Azure EnvironmentsPDF version

Troubleshooting Flexible Server

Refer to this documentation for troubleshooting Azure environments using Flexible Server.

Problem:

The following warning error message is displayed during the upgrade to PostgreSQL 14 Azure Flexible Server when trying to upgrade a database that was auto-migrated by Microsoft from PostgreSQL 11 Single Server to PostgreSQL 11 Flexible Server:

The major version upgrade failed precheck. Upgrading with password authentication mode enabled is not allowed from source version MajorVersion11. Please enable SCRAM and reset the passwords prior to retrying the upgrade.

Solution:

Perform the following steps. The process does not cause any downtime.
  1. Find the azure.accepted_password_auth_method server parameter from Settings > Server parameters on the Azure portal.
  2. Enable SHA-256 authentication by selecting SCRAM-SHA-256.
  3. Save your settings at the top of the page.
  4. Retry the upgrade in the Cloudera Control Plane.

Problem:

A capacity related validation warning is shown during the upgrade from Azure Single Server to Flexible Server.

Solution:

Perform the following steps:
  1. File an Azure Support Ticket, specifying the Azure subscription and region that is used for the Cloudera setup. Microsoft Azure support will ensure that the necessary capacity is allocated to unblock provisioning Flexible Server same-zone HA database instances.
  2. Once the capacity has been increased, retry the Single Server to Flexible Server upgrade operation.

Problem:

Data Lake provisioning failed due to missing outbound access.

Solution:

By default, Single Server utilizes service endpoints (Azure Database for PostgreSQL server - Microsoft.Sql) that provide secure and direct connectivity to DB service over an optimized route over the Azure backbone network from the Virtual Machines, but that is not the case with Flexible Server. This means that there are certain cases when you have to explicitly ensure that outbound (i.e. egress) network connectivity from the selected Virtual Network is set up using NAT-Gateway, UDR, or similar. If you are using a public Flexible Server, make sure that port 5432 is open for outbound traffic.

This requirement is applicable in the following conditions:

  • An existing network is being used.

  • Create Public IP is disabled.

  • Public Endpoint Gateway is disabled.

The lack of default outbound access can be mitigated by using private setup or using public IPs instead.

For more information, see Default outbound access in Azure.