|
| 1 | +--- |
| 2 | +title: Deploy CockroachDB on Microsoft Azure (Insecure) |
| 3 | +summary: Learn how to deploy CockroachDB on Microsoft Azure. |
| 4 | +toc: false |
| 5 | +toc_not_nested: true |
| 6 | +--- |
| 7 | + |
| 8 | +This page shows you how to manually deploy an insecure multi-node CockroachDB cluster on Microsoft Azure. |
| 9 | + |
| 10 | +If you plan to use CockroachDB in production, we recommend instead using the **Secure** instructions below. |
| 11 | + |
| 12 | +<style> |
| 13 | +.filters .scope-button { |
| 14 | + width: 20%; |
| 15 | + height: 65px; |
| 16 | + margin: 30px 15px 10px 0px; |
| 17 | +} |
| 18 | +.filters a:hover { |
| 19 | + border-bottom: none; |
| 20 | +} |
| 21 | +</style> |
| 22 | + |
| 23 | +<div id="step-three-filters" class="filters clearfix"> |
| 24 | + <a href="deploy-cockroachdb-on-google-cloud-platform.html"><button class="filter-button scope-button"><strong>Secure</strong></button> |
| 25 | + <button class="filter-button scope-button current"><strong>Insecure</strong></button></a> |
| 26 | +</div><p></p> |
| 27 | + |
| 28 | +<div id="toc"></div> |
| 29 | + |
| 30 | +## Requirements |
| 31 | + |
| 32 | +You must have [SSH access](https://docs.microsoft.com/en-us/azure/virtual-machines/virtual-machines-linux-mac-create-ssh-keys) to each machine with root or sudo privileges. This is necessary for distributing binaries and starting CockroachDB. |
| 33 | + |
| 34 | +## Recommendations |
| 35 | + |
| 36 | +Decide how you want to access your Admin UI: |
| 37 | + |
| 38 | +- Only from specific IP addresses, which requires you to set firewall rules to allow communication on port `8080` *(documented on this page)*. |
| 39 | +- Using an SSH tunnel, which requires you to use `--http-host=localhost` when starting your nodes. |
| 40 | + |
| 41 | +For guidance on cluster topology, clock synchronization, and file descriptor limits, see [Recommended Production Settings](recommended-production-settings.html). |
| 42 | + |
| 43 | +{{site.data.alerts.callout_success}}<strong><a href="https://www.terraform.io/">Terraform</a></strong> users can deploy CockroachDB using the <a href="https://github.com/cockroachdb/cockroach/blob/master/cloud/gce">configuration files and instructions in the our GitHub repo's <code>gce</code>directory</a>.{{site.data.alerts.end}} |
| 44 | + |
| 45 | +## Step 1. Configure Your Network |
| 46 | + |
| 47 | +CockroachDB requires TCP communication on two ports: |
| 48 | + |
| 49 | +- **26257** (`tcp:26257`) for inter-node communication (i.e., working as a cluster) and connecting with applications |
| 50 | +- **8080** (`tcp:8080`) for exposing your Admin UI |
| 51 | + |
| 52 | +To enable this in Azure, you must create a Resource Group, Virtual Network, and Network Security Group. |
| 53 | + |
| 54 | +1. [Create a Resource Group](https://azure.microsoft.com/en-us/updates/create-empty-resource-groups/). |
| 55 | +2. [Create a Virtual Network](https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-create-vnet-arm-pportal) that uses your **Resource Group**. |
| 56 | +3. [Create a Network Security Group](https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-create-nsg-arm-pportal) that uses your **Resource Group**, and then add the following rules to it: |
| 57 | + |
| 58 | + - **Admin UI support**: |
| 59 | + |
| 60 | + | Field | Recommended Value | |
| 61 | + |-------|-------------------| |
