Deploy your Bitnami PostgreSQL Stack on Microsoft Azure now! Launch Now

Bitnami PostgreSQL for Microsoft Azure

Description

PostgreSQL (Postgres) is an open source object-relational database known for reliability and data integrity. ACID-compliant, it supports foreign keys, joins, views, triggers and stored procedures.

First steps with the Bitnami PostgreSQL Stack

Welcome to your new Bitnami application running on Microsoft Azure! Here are a few questions (and answers!) you might need when first starting with your application.

What credentials do I need?

You need two sets of credentials:

  • The application credentials that allow you to log in to your new Bitnami application. These credentials consist of a username and password.
  • The server credentials that allow you to log in to your Microsoft Azure server using an SSH client and execute commands on the server using the command line. These credentials consist of an SSH username and key.

What is the administrator username set for me to log in to the application for the first time?

Username: postgres

What SSH username should I use for secure shell access to my application?

SSH username: bitnami

How to start or stop the services?

Each Bitnami stack includes a control script that lets you easily stop, start and restart services. The script is located at /opt/bitnami/ctlscript.sh. Call it without any service name arguments to start all services:

$ sudo /opt/bitnami/ctlscript.sh start

Or use it to restart a single service, such as Apache only, by passing the service name as argument:

$ sudo /opt/bitnami/ctlscript.sh restart apache

Use this script to stop all services:

$ sudo /opt/bitnami/ctlscript.sh stop

Restart the services by running the script without any arguments:

$ sudo /opt/bitnami/ctlscript.sh restart

Obtain a list of available services and operations by running the script without any arguments:

$ sudo /opt/bitnami/ctlscript.sh

What is the default configuration?

The default configuration consists of:

  • A database cluster or directory under which all data will be stored. The default data directory in Bitnami is located at /opt/bitnami/postgresql/data.
  • Every connection to the PostgreSQL database server is made using the name of some particular role. A database superuser bypasses all permission checks, except the right to log in. Bitnami configures a default superuser role with a name of postgres. The postgres role has remote access to the database.

Check our recommendations for a production server.

PostgreSQL version

To obtain the PostgreSQL version, execute the following command:

$ postgres --version

PostgreSQL configuration files

The PostgreSQL configuration settings file is located at /opt/bitnami/postgresql/data/postgresql.conf.

The PostgreSQL client authentication configuration file is located at /opt/bitnami/postgresql/data/pg_hba.conf.

The PostgreSQL official documentation has more details on how to configure the PostgreSQL database.

PostgreSQL socket

On Unix, PostgreSQL clients can connect to the server using an Unix socket file. Usually when you use a PostgreSQL client tool included in the Stack, you will not need to specify the socket for the connection.

The socket file is created at /opt/bitnami/postgresql/.s.PGSQL.5432.

PostgreSQL port

The default port in which PostgreSQL listens is 5432.

PostgreSQL log file

The main PostgreSQL log file is created at /opt/bitnami/postgresql/postgresql.log file. You can change the default error reporting and logging configuration settings in the postgresql.conf file.

NOTE: On some platforms, you may need root account privileges to view these files.

What are the default ports?

A port is an endpoint of communication in an operating system that identifies a specific process or a type of service. Bitnami stacks include several services or servers that require a port.

Remember that if you need to open some ports you can follow the instructions given in the FAQ to learn how to open the server ports for remote access.

Port 22 is the default port for SSH connections.

The PostgreSQL access port is 5432. This port is closed by default, you must open it to enable remote access.

How to upload files to the server with SFTP?

NOTE: Bitnami applications can be found in /opt/bitnami/apps.

First, obtain your SSH credentials by following these steps:

  • Browse to the Bitnami Launchpad for Microsoft Azure and sign in if required using your Bitnami account.
  • Select the "Virtual Machines" menu item.
  • Select your cloud server from the resulting list.
  • Note the server IP address and SSH credentials on the resulting page. Your server may have been deployed using either an SSH password or an SSH key.

    SSH credentials with password

    SSH credentials with key

Although you can use any SFTP/SCP client to transfer files to your server, this guide documents FileZilla (Windows, Linux and Mac OS X), WinSCP (Windows) and Cyberduck (Mac OS X).

