Supported Postgres versions

Anything on or after Postgres 12

Enable Logical Replication

You don’t need to follow the below steps if wal_level is set to logical. This setting should mostly be pre-configured if you are migrating from another data replication tool.

  1. Click on the Server parameters section

Server Parameters

  1. Edit the wal_level to logical

Change wal_level to logical

  1. This change would require a server restart. So restart when requested.

Restart server

Creating PeerDB User and Granting permissions

Connect to your Azure Flexible Server Postgres through the admin user and run the below commands:

  1. Create a Postgres user for exclusively PeerDB.

    1.        CREATE USER peerdb_user PASSWORD 'some-password';

  2. Provide read-only access to the schema from which you are replicating tables to the peerdb_user. Below example shows setting up permissions for the public schema. If you want to grant access to multiple schemas, you can run these three commands for each schema.

    1.        GRANT USAGE ON SCHEMA "public" TO peerdb_user;
       GRANT SELECT ON ALL TABLES IN SCHEMA "public" TO peerdb_user;
       ALTER DEFAULT PRIVILEGES IN SCHEMA "public" GRANT SELECT ON TABLES TO peerdb_user;

  3. Grant replication access to this user:

    1.     ALTER ROLE peerdb_user REPLICATION;

  4. Create publication that you’ll be using for creating the MIRROR (replication) in future.

    1.        CREATE PUBLICATION peerdb_publication FOR ALL TABLES;

  5. Set wal_sender_timeout to 0 for peerdb_user

        ALTER ROLE peerdb_user SET wal_sender_timeout to 0;

The PeerDB user must not be restricted by RLS policies, as it can lead to missing data. You can disable RLS policies for the user by running the below command:

ALTER USER peerdb_user BYPASSRLS;

PeerDB SSH Tunneling Guide (Optional)

Sometimes to connect to your Postgres database you may need PeerDB to use an SSH tunnel.

This is typically used when your database is not publicly accessible and you need to connect to it a jump server in your VPC.

This is done by creating an SSH tunnel to your jump server and then connecting to the database through the tunnel. All of this is handled by PeerDB natively.

1

Generate a key-pair

Generate a key-pair using the following command:

ssh-keygen -t rsa -b 4096 -C "peerdb-ssh-tunnel" -f peerdb_key.pem

This will generate a private key (peerdb_key.pem) and a public key (peerdb_key.pub).

2

Add public key to your jump server

Add the public key to your jump server. This can be done by adding the public key to the ~/.ssh/authorized_keys file on the jump server.

# On the jump server
cat peerdb_key.pub >> ~/.ssh/authorized_keys
3

Add private key to the connection

When creating a Postgres peer you can specify the option to use an SSH tunnel. There you will be able to provide the private key you generated in the first step along with the jump server details.

Add PeerDB Cloud IPs to Firewall

If you are using PeerDB Cloud, please follow the below steps to add peerdb ips to your network.

  1. Go to the Networking tab and add the public IPs of your PeerDB Cloud instance to the Firewall of your Azure Flexible Server Postgres OR the Jump Server/Bastion if you are using SSH tunneling.

Add PeerDB IPs to Firewall

Create Azure Flexible Server Postgres Peer in PeerDB

Through the PeerDB UI, create the Flexible Postgres Peer using the peerdb_user that you created in the previous step.

Choose PostgreSQL Peer

Peer Creation and Validation

Created Peer

Supported Postgres versions

Anything on or after Postgres 12

Enable Logical Replication

You don’t need to follow the below steps if wal_level is set to logical. This setting should mostly be pre-configured if you are migrating from another data replication tool.

  1. Click on the Server parameters section

Server Parameters

  1. Edit the wal_level to logical

Change wal_level to logical

  1. This change would require a server restart. So restart when requested.

Restart server

Creating PeerDB User and Granting permissions

Connect to your Azure Flexible Server Postgres through the admin user and run the below commands:

  1. Create a Postgres user for exclusively PeerDB.

    1.        CREATE USER peerdb_user PASSWORD 'some-password';

  2. Provide read-only access to the schema from which you are replicating tables to the peerdb_user. Below example shows setting up permissions for the public schema. If you want to grant access to multiple schemas, you can run these three commands for each schema.

    1.        GRANT USAGE ON SCHEMA "public" TO peerdb_user;
       GRANT SELECT ON ALL TABLES IN SCHEMA "public" TO peerdb_user;
       ALTER DEFAULT PRIVILEGES IN SCHEMA "public" GRANT SELECT ON TABLES TO peerdb_user;

  3. Grant replication access to this user:

    1.     ALTER ROLE peerdb_user REPLICATION;

  4. Create publication that you’ll be using for creating the MIRROR (replication) in future.

    1.        CREATE PUBLICATION peerdb_publication FOR ALL TABLES;

  5. Set wal_sender_timeout to 0 for peerdb_user

        ALTER ROLE peerdb_user SET wal_sender_timeout to 0;

The PeerDB user must not be restricted by RLS policies, as it can lead to missing data. You can disable RLS policies for the user by running the below command:

ALTER USER peerdb_user BYPASSRLS;

PeerDB SSH Tunneling Guide (Optional)

Sometimes to connect to your Postgres database you may need PeerDB to use an SSH tunnel.

This is typically used when your database is not publicly accessible and you need to connect to it a jump server in your VPC.

This is done by creating an SSH tunnel to your jump server and then connecting to the database through the tunnel. All of this is handled by PeerDB natively.

1

Generate a key-pair

Generate a key-pair using the following command:

ssh-keygen -t rsa -b 4096 -C "peerdb-ssh-tunnel" -f peerdb_key.pem

This will generate a private key (peerdb_key.pem) and a public key (peerdb_key.pub).

2

Add public key to your jump server

Add the public key to your jump server. This can be done by adding the public key to the ~/.ssh/authorized_keys file on the jump server.

# On the jump server
cat peerdb_key.pub >> ~/.ssh/authorized_keys
3

Add private key to the connection

When creating a Postgres peer you can specify the option to use an SSH tunnel. There you will be able to provide the private key you generated in the first step along with the jump server details.

Add PeerDB Cloud IPs to Firewall

If you are using PeerDB Cloud, please follow the below steps to add peerdb ips to your network.

  1. Go to the Networking tab and add the public IPs of your PeerDB Cloud instance to the Firewall of your Azure Flexible Server Postgres OR the Jump Server/Bastion if you are using SSH tunneling.

Add PeerDB IPs to Firewall

Create Azure Flexible Server Postgres Peer in PeerDB

Through the PeerDB UI, create the Flexible Postgres Peer using the peerdb_user that you created in the previous step.

Choose PostgreSQL Peer

Peer Creation and Validation

Created Peer