Contact UsGet started
© 2024 Iron Hive LLC Belgrade

Creating an PostgreSQL cluster

Written by
Improved by
Updated at November 18, 2024

A PostgreSQL cluster is one or more database hosts across which you can configure replication. Replication is enabled by default in any cluster consisting of more than one host: the master host accepts write requests and duplicates changes on replicas. The transaction is confirmed if the data is written to disk both on the master host and on a certain number of replicas, sufficient to establish a quorum.

Note

  • The number of hosts you can create together with a PostgreSQL cluster depends on the selected disk type and host class.
  • Available disk types depend on the selected host class.
  • If the DB storage is 95% full, the cluster switches to read-only mode. Plan and increase the required storage size in advance.

By default, Managed Service for PostgreSQL sets the maximum number of connections to each PostgreSQL cluster host. This maximum cannot be greater than the value of Max connections.

Warning

Managed Service for PostgreSQL reserves 15 connections for service users per PostgreSQL host. For example, if the cluster has Max connections 100, you can reserve a maximum of 85 connections for cluster users.

Creating a cluster

To create a Managed Service for PostgreSQL cluster, you need the vpc.user role and the managed-postgresql.editor role or higher. For more information on assigning roles, see the Identity and Access Management documentation.

To create a Managed Service for PostgreSQL cluster:

  1. In the management console, select the folder where you want to create a DB cluster.

  2. Select Managed Service for PostgreSQL.

  3. Click Create cluster.

  4. Enter a name for the cluster in the Cluster name field. It must be unique within the folder.

  5. Select the environment where you want to create the cluster (you cannot change the environment once the cluster is created):

    • PRODUCTION: For stable versions of your apps.
    • PRESTABLE: For testing purposes. The prestable environment is similar to the production environment and likewise covered by the SLA, but it is the first to get new functionalities, improvements, and bug fixes. In the prestable environment, you can test compatibility of new versions with your application.

  6. Select the DBMS version.

  7. Select the host class that defines the technical specifications of the VMs where the DB hosts will be deployed. All available options are listed under Host classes. When you change the host class for a cluster, the characteristics of all the already created hosts change too.

  8. Under Size of storage:

    • Select the disk type.

      Warning

      You cannot change disk type after you create a cluster.

      The selected type determines the increments in which you can change your disk size:

      • Network HDD and SSD storage: In increments of 1 GB.
      • Local SSD storage:
        • For Intel Broadwell and Intel Cascade Lake: In increments of 100 GB.
        • For Intel Ice Lake: In increments of 368 GB.
      • Non-replicated SSD storage: In increments of 93 GB.

    • Select the storage size to be used for data and backups. For more information on how backups take up storage space, see Backups.

  9. (Optional) Under Automatic increase of storage size, specify the settings you need:

    • In the Increase size field, set the conditions to:

      • Increase the storage size during the next maintenance window if the storage is more than the specified percent (%) full.
      • Increase the storage size right away if the storage is more than the specified percent (%) full.

      You can set both conditions, but the threshold for immediate increase must be higher than that for increase during the maintenance window.

    • In the Maximum storage size field, specify the maximum storage size that can be set when increasing the storage size automatically.

    If the specified threshold is reached, the storage size increases differently depending on disk type:

    • For network HDDs and SSDs, by the higher of the two values: 20 GB or 20% of the current disk size.

    • For non-replicated SSDs, by 93 GB.

    • For local SSDs:

      • In an Intel Broadwell or Intel Cascade Lake cluster, by 100 GB.
      • Intel Ice Lake cluster, by 368 GB.

    If the threshold is reached again, the storage size will be automatically increased until it reaches the specified maximum. After that, you can specify a new maximum storage size manually.

    Warning

    • You cannot decrease the storage size.
    • While resizing the storage, cluster hosts will be unavailable.

    Note

    Some PostgreSQL settings depend on the storage size.

    If you have set up the storage size to increase within the maintenance window, set up a schedule for the maintenance window.

  10. Under Database, specify the DB attributes:

    • DB name. The name must be unique within the folder.

      The database name may contain Latin letters, numbers, underscores, and hyphens. The name may be up to 63 characters long. The names postgres, template0, and template1 are reserved for Managed Service for PostgreSQL. You cannot create databases with these names.

    • DB owner username and password. By default, the new user is assigned 50 connections to each host in the cluster.