Using an SSH Key

Once you have your server's SSH key, choose your preferred application and follow the steps below to connect to the server using SFTP.

FileZilla
IMPORTANT: To use FileZilla, your server private key should be in PPK format.

Follow these steps:

  • Download and install FileZilla.
  • Launch FileZilla and use the "Edit -> Settings" command to bring up FileZilla's configuration settings.
  • Within the "Connection -> SFTP" section, use the "Add keyfile" command to select the private key file for the server. FileZilla will use this private key to log in to the server.

    FileZilla configuration

  • Use the "File -> Site Manager -> New Site" command to bring up the FileZilla Site Manager, where you can set up a connection to your server.
  • Enter your server host name and specify bitnami as the user name.
  • Select "SFTP" as the protocol and "Ask for password" as the logon type.

    FileZilla configuration

  • Use the "Connect" button to connect to the server and begin an SFTP session. You might need to accept the server key, by clicking "Yes" or "OK" to proceed.

You should now be logged into the /home/bitnami directory on the server. You can now transfer files by dragging and dropping them from the local server window to the remote server window.

If you have problems accessing your server, get extra information by use the "Edit -> Settings -> Debug" menu to activate FileZilla's debug log.

FileZilla debug log

WinSCP
IMPORTANT: To use WinSCP, your server private key should be in PPK format.

Follow these steps:

  • Download and install WinSCP.
  • Launch WinSCP and in the "Session" panel, select "SCP" as the file protocol.
  • Enter your server host name and specify bitnami as the user name.

    WinSCP configuration

  • Click the "Advanced…" button and within the "SSH -> Authentication -> Authentication parameters" section, select the private key file for the server. WinSCP will use this private key to log in to the server.

    WinSCP configuration

  • From the "Session" panel, use the "Login" button to connect to the server and begin an SCP session.

You should now be logged into the /home/bitnami directory on the server. You can now transfer files by dragging and dropping them from the local server window to the remote server window.

If you need to upload files to a location where the bitnami user doesn't have write permissions, you have two options:

  • Once you have configured WinSCP as described above, click the "Advanced…" button and within the "Environment -> Shell" panel, select sudo su - as your shell. This will allow you to upload files using the administrator account.

    WinSCP configuration

  • Upload the files to the /home/bitnami directory as usual. Then, connect via SSH and move the files to the desired location with the sudo command, as shown below:

     $ sudo mv /home/bitnami/uploaded-file /path/to/desired/location/
    
Cyberduck
IMPORTANT: To use Cyberduck, your server private key should be in PEM format.

Follow these steps:

  • Select the "Open Connection" command and specify "SFTP" as the connection protocol.

    Cyberduck configuration

  • In the connection details panel, under the "More Options" section, enable the "Use Public Key Authentication" option and specify the path to the private key file for the server.

    Cyberduck configuration

  • Use the "Connect" button to connect to the server and begin an SFTP session.

You should now be logged into the /home/bitnami directory on the server. You can now transfer files by dragging and dropping them from the local server window to the remote server window.

Using a Password

Once you have your server's SSH credentials, choose your preferred application and follow the steps below to connect to the server using SFTP.

FileZilla

Follow these steps:

  • Download and install FileZilla.
  • Launch FileZilla and use the "File -> Site Manager -> New Site" command to bring up the FileZilla Site Manager, where you can set up a connection to your server.
  • Enter your server host name.
  • Select "SFTP" as the protocol and "Ask for password" as the logon type. Use bitnami as the server username and the password generated during the server deployment process.

    FileZilla configuration

  • Use the "Connect" button to connect to the server and begin an SFTP session. You might need to accept the server key, by clicking "Yes" or "OK" to proceed.

You should now be logged into the /home/bitnami directory on the server. You can now transfer files by dragging and dropping them from the local server window to the remote server window.

If you have problems accessing your server, get extra information by use the "Edit -> Settings -> Debug" menu to activate FileZilla's debug log.

FileZilla debug log

WinSCP

Follow these steps:

  • Download and install WinSCP.
  • Launch WinSCP and in the "Session" panel, select "SCP" as the file protocol.
  • Enter your server host name and set bitnami as the server username. Enter the corresponding password as well.

    WinSCP configuration

  • From the "Session" panel, use the "Login" button to connect to the server and begin an SCP session.

