Share
Azure PostgreSQL (Edge) Setup Guide

Azure Database for PostgreSQL is a relational database service based on the open-source PostgreSQL database engine. It is a fully managed, enterprise-ready community PostgreSQL database as a service that can handle mission-critical workloads with predictable performance, security, high availability, and dynamic scalability.

You can ingest data from your Azure PostgreSQL database using Hevo Pipelines and replicate it to a Destination of your choice.

Prerequisites

Set up Logical Replication for Incremental Data

Hevo supports data replication from PostgreSQL servers using the pgoutput plugin (available on PostgreSQL version 10.0 and above). For this, Hevo identifies the incremental data from publications, which are defined to track changes generated by all or some database tables. A publication identifies the changes generated by the tables from the Write Ahead Logs (WALs) set at the logical level.

Perform the following steps to enable logical replication on your Azure PostgreSQL instance:

1. Configure the replication parameters

  1. Log in to your Azure Portal.

  2. Under Resources, from the Recent tab, select the database for which you want to change the replication mode. For example, hevo in the image below.

    Recent Resources

  3. In the left navigation pane of your <Database Name> page, under Settings, click Server parameters.

    Server Parameters

  4. In the Search bar of the Server parameters pane, type the name of the required parameter. For example, wal_level in the image below.

    Update Server Parameters

  5. Search and update the values of the following parameters:

    Parameter Value Description
    wal_level LOGICAL The level at which information is written to the WAL. Default value: REPLICA.

    The value LOGICAL is required to enable log-based replication.
    max_worker_processes 16 The maximum number of background processes that the PostgreSQL server can use exclusively. Default value: 8.

    The logical replication workers spawned to receive changes from the WAL are taken from the pool of background workers. Hence, if this number is too small, you may encounter issues during logical replication.

  6. Click Save.

    Save Server Parameters

  7. In the confirmation dialog, click Save and Restart.

    Save and Restart

  8. In the Notifications pane, confirm that the server has restarted successfully.

    Confirm Server Restart

2. Create a publication for your database tables

In PostgreSQL 10 onwards, the data to be replicated is identified via publications. A publication must be defined on the primary database instance and can include some or all the database tables. The publication is a group of tables that tracks and determines the set of changes generated by those tables from the Write-Ahead Logs (WALs).

To define a publication:

Note: You must define a publication with the insert, update, and delete privileges.

  1. Connect to your Azure PostgreSQL primary database instance as an admin user with an SQL client tool, such as psql.

  2. Run one of the following commands to create a publication:

    Note: You can create multiple distinct publications in a single database whose names do not start with a number.

    • For one or more database tables:

      CREATE PUBLICATION <publication_name> FOR TABLE <table_1>, <table_4>, <table_5>;

    • For all database tables:

      CREATE PUBLICATION <publication_name> FOR ALL TABLES;

  3. (Optional) Run the following command to add table(s) to or remove them from a publication:

    Note: You can modify a publication only if it is not defined on all tables and you have ownership rights on the table(s) being added or removed.

    ALTER PUBLICATION <publication_name> ADD/DROP TABLE <table_name>;

    When you alter a publication, you must refresh the schema for the changes to be visible in your Pipeline.

  4. (Optional) Run the following command to create a publication on a column list:

    Note: This feature is available in PostgreSQL versions 15 and higher.

    CREATE PUBLICATION <columns_publication> FOR TABLE <table_name> (<column_name1>, <column_name2>, <column_name3>, <column_name4>,...);

-- Example to create a publication with three columns

CREATE PUBLICATION film_data_filtered FOR TABLE film (film_id, title, description);

    Run the following command to alter a publication created on a column list:

    ALTER PUBLICATION <columns_publication> SET TABLE <table_name> (<column_name1>, <column_name2>, ...);

-- Example to drop a column from the publication created above

ALTER PUBLICATION film_data_filtered SET TABLE film (film_id, title);

Note: Replace the placeholder values in the commands above with your own. For example, <publication_name> with hevo_publication.

Create a Database User and Grant Privileges

1. Create a database user (Optional)

Perform the following steps to create a user in your Azure PostgreSQL database:

  1. Connect to your Azure PostgreSQL database as a user with admin privilege using an SQL client tool, such as psql.

  2. Run the following command to create a user in your database:

    CREATE USER <database_username> WITH LOGIN PASSWORD '<password>';

    Note: Replace the placeholder values in the command above with your own. For example, <database_username> with hevouser.

