Skip to content

Commit

Permalink
Merge pull request #2171 from EnterpriseDB/release/2021-12-23
Browse files Browse the repository at this point in the history 
Release: 2021-12-23
  • Loading branch information
@drothery-edb
drothery-edb authored Dec 23, 2021
2 parents b69f76a + e1b65f1 commit d48afe8
Show file tree
Hide file tree
Showing 75 changed files with 1,799 additions and 1,866 deletions.
8 changes: 4 additions & 4 deletions product_docs/docs/bdr/3.7/nodes.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1162,12 +1162,12 @@ the node which is being removed. However, just to make it clear, once the
node is PARTED it can not *part* other nodes in the cluster.

!!! Note
you are *parting* the local node you must set `wait_for_completion`
false, otherwise it will error.
If you are *parting* the local node you must set `wait_for_completion`
to false, otherwise it will error.

!!! Warning
s action is permanent. If you wish to temporarily halt replication
a node, see `bdr.alter_subscription_disable()`.
This action is permanent. If you wish to temporarily halt replication
to a node, see `bdr.alter_subscription_disable()`.

#### Synopsis

Expand Down
2 changes: 1 addition & 1 deletion product_docs/docs/bdr/4.0/functions.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ connected to. This allows an application to figure out what node it
is connected to even behind a transparent proxy.

It is also used in combination with CAMO, see the
[CAMO.md#connection-pools-and-proxies]\(Connection pools and proxies)
[Connection pools and proxies](camo.md#connection-pools-and-proxies)
section.

### bdr.last_committed_lsn
Expand Down
8 changes: 4 additions & 4 deletions product_docs/docs/bdr/4.0/nodes.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1143,12 +1143,12 @@ the node which is being removed. However, just to make it clear, once the
node is PARTED it can not *part* other nodes in the cluster.

!!! Note
you are *parting* the local node you must set `wait_for_completion`
false, otherwise it will error.
If you are *parting* the local node you must set `wait_for_completion`
to false, otherwise it will error.

!!! Warning
s action is permanent. If you wish to temporarily halt replication
a node, see `bdr.alter_subscription_disable()`.
This action is permanent. If you wish to temporarily halt replication
to a node, see `bdr.alter_subscription_disable()`.

#### Synopsis

Expand Down
4 changes: 2 additions & 2 deletions product_docs/docs/bdr/4.0/repsets.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -278,11 +278,11 @@ transaction.
another node, because this will stop replication on that
node. Should this happen, please unsubscribe the affected node
from that replication set.
the same reason, you should not drop a replication set if
For the same reason, you should not drop a replication set if
there is a join operation in progress, and the node being joined
is a member of that replication set; replication set membership is
only checked at the beginning of the join.
s happens because the information on replication set usage is
This happens because the information on replication set usage is
local to each node, so that it can be configured on a node before
it joins the group.

Expand Down
6 changes: 3 additions & 3 deletions product_docs/docs/bdr/4.0/striggers.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -175,11 +175,11 @@ otherwise data divergence will occur. Technical Support recommends that all conf
triggers are formally tested using the isolationtester tool supplied with
BDR.

!!!Warning
- Multiple conflict triggers can be specified on a single table, but
!!! Warning
- Multiple conflict triggers can be specified on a single table, but
they should match distinct event, i.e. each conflict should only
match a single conflict trigger.
Multiple triggers matching the same event on the same table are
- Multiple triggers matching the same event on the same table are
not recommended; they might result in inconsistent behaviour, and
will be forbidden in a future release.

Expand Down
7 changes: 1 addition & 6 deletions product_docs/docs/bdr/4.0/transaction-streaming.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,12 +47,7 @@ processes on each subscriber, which is leveraged to provide the following enhanc
frequent deadlocks between writers

!!! Note
ect streaming to writer is still an experimental feature and must

be used with caution. For specifically, it may not work well with
conflict resolutions since the commit timestamp of the streaming may not
be available (as the transaction may not have yet committed on the
origin).
Direct streaming to writer is still an experimental feature and must be used with caution. For specifically, it may not work well with conflict resolutions since the commit timestamp of the streaming may not be available (as the transaction may not have yet committed on the origin).

