docs: (IAC-1156) Added Postgres example in separate sample input file (#339)

Author: riragh

docs/CONFIG-VARS.md

@@ -360,7 +360,7 @@ Each server element, like `foo = {}`, can contain none, some, or all of the para
 | administrator_password | The Password associated with the administrator_login for the PostgreSQL Flexible Server | string | "my$up3rS3cretPassw0rd" | The password must contain between 8 and 128 characters and must contain characters from three of the following categories: English uppercase letters, English lowercase letters, numbers (0 through 9), and non-alphanumeric characters (!, $, #, %, etc.). |
 | server_version | The version of the PostgreSQL Flexible server instance | string | "13" | Refer to the [SAS Viya Platform Administration Guide](https://go.documentation.sas.com/doc/en/sasadmincdc/default/itopssr/p05lfgkwib3zxbn1t6nyihexp12n.htm?fromDefault=#p1wq8ouke3c6ixn1la636df9oa1u) for the supported versions of PostgreSQL for the SAS Viya platform. |
 | ssl_enforcement_enabled | Enforce SSL on connection to the Azure Database for PostgreSQL Flexible server instance | bool | true | |
-| connectivity_method | Network connectivity option to connect to your flexible server. There are two connectivity options available: Public access (allowed IP addresses) and Private access (VNet Integration). Defaults to public access with firewall rules enabled.| string | "public" | Valid options are `public` and `private`. See details [here](https://learn.microsoft.com/en-us/azure/postgresql/flexible-server/concepts-networking) |
+| connectivity_method | Network connectivity option to connect to your flexible server. There are two connectivity options available: Public access (allowed IP addresses) and Private access (VNet Integration). Defaults to public access with firewall rules enabled.| string | "public" | Valid options are `public` and `private`. See sample input file [here](../examples/sample-input-postgres.tfvars) and Private access documentation [here](./user/PostgreSQLPrivateAccess.md). For more details see [Networking overview](https://learn.microsoft.com/en-us/azure/postgresql/flexible-server/concepts-networking) |
 | postgresql_configurations | Sets a PostgreSQL Configuration value on a Azure PostgreSQL Flexible Server | list(object) | [] | More details can be found [here](https://docs.microsoft.com/en-us/azure/postgresql/flexible-server/howto-configure-server-parameters-using-cli) |
 
 Multiple SAS offerings require a second PostgreSQL instance referred to as SAS Common Data Store, or CDS PostgreSQL. For more information, see [Common Customizations](https://go.documentation.sas.com/?cdcId=itopscdc&cdcVersion=default&docsetId=dplyml0phy0dkr&docsetTarget=n08u2yg8tdkb4jn18u8zsi6yfv3d.htm#p0wkxxi9s38zbzn19ukjjaxsc0kl). A list of SAS offerings that require CDS PostgreSQL is provided in [SAS Common Data Store Requirements](https://go.documentation.sas.com/?cdcId=itopscdc&cdcVersion=default&docsetId=itopssr&docsetTarget=p05lfgkwib3zxbn1t6nyihexp12n.htm#n03wzanutmc6gon1val5fykas9aa). To create and configure an external CDS PostgreSQL instance in addition to the external platform PostgreSQL instance named `default`, specify `cds-postgres` as a second PostgreSQL instance, as shown in the example below.

docs/user/PostgreSQLPrivateAccess.md

@@ -9,7 +9,7 @@ In this document, we will focus on PostgreSQL server with Private access (VNet I
 
 You can deploy a flexible server into your Azure virtual network (VNet). Azure virtual networks provide private and secure network communication. Resources in a virtual network can communicate through private IP addresses that were assigned on this network. In Private access, the connections to the PostgreSQL server are restricted to only within your virtual network. To learn more about it, refer to [Private access (VNet Integration)](https://learn.microsoft.com/en-us/azure/postgresql/flexible-server/concepts-networking#private-access-vnet-integration).
 
-To create PostgreSQL Flexible Server with the private access connectivity method use the example file provided [here](../../examples/sample-input-ppg.tfvars).
+To create PostgreSQL Flexible Server with the private access connectivity method use the example file provided [here](../../examples/sample-input-postgres.tfvars).
 