2. Grant privileges to the database user

The following table lists the privileges that the database user for Hevo requires to connect to and ingest data from your PostgreSQL database:

Privilege Name Allows Hevo to
CONNECT Connect to the specified database.
USAGE Access the objects in the specified schema.
SELECT Select rows from the database tables.
ALTER DEFAULT PRIVILEGES Access new tables created in the specified schema after Hevo has connected to the PostgreSQL database.
REPLICATION Access the WALs.

Perform the following steps to grant privileges to the database user connecting to the PostgreSQL database as follows:

  1. Connect to your Azure PostgreSQL database as a user with admin privilege using an SQL client tool, such as psql.

  2. Run the following commands to grant privileges to your database user:

    GRANT CONNECT ON DATABASE <database_name> TO <database_username>;
GRANT USAGE ON SCHEMA <schema_name> TO <database_username>;
GRANT SELECT ON ALL TABLES IN SCHEMA <schema_name> to <database_username>;

  3. (Optional) Alter the schema to grant SELECT privileges on tables created in the future to your database user:

    Note: Grant this privilege only if you want Hevo to replicate data from tables created in the schema after the Pipeline is created.

    ALTER DEFAULT PRIVILEGES IN SCHEMA <schema_name> GRANT SELECT ON TABLES TO <database_username>;

  4. (Optional) Run the following command only if the user with the admin privilege does not have permission to create logical replication slots.

    ALTER ROLE <admin_role> WITH REPLICATION;

  5. Run the following command to grant your database user permission to read from the WALs:

    ALTER ROLE <database_username> WITH REPLICATION;

Note: Replace the placeholder values in the commands above with your own. For example, <database_username> with hevouser.

Allowlist Hevo IP addresses for your region

You must add Hevo’s IP address(es) for your region to the database IP allowlist, enabling Hevo to connect to your Azure PostgreSQL database. You can do this by creating firewall rules in your Microsoft Azure database settings as follows:

  1. Log in to your Azure Portal.

  2. Under Resources, from the Recent tab, select your database server. For example, hevo in the image below.

    Recent Resources

  3. In the left navigation pane of your <Database Name> page, under Settings, click Networking.

    Network Settings

  4. In the Public access section of the Networking pane, ensure that the Allow public access to this… check box is selected.

    Public Access

    Note: You must select the check box to allow connections from the IP address(es) added to the firewall rules.

  5. Scroll to the Firewall rules section and do the following:

    Networking Pane

    • Select the Allow public access from any Azure service… check box if you want to allow connections from your Azure services and resources to your Azure PostgreSQL database.

      Note: This setting is internal to Azure and does not affect the data replication process in Hevo.

    • Click + Add current client IP address to add your machine’s IP address, which will allow clients, such as psql, running on your machine to connect to the Azure PostgreSQL database.

    • Specify the following to add your firewall rules:

      • Firewall rule name: A name to identify the rule. For example, HevoIndia.

      • Start IP: The starting address of the IP range.

      • End IP: The ending address of the IP range.

      Note: As Hevo has specific IP addresses and not a range, the value in the Start IP and End IP fields is the same. For example, 13.235.131.126 for the India region.

    • Repeat the step above to add all the IP addresses for your Hevo region.

  6. Click Save.

Turn off Encrypted Connectivity for your Database (Optional)

For new Azure PostgreSQL database servers, by default, encrypted connections using TLS/SSL are enforced.

Note: If you want Hevo to continue using encrypted connections, you must download the SSL certificate and configure the TLS version. To configure the latter, in step 4 below, search for the ssl_min_protocol_version and ssl_max_protocol_version server parameters and update their values accordingly.

To turn off SSL connections, do the following:

  1. Log in to your Azure Portal.

  2. Under Resources, from the Recent tab, select the Azure PostgreSQL server for which you want to turn off encrypted connections using TLS/SSL. For example, hevo in the image below.

    Recent Resources

  3. In the left navigation pane of your <Database Name> page, under Settings, click Server parameters.

    Server Parameters

  4. In the Search bar of the Server parameters pane, type require_secure_transport and update the value to OFF.

    Turn off SSL

  5. Click Save.

Retrieve the Hostname and Port Number (Optional)

Azure PostgreSQL hostnames start with your database name and end with azure.com. For example, hevo.postgres.database.azure.com.

Perform the following steps to retrieve the database hostname:

  1. Log in to your Azure Portal.

  2. Under Resources, from the Recent tab, select your Azure PostgreSQL server. For example, hevo in the image below.

    Recent Resources

  3. In the right pane of your <Database Server> page, Essentials section, locate and copy the Server name. Use this value as the Database Host while configuring your Azure PostgreSQL Source in Hevo.