      Note

      The username may contain Latin letters, numbers, hyphens, and underscores but must begin with a letter (except the pg_ combination), number, or underscore. The name may be up to 63 characters long.

      The names mysql, sys, information_schema, and performance_schema are reserved for Managed Service for MySQL®. You cannot create users with these names.

      The password must be between 8 and 128 characters.

    • Locale for sorting and character set locale. These settings define the rules for sorting strings (LC_COLLATE) and classifying characters (LC_CTYPE). In Managed Service for PostgreSQL, locale settings apply at the individual DB level.

      PostgreSQL uses locales to support various language standards. The locale you choose affects:

      • Sort order in the queries that use the ORDER BY operator or standard text data matching operators.
      • The functions upper, lower, initcap, and the to_char family of functions.
      • Pattern matching operators (LIKE, ILIKE, SIMILAR TO, regular expressions).
      • Support of indexes with the LIKE operator.

      By default, the C locale is used. if you use the C encoding for text data containing non-Latin (for example, Cyrillic) characters, errors might occur in the data sort order and data display in the case of pattern search. If this locale is not suitable for valid processing of tables in your database, select another encoding from the list. However, please keep in mind that a non-standard locale might decrease the database query processing rate.

      For more information about locale settings, see the PostgreSQL documentation.

      You cannot change locale settings after you create a database. However, you can set the sorting locale for columns when creating and modifying individual tables. Learn more in the PostgreSQL documentation.

  11. Under Network settings, select:

    • Cloud network for the cluster.

      Warning

      The cloud network selected for cluster deployment can't be changed. If you need to move your cluster to a different cloud network later, use the restore from a backup feature and specify the desired network for the cluster backup.

    • Security groups for the cluster network traffic. You may also need to set up security groups to connect to the cluster.

  12. Under Hosts, select the parameters for the DB hosts created with the cluster. By default, each host is created in a separate subnet. To select a specific subnet for a host, click .

    When configuring the hosts, note that if you selected local-ssd or network-ssd-nonreplicated under Size of storage, you need to add at least three hosts to the cluster.

    To connect to the host from the internet, enable the Public access setting.

  13. Configure additional cluster settings, if required:

    • Backup start time (UTC): Time interval during which the cluster backup starts. Time is specified in 24-hour UTC format. The default time is 22:00 - 23:00 UTC.

    • Retention period for automatic backups, days: Retention period for automatic backups. If an automatic backup expires, it is deleted. The default is 7 days. For more information, see Backups.

      Changing the retention period affects both new automatic backups and existing backups. For example, the initial retention period was 7 days. The remaining lifetime for a backup with this period is 1 day. When the retention period increases to 9 days, the remaining lifetime for this backup is 3 days.

      Automatic cluster backups are stored for a specified number of days whereas manually created ones are stored indefinitely. After a cluster is deleted, all backups persist for 7 days.

    • Maintenance window: Maintenance window settings:

      • To enable maintenance at any time, select arbitrary (default).
      • To specify the preferred maintenance start time, select by schedule and specify the desired day of the week and UTC hour. For example, you can choose a time when the cluster is least loaded.

      Maintenance operations are carried out both on enabled and disabled clusters. They may include updating the DBMS, applying patches, and so on.

    • DataLens access: This option allows you to analyze cluster data in Yandex DataLens.

    • WebSQL access: Enables you to run SQL queries against cluster databases from the Yandex Cloud management console using Yandex WebSQL.

    • Serverless access: Enable this option to allow cluster access from Yandex Cloud Functions. For more information about setting up access, see the Cloud Functions documentation.

    • Statistics sampling: Allows you to use the Performance diagnostics tool in a cluster. If this option is enabled, also set the Sessions sampling interval and Statements sampling interval using the sliders. Both are measured in seconds.

      This feature is at the Preview stage.

    • Autofailover: Enable this option so that when the master host changes, the replication source for every replica host is automatically switched over to the new master host. To learn more, see Replication.

      If the master host is deleted, a new master will be selected automatically regardless of the value of this option.

      Alert

      If the Autofailover option is disabled, run the selection of a new master or assign this role to one of the replicas manually if the master host fails.

    • Pooling mode: Select one of the connection pooler modes.

    • Deletion protection: Manages protection of the cluster, its databases, and users against accidental deletion.

