Merge pull request #217493 from KarlErickson/patch-1

JamesJBarnett · web-flow · commit 8a46d83fab81 · 2022-11-07T17:37:10.000-07:00
edits: Support postgresql flexible server in Service Connector
diff --git a/articles/app-service/tutorial-java-tomcat-connect-managed-identity-postgresql-database.md b/articles/app-service/tutorial-java-tomcat-connect-managed-identity-postgresql-database.md
@@ -33,12 +33,12 @@ Run the following commands in your terminal to clone the sample repo and set up
 
 ```bash
 git clone https://github.com/Azure-Samples/Passwordless-Connections-for-Java-Apps
-cd Passwordless-Connections-for-Java-Apps/Tomcat/checklist/
+cd Passwordless-Connections-for-Java-Apps/Tomcat/
 ```
 
 ## Create an Azure Postgres DB
 
-Follow these steps to create an Azure Database for Postgres Single Server in your subscription. The Spring Boot app will connect to this database and store its data when running, persisting the application state no matter where you run the application.
+Follow these steps to create an Azure Database for Postgres in your subscription. The Spring Boot app will connect to this database and store its data when running, persisting the application state no matter where you run the application.
 
 1. Sign into the Azure CLI, and optionally set your subscription if you have more than one connected to your login credentials.
 
@@ -56,11 +56,32 @@ Follow these steps to create an Azure Database for Postgres Single Server in you
    az group create --name $RESOURCE_GROUP --location $LOCATION
    ```
 
-1. Create an Azure Postgres Database server. The server is created with an administrator account, but it won't be used as we'll use the Azure Active Directory (Azure AD) admin account to perform administrative tasks.
+1. Create an Azure Postgres Database server. The server is created with an administrator account, but it won't be used because we'll use the Azure Active Directory (Azure AD) admin account to perform administrative tasks.
+
+   ### [Flexible Server](#tab/flexible)
+
+   ```azurecli-interactive
+   POSTGRESQL_ADMIN_USER=azureuser
+   # PostgreSQL admin access rights won't be used because Azure AD authentication is leveraged to administer the database.
+   POSTGRESQL_ADMIN_PASSWORD=<admin-password>
+   POSTGRESQL_HOST=<postgresql-host-name>
+
+   # Create a PostgreSQL server.
+   az postgres flexible-server create \
+       --resource-group $RESOURCE_GROUP \
+       --name $POSTGRESQL_HOST \
+       --location $LOCATION \
+       --admin-user $POSTGRESQL_ADMIN_USER \
+       --admin-password $POSTGRESQL_ADMIN_PASSWORD \
+       --public-network-access 0.0.0.0 \
+       --sku-name Standard_D2s_v3 
+   ```
+
+   ### [Single Server](#tab/single)
 
    ```azurecli-interactive
    POSTGRESQL_ADMIN_USER=azureuser
-   # PostgreSQL admin access rights won't be used as Azure AD authentication is leveraged to administer the database.
+   # PostgreSQL admin access rights won't be used because Azure AD authentication is leveraged to administer the database.
    POSTGRESQL_ADMIN_PASSWORD=<admin-password>
    POSTGRESQL_HOST=<postgresql-host-name>
 
@@ -77,6 +98,19 @@ Follow these steps to create an Azure Database for Postgres Single Server in you
 