 # Connect Azure Database for PostgreSQL Flexible Server with the private access connectivity method
 

examples/sample-input-postgres.tfvars

@@ -0,0 +1,154 @@
+# !NOTE! - These are only a subset of CONFIG-VARS.md provided as examples.
+# Customize this file to add any variables from 'CONFIG-VARS.md' whose default
+# values you want to change.
+
+# ****************  REQUIRED VARIABLES  ****************
+# Values for these required variables MUST be provided
+prefix   = "<prefix-value>" # this is a prefix that you assign for the resources to be created
+location = "<azure-location-value>" # e.g., "eastus2"
+# ****************  REQUIRED VARIABLES  ****************
+
+# !NOTE! - Without specifying your CIDR block access rules, ingress traffic
+#          to your cluster will be blocked by default.
+
+# **************  RECOMMENDED  VARIABLES  ***************
+default_public_access_cidrs = [] # e.g., ["123.45.6.89/32"]
+ssh_public_key              = "~/.ssh/id_rsa.pub"
+# **************  RECOMMENDED  VARIABLES  ***************
+
+# Tags can be specified matching your tagging strategy.
+tags = {} # for example: { "owner|email" = "<you>@<domain>.<com>", "key1" = "value1", "key2" = "value2" }
+
+# PostgreSQL
+
+# Postgres config - By having this entry a database server is created. 
+#                   Default networking option: Public access (allowed IP addresses) is enabled
+#                   If you do not need an external database server remove the 'postgres_servers'
+#                   block below.
+postgres_servers = {
+  default = {},
+}
+
+# To use Private access (VNet Integration) remove the 'postgres_servers' block above and uncomment the blocks below:
+# postgres_servers and subnets
+
+# postgres_servers = {
+#   default = {
+#     connectivity_method = "private"
+#   }
+# }
+#
+# # Subnet for PostgreSQL
+# subnets = {
+#   aks = {
+#     "prefixes" : ["192.168.0.0/23"],
+#     "service_endpoints" : ["Microsoft.Sql"],
+#     "private_endpoint_network_policies_enabled" : true,
+#     "private_link_service_network_policies_enabled" : false,
+#     "service_delegations" : {},
+#   }
+#   misc = {
+#     "prefixes" : ["192.168.2.0/24"],
+#     "service_endpoints" : ["Microsoft.Sql"],
+#     "private_endpoint_network_policies_enabled" : true,
+#     "private_link_service_network_policies_enabled" : false,
+#     "service_delegations" : {},
+#   }
+#   netapp = {
+#     "prefixes" : ["192.168.3.0/24"],
+#     "service_endpoints" : [],
+#     "private_endpoint_network_policies_enabled" : false,
+#     "private_link_service_network_policies_enabled" : false,
+#     "service_delegations" : {
+#       netapp = {
+#         "name" : "Microsoft.Netapp/volumes"
+#         "actions" : ["Microsoft.Network/networkinterfaces/*", "Microsoft.Network/virtualNetworks/subnets/join/action"]
+#       }
+#     }
+#   }
+#   postgresql = {
+#     "prefixes": ["192.168.4.0/24"],
+#     "service_endpoints": ["Microsoft.Sql"],
+#     "private_endpoint_network_policies_enabled": true,
+#     "private_link_service_network_policies_enabled": false,
+#     "service_delegations": {
+#       flexpostgres = {
+#         "name"    : "Microsoft.DBforPostgreSQL/flexibleServers"
+#         "actions" : ["Microsoft.Network/virtualNetworks/subnets/join/action"]
+#       }
+#     }
+#   }
+# }
+
+# Azure Container Registry config
+create_container_registry           = false
+container_registry_sku              = "Standard"
+container_registry_admin_enabled    = false
+
+# AKS config
+kubernetes_version         = "1.26"
+default_nodepool_min_nodes = 2
+default_nodepool_vm_type   = "Standard_D8s_v4"
+
+# AKS Node Pools config
+node_pools = {
+  cas = {
+    "machine_type" = "Standard_E16s_v3"
+    "os_disk_size" = 200
+    "min_nodes"    = 1
+    "max_nodes"    = 1
+    "max_pods"     = 110
+    "node_taints"  = ["workload.sas.com/class=cas:NoSchedule"]
+    "node_labels" = {
+      "workload.sas.com/class" = "cas"
+    }
+  },
+  compute = {
+    "machine_type" = "Standard_E16s_v3"
+    "os_disk_size" = 200
+    "min_nodes"    = 1
+    "max_nodes"    = 1
+    "max_pods"     = 110
+    "node_taints"  = ["workload.sas.com/class=compute:NoSchedule"]
+    "node_labels" = {
+      "workload.sas.com/class"        = "compute"
+      "launcher.sas.com/prepullImage" = "sas-programming-environment"
+    }
+  },
+  stateless = {
+    "machine_type" = "Standard_D16s_v3"
+    "os_disk_size" = 200
+    "min_nodes"    = 1
+    "max_nodes"    = 2
+    "max_pods"     = 110
+    "node_taints"  = ["workload.sas.com/class=stateless:NoSchedule"]
+    "node_labels" = {
+      "workload.sas.com/class" = "stateless"
+    }
+  },
+  stateful = {
+    "machine_type" = "Standard_D8s_v3"
+    "os_disk_size" = 200
+    "min_nodes"    = 1
+    "max_nodes"    = 3
+    "max_pods"     = 110
+    "node_taints"  = ["workload.sas.com/class=stateful:NoSchedule"]
+    "node_labels" = {
+      "workload.sas.com/class" = "stateful"
+    }
+  }
+}
+
+# Jump Server
+create_jump_public_ip = true
+jump_vm_admin        = "jumpuser"
+jump_vm_machine_type = "Standard_B2s"
+
+# Storage for SAS Viya CAS/Compute
+storage_type = "standard"
+# required ONLY when storage_type is "standard" to create NFS Server VM
+create_nfs_public_ip = false
+nfs_vm_admin         = "nfsuser"
+nfs_vm_machine_type  = "Standard_D8s_v4"
+nfs_raid_disk_size   = 128
+nfs_raid_disk_type   = "Standard_LRS"