      By default, the parameter inherits its value from the cluster when creating users and databases. You can also set the value manually; for more information, see the User management and Database management sections.

      If the parameter is changed on a running cluster, only users and databases with the Same as cluster protection will inherit the new value.

      Enabled deletion protection will not prevent a manual connection with the purpose to delete database contents.

  14. If required, configure DBMS cluster-level settings.

    Note

    Some PostgreSQL settings depend on the selected host class or storage size.

  15. Click Create cluster.

If you do not have the Yandex Cloud command line interface yet, install and initialize it.

The folder specified in the CLI profile is used by default. You can specify a different folder using the --folder-name or --folder-id parameter.

To create a Managed Service for PostgreSQL cluster:

  1. Check whether the folder has any subnets for the cluster hosts:

    yc vpc subnet list

    If there are no subnets in the folder, create the required subnets in Yandex Virtual Private Cloud.

  2. View the description of the create cluster CLI command:

    yc managed-postgresql cluster create --help

  3. Specify cluster parameters in the create command (the list of supported parameters in the example is not exhaustive):

    yc managed-postgresql cluster create \
  --name <cluster_name> \
  --environment <environment> \
  --network-name <network_name> \
  --host zone-id=<availability_zone>,`
           `subnet-id=<subnet_ID>,`
           `assign-public-ip=<access_to_host_from_internet> \
  --resource-preset <host_class> \
  --user name=<username>,password=<user_password> \
  --database name=<DB_name>,owner=<database_owner_name> \
  --disk-size <storage_size_in_GB> \
  --disk-type <network-hdd|network-ssd|network-ssd-nonreplicated|local-ssd> \
  --security-group-ids <list_of_security_group_IDs> \
  --connection-pooling-mode=<connection_pooler_mode> \
  --deletion-protection

    Where:

    • environment: Environment, prestable or production.

    • disk-type: Disk type.

      Warning

      You cannot change disk type after you create a cluster.

    • assign-public-ip: Allow access to the host from the internet, true or false.

    • deletion-protection: Protection of the cluster, its databases, and users against deletion.

      By default, the parameter inherits its value from the cluster when creating users and databases. You can also set the value manually; for more information, see the User management and Database management sections.

    You need to specify the subnet-id if the selected availability zone has two or more subnets.

    Warning

    The cloud network selected for cluster deployment can't be changed. If you need to move your cluster to a different cloud network later, use the restore from a backup feature and specify the desired network for the cluster backup.

    The available connection pooler modes include SESSION, TRANSACTION, and STATEMENT.

    The database name may contain Latin letters, numbers, underscores, and hyphens. The name may be up to 63 characters long. The names postgres, template0, and template1 are reserved for Managed Service for PostgreSQL. You cannot create databases with these names.

    Note

    The password must be between 8 and 128 characters.

    Enabled deletion protection will not prevent a manual connection with the purpose to delete database contents.

    You can also set the additional replication-source option in the --host parameter to manually manage replication threads.

    To allow access to the cluster from Yandex Cloud Functions, provide the --serverless-access parameter. For more information about setting up access, see the Cloud Functions documentation.

    To allow access to the cluster from Yandex Query, provide the --yandexquery-access=true parameter. This feature is at the Preview stage and is available upon request.

    Note

    When creating a cluster, the anytime maintenance mode is set by default. You can set a specific maintenance period when updating the cluster settings.

Terraform allows you to quickly create a cloud infrastructure in Yandex Cloud and manage it using configuration files. Configuration files store the infrastructure description in the HashiCorp Configuration Language (HCL). Terraform and its providers are distributed under the Business Source License.

For more information about the provider resources, see the documentation on the Terraform website or the mirror.

If you change the configuration files, Terraform automatically detects which part of your configuration is already deployed, and what should be added or removed.

If you don't have Terraform, install it and configure the Yandex Cloud provider.

To create a Managed Service for PostgreSQL cluster:

  1. In the configuration file, describe the parameters of the resources you want to create:

    • DB cluster: Description of the cluster and its hosts

    • Database: Description of the cluster DB

    • User: Description of the cluster user

    • Network: Description of the cloud network where a cluster will be located. If you already have a suitable network, you don't have to describe it again.

    • Subnets: Description of the subnets to connect the cluster hosts to. If you already have suitable subnets, you don't have to describe them again.