## Configuration

Expand Down
91 changes: 50 additions & 41 deletions product_docs/docs/biganimal/release/administering_cluster/01_portal_access.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,22 +15,24 @@ Each BigAnimal organization is associated with an Azure AD tenant. Azure AD esta
BigAnimal supports role-based access control policies. A user with the owner role can assign roles to other users in the same organization.

## Roles

Access to BigAnimal is controlled by roles. Roles are sets of permissions. You use roles to manage permissions assigned to users.

Each organization has three default roles available:
* owner
* reader
* contributor

- owner
- reader
- contributor

You can edit these roles by changing their name or description.

### Permissions

Permissions are generally represented in the format *action*:*object* where *action* represents an operation to perform and *object* represents a category of portal functionality.

* The available actions are: create, read, update, and delete.
- The available actions are: create, read, update, and delete.

* The available objects are: backups, billing, clusters, events, permissions, roles, users, and versions.
- The available objects are: backups, billing, clusters, events, permissions, roles, users, and versions.

!!! Note
Not every object supports all the actions. For example, versions objects are always read-only.
Expand All @@ -39,44 +41,46 @@ Permissions are generally represented in the format *action*:*object* where *act

The following are the default permission by role:

| Role | Action |backups | billing | clusters | events | roles | permissions | users | versions |
|-------------|--------|--------|---------|-----------|--------|-------|-------------|--------|----------|
| owner | create | x | | x | | | | | |
| | read | x | x | x | x | x | x | x | x |
| | update | x | | x | | | | x | |
| | delete | x | | x | | | | | |
| contributor | create | x | | x | | | | | |
| | read | x | x | x | x | x | x | x | x |
| | update | x | | x | | | | | |
| | delete | x | | x | | | | | |
| reader | create | | | | | | | | |
| | read | x | x | x | x | x | x | x | x |
| | update | | | | | | | | |
| | delete | | | | | | | | |

| Role | Action | backups | billing | clusters | events | roles | permissions | users | versions |
| ----------- | ------ | ------- | ------- | -------- | ------ | ----- | ----------- | ----- | -------- |
| owner | create | x | | x | | | | | |
| | read | x | x | x | x | x | x | x | x |
| | update | x | | x | | | | x | |
| | delete | x | | x | | | | | |
| contributor | create | x | | x | | | | | |
| | read | x | x | x | x | x | x | x | x |
| | update | x | | x | | | | | |
| | delete | x | | x | | | | | |
| reader | create | | | | | | | | |
| | read | x | x | x | x | x | x | x | x |
| | update | | | | | | | | |
| | delete | | | | | | | | |

### Edit roles

1. Navigate to **Admin > Roles**.
1. Navigate to **Admin > Roles**.

3. Select the edit icon for the role in the list.
2. Select the edit icon for the role in the list.

#### Change role name

1. Select the **Settings** tab.
1. Select the **Settings** tab.

2. Edit **Name** or **Description**.
3. Select **Save**.
2. Edit **Name** or **Description**.

3. Select **Save**.

#### Change role permissions

You can change permissions associated with the role.

1. Select the **Permissions** tab.
1. Select the **Permissions** tab.

2. Select **Change Permissions** in the top right.

3. Select the list of permissions you want to associate with the role.

2. Select **Change Permissions** in the top right.
3. Select the list of permissions you want to associate with the role.
4. Select **Submit**.
4. Select **Submit**.

!!! Note
Changing role permissions affects every user who is assigned that role.
Expand All @@ -87,12 +91,15 @@ When you configured your Azure subscription, you also enabled BigAnimal to authe

### Assign roles to users

1. Navigate to **Admin > Users**.
1. Navigate to **Admin > Users**.

2. Select the edit icon for the user.
3. Select **Assign Roles**.
4. Select or clear roles for the user.
5. Select **Submit**.
2. Select the edit icon for the user.