 1. Create a database for the application.
 
+   ### [Flexible Server](#tab/flexible)
+
+   ```azurecli-interactive
+   DATABASE_NAME=checklist
+
+   az postgres flexible-server db create \
+       --resource-group $RESOURCE_GROUP \
+       --server-name $POSTGRESQL_HOST \
+       --database-name $DATABASE_NAME
+   ```
+
+   ### [Single Server](#tab/single)
+
    ```azurecli-interactive
    DATABASE_NAME=checklist
 
@@ -90,17 +124,17 @@ Follow these steps to create an Azure Database for Postgres Single Server in you
 
 Follow these steps to build a WAR file and deploy to Azure App Service on Tomcat using a WAR packaging.
 
-The changes you made in *application.properties* also apply to the managed identity, so the only thing to do is to remove the existing application settings in App Service.
-
-1. The sample app contains a *pom-war.xml* file that can generate the WAR file. Run the following command to build the app.
+1. The sample app contains a *pom.xml* file that can generate the WAR file. Run the following command to build the app.
 
    ```bash
-   mvn clean package -f pom-war.xml
+   mvn clean package -f pom.xml
    ```
 
 1. Create an Azure App Service resource on Linux using Tomcat 9.0.
 
    ```azurecli-interactive
+   APPSERVICE_PLAN=<app-service-plan>
+   APPSERVICE_NAME=<app-service-name>
    # Create an App Service plan
    az appservice plan create \
        --resource-group $RESOURCE_GROUP \
@@ -129,7 +163,25 @@ The changes you made in *application.properties* also apply to the managed ident
 
 ## Connect Postgres Database with identity connectivity
 
-Next, connect your app to an Postgres Database Single Server with a system-assigned managed identity using Service Connector. To do this, run the [az webapp connection create](/cli/azure/webapp/connection/create#az-webapp-connection-create-postgres) command.
+Next, connect your app to a Postgres Database with a system-assigned managed identity using Service Connector. 
+
+### [Flexible Server](#tab/flexible)
+
+To do this, run the [az webapp connection create](/cli/azure/webapp/connection/create#az-webapp-connection-create-postgres-flexible) command.
+
+```azurecli-interactive
+az webapp connection create postgres-flexible \
+    --resource-group $RESOURCE_GROUP \
+    --name $APPSERVICE_NAME \
+    --target-resource-group $RESOURCE_GROUP \
+    --server $POSTGRESQL_HOST \
+    --database $DATABASE_NAME \
+    --system-identity
+```
+
+### [Single Server](#tab/single)
+
+To do this, run the [az webapp connection create](/cli/azure/webapp/connection/create#az-webapp-connection-create-postgres) command.
 
 ```azurecli-interactive
 az webapp connection create postgres \
@@ -141,6 +193,7 @@ az webapp connection create postgres \
     --system-identity
 ```
 
+---
 This command creates a connection between your web app and your PostgreSQL server, and manages authentication through a system-assigned managed identity.
 
 ## View sample web app
diff --git a/articles/container-apps/tutorial-java-quarkus-connect-managed-identity-postgresql-database.md b/articles/container-apps/tutorial-java-quarkus-connect-managed-identity-postgresql-database.md
@@ -45,12 +45,12 @@ The following example creates a resource group named `myResourceGroup` in the Ea
 az group create --name myResourceGroup --location eastus
 ```
 
-Create an Azure container registry instance using the [az acr create](/cli/azure/acr#az-acr-create) command. The registry name must be unique within Azure, and contain 5-50 alphanumeric characters. In the following example, `myContainerRegistry007` is used. Update this to a unique value.
+Create an Azure container registry instance using the [az acr create](/cli/azure/acr#az-acr-create) command. The registry name must be unique within Azure, contain 5-50 alphanumeric characters. All letters must be specified in lower case. In the following example, `mycontainerregistry007` is used. Update this to a unique value.
 
 ```azurecli
 az acr create \
     --resource-group myResourceGroup \
-    --name myContainerRegistry007 \
+    --name mycontainerregistry007 \
     --sku Basic
 ```
 
@@ -83,6 +83,69 @@ cd quarkus-quickstarts/hibernate-orm-panache-quickstart
 
    Delete the existing content in *application.properties* and replace with the following to configure the database for dev, test, and production modes:
 