    Warning

    The cloud network selected for cluster deployment can't be changed. If you need to move your cluster to a different cloud network later, use the restore from a backup feature and specify the desired network for the cluster backup.

    Here is an example of the configuration file structure:

    resource "yandex_mdb_postgresql_cluster" "<cluster_name>" {
  name                = "<cluster_name>"
  environment         = "<environment>"
  network_id          = "<network_ID>"
  security_group_ids  = [ "<list_of_security_group_IDs>" ]
  deletion_protection = <deletion_protection>

  config {
    version = "<PostgreSQL_version>"
    resources {
      resource_preset_id = "<host_class>"
      disk_type_id       = "<disk_type>"
      disk_size          = <storage_size_in_GB>
    }
    pooler_config {
      pool_discard = <Odyssey_parameter>
      pooling_mode = "<operation_mode>"
    }
    ...
  }

  host {
    zone             = "<availability_zone>"
    name             = "<host_name>"
    subnet_id        = "<subnet_ID>"
    assign_public_ip = <access_to_host_from_internet>
  }
}

resource "yandex_mdb_postgresql_database" "<DB_name>" {
  cluster_id = "<cluster_ID>"
  name       = "<DB_name>"
  owner      = "<database_owner_name>"
  depends_on = [
    yandex_mdb_postgresql_user.<username>
  ]
}

resource "yandex_mdb_postgresql_user" "<username>" {
  cluster_id = "<cluster_ID>"
  name       = "<username>"
  password   = "<user_password>"
}

resource "yandex_vpc_network" "<network_name>" { name = "<network_name>" }

resource "yandex_vpc_subnet" "<subnet_name>" {
  name           = "<subnet_name>"
  zone           = "<availability_zone>"
  network_id     = "<network_ID>"
  v4_cidr_blocks = ["<range>"]
}

    Where:

    • environment: Environment, PRESTABLE or PRODUCTION.

    • assign_public_ip: Allow access to the host from the internet, true or false.

    • deletion_protection: Protection of the cluster, its databases, and users against deletion., true or false value.

      By default, the parameter inherits its value from the cluster when creating users and databases. You can also set the value manually; for more information, see the User management and Database management sections.

    • version: PostgreSQL version, 13, 13-1c, 14, 14-1c, 15, 15-1c, 16, 16-1c, and 17.

    • pool_discard: Odyssey pool_discard parameter, true or false.

    • pooling_mode: Operation mode, SESSION, TRANSACTION, or STATEMENT.

    The database name may contain Latin letters, numbers, underscores, and hyphens. The name may be up to 63 characters long. The names postgres, template0, and template1 are reserved for Managed Service for PostgreSQL. You cannot create databases with these names.

    Note

    The password must be between 8 and 128 characters.

    Enabled deletion protection will not prevent a manual connection with the purpose to delete database contents.

    To set up the maintenance window (for disabled clusters as well), add the maintenance_window section to the cluster description:

    resource "yandex_mdb_postgresql_cluster" "<cluster_name>" {
  ...
  maintenance_window {
    type = <maintenance_type>
    day  = <day_of_week>
    hour = <hour>
  }
  ...
}

    Where:

    • type: Maintenance type. The possible values include:
      • anytime: Anytime.
      • weekly: By schedule.
    • day: Day of the week for the weekly type in DDD format, e.g., MON.
    • hour: Hour of the day for the weekly type in the HH format, e.g., 21.

    To set up statistics collection, to the config section, add the performance_diagnostics section:

    resource "yandex_mdb_postgresql_cluster" "<cluster_name>" {
  ...
  config {
    ...
    performance_diagnostics {
      enabled = <enables statistics collection: true or false>
      sessions_sampling_interval  = <sessions sampling interval>
      statements_sampling_interval = <statements sampling interval>
    }
    ...
  }
  ...
}

    Where:

    • enabled: Enable statistics collection, true or false.
    • sessions_sampling_interval: Session sampling interval, from 1 to 86400 seconds.
    • statements_sampling_interval: Statement sampling interval, from 60 to 86400 seconds.

    For a complete list of available Managed Service for PostgreSQL cluster configuration fields, see the Terraform provider documentation.

  2. Make sure the settings are correct.

    1. Using the command line, navigate to the folder that contains the up-to-date Terraform configuration files with an infrastructure plan.

    2. Run the command:

      terraform validate

      If there are errors in the configuration files, Terraform will point to them.