You should now be logged into the /home/bitnami directory on the server. You can now transfer files by dragging and dropping them from the local server window to the remote server window.

Cyberduck

Follow these steps:

  • Select the "Open Connection" command and specify "SFTP" as the connection protocol.

    Cyberduck configuration

  • In the connection details panel, enter the server IP address, bitnami as the username, and the password generated during the deployment process.

    Cyberduck configuration

  • Use the "Connect" button to connect to the server and begin an SFTP session.

You should now be logged into the /home/bitnami directory on the server. You can now transfer files by dragging and dropping them from the local server window to the remote server window.

How to create a Virtual Network peering?

To connect two instances internally you can enable a Virtual Network (VNet) peering from the Azure Portal. Depending if the instances were launched in the same or in different resource groups, there are two methods for performing a internal connection: sharing a virtual network or enabling a virtual network peering.

How to secure your server?

Once you have created a new database and user for your application, connect your applications to the PostgreSQL server using that database and password.

It is strongly recommended that you do not have empty passwords for any user accounts when using the server for any production work.

Allow remote access only from the database user associated with the database name by editing the pg_hba.conf file on the database server host as explained below.

  • Comment out the line that allow remote access to all users:

     #host all all all md5
    
  • Add a line for the new user:

     host DATABASE_NAME USER_NAME all md5
    
  • If your application will be connected from a fixed domain or IP address, you should update your pg_hba.conf file to only accept connections from that server instead:

     host DATABASE_NAME USER_NAME applicationserver.domain.com md5
    

    or

     host DATABASE_NAME USER_NAME IP_ADDRESS 255.255.255.255 md5
    
  • Change your postgres user password as explained in this section.

How to find the PostgreSQL database credentials?

How to connect to the PostgreSQL database?

You can connect to the PostgreSQL database from the same computer where it is installed with the psql client tool.

$ psql -U postgres

You will be prompted to enter the *postgres* user password. This is the same as the [application password](/azure/faq#how-to-find-application-credentials).

How to connect to PostgreSQL from a different machine?

For security reasons, the PostgreSQL port in this solution cannot be accessed over a public IP address. To connect to PostgreSQL from a different machine, you must open port 5432 for remote access. Refer to the FAQ for more information on this.

IMPORTANT: By default, the database port for the nodes in this solution cannot be accessed over a public IP address. As a result, you will only be able to connect to your database nodes from machines that are running in the same network. For security reasons, we do not recommend making the database port accessible over a public IP address. If you must make it accessible over a public IP address, we recommend restricting access to a trusted list of source IP addresses using firewall rules. Refer to the FAQ for information on opening ports in the server firewall.

Once you have an active SSH tunnel or you opened the port for remote access, you can then connect to PostgreSQL using a command like the one below.

Remember to replace SOURCE-PORT with the source port number specified in the SSH tunnel configuration or 5432 if you opened the port for remote access.

$ psql -h 127.0.0.1 -U postgres -p SOURCE-PORT

You will be prompted to enter the postgres user password. This is the same as the application password.

How to change the PostgreSQL root password?

You can modify the PostgreSQL password using the following command at the shell prompt:

$ psql -U postgres
postgres=# alter user postgres with password 'NEW_PASSWORD';
postgresl=# \q

How to reset the PostgreSQL password?

If you don't remember your PostgreSQL database password, you can follow the steps below to reset it to a new value:

  • Change the authentication method in the configuration file at /opt/bitnami/postgresql/data/pg_hba.conf from md5 to trust and reload the configuration.

     $ sudo sed -ibak 's/^\([^#]*\)md5/\1trust/g' /opt/bitnami/postgresql/data/pg_hba.conf
     $ sudo -u postgres pg_ctl reload
    
  • Connect to the PostgreSQL database and set the password to a new value:

     $ psql -U postgres
     postgres=# alter user postgres with password 'NEW_PASSWORD';
     postgresl=# \q
    
  • Finally, change the authentication method back to md5 and reload the old PostgreSQL configuration:

     $ sudo sed -i 's/^\([^#]*\)trust/\1md5/g' /opt/bitnami/postgresql/data/pg_hba.conf
     $ sudo -u postgres pg_ctl reload
    

You should now be able to connect to PostgreSQL with the new password.