+   ### [Flexible Server](#tab/flexible)
+
+   ```properties
+   quarkus.package.type=uber-jar
+
+   quarkus.hibernate-orm.database.generation=drop-and-create
+   quarkus.datasource.db-kind=postgresql
+   quarkus.datasource.jdbc.max-size=8
+   quarkus.datasource.jdbc.min-size=2
+   quarkus.hibernate-orm.log.sql=true
+   quarkus.hibernate-orm.sql-load-script=import.sql
+   quarkus.datasource.jdbc.acquisition-timeout = 10
+
+   %dev.quarkus.datasource.username=${AZURE_CLIENT_NAME}
+   %dev.quarkus.datasource.jdbc.url=jdbc:postgresql://${DBHOST}.postgres.database.azure.com:5432/${DBNAME}?\
+   authenticationPluginClassName=com.azure.identity.providers.postgresql.AzureIdentityPostgresqlAuthenticationPlugin\
+   &sslmode=require\
+   &azure.clientId=${AZURE_CLIENT_ID}\
+   &azure.clientSecret=${AZURE_CLIENT_SECRET}\
+   &azure.tenantId=${AZURE_TENANT_ID}
+
+   %prod.quarkus.datasource.username=${AZURE_MI_NAME}
+   %prod.quarkus.datasource.jdbc.url=jdbc:postgresql://${DBHOST}.postgres.database.azure.com:5432/${DBNAME}?\
+   authenticationPluginClassName=com.azure.identity.providers.postgresql.AzureIdentityPostgresqlAuthenticationPlugin\
+   &sslmode=require
+
+   %dev.quarkus.class-loading.parent-first-artifacts=com.azure:azure-core::jar,\
+   com.azure:azure-core-http-netty::jar,\
+   io.projectreactor.netty:reactor-netty-core::jar,\
+   io.projectreactor.netty:reactor-netty-http::jar,\
+   io.netty:netty-resolver-dns::jar,\
+   io.netty:netty-codec::jar,\
+   io.netty:netty-codec-http::jar,\
+   io.netty:netty-codec-http2::jar,\
+   io.netty:netty-handler::jar,\
+   io.netty:netty-resolver::jar,\
+   io.netty:netty-common::jar,\
+   io.netty:netty-transport::jar,\
+   io.netty:netty-buffer::jar,\
+   com.azure:azure-identity::jar,\
+   com.azure:azure-identity-providers-core::jar,\
+   com.azure:azure-identity-providers-jdbc-postgresql::jar,\
+   com.fasterxml.jackson.core:jackson-core::jar,\
+   com.fasterxml.jackson.core:jackson-annotations::jar,\
+   com.fasterxml.jackson.core:jackson-databind::jar,\
+   com.fasterxml.jackson.dataformat:jackson-dataformat-xml::jar,\
+   com.fasterxml.jackson.datatype:jackson-datatype-jsr310::jar,\
+   org.reactivestreams:reactive-streams::jar,\
+   io.projectreactor:reactor-core::jar,\
+   com.microsoft.azure:msal4j::jar,\
+   com.microsoft.azure:msal4j-persistence-extension::jar,\
+   org.codehaus.woodstox:stax2-api::jar,\
+   com.fasterxml.woodstox:woodstox-core::jar,\
+   com.nimbusds:oauth2-oidc-sdk::jar,\
+   com.nimbusds:content-type::jar,\
+   com.nimbusds:nimbus-jose-jwt::jar,\
+   net.minidev:json-smart::jar,\
+   net.minidev:accessors-smart::jar,\
+   io.netty:netty-transport-native-unix-common::jar
+   ```
+
+   ### [Single Server](#tab/single)
+
    ```properties
    quarkus.package.type=uber-jar
 
@@ -146,11 +209,11 @@ cd quarkus-quickstarts/hibernate-orm-panache-quickstart
 
 1. Build the container image.
 
-   Run the following command to build the Quarkus app image. You must tag it with the fully qualified name of your registry login server. The login server name is in the format *\<registry-name\>.azurecr.io* (must be all lowercase), for example, *myContainerRegistry007.azurecr.io*. Replace the name with your own registry name.
+   Run the following command to build the Quarkus app image. You must tag it with the fully qualified name of your registry login server. The login server name is in the format *\<registry-name\>.azurecr.io* (must be all lowercase), for example, *mycontainerregistry007.azurecr.io*. Replace the name with your own registry name.
 