  3. Create a cluster.

    1. Run the command to view planned changes:

      terraform plan

      If the resource configuration descriptions are correct, the terminal will display a list of the resources to modify and their parameters. This is a test step. No resources are updated.

    2. If you are happy with the planned changes, apply them:

      1. Run the command:

        terraform apply

      2. Confirm the update of resources.

      3. Wait for the operation to complete.

    Time limits

    A Terraform provider sets the timeout for Managed Service for PostgreSQL cluster operations:

    • Creating a cluster, including restoring from a backup: 30 minutes.
    • Editing a cluster: 60 minutes.
    • Deleting a cluster: 15 minutes.

    Operations exceeding the set timeout are interrupted.

    How do I change these limits?

    Add the timeouts block to the cluster description, for example:

    resource "yandex_mdb_postgresql_cluster" "<cluster_name>" {
  ...
  timeouts {
    create = "1h30m" # 1 hour 30 minutes
    update = "2h"    # 2 hours
    delete = "30m"   # 30 minutes
  }
}

  1. Get an IAM token for API authentication and put it into the environment variable:

    export IAM_TOKEN="<IAM_token>"

  2. Use the Cluster.create method and make a request, e.g., via cURL:

    curl \
  --request POST \
  --header "Authorization: Bearer $IAM_TOKEN" \
  --header "Content-Type: application/json" \
  --url 'https://mdb.api.cloud.yandex.net/managed-postgresql/v1/clusters' \
  --data '{
            "folderId": "<folder_ID>",
            "name": "<cluster_name>",
            "environment": "<environment>",
            "networkId": "<network_ID>",
            "securityGroupIds": [
              "<security_group_1_ID>",
              "<security_group_2_ID>",
              ...
              "<security_group_N_ID>"
            ],
            "deletionProtection": <deletion_protection:_true_or_false>,
            "configSpec": {
              "version": "<PostgreSQL_version>",
              "resources": {
                "resourcePresetId": "<host_class>",
                "diskSize": "<storage_size_in_bytes>",
                "diskTypeId": "<disk_type>"
              },
              "access": {
                "dataLens": <access_to_DataLens:_true_or_false>,
                "webSql": <access_to_WebSQL:_true_or_false>,
                "serverless": <access_to_Cloud_Functions:_true_or_false>,
                "dataTransfer": <access_to_Data_Transfer:_true_or_false>,
                "yandexQuery": <access_to_Query:_true_or_false>
              },
              "performanceDiagnostics": {
                "enabled": <activate_statistics_collection:_true_or_false>,
                "sessionsSamplingInterval": "<session_sampling_interval>",
                "statementsSamplingInterval": "<statement_sampling_interval>"
              }
            },
            "databaseSpecs": [
              {
                "name": "<DB_name>",
                "owner": "<database_owner_name>"
              },
              { <similar_configuration_for_DB_2> },
              { ... },
              { <similar_configuration_for_DB_N> }
            ],
            "userSpecs": [
              {
                "name": "<username>",
                "password": "<user_password>",
                "permissions": [
                  {
                    "databaseName": "<DB_name>"
                  }
                ],
                "login": <permission_for_user_to_connect_to_DB:_true_or_false>
              },
              { <similar_configuration_for_user_2> },
              { ... },
              { <similar_configuration_for_user_N> }
            ],
            "hostSpecs": [
              {
                "zoneId": "<availability_zone>",
                "subnetId": "<subnet_ID>",
                "assignPublicIp": <public_host_address:_true_or_false>
              },
              { <similar_configuration_for_host_2> },
              { ... },
              { <similar_configuration_for_host_N> }
            ]
          }'

    Where:

    • folderId: Folder ID. You can request it with a list of folders in the cloud.

    • name: Cluster name.

    • environment: Cluster environment, PRODUCTION or PRESTABLE.

    • networkId: ID of the network to place the cluster in.

      Warning

      The cloud network selected for cluster deployment can't be changed. If you need to move your cluster to a different cloud network later, use the restore from a backup feature and specify the desired network for the cluster backup.

    • securityGroupIds: Security group IDs.

    • deletionProtection: Protection of the cluster, its databases, and users against deletion.

    • configSpec: Cluster settings:

      • version: PostgreSQL version.