examples/sample-input-ppg.tfvars

@@ -19,8 +19,6 @@ ssh_public_key              = "~/.ssh/id_rsa.pub"
 # Tags can be specified matching your tagging strategy.
 tags = {} # for example: { "owner|email" = "<you>@<domain>.<com>", "key1" = "value1", "key2" = "value2" }
 
-# PostgreSQL
-
 # Postgres config - By having this entry a database server is created. 
 #                   Default networking option: Public access (allowed IP addresses) is enabled
 #                   If you do not need an external database server remove the 'postgres_servers'
@@ -29,57 +27,6 @@ postgres_servers = {
   default = {},
 }
 
-# To use Private access (VNet Integration) remove the 'postgres_servers' block above and uncomment the blocks below:
-# postgres_servers and subnets
-
-# postgres_servers = {
-#   default = {
-#     connectivity_method = "private"
-#   }
-# }
-#
-# # Subnet for PostgreSQL
-# subnets = {
-#   aks = {
-#     "prefixes" : ["192.168.0.0/23"],
-#     "service_endpoints" : ["Microsoft.Sql"],
-#     "private_endpoint_network_policies_enabled" : true,
-#     "private_link_service_network_policies_enabled" : false,
-#     "service_delegations" : {},
-#   }
-#   misc = {
-#     "prefixes" : ["192.168.2.0/24"],
-#     "service_endpoints" : ["Microsoft.Sql"],
-#     "private_endpoint_network_policies_enabled" : true,
-#     "private_link_service_network_policies_enabled" : false,
-#     "service_delegations" : {},
-#   }
-#   netapp = {
-#     "prefixes" : ["192.168.3.0/24"],
-#     "service_endpoints" : [],
-#     "private_endpoint_network_policies_enabled" : false,
-#     "private_link_service_network_policies_enabled" : false,
-#     "service_delegations" : {
-#       netapp = {
-#         "name" : "Microsoft.Netapp/volumes"
-#         "actions" : ["Microsoft.Network/networkinterfaces/*", "Microsoft.Network/virtualNetworks/subnets/join/action"]
-#       }
-#     }
-#   }
-#   postgresql = {
-#     "prefixes": ["192.168.4.0/24"],
-#     "service_endpoints": ["Microsoft.Sql"],
-#     "private_endpoint_network_policies_enabled": true,
-#     "private_link_service_network_policies_enabled": false,
-#     "service_delegations": {
-#       flexpostgres = {
-#         "name"    : "Microsoft.DBforPostgreSQL/flexibleServers"
-#         "actions" : ["Microsoft.Network/virtualNetworks/subnets/join/action"]
-#       }
-#     }
-#   }
-# }
-
 # Azure Container Registry config
 create_container_registry           = false
 container_registry_sku              = "Standard"