[英]Using terraform how do I create an azure sql database from a backup
Using the default example on the terraform site I can easily create a database but how do I create a new database by restoring a backup?使用 terraform 站点上的默认示例,我可以轻松地创建数据库,但如何通过恢复备份来创建新数据库?
provider "azurerm" {
features {}
}
resource "azurerm_resource_group" "example" {
name = "example-resources"
location = "West Europe"
}
resource "azurerm_storage_account" "example" {
name = "examplesa"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
account_tier = "Standard"
account_replication_type = "LRS"
}
resource "azurerm_mssql_server" "example" {
name = "example-sqlserver"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
version = "12.0"
administrator_login = "4dm1n157r470r"
administrator_login_password = "4-v3ry-53cr37-p455w0rd"
}
resource "azurerm_mssql_database" "test" {
name = "acctest-db-d"
server_id = azurerm_mssql_server.example.id
collation = "SQL_Latin1_General_CP1_CI_AS"
license_type = "LicenseIncluded"
max_size_gb = 4
read_scale = true
sku_name = "BC_Gen5_2"
zone_redundant = true
create_mode = "RestoreExternalBackup" <-- WHAT ELSE DO I DO?
extended_auditing_policy {
storage_endpoint = azurerm_storage_account.example.primary_blob_endpoint
storage_account_access_key = azurerm_storage_account.example.primary_access_key
storage_account_access_key_is_secondary = true
retention_in_days = 6
}
tags = {
foo = "bar"
}
}
In the documentation they mention a create_mode
"RestoreExternalBackup" option but provide no example on how to reference the backup - mine is stored in an azure storage container.在文档中,他们提到了
create_mode
“RestoreExternalBackup”选项,但没有提供有关如何引用备份的示例 - 我的存储在 azure 存储容器中。
Edit: The mention of "RestoreExternalBackup" was more about my lack of understanding.编辑:提到“RestoreExternalBackup”更多是因为我缺乏理解。 What I meant to ask was how do I restore/create a database from a bacpac file stored in a Storage Account
我想问的是如何从存储帐户中存储的 bacpac 文件恢复/创建数据库
Following the blog Deploying Azure SQL Database Bacpac and Terraform by John Q. Martin遵循John Q. Martin的博客部署 Azure SQL 数据库 Bacpac 和 Terraform
You can include the bacpac as the source for the database created in Azure.
您可以将 bacpac 作为在 Azure 中创建的数据库的来源。
First, setup the firewall on the Azure SQL Server to prevent any failure during deployment due to blob storage access issue.首先,在 Azure SQL 服务器上设置防火墙,以防止部署过程中由于 blob 存储访问问题而导致的任何故障。 To ensure this we have to enable “Allow Azure services and resources to access this server”, this allows the two Azure services to communicate.
为了确保这一点,我们必须启用“允许 Azure 服务和资源访问此服务器”,这允许两个 Azure 服务进行通信。
Set both Start_ip and End_ip to 0.0.0.0.将 Start_ip 和 End_ip 都设置为 0.0.0.0。 This is interpreted by Azure as a firewall rule to allow Azure services.
这被 Azure 解释为允许 Azure 服务的防火墙规则。
resource "azurerm_sql_firewall_rule" "allowAzureServices" {
name = "Allow_Azure_Services"
resource_group_name = azurerm_resource_group.example.name
server_name = azurerm_sql_server.example.name
start_ip_address = "0.0.0.0"
end_ip_address = "0.0.0.0"
}
We need to use the azurerm_sql_database
resource, because the deployment of a bacpac is only supported through this resource type.我们需要使用
azurerm_sql_database
资源,因为仅支持通过此资源类型部署 bacpac。
The resource definition here is comprised of two main sections, the first being the details around where the database needs to go and the second part being a sub-block which defines the bacpac source details.此处的资源定义由两个主要部分组成,第一部分是数据库需要 go 的详细信息,第二部分是定义 bacpac 源详细信息的子块。 Here we need to put in the URI for the bacpac file and the storage key, in this case we are using the SAS token for the key to allow access to the bacpac.