How to create a database for a custom application?

These are the basic steps to create a new database and user for your applications:

  • Create a new role by executing the createuser command. With the options below, the new role will not be a superuser and will not have privileges for creating new databases or new roles (this is usually the default for the createuser command).

     createuser -U postgres USER_NAME -S -D -R -P
    

    You will be prompted to enter first the password for the new role and to reenter it, and then to enter the postgres role password.

  • Create a new database with the new role as the owner:

     createdb -U postgres DATABASE_NAME  -O USER_NAME
    

How to configure pgAdmin 4?

NOTE: This section assumes that you have downloaded and installed pgAdmin 4.

pgAdmin is the most popular and feature-rich platform for administration and development of PostgreSQL databases. Check the pgAdmin official page for more information.

To connect to your remote PostgreSQL database server using pgAdmin 4, follow these steps:

  • Make sure that you have your cloud server's IP address and application credentials (instructions).

  • Open port 5432 in the server firewall (instructions).

    IMPORTANT: By default, the database port for the nodes in this solution cannot be accessed over a public IP address. As a result, you will only be able to connect to your database nodes from machines that are running in the same network. For security reasons, we do not recommend making the database port accessible over a public IP address. If you must make it accessible over a public IP address, we recommend restricting access to a trusted list of source IP addresses using firewall rules. Refer to the FAQ for information on opening ports in the server firewall.

  • Connect to your cloud server using PuTTY or another SSH client (instructions).

  • At the server console, edit the file /opt/bitnami/postgresql/data/pg_hba.conf and add the following at the end, then save the file:

    host all all all md5
    
  • Edit the file /opt/bitnami/postgresql/data/postgresql.conf and replace this line

    listen_address='127.0.0.1'
    

    with:

    listen_addresses = '*'
    
  • Save the file.

  • Restart the PostgreSQL server:

    sudo /opt/bitnami/ctlscript.sh restart postgresql
    

Your PostgreSQL server is now configured to accept remote connections, and you can connect to it using pgAdmin 4. Follow these steps:

  • Launch pgAdmin 4.

  • Go to the "Dashboard" tab. In the "Quick Link" section, click "Add New Server" to add a new connection.

    pgAdmin 4 configuration

  • Select the "Connection" tab in the "Create-Server" window.

  • Then, configure the connection as follows:

  • Enter your server's IP address in the "Hostname/Address" field.

  • Specify the "Port" as "5432".

  • Enter the name of the database in the "Database Maintenance" field.

  • Enter your username as postgres and password (use the same password you used when previously configuring the server to accept remote connections) for the database.

  • Click "Save" to apply the configuration.

    pgAdmin 4 configuration

  • Check that the connection between pgAdmin 4 and the PostgreSQL database server is active. Navigate to the "Dashboard" tab and find the state of the server in the "Server activity" section:

pgAdmin 4 configuration

How can I run a command in the Bitnami PostgreSQL Stack?

Log in to the server console as the bitnami user and run the command as usual. The required environment is automatically loaded for the bitnami user.

How to create a database backup?

To back up only the database, create a dump file using the pg_dump tool.

 $ pg_dump -U postgres DATABASE_NAME > backup.sql

This operation could take some time depending on the database size.

NOTE: The steps previously described will only back up the data contained inside your databases. There may be other files that you should take into account when performing a full backup, such as files that may have been uploaded to your application. Refer to your application's documentation for more details.

How to restore a database backup?

Once you have the backup file, you can restore it with a command like the one below:

$ psql -U postgres DATABASE_NAME < backup.sql

If you want to restore the database and the database schema does not exist, it is necessary to first follow the steps described below. As a side note, the value for the BITNAMI_USER_PASSWORD placeholder is included in the application credentials or, if the credentials were defined by the user, it is the same as the application password.

$ psql -U postgres
drop database DATABASE_NAME;
create database DATABASE_NAME;
create user USER_NAME;
alter role USER_NAME with password 'BITNAMI_USER_PASSWORD';
grant all privileges on database DATABASE_NAME to USER_NAME;
alter database DATABASE_NAME owner to USER_NAME;
$ psql -U postgres DATABASE_NAME < backup.sql
azure

Bitnami Documentation