      • resources: Cluster resources:

      • access: Settings for cluster access to the following Yandex Cloud services:

      • performanceDiagnostics: Settings for collecting statistics:

        • enabled: Enable collecting statistics.
        • sessionsSamplingInterval: Session sampling interval. The values range from 1 to 86400 seconds.
        • statementsSamplingInterval: Statement sampling interval. The values range from 60 to 86400 seconds.

    • databaseSpecs: Database settings as an array of elements, one for each DB. Each element has the following structure:

      • name: DB name.
      • owner: DB owner username. It must match one of the usenames specified in the request.

    • userSpecs: User settings as an array of elements, one for each user. Each element has the following structure:

      • name: Username.
      • password: User password.
      • permissions.databaseName: Name of the database the user gets access to.
      • login: User permission to connect to the DB.

    • hostSpecs: Cluster host settings as an array of elements, one for each host. Each element has the following structure:

  3. View the server response to make sure the request was successful.

  1. Get an IAM token for API authentication and put it into the environment variable:

    export IAM_TOKEN="<IAM_token>"

  2. Clone the cloudapi repository:

    cd ~/ && git clone --depth=1 https://github.com/yandex-cloud/cloudapi

    Below, we assume the repository contents are stored in the ~/cloudapi/ directory.

  3. Use the ClusterService/Create call and make a request, e.g., via gRPCurl:

    grpcurl \
  -format json \
  -import-path ~/cloudapi/ \
  -import-path ~/cloudapi/third_party/googleapis/ \
  -proto ~/cloudapi/yandex/cloud/mdb/postgresql/v1/cluster_service.proto \
  -rpc-header "Authorization: Bearer $IAM_TOKEN" \
  -d '{
        "folder_id": "<folder_ID>",
        "name": "<cluster_name>",
        "environment": "<environment>",
        "network_id": "<network_ID>",
        "security_group_ids": [
          "<security_group_1_ID>",
          "<security_group_2_ID>",
          ...
          "<security_group_N_ID>"
        ],
        "deletion_protection": <deletion_protection:_true_or_false>,
        "config_spec": {
          "version": "<PostgreSQL_version>",
          "resources": {
            "resource_preset_id": "<host_class>",
            "disk_size": "<storage_size_in_bytes>",
            "disk_type_id": "<disk_type>"
          },
          "access": {
            "data_lens": <access_to_DataLens:_true_or_false>,
            "web_sql": <access_to_WebSQL:_true_or_false>,
            "serverless": <access_to_Cloud_Functions:_true_or_false>,
            "data_transfer": <access_to_Data_Transfer:_true_or_false>,
            "yandex_query": <access_to_Query:_true_or_false>
          },
          "performance_diagnostics": {
            "enabled": <activate_statistics_collection:_true_or_false>,
            "sessions_sampling_interval": "<session_sampling_interval>",
            "statements_sampling_interval": "<statement_sampling_interval>"
          }
        },
        "database_specs": [
          {
            "name": "<DB_name>",
            "owner": "<database_owner_name>"
          },
          { <similar_configuration_for_DB_2> },
          { ... },
          { <similar_configuration_for_DB_N> }
        ],
        "user_specs": [
          {
            "name": "<username>",
            "password": "<user_password>",
            "permissions": [
              {
                "database_name": "<DB_name>"
              }
            ],
            "login": <permission_for_user_to_connect_to_DB:_true_or_false>
          },
          { <similar_configuration_for_user_2> },
          { ... },
          { <similar_configuration_for_user_N> }
        ],
        "host_specs": [
          {
            "zone_id": "<availability_zone>",
            "subnet_id": "<subnet_ID>",
            "assign_public_ip": <public_host_address:_true_or_false>
          },
          { <similar_configuration_for_host_2> },
          { ... },
          { <similar_configuration_for_host_N> }
        ]
      }' \
  mdb.api.cloud.yandex.net:443 \
  yandex.cloud.mdb.postgresql.v1.ClusterService.Create

    Where:

    • folder_id: Folder ID. You can request it with a list of folders in the cloud.

    • name: Cluster name.

    • environment: Cluster environment, PRODUCTION or PRESTABLE.

    • network_id: ID of the network to place the cluster in.

      Warning

      The cloud network selected for cluster deployment can't be changed. If you need to move your cluster to a different cloud network later, use the restore from a backup feature and specify the desired network for the cluster backup.

    • security_group_ids: Security group IDs.