在这里,我们需要输入 bacpac 文件的 URI 和存储密钥,在本例中,我们使用 SAS 令牌作为密钥以允许访问 bacpac。
We also need to provide the username and password for the server we are creating to allow the import to work because it needs to have authorisation to the Azure SQL Server to work.我们还需要为正在创建的服务器提供用户名和密码以允许导入工作,因为它需要获得 Azure SQL 服务器的授权才能工作。
provider "azurerm" {
features {}
}
resource "azurerm_resource_group" "example" {
name = "example-resources"
location = "West Europe"
}
resource "azurerm_storage_account" "example" {
name = "examplesa"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
account_tier = "Standard"
account_replication_type = "LRS"
}
resource "azurerm_sql_server" "example" {
name = "myexamplesqlserver"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
version = "12.0"
administrator_login = "4dm1n157r470r"
administrator_login_password = "4-v3ry-53cr37-p455w0rd"
tags = {
environment = "production"
}
}
resource "azurerm_sql_firewall_rule" "allowAzureServices" {
name = "Allow_Azure_Services"
resource_group_name = azurerm_resource_group.example.name
server_name = azurerm_sql_server.example.name
start_ip_address = "0.0.0.0"
end_ip_address = "0.0.0.0"
}
resource "azurerm_sql_database" "appdb01" {
depends_on = [azurerm_sql_firewall_rule.allowAzureServices]
name = "AzSqlDbName"
resource_group_name = azurerm_sql_server.example.resource_group_name
location = azurerm_sql_server.example.location
server_name = azurerm_sql_server.example.name
collation = "SQL_Latin1_General_CP1_CI_AS"
requested_service_objective_name = "BC_Gen5_2"
max_size_gb = 4
read_scale = true
zone_redundant = true
create_mode = "Default"
import {
storage_uri = "https://examplesa.blob.core.windows.net/source/Source.bacpac"
storage_key = "gSKjBfoK4toNAWXUdhe6U7YHqBgCBPsvoDKTlh2xlqUQeDcuCVKcU+uwhq61AkQaPIbNnqZbPmYwIRkXp3OzLQ=="
storage_key_type = "StorageAccessKey"
administrator_login = "4dm1n157r470r"
administrator_login_password = "4-v3ry-53cr37-p455w0rd"
authentication_type = "SQL"
operation_mode = "Import"
}
extended_auditing_policy {
storage_endpoint = azurerm_storage_account.example.primary_blob_endpoint
storage_account_access_key = azurerm_storage_account.example.primary_access_key
storage_account_access_key_is_secondary = true
retention_in_days = 6
}
tags = {
foo = "bar"
}
}
Note:笔记:
The extended_auditing_policy
block has been moved to azurerm_mssql_server_extended_auditing_policy
and azurerm_mssql_database_extended_auditing_policy
. extended_auditing_policy
块已移至azurerm_mssql_server_extended_auditing_policy
和azurerm_mssql_database_extended_auditing_policy
。 This block will be removed in version 3.0 of the provider.此块将在提供程序的 3.0 版中删除。
requested_service_objective_name
- (Optional) The service objective name for the database. requested_service_objective_name
-(可选)数据库的服务目标名称。 Valid values depend on edition and location and may include S0
, S1
, S2
, S3
, P1
, P2
, P4
, P6
, P11
and ElasticPool
.有效值取决于版本和位置,可能包括
S0
、 S1
、 S2
、 S3
、 P1
、 P2
、 P4
、 P6
、 P11
和ElasticPool
。 You can list the available names with the cli: shell az sql db list-editions -l westus -o table
.您可以使用 cli 列出可用名称:
shell az sql db list-editions -l westus -o table
。 For further information please see Azure CLI - az sql db .有关详细信息,请参阅Azure CLI-az sql db 。
And import
supports the following:并且
import
支持以下内容:
storage_uri
- (Required) Specifies the blob URI of the.bacpac file. storage_uri
-(必需)指定 .bacpac 文件的 blob URI。storage_key
- (Required) Specifies the access key for the storage account. storage_key
-(必需)指定存储帐户的访问密钥。storage_key_type
- (Required) Specifies the type of access key for the storage account. storage_key_type
-(必需)指定存储帐户的访问密钥类型。 Valid values are StorageAccessKey
or SharedAccessKey
.StorageAccessKey
或SharedAccessKey
。administrator_login
- (Required) Specifies the name of the SQL administrator. administrator_login
-(必需)指定 SQL 管理员的名称。administrator_login_password
- (Required) Specifies the password of the SQL administrator. administrator_login_password
-(必需)指定 SQL 管理员的密码。authentication_type
- (Required) Specifies the type of authentication used to access the server. authentication_type
-(必需)指定用于访问服务器的身份验证类型。 Valid values are SQL
or ADPassword
.SQL
或ADPassword
。operation_mode
- (Optional) Specifies the type of import operation being performed. operation_mode
-(可选)指定正在执行的导入操作的类型。 The only allowable value is Import
.Import
。 Alternately , If you want to continue using the azurerm_mssql_database
then we would need to deploy and empty database and then deploy the bacpac via SqlPackage .或者,如果您想继续使用
azurerm_mssql_database
,那么我们需要部署和清空数据库,然后通过 SqlPackage 部署bacpac 。 (Which I haven't tried yet) (我还没有尝试过)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.