| 62 | + | Name | **cockroachadmin** | |
| 63 | + | Priority | Any value > 1000 | |
| 64 | + | Source | **CIDR block** | |
| 65 | + | IP address range | Your local network’s IP ranges | |
| 66 | + | Service | **Custom** | |
| 67 | + | Protocol | **TCP** | |
| 68 | + | Port range | **8080** | |
| 69 | + | Action | **Allow** | |
| 70 | + |
| 71 | + - **Application support**: |
| 72 | + |
| 73 | + {{site.data.alerts.callout_success}}If your application is also hosted on the same Azure Virtual Network, you won't need to create a firewall rule for your application to communicate with your instances hosting CockroachDB.{{site.data.alerts.end}} |
| 74 | + |
| 75 | + | Field | Recommended Value | |
| 76 | + |-------|-------------------| |
| 77 | + | Name | **cockroachapp** | |
| 78 | + | Priority | Any value > 1000 | |
| 79 | + | Source | **CIDR block** | |
| 80 | + | IP address range | Your application’s IP ranges | |
| 81 | + | Service | **Custom** | |
| 82 | + | Protocol | **TCP** | |
| 83 | + | Port range | **26257** | |
| 84 | + | Action | **Allow** | |
| 85 | + |
| 86 | + To connect your application to CockroachDB, use a [PostgreSQL wire protocol driver](install-client-drivers.html). |
| 87 | + |
| 88 | +## Step 2. Create VMs |
| 89 | + |
| 90 | +[Create Linux VMs](https://docs.microsoft.com/en-us/azure/virtual-machines/virtual-machines-linux-quick-create-portal) for each node you plan to have in your cluster. We [recommend](https://www.cockroachlabs.com/docs/configure-replication-zones.html#nodereplica-recommendations): |
| 91 | + |
| 92 | +- Running at least 3 nodes to ensure survivability. |
| 93 | +- Selecting the same continent for all of your VMs for best performance. |
| 94 | + |
| 95 | +When creating the VMs, make sure to select the **Resource Group**, **Virtual Network**, and **Network Security Group** you created. |
| 96 | + |
| 97 | +## Step 3. Set up the First Node |
| 98 | + |
| 99 | +1. SSH to your VM: |
| 100 | + |
| 101 | + ~~~ shell |
| 102 | + $ ssh <username>@<node1 external IP address> |
| 103 | + ~~~ |
| 104 | + |
| 105 | +2. Install the latest CockroachDB binary: |
| 106 | + |
| 107 | + ~~~ shell |
| 108 | + # Get the latest CockroachDB tarball. |
| 109 | + $ wget https://binaries.cockroachdb.com/cockroach-latest.linux-amd64.tgz |
| 110 | + |
| 111 | + # Extract the binary. |
| 112 | + $ tar -xf cockroach-latest.linux-amd64.tgz \ |
| 113 | + --strip=1 cockroach-latest.linux-amd64/cockroach |
| 114 | + |
| 115 | + # Move the binary. |
| 116 | + $ sudo mv cockroach /usr/local/bin |
| 117 | + ~~~ |
| 118 | + |
| 119 | +3. Start a new CockroachDB cluster with a single node: |
| 120 | + |
| 121 | + ~~~ shell |
| 122 | + $ cockroach start --insecure --background --advertise-host=<node1 internal IP address> |
| 123 | + ~~~ |
| 124 | + |
| 125 | + {{site.data.alerts.callout_info}}You can find the VM's internal IP address listed in the Resource Group's Virtual Network.{{site.data.alerts.end}} |
| 126 | + |
| 127 | +At this point, your cluster is live and operational but contains only a single node. Next, scale your cluster by setting up additional nodes that will join the cluster. |
| 128 | + |
| 129 | +## Step 4. Set up Additional Nodes |
| 130 | + |
| 131 | +1. SSH to your VM: |
| 132 | + |
| 133 | + ~~~ |
| 134 | + $ ssh <username>@<additional node external IP address> |
| 135 | + ~~~ |
| 136 | + |