    ```bash
    mvnw quarkus:add-extension -Dextensions="container-image-jib"
-   mvnw clean package -Pnative -Dquarkus.native.container-build=true -Dquarkus.container-image.build=true -Dquarkus.container-image.registry=myContainerRegistry007 -Dquarkus.container-image.name=quarkus-postgres-passwordless-app -Dquarkus.container-image.tag=v1
+   mvnw clean package -Pnative -Dquarkus.native.container-build=true -Dquarkus.container-image.build=true -Dquarkus.container-image.registry=mycontainerregistry007 -Dquarkus.container-image.name=quarkus-postgres-passwordless-app -Dquarkus.container-image.tag=v1
    ```
 
 1. Log in to the registry.
@@ -165,10 +228,10 @@ cd quarkus-quickstarts/hibernate-orm-panache-quickstart
 
 1. Push the image to the registry.
 
-   Use [docker push][docker-push] to push the image to the registry instance. Replace `myContainerRegistry007` with the login server name of your registry instance. This example creates the `quarkus-postgres-passwordless-app` repository, containing the `quarkus-postgres-passwordless-app:v1` image.
+   Use [docker push][docker-push] to push the image to the registry instance. Replace `mycontainerregistry007` with the login server name of your registry instance. This example creates the `quarkus-postgres-passwordless-app` repository, containing the `quarkus-postgres-passwordless-app:v1` image.
 
    ```bash
-   docker push myContainerRegistry007/quarkus-postgres-passwordless-app:v1
+   docker push mycontainerregistry007/quarkus-postgres-passwordless-app:v1
    ```
 
 ## 4. Create a Container App on Azure
@@ -190,7 +253,7 @@ cd quarkus-quickstarts/hibernate-orm-panache-quickstart
 
    ```azurecli
    CONTAINER_IMAGE_NAME=quarkus-postgres-passwordless-app:v1
-   REGISTRY_SERVER=myContainerRegistry007
+   REGISTRY_SERVER=mycontainerregistry007
    REGISTRY_USERNAME=<REGISTRY_USERNAME>
    REGISTRY_PASSWORD=<REGISTRY_PASSWORD>
 
@@ -206,10 +269,28 @@ cd quarkus-quickstarts/hibernate-orm-panache-quickstart
 
 ## 5. Create and connect a PostgreSQL database with identity connectivity
 
-Next, create a PostgreSQL Database Single Server and configure your container app to connect to a PostgreSQL Database with a system-assigned managed identity. The Quarkus app will connect to this database and store its data when running, persisting the application state no matter where you run the application.
+Next, create a PostgreSQL Database and configure your container app to connect to a PostgreSQL Database with a system-assigned managed identity. The Quarkus app will connect to this database and store its data when running, persisting the application state no matter where you run the application.
 
 1. Create the database service.
 
+   ### [Flexible Server](#tab/flexible)
+
+   ```azurecli
+   DB_SERVER_NAME='msdocs-quarkus-postgres-webapp-db'
+   ADMIN_USERNAME='demoadmin'
+   ADMIN_PASSWORD='<admin-password>'
+
+   az postgres flexible-server create \
+       --resource-group $RESOURCE_GROUP \
+       --name $DB_SERVER_NAME \
+       --location $LOCATION \
+       --admin-user $DB_USERNAME \
+       --admin-password $DB_PASSWORD \
+       --sku-name GP_Gen5_2
+   ```
+
+   ### [Single Server](#tab/single)
+
    ```azurecli
    DB_SERVER_NAME='msdocs-quarkus-postgres-webapp-db'
    ADMIN_USERNAME='demoadmin'
@@ -224,6 +305,8 @@ Next, create a PostgreSQL Database Single Server and configure your container ap
        --sku-name GP_Gen5_2
    ```
 