    Copy Database Hostname

The default port is 5432.

Configure Azure PostgreSQL as a Source in your Pipeline

Perform the following steps to configure your Azure PostgreSQL Source:

  1. Click PIPELINES in the Navigation Bar.

  2. Click the Edge tab in the Pipelines List View and click + CREATE EDGE PIPELINE.

  3. On the Create Pipeline page, under Source Configuration, do the following:

    1. In the Selection screen, select Azure PostgreSQL.

    2. In the Azure PostgreSQL screen, specify the following:

      Configure Azure PostgreSQL Source

      • Source Name: A unique name for your Source, not exceeding 255 characters. For example, PostgreSQL Source.

      • In the Connect to your PostgreSQL section:

        • Database Host: The Azure PostgreSQL host’s IP address or DNS, which is the Public IP address that you obtained in the Retrieve the Hostname and Port Number step of the Getting Started section.

          Note: For a URL-based hostname, exclude the http:// or https:// part. For example, if the hostname URL is https://hevo.postgres.database.azure.com, enter hevo.postgres.database.azure.com.

        • Database Port: The port on which your Azure PostgreSQL server listens for connections. Default value: 5432.

        • Database User: The user who has permission only to read data from your database tables. This user can be the one you created in the Create a database user step of the Getting Started section or an existing user. For example, hevouser.

        • Database Password: The password of your database user.

        • Database Name: The database from where you want to replicate data. For example, dvdrental.

        • Publication Key: The name of the publication in your database that tracks the changes in your database tables. This key can be the publication you created in the Create a publication for your database tables step of the Getting Started section or an existing publication.

      • Log Monitoring: Enable this option if you want Hevo to disable your Pipeline when the size of the WAL being monitored reaches the set maximum value. Specify the following:

        • Max WAL Size (in GB): The maximum allowable size of the Write-Ahead Logs that you want Hevo to monitor. Specify a number greater than 1.

        • Alert Threshold (%): The percentage limit for the WAL, whose size Hevo is monitoring. An alert is sent when this threshold is reached. Specify a value between 50 to 80. For example, if you set the Alert Threshold to 80, Hevo sends a notification when the WAL size is at 80% of the Max WAL Size specified above.

        • Send Email: Enable this option to send an email when the WAL size has reached the specified Alert Threshold percentage.

          If this option is turned off, Hevo does not send an email alert.

        Note: If you need to change the values specified for Max WAL Size and Alert Threshold after the Pipeline is created, contact Hevo Support.

      • Additional Settings

        • Connect through SSH: Enable this option to connect to Hevo using an SSH tunnel instead of directly connecting your Azure PostgreSQL database host to Hevo. This method provides an additional level of security to your database by not exposing your Azure PostgreSQL setup to the public.

          If this option is turned off, you must configure your Source to accept connections from Hevo’s IP addresses.

        • Use SSL: Enable this option to use an SSL-encrypted connection. Specify the following:

          • CA File: The file containing the SSL server certificate authority (CA).

          • Client Certificate: The client’s public key certificate file.

          • Client Key: The client’s private key file.

  4. Click TEST & CONTINUE to test the connection to your Azure PostgreSQL Source. Once the test is successful, you can proceed to set up your Destination.

Additional Information

Read the detailed Hevo documentation for the following related topics:

Error Connection Attempt Failed

Error Summary

  • Hevo Edge is unable to connect to the configured PostgreSQL Source.

Potential Causes

  • The database connection details are incorrect.

  • Hevo’s IP address(es) for your region is not added to the database IP allowlist.

  • The database user authorizing the connection does not have sufficient permissions to access the database.

  • The database Source is terminating the connection.

Suggested Actions

  • Verify that the database connection settings, such as the Database Host and Database Port, specified in the Source configuration screen are correct.

    Note: The default port for any PostgreSQL database is 5432. You can confirm the port number of your database with the database administrator.

  • Verify that your Source database is publicly accessible and connections from the public Internet are allowed on the database port.

  • Specify the public IP address of your database as the Database Host.

  • Check if Hevo’s IP address(es) for your region is added to the database IP allowlist.

  • Verify that the Security Group and VPC subnet associated with your Source database allow access from all Hevo’s IP addresses for Amazon RDS databases.

  • Ensure that the Database User specified in the Source configuration screen has the required permissions to access the specified database.

  • Try connecting to your Source database through an SQL client, using the information provided on the configuration screen.<hr>

Data Type Mapping

Hevo maps the PostgreSQL Source data type internally to a unified data type, referred to as the Hevo Data Type, in the table below. This data type is used to represent the Source data from all supported data types in a lossless manner.

