Create a Azure Database PostgreSQL Instance on Azure
Beginning in version 2020.4, you can host your External Repository on the Azure Cloud Platform. This topic describes how to create a Azure Database for PostgreSQL instance to use as your Tableau Server external repository.
Requirements and Recommendations
We recommend that you use 8 vCore memory optimized server with 50 GB of storage for Tableau Server external repository, but the exact requirements will vary with your requirements and usage. If you already have a Tableau Server, review the usage of your existing repository to determine your storage needs.
You can also scale your resources if you find that you need more. For more information, see Scaling your PostgreSQL Azure Database resources.
Secure communications between Tableau Server and the external PostgreSQL DB instance using SSL is recommended, but not a requirement.
If you do not want to use secure connections between Tableau Server and External Repository, you should configure the Azure Database to allow unencrypted connections.
The PostgreSQL DB instance must be reachable by all nodes in the Tableau Server cluster. The database instance must be set up to allow connections from all the Tableau Server nodes. There are two ways to set this up:
This is most secure way: Configure Azure Database for PosgreSQL instance to only allow private access via the Virtual Network service endpoint. For more information, see Use Virtual Network service endpoints and rules for Azure Database for PosgreSQL and Create and Manage VNet service endpoints.
You may also want to review the overview topic on Azure virtual networks.
- Alternatively Azure Database for PosgreSQL can be configured to allow connections from a range of public IP addresses. This method exposes the Azure Database endpoint to public access on the internet.
- When setting up the Azure Database instance, we recommend using postgres as the Administrator user name. If you choose to use a different user name, make sure that the user name does not start with pg, or azure. The user name also cannot be rails, tblwgadmin, tableau, readonly, or tbladminviews.
- The version of PosgreSQL should match the version used by Tableau Server when installed locally. Tableau Server 2020.4 uses PostgreSQL version 12.
Create a Database PostgreSQL instance on Azure
Step 1: Create a delegated subnet for the Azure Database for PostgreSQL instance
This step is a prerequisite for setting up private access for your networking option when you create the instance. Setting up private access to the database is a must for secure communications. This let the virtual machines created anywhere in that Virtual Network to connect to the database instance, but none outside of the Virtual Network is able to do so.
On the same virtual network where you are currently hosting your Tableau Server, create a new delegated subnet for the Azure Database instance. For more information on setting up private access see Networking Options for Azure Database for PostgreSQL - Flexible Server on the Azure website.
Step 2: Create an Azure Database for PostgreSQL instance
To create a new Azure Database for PostgreSQL, follow the instructions provided on the Azure documentation site(Link opens in a new window).
Following are configuration options and the recommended values for the new PostgreSQL DB instance:
- Specify None as the Data source to create a new server.
- For Admin user name, we recommend using postgres as the Administrator user name. If you choose to use a different user name, make sure that the user name does not start with pg, or azure. The user name also cannot be rails, tblwgadmin, tableau, readonly, or tbladminviews.
Pick a password that meets Azure's requirements.
- Use the compatible version of PostgreSQL for the version of Tableau Server you are using. For a full list of PostgreSQL versions compatible with Tableau Server versions, see Product Compatibility.
- Allocate at least 512GB of storage.
Compute and Storage
- At a minimum, use Flexible Server with General Purpose computer tier, and Standard_D8s_v3 (8 vCores, 32 GB RAM) compute size.
- Select Private Access (Virtual Network). This ensures private and secure communications for the database.
Enable the high availability option per your requirements.
Set the retention period per your requirements. This is for Azure automated backups, not Tableau Server's backups. You can specify the settings that meets the requirements.
Step 3: Configure a server-level firewall rule
Once the database is created, configure a server-level firewall rule to allow access to the Tableau Server nodes.
Make sure that the Database instance can be reached by all the Tableau Server nodes using the dedicated subnet described in Step 1.
Step 4: Configure the Azure Database for PostgreSQL Instance.
The Database instance should have certain server settings to work with Tableau Server. You may need to modify server parameters after the database has been created.
For information on how to configure server parameters, see this Azure documentation.
The following table shows parameters that you should modify with Tableau recommended values:
|Name||Required||Data type||Recommended Tableau Configuration Values||Description|
|autovacuum||Required||boolean||1||Starts the autovacuum subprocess.|
|client_min_messages||Required||string||error||Sets the message levels that are sent to the client.|
|escape_string_warning||Required||boolean||0||Warns about backslash (\) escapes in ordinary string literals.|
|lc_monetary||Required||string||en_US.UTF-8||Sets the locale for formatting monetary amounts.|
|lc_numeric||Required||string||en_US.UTF-8||Sets the locale for formatting numbers.|
|log_autovacuum_min_duration||Not required, but recommended.||integer||100||Sets the minimum execution time above which autovacuum actions will be logged.|
|log_connections||Not required, but recommended.||boolean||1||Logs each successful connection.|
|log_lock_waits||Not required, but recommended.||boolean||1||Logs long lock waits.|
|log_min_duration_statement||Not required, but recommended.||integer||100||Sets the minimum execution time above which statements will be logged.|
|log_min_messages||Not required, but recommended.||string||error||Sets the message levels that are logged.|
|log_temp_files||Not required, but recommended.||integer||128||Logs the use of temporary files larger than this number of kilobytes.|
|standard_conforming_strings||Required||boolean||0||Causes ... strings to treat backslashes literally.|
|work_mem||Required||integer||16384||Sets the maximum memory to be used for query workspaces.|
Step 5: Get the PostgresSQL DB Instance Endpoint
Once the instance is ready, get the endpoint information that you will use to configure Tableau Server to use this instance for the Tableau Sever Repository.
Step 6: Download the SSL certificate file
Secure communications between Tableau Server and the External Repository using SSL is not required but recommended.
If you want to set up secure connections between Tableau Server and the External Repository, you will need the certificate file when you configure Tableau Server to use this external repository. For more information, see Configure TLS connectivity for Azure Database for PostgreSQL(Link opens in a new window).
If you do not need to use secure connections between Tableau Server and External Repository, you need to configure the Azure Database instance to allow unencrypted connections.
Configuring High Availability for your PostgreSQL DB
Tableau Server does not manage or setup high availability for the external repository. Azure offers high availability features that can be used to provide high availability. For more information, see Azure Database High Availability(Link opens in a new window).
In the event of a disaster, you may need to setup a new Azure Database for PostgreSQL instance. There are other scenarios where you may need to recover from an issue with the database instance. For example, when you upgrade your Tableau Server, you might also need to upgrade the PostgreSQL version on your database instance. In the event that your PostgreSQL upgrade is not successful you might have to use a new database instance. In such scenarios, to configure your Tableau Server to use the new Azure Database instance, use the following steps:
Restore the backup to a new Azure Database instance. In Azure Database for PostgresQL, performing a restore creates a new server from the original server's backups. For more on Azure Database for PostgreSQL backup and restore, see Azure Database for PostgreSQL Backup and Restore.
Create a new JSON settings file containing connection information for the new Azure Database for PostgreSQL instance. For more information on creating a JSON settings file, see Step 1 in Install Tableau Server with External PostgreSQL Repository.
tsm topology external-services repository replace-hostcommand to point your Tableau Server to the new Azure Database for PostgreSQL instance.
For more information on the
tsm topology external-services repository replace-hostcommand, see tsm topology.
Only Tableau Server Administrators can configure Tableau Server to use the external repository. You will also need an Azure account to create the Azure Database.