| 137 | +2. Install CockroachDB from our latest binary: |
| 138 | + |
| 139 | + ~~~ shell |
| 140 | + # Get the latest CockroachDB tarball. |
| 141 | + $ wget https://binaries.cockroachdb.com/cockroach-latest.linux-amd64.tgz |
| 142 | + |
| 143 | + # Extract the binary. |
| 144 | + $ tar -xf cockroach-latest.linux-amd64.tgz \ |
| 145 | + --strip=1 cockroach-latest.linux-amd64/cockroach |
| 146 | + |
| 147 | + # Move the binary. |
| 148 | + $ sudo mv cockroach /usr/local/bin |
| 149 | + ~~~ |
| 150 | + |
| 151 | +3. Start a new node that joins the cluster using the first node's internal IP address: |
| 152 | + |
| 153 | + ~~~ shell |
| 154 | + $ cockroach start --insecure --background \ |
| 155 | + --advertise-host=<node internal IP address> \ |
| 156 | + --join=<node1 internal IP address>:26257 |
| 157 | + ~~~ |
| 158 | + |
| 159 | +Repeat these steps for each VM you want to use as a node. |
| 160 | + |
| 161 | +## Step 5. Test Your Cluster |
| 162 | + |
| 163 | +To test your distributed, multi-node cluster, access SQL and create a new database. That database will then be accessible from all of the nodes in your cluster. |
| 164 | + |
| 165 | +1. SSH to your first node: |
| 166 | + |
| 167 | + ~~~ shell |
| 168 | + $ ssh <username>@<node2 external IP address> |
| 169 | + ~~~ |
| 170 | + |
| 171 | +2. Launch the built-in SQL client and create a database: |
| 172 | + |
| 173 | + ~~~ shell |
| 174 | + $ cockroach sql |
| 175 | + ~~~ |
| 176 | + ~~~ sql |
| 177 | + > CREATE DATABASE insecurenodetest; |
| 178 | + ~~~ |
| 179 | + |
| 180 | +3. In another terminal window, SSH to another node: |
| 181 | + |
| 182 | + ~~~ shell |
| 183 | + $ ssh <username>@<node3 external IP address> |
| 184 | + ~~~ |
| 185 | + |
| 186 | +4. Launch the built-in SQL client: |
| 187 | + |
| 188 | + ~~~ shell |
| 189 | + $ cockroach sql |
| 190 | + ~~~ |
| 191 | + |
| 192 | +5. View the cluster's databases, which will include `insecurenodetest`: |
| 193 | + |
| 194 | + ~~~ sql |
| 195 | + > SHOW DATABASE; |
| 196 | + ~~~ |
| 197 | + ~~~ |
| 198 | + +------------------+ |
| 199 | + | DATABASE | |
| 200 | + +------------------+ |
| 201 | + | insecurenodetest | |
| 202 | + +------------------+ |
| 203 | + ~~~ |
| 204 | + |
| 205 | +## Step 6. View the Admin UI |
| 206 | + |
| 207 | +View your cluster's Admin UI by going to `http://<any node's external IP address>:8080`. |
| 208 | + |
| 209 | +On this page, go to the following tabs on the left: |
| 210 | + |
| 211 | +- **Nodes** to ensure all of your nodes successfully joined the cluster |
| 212 | +- **Databases** to ensure `insecurenodetest` is listed |
| 213 | + |
| 214 | +## Use the Database |
| 215 | + |
| 216 | +Now that your deployment is working, you can: |
| 217 | + |
| 218 | +1. [Implement your data model](sql-statements.html). |
| 219 | +2. [Grant privileges to users](grant.html). |
| 220 | +3. [Connect your application](install-client-drivers.html). |
| 221 | + |
| 222 | +## See Also |
| 223 | + |
| 224 | +- [GCE Deployment](deploy-cockroachdb-on-google-cloud-platform.html) |
| 225 | +- [Digital Ocean Deployment](deploy-cockroachdb-on-digital-ocean.html) |
| 226 | +- [AWS Deployment](deploy-cockroachdb-on-aws.html) |
| 227 | +- [Manual Deployment](manual-deployment.html) |
| 228 | +- [Orchestration](orchestration.html) |
| 229 | +- [Start a Local Cluster](start-a-local-cluster.html) |
0 commit comments