Value |
|---|---|
| The PostgreSQL database service name in Azure | <db_postgresql_service_name_in_azure>, provided by Azure as a result of the PostgreSQL database service configuration |
| Database | a8n_uam |
Database user (name) |
uam |
Password of the database user (password) |
<db_user_password> is the password you specified in step 3 |