Upgrading Azure Single Server to Flexible Server

PostgreSQL version 11 databases used by Data Lakes and Cloudera Data Hub clusters need to be upgraded to PostgreSQL 14. During this process, the Azure Single Server database will be upgraded to Azure Flexible Server. If there is a Private DNS Zone added to the environment, a Private Link will be created for the database and the Flexible Server will be private. Otherwise, a public Flexible Server will be created.

This process describes how to upgrade a database used by a Data Lake or Cloudera Data Hub clusters to Azure Flexible Server. For a general description of Data Lake and Cloudera Data Hub database upgrades, see Upgrading Data Lake/Data Hub database.

During the upgrade process, a backup is created from the Azure Single Server database, the server is deleted, and a new Azure Flexible Server is created with the same name. This way there is no need to change hostnames. However, the username format has changed between Single Server and Flexible Server. For details, see the Comparison table in the Microsoft Azure documentation.


Feature / Capability	Azure Database for PostgreSQL Single Server	Azure Database for PostgreSQL Flexible Server
Username in connection string	`<user_name>@server_name`. For example, `pgadmusr@mypgServer`.	Just username. For example, `pgadmusr`.

This change is automatically handled by Cloudera, however, as a result, Cloudera Runtime services using the database will be reconfigured during the upgrade process to use the new username format. Any third-party applications using the database would need to reflect this change by updating the username.

Limitations

If you are using a public Single Server and want to upgrade to a private Flexible Server, you need to add a Private DNS Zone to your environment first. For instructions on adding a Private DNS Zone, see Private DNS Zone.
If you would like to upgrade from Azure Single Server to a private Flexible Server, the upgrade to Flexible Server with delegated subnet is not available, as the Flexible Server with delegated subnet option is deprecated. It is recommended to use Flexible Server with Private Link instead.
If you are already using a private Flexible Server with a delegated subnet, it is not yet supported to migrate to a private Flexible Server with Private Link.
If you are performing a Data Lake resize because you want to upgrade to Cloudera Runtime 7.2.18 or later version, you must perform the upgrade of the database first.

Prerequisites

When you are upgrading from Azure Single Server to Azure Flexible Server, new permissions are required. These permissions are being validated during the first phase of the upgrade. For a detailed list of prerequisites for Azure Flexible Server, see Azure prerequisites for Flexible Server.

important
There is a permission which is not required for enabling Flexible Server on a new environment but is specific to upgrading to Flexible Server from Single Server. Check the Azure prerequisites for Flexible Server even if you have enabled Flexible Server on your environment earlier.

If you have missed adding any of the required permissions and the upgrade to Flexible Server fails, you need to fix the permission issues on Azure side and then perform a retry through the Cloudera Management Console.
If you are upgrading from a public Single Server, make sure that port 5432 is open for outbound traffic. Otherwise the database upgrade might fail with a connection error. Public Azure Single Server access works with Service Endpoints, but these are not available for Flexible Server.
If you are using Cloudera Data Warehouse, perform the following steps:
- Upgrade to Cloudera Data Warehouse version 1.4.1 or higher before you can upgrade to Azure Flexible Server. Determine the Cloudera Data Warehouse version you are on by clicking edit on the environment:
- Stop the virtual warehouses and data catalogs associated with the environment.
If you are using a Customer Managed Key (CMK) for data encryption, a managed identity is required to be able to upgrade from Azure Database for PostgreSQL Single Server to Flexible Server.
For details on managed identity, see Managed identity for encrypting Azure Database for PostgreSQL Flexible Server.

For information on how to add a managed identity to an environment already configured with CMK, see Updating an existing environment to add the managed identity Flexible Server.