The following table lists the supported PostgreSQL data types and the corresponding Hevo data type to which they are mapped:

PostgreSQL Data Type Hevo Data Type
-    INT_2
-    SHORT
-    SMALLINT
-    SMALLSERIAL		 SHORT
-    BIT(1)
-    BOOL		 BOOLEAN
-    BIT(M), M>1
-    BYTEA
-    VARBIT		 BYTEARRAY
-    INT_4
-    INTEGER
-    SERIAL		 INTEGER
-    BIGSERIAL
-    INT_8
-    OID		 LONG
-    FLOAT_4
-    REAL		 FLOAT
-    DOUBLE_PRECISION
-    FLOAT_8		 DOUBLE
-    BPCHAR
-    CIDR
-    CITEXT
-    DATERANGE
-    ENUM
-    HSTORE
-    INET
-    INT_4_RANGE
-    INT_8_RANGE
-    INTERVAL
-    LTREE
-    MACADDR
-    MACADDR_8
-    NUMRANGE
-    TEXT
-    TSRANGE
-    TSTZRANGE
-    UUID
-    VARCHAR
-    XML		 VARCHAR
-    TIMESTAMPTZ TIMESTAMPTZ (Format: YYYY-MM-DDTHH:mm:ss.SSSSSSZ)
-    JSON
-    JSONB
-    POINT		 JSON
-    DATE DATE
-    TIME TIME
-    TIMESTAMP TIMESTAMP
-    MONEY
-    NUMERIC		 DECIMAL

At this time, the following PostgreSQL data types are not supported by Hevo:

  • TIMETZ

  • Arrays

  • Any other data type not listed in the table above.

Note: If any of the Source objects contain data types that are not supported by Hevo, they are marked as unsupported during object configuration in the Pipeline.

Handling of Deletes

In a PostgreSQL database for which the WAL level is set to logical, Hevo uses the database logs for data replication. As a result, Hevo can track all operations, such as insert, update, or delete, that take place in the database. Hevo replicates delete actions in the database logs to the Destination table by setting the value of the metadata column, __hevo_is_deleted__ to True.

Source Considerations

  • If you add a column with a default value to a table in PostgreSQL, entries with it are created in the WAL only for the rows that are added or updated after the column is added. As a result, in the case of log-based Pipelines, Hevo cannot capture the column value for the unchanged rows. To capture those values, you need to:

    • Resync the historical load for the respective object.

    • Run a query in the Destination to add the column and its value to all rows.

  • Azure PostgreSQL does not support logical replication on read replicas. To enable log-based replication, you must select the master database instance.

  • Any table included in a publication must have a replica identity configured. PostgreSQL uses it to track the UPDATE and DELETE operations. Hence, these operations are disallowed on tables without a replica identity. As a result, Hevo cannot track the updates or deletes for such tables.

    By default, PostgreSQL picks the table’s primary key as the replica identity. If your table does not have a primary key, you must either define one or set the replica identity as FULL, which records the changes to all the columns in a row.

Limitations

  • Hevo does not support logical replication of partitioned tables.

  • Hevo does not support data replication from foreign tables, temporary tables, and views.

  • If your Source table has indexes (indices) and or constraints, you must recreate them in your Destination table, as Hevo does not replicate them. It only creates the existing primary keys.

  • Hevo does not set the __hevo_is_deleted__ field to True for data deleted from the Source table using the TRUNCATE command. This action could result in a data mismatch between the Source and Destination tables.

  • You cannot select Source objects that Hevo marks as inaccessible for data ingestion during object configuration in the Pipeline. Following are some of the scenarios in which Hevo marks the Source objects as inaccessible:

    • The object is not included in the publication (key) specified while configuring the Source.

    • The publication is defined with a row filter expression. For such publications, only those rows for which the expression evaluates to FALSE are not published to the WAL. For example, suppose a publication is defined as follows:

      CREATE PUBLICATION active_employees FOR TABLE employees WHERE (active IS TRUE);

      In this case, as Hevo cannot determine the changes made in the employees object, it marks the object as inaccessible.

    • The publication specified in the Source configuration does not have the privileges to publish the changes from the UPDATE and DELETE operations. For example, suppose a publication is defined as follows:

      CREATE PUBLICATION insert_only FOR TABLE employees WITH (publish = 'insert');

      In this case, as Hevo cannot identify the new and updated data in the employees table, it marks the object as inaccessible.

See Also

Last updated on Dec 16, 2024

Tell us what went wrong

Skip to the section