+   ---
+
    The following parameters are used in the above Azure CLI command:
 
    * *resource-group* &rarr; Use the same resource group name in which you created the web app, for example `msdocs-quarkus-postgres-webapp-rg`.
@@ -240,6 +323,17 @@ Next, create a PostgreSQL Database Single Server and configure your container ap
 
 1. Create a database named `fruits` within the PostgreSQL service with this command:
 
+   ### [Flexible Server](#tab/flexible)
+
+   ```azurecli
+   az postgres flexible-server db create \
+       --resource-group $RESOURCE_GROUP \
+       --server-name $DB_SERVER_NAME \
+       --database-name fruits
+   ```
+
+   ### [Single Server](#tab/single)
+
    ```azurecli
    az postgres db create \
        --resource-group $RESOURCE_GROUP \
@@ -249,6 +343,20 @@ Next, create a PostgreSQL Database Single Server and configure your container ap
 
 1. Connect the database to the container app with a system-assigned managed identity, using the connection command.
 
+   ### [Flexible Server](#tab/flexible)
+
+   ```azurecli
+   az containerapp connection create postgres-flexible \
+       --resource-group $RESOURCE_GROUP \
+       --name my-container-app \
+       --target-resource-group $RESOURCE_GROUP \
+       --server $DB_SERVER_NAME \
+       --database fruits \
+       --managed-identity
+   ```
+
+   ### [Single Server](#tab/single)
+
    ```azurecli
    az containerapp connection create postgres \
        --resource-group $RESOURCE_GROUP \
@@ -276,4 +384,4 @@ When the new webpage shows your list of fruits, your app is connecting to the da
 Learn more about running Java apps on Azure in the developer guide.
 
 > [!div class="nextstepaction"]
-> [Azure for Java Developers](/java/azure/)
+> [Azure for Java Developers](/java/azure/)
diff --git a/articles/spring-apps/how-to-bind-postgres.md b/articles/spring-apps/how-to-bind-postgres.md
@@ -70,19 +70,36 @@ Use the following steps to bind your app.
        --secret name=$USERNAME secret=$PASSWORD
    ```
 
-### [Using a passwordless connection with a managed identity](#tab/Passwordless)
+### [Using a passwordless connection with a managed identity for flexible server](#tab/Passwordlessflex)
 
-Configure Azure Spring Apps to connect to the PostgreSQL Database Single Server with a system-assigned managed identity using the `az spring connection create` command.
+Configure Azure Spring Apps to connect to the PostgreSQL Database with a system-assigned managed identity using the `az spring connection create` command.
+
+```azurecli
+az spring connection create postgres-flexible \
+    --resource-group $SPRING_APP_RESOURCE_GROUP \
+    --service $Spring_APP_SERVICE_NAME \
+    --app $APP_NAME \
+    --deployment $DEPLOYMENT_NAME \
+    --target-resource-group $POSTGRES_RESOURCE_GROUP \
+    --server $POSTGRES_SERVER_NAME \
+    --database $DATABASE_NAME \
+    --system-identity
+```
+
+### [Using a passwordless connection with a managed identity for single server](#tab/Passwordlesssingle)
+
+Configure Azure Spring Apps to connect to the PostgreSQL Database with a system-assigned managed identity using the `az spring connection create` command.
 
 ```azurecli
 az spring connection create postgres \
     --resource-group $SPRING_APP_RESOURCE_GROUP \
     --service $Spring_APP_SERVICE_NAME \
-    --app $APP_NAME --deployment $DEPLOYMENT_NAME \
+    --app $APP_NAME \
+    --deployment $DEPLOYMENT_NAME \
     --target-resource-group $POSTGRES_RESOURCE_GROUP \
     --server $POSTGRES_SERVER_NAME \
     --database $DATABASE_NAME \
-    --system-assigned-identity
+    --system-identity
 ```
 
 ---