    • deletion_protection: Protection of the cluster, its databases, and users against deletion.

    • config_spec: Cluster settings:

      • version: PostgreSQL version.

      • resources: Cluster resources:

      • access: Settings for cluster access to the following Yandex Cloud services:

      • performance_diagnostics: Settings for collecting statistics:

        • enabled: Enables statistics collection.
        • sessions_sampling_interval: Session sampling interval. The values range from 1 to 86400 seconds.
        • statements_sampling_interval: Statement sampling interval. The values range from 60 to 86400 seconds.

    • database_specs: Database settings as an array of elements, one for each DB. Each element has the following structure:

      • name: DB name.
      • owner: DB owner username. It must match one of the usenames specified in the request.

    • user_specs: User settings as an array of elements, one for each user. Each element has the following structure:

      • name: Username.
      • password: User password.
      • permissions.database_name: Name of the database the user gets access to.
      • login: User permission to connect to the DB.

    • host_specs: Cluster host settings as an array of elements, one for each host. Each element has the following structure:

  4. View the server response to make sure the request was successful.

Warning

If you specified security group IDs when creating a cluster, you may also need to configure security groups to connect to the cluster.

Creating a cluster copy

You can create a PostgreSQL cluster with the settings of another one you previously created. To do so, you need to import the configuration of the source PostgreSQL cluster to Terraform. This way, you can either create an identical copy or use the imported configuration as the baseline and modify it as needed. Importing a configuration is a good idea when the source PostgreSQL cluster has a lot of settings and you need to create a similar one.

To create an PostgreSQL cluster copy:

  1. If you do not have Terraform yet, install it.

  2. Get the authentication credentials. You can add them to environment variables or specify them later in the provider configuration file.

  3. Configure and initialize a provider. There is no need to create a provider configuration file manually, you can download it.

  4. Place the configuration file in a separate working directory and specify the parameter values. If you did not add the authentication credentials to environment variables, specify them in the configuration file.

  5. In the same working directory, place a .tf file with the following contents:

    resource "yandex_mdb_postgresql_cluster" "old" { }

  6. Write the ID of the initial PostgreSQL cluster to the environment variable:

    export POSTGRESQL_CLUSTER_ID=<cluster_ID>

    You can request the ID with a list of clusters in the folder.

  7. Import the settings of the initial PostgreSQL cluster into the Terraform configuration:

    terraform import yandex_mdb_postgresql_cluster.old ${POSTGRESQL_CLUSTER_ID}

  8. Get the imported configuration:

    terraform show

  9. Copy it from the terminal and paste it into the .tf file.

  10. Place the file in the new imported-cluster directory.

  11. Modify the copied configuration so that you can create a new cluster from it:

    • Specify the new cluster name in the resource string and the name parameter.
    • Delete created_at, health, id, and status.
    • In the host sections, delete fqdn and role.
    • If the disk_size_autoscaling section has disk_size_limit = 0, delete this section.
    • If the maintenance_window section has type = "ANYTIME", delete the hour parameter.
    • Optionally, make further changes if you need to customize the configuration.

  12. Get the authentication credentials in the imported-cluster directory.

  13. In the same directory, configure and initialize a provider. There is no need to create a provider configuration file manually, you can download it.

  14. Place the configuration file in the imported-cluster directory and specify the parameter values. If you did not add the authentication credentials to environment variables, specify them in the configuration file.

  15. Check that the Terraform configuration files are correct:

    terraform validate

    If there are any errors in the configuration files, Terraform will point them out.

  16. Create the required infrastructure:

    1. Run the command to view planned changes:

      terraform plan

      If the resource configuration descriptions are correct, the terminal will display a list of the resources to modify and their parameters. This is a test step. No resources are updated.

    2. If you are happy with the planned changes, apply them:

      1. Run the command:

        terraform apply

      2. Confirm the update of resources.

      3. Wait for the operation to complete.

    All the required resources will be created in the specified folder. You can check resource availability and their settings in the management console.

Time limits

A Terraform provider sets the timeout for Managed Service for PostgreSQL cluster operations:

  • Creating a cluster, including restoring from a backup: 30 minutes.
  • Editing a cluster: 60 minutes.
  • Deleting a cluster: 15 minutes.

Operations exceeding the set timeout are interrupted.

How do I change these limits?