3. Select **Assign Roles**.

4. Select or clear roles for the user.

5. Select **Submit**.

!!! Note
For a user's role assignment to take effect, the user must log out from BigAnimal and log in again.
Expand All @@ -101,16 +108,18 @@ When you configured your Azure subscription, you also enabled BigAnimal to authe

You can view all users from your organization who have logged in at least once.

1. Navigate to **Admin > Users**.
1. Navigate to **Admin > Users**.

2. View the list of users sorted by most recent login.
2. View the list of users sorted by most recent login.

## Example scenario

1. The BigAnimal organization is created, and Tom logs in and is granted the owner role.
1. The BigAnimal organization is created, and Tom logs in and is granted the owner role.

2. Tom asks Jerry to log in, using his Azure AD account. Jerry's account in BigAnimal is created.

3. Tom grants Sally the contributor role. Sally logs out and back in. She can now create BigAnimal clusters.

2. Tom asks Jerry to log in, using his Azure AD account. Jerry's account in BigAnimal is created.
3. Tom grants Sally the contributor role. Sally logs out and back in. She can now create BigAnimal clusters.
4. Sally asks Jerry to log in and grants him the reader role.
5. Jerry logs out and back in. He can now see the clusters that Sally created.
4. Sally asks Jerry to log in and grants him the reader role.

5. Jerry logs out and back in. He can now see the clusters that Sally created.
36 changes: 19 additions & 17 deletions product_docs/docs/biganimal/release/administering_cluster/03_account_activity.mdx
View file
Original file line number Diff line number Diff line change
@@ -1,23 +1,26 @@
---
title: "Reviewing account activity"
---

The activity log collects BigAnimal events based on user activity in the portal. You can use the log to audit activities performed by users from your organizations or research activities that might have affected your account.

## Events

Events describe actions performed by users. The available actions are:
* create
* read
* update
* delete

- create
- read
- update
- delete

Events are related to the following resource types:
* cluster
* data plane
* user
* user roles
* role permissions
* organization

- cluster
- data plane
- user
- user roles
- role permissions
- organization

!!! Note
Database events are not logging activity on the Postgres server. They are logging the use of the portal to create or modify database clusters.
Expand All @@ -28,10 +31,9 @@ To view events, navigate to the [Activity Log](https://portal.biganimal.com/acti

The following fields are in the activity log:

| Field | Description |
| ---------------------| ---------------------------------------------------------------------------- |
| **Activity Name** | Name of an event in the format _Action Resource-Type, Resource-name_ |
| **User** | User responsible for the event |
| **Date** | Date when the action was performed |
| **Resource** | Resource type of the resource |

| Field | Description |
| ----------------- | -------------------------------------------------------------------- |
| **Activity Name** | Name of an event in the format *Action Resource-Type, Resource-name* |
| **User** | User responsible for the event |
| **Date** | Date when the action was performed |
| **Resource** | Resource type of the resource |
44 changes: 22 additions & 22 deletions .../release/getting_started/01_preparing_azure/01_understanding_qotas_in_azure.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,21 +11,20 @@ BigAnimal creates and manages some of the resources using resource providers. Fo

To prevent failures while creating your clusters, ensure that each of the following Azure resource providers are registered in your Azure subscription.