Add the timeouts block to the cluster description, for example:

resource "yandex_mdb_postgresql_cluster" "<cluster_name>" {
  ...
  timeouts {
    create = "1h30m" # 1 hour 30 minutes
    update = "2h"    # 2 hours
    delete = "30m"   # 30 minutes
  }
}

Examples

Creating a single-host cluster

To create a cluster with a single host, provide a single --host parameter.

Create a Managed Service for PostgreSQL cluster with the following test specifications:

  • Name: mypg
  • Environment: production
  • Network: default
  • Security group: enp6saqnq4ie244g67sb
  • With one s2.micro host in the b0rcctk2rvtr******** subnet, in the ru-central1-a availability zone
  • Network SSD storage (network-ssd): 20 GB
  • User: user1, password: user1user1
  • Database: db1, owner: user1
  • Protection of the cluster, its DBs, and users against accidental deletion: Enabled

Run the following command:

yc managed-postgresql cluster create \
   --name mypg \
   --environment production \
   --network-name default \
   --resource-preset s2.micro \
   --host zone-id=ru-central1-a,subnet-id=b0rcctk2rvtr******** \
   --disk-type network-ssd \
   --disk-size 20 \
   --user name=user1,password=user1user1 \
   --database name=db1,owner=user1 \
   --security-group-ids enp6saqnq4ie244g67sb \
   --deletion-protection

Create a Managed Service for PostgreSQL cluster and a network for it with the following test specifications:

  • Name: mypg.

  • Version: 17.

  • Environment: PRESTABLE.

  • Cloud ID: b1gq90dgh25bebiu75o.

  • Folder ID: b1gia87mbaomkfvsleds.

  • New network: mynet.

  • New security group: pgsql-sg, allowing cluster connections from the internet through port 6432.

  • Host class: s2.micro (one host), new subnet: mysubnet, availability zone: ru-central1-a. mysubnet range: 10.5.0.0/24.

  • Network SSD storage (network-ssd): 20 GB.

  • User: user1, password: user1user1.

  • Database: db1, owner: user1.

  • Protection of the cluster, its DBs, and users against accidental deletion: Enabled.

The configuration file for this cluster is as follows:

resource "yandex_mdb_postgresql_cluster" "mypg" {
  name                = "mypg"
  environment         = "PRESTABLE"
  network_id          = yandex_vpc_network.mynet.id
  security_group_ids  = [ yandex_vpc_security_group.pgsql-sg.id ]
  deletion_protection = true

  config {
    version = 17
    resources {
      resource_preset_id = "s2.micro"
      disk_type_id       = "network-ssd"
      disk_size          = "20"
    }
  }

  host {
    zone      = "ru-central1-a"
    name      = "mypg-host-a"
    subnet_id = yandex_vpc_subnet.mysubnet.id
  }
}

resource "yandex_mdb_postgresql_database" "db1" {
  cluster_id = yandex_mdb_postgresql_cluster.mypg.id
  name       = "db1"
  owner      = "user1"
}

resource "yandex_mdb_postgresql_user" "user1" {
  cluster_id = yandex_mdb_postgresql_cluster.mypg.id
  name       = "user1"
  password   = "user1user1"
}

resource "yandex_vpc_network" "mynet" {
  name = "mynet"
}

resource "yandex_vpc_subnet" "mysubnet" {
  name           = "mysubnet"
  zone           = "ru-central1-a"
  network_id     = yandex_vpc_network.mynet.id
  v4_cidr_blocks = ["10.5.0.0/24"]
}

resource "yandex_vpc_security_group" "pgsql-sg" {
  name       = "pgsql-sg"
  network_id = yandex_vpc_network.mynet.id

  ingress {
    description    = "PostgreSQL"
    port           = 6432
    protocol       = "TCP"
    v4_cidr_blocks = [ "0.0.0.0/0" ]
  }
}

Managing database connection parameters using Connection Manager

If your cloud or folder has access to Connection Manager public preview, a new connection entity will appear in your folder after you create a cluster. You can use it to manage database connection parameters.

Passwords and other sensitive data will be stored in a Yandex Lockbox secret. To see which secrets store connection information for your cluster, select Lockbox in the list of services in your folder. You will find you cluster's ID on the Secrets page in the secret dependencies column.

You can also use Connection Manager to configure access to connections.

Previous
Getting information on existing clusters
Next
Updating cluster settings