| Provider Namespace | Description |
| ------------------------------ | --------------------------------------------------------------------------------------------------------------- |
| Microsoft.Compute | Runs cluster workloads on a virtual machine managed by the Azure Kubernetes Service. |
| Microsoft.ContainerInstance | Manages the Azure resource and regular maintenance job. |
| Microsoft.Capacity | Checks the Azure resource quota. |
| Microsoft.AlertsManagement | Monitors failure anomalies. |
| Microsoft.ContainerService | Manages cluster workloads run on the Azure Kubernetes Service. |
| Microsoft.KeyVault | Encrypts and stores keys of the clusters' data volume and Azure's credential information. |
| Microsoft.Storage | Backs up data to the Azure Service Account. |
| Microsoft.ManagedIdentity | Manages software access to the local Azure services using Azure Managed-Identity. |
| Microsoft.Network | Manages cluster workloads run in the Azure Kubernetes Service in the dedicated VNet. |
| Microsoft.OperationalInsights | Manages clusters and performs workload logging (log workspace).. |
| Microsoft.OperationsManagement | Monitors workloads and provides container insight. |
| Microsoft.Portal | Provides a dashboard to monitor the running status of the clusters (using aggregated logs and metrics). |
| Provider Namespace | Description |
| ------------------------------ | ------------------------------------------------------------------------------------------------------- |
| Microsoft.Compute | Runs cluster workloads on a virtual machine managed by the Azure Kubernetes Service. |
| Microsoft.ContainerInstance | Manages the Azure resource and regular maintenance job. |
| Microsoft.Capacity | Checks the Azure resource quota. |
| Microsoft.AlertsManagement | Monitors failure anomalies. |
| Microsoft.ContainerService | Manages cluster workloads run on the Azure Kubernetes Service. |
| Microsoft.KeyVault | Encrypts and stores keys of the clusters' data volume and Azure's credential information. |
| Microsoft.Storage | Backs up data to the Azure Service Account. |
| Microsoft.ManagedIdentity | Manages software access to the local Azure services using Azure Managed-Identity. |
| Microsoft.Network | Manages cluster workloads run in the Azure Kubernetes Service in the dedicated VNet. |
| Microsoft.OperationalInsights | Manages clusters and performs workload logging (log workspace).. |
| Microsoft.OperationsManagement | Monitors workloads and provides container insight. |
| Microsoft.Portal | Provides a dashboard to monitor the running status of the clusters (using aggregated logs and metrics). |

## Virtual machine SKU restrictions

Expand All @@ -49,11 +48,11 @@ Any time a new VM is deployed in Azure, the vCPUs for the VMs must not exceed th

Clusters deployed in the region use Esv3 virtual machine cores. The number of cores depends on the *Instance Type* and *High Availability (HA)* options of the clusters. You can calculate the number of Esv3 cores required for your cluster based on the following:

* A virtual machine instance of type E{N}sv3 uses {N} cores. For example, an instance of type E64sv3 uses 64 Esv3 cores.
* A cluster running on an E{N}sv3 instance with HA not enabled uses exactly {N} Esv3 cores.
* A cluster running on an E{N}sv3 instance with HA enabled uses 3 * {N} Esv3 cores.
- A virtual machine instance of type E{N}sv3 uses {N} cores. For example, an instance of type E64sv3 uses 64 Esv3 cores.
- A cluster running on an E{N}sv3 instance with HA not enabled uses exactly {N} Esv3 cores.
- A cluster running on an E{N}sv3 instance with HA enabled uses 3 \* {N} Esv3 cores.

For example, if you provision the largest virtual machine E64sv3 with high availability enabled, it requires (3 * 64) = 192 Esv3 cores per region.
For example, if you provision the largest virtual machine E64sv3 with high availability enabled, it requires (3 \* 64) = 192 Esv3 cores per region.

BigAnimal requires an additional eight Dv4 virtual machine cores per region.

Expand All @@ -64,6 +63,7 @@ The default number of total vCPU (cores) per subscription per region is 20. For
##### Recommended limits

BigAnimal recommends the following per region when requesting virtual machine resource limit increases:
* Total Regional vCPUs: minimum of 60 per designated region
* Standard Esv3 Family vCPUs: minimum of 50 per designated region
* Standard Dv4 Family vCPUs: minimum of 10 per designated region

- Total Regional vCPUs: minimum of 60 per designated region
- Standard Esv3 Family vCPUs: minimum of 50 per designated region
- Standard Dv4 Family vCPUs: minimum of 10 per designated region
Loading

0 comments on commit d48afe8

Please sign in to comment.