Terraform 中的 Azure SQL 备份设置

Azure SQL back up setting in Terraform

正在尝试在 Terraform 文件中设置参数以备份 Azure SQL 服务器。

在 AWS 中,我可以添加如下密钥:

      allocated_storage = 1000
      engine_version = “13.00.4451.0.v1”
      backup_window = “18:00-18:30”
      backup_retention_period = 14

我找不到类似的密钥来备份 Azure SQL。下面是我在 Terraform Docs 和网络上找到的备份密钥:

  resource "azurerm_sql_server" "some_erver" {
    administrator_login          = "some_login"
    administrator_login_password = "some_password"
    location                     ="some_location"
    name                         = "some_server"
    resource_group_name          = "some_resource"
    version                      = "some_version"

  tags = {
    environment  = "t"
    stack-name   = "name"
    stack-number = "number"
    app-number   = "app-number"
    logicmonitor = "bool"
  }
  backup {
    frequency = "Daily"
    time      = "04:00"
  }

  retention_daily {
    count = 30
  }
}

但是 Terraform Apply 管道失败并显示一条消息:

     Error: azurerm_sql_server.enxtz256-db01: : invalid or unknown key: backup

     Error: azurerm_sql_server.enxtz256-db01: : invalid or unknown key: retention_daily

如有任何帮助,我们将不胜感激

根据 terraform 文档 azurerm_sql_server,它不支持 backupretention_daily 方块。

如果你想创建 Azure SQL 数据库的备份,也许你可以考虑使用 azurerm_recovery_services_protection_policy_vm.

示例:

resource "azurerm_resource_group" "example" {
  name     = "tfex-recovery_vault"
  location = "West US"
}

resource "azurerm_recovery_services_vault" "example" {
  name                = "tfex-recovery-vault"
  location            = "${azurerm_resource_group.example.location}"
  resource_group_name = "${azurerm_resource_group.example.name}"
  sku                 = "Standard"
}

resource "azurerm_recovery_services_protection_policy_vm" "test" {
  name                = "tfex-recovery-vault-policy"
  resource_group_name = "${azurerm_resource_group.example.name}"
  recovery_vault_name = "${azurerm_recovery_services_vault.example.name}"

  timezone = "UTC"

  backup {
    frequency = "Daily"
    time      = "23:00"
  }

  retention_daily {
    count = 10
  }

参考博客:

我还发现另一个教程可以帮助使用 terraform 为 Azure SQL 数据库创建备份:How To Deploy an Azure SQL Database using Terraform.

总结:

Azure SQL 数据库

现在,进入 SQL 数据库。可以看到这里,资源块都差不多,给它起个名字,资源组和位置。

注意,在此块的末尾,我添加了一个 PowerShell 命令来设置数据库的长期备份保留策略。这将使您能够设置每月或每周的备份保留计划以满足您的需要。

resource "azurerm_sql_database" "test2" {
  name                = "sqldbtf01"
  resource_group_name = "${azurerm_resource_group.test2.name}"
  location            = "North Central US"
  server_name         = "${azurerm_sql_server.test2.name}"

  threat_detection_policy {
    state                      = "Enabled"
    email_addresses            = ["dbgrl93@gmail.com"]
    retention_days             = "30"
    storage_account_access_key = "${azurerm_storage_account.test2sa.primary_access_key}"
    storage_endpoint           = "${azurerm_storage_account.test2sa.primary_blob_endpoint}"
    use_server_default         = "Enabled"
  }

  provisioner "local-exec" {
    command     = "Set-AzureRmSqlDatabaseBackupLongTermRetentionPolicy -ResourceGroupName ${azurerm_resource_group.test2.name}  -ServerName ${azurerm_sql_server.test2.name} -DatabaseName 'sqldbsrvrtf01' -WeeklyRetention P12W -YearlyRetention P5Y -WeekOfYear 16 "
    interpreter = ["PowerShell", "-Command"]
  }
}

希望这对您有所帮助。

您可以试试 ARM 模板:

resource "azurerm_template_deployment" "example" {
  name                = "example-db-retention"
  resource_group_name = azurerm_resource_group.example.name
  template_body = <<-DEPLOY
    {
      "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
      "contentVersion": "1.0.0.0",
      "resources": [
        {
          "apiVersion" : "2017-03-01-preview",
          "type" : "Microsoft.Sql/servers/databases/backupLongTermRetentionPolicies",
          "name" : "${azurerm_sql_server.example.name}/${azurerm_sql_database.example.name}/default",
          "properties" : {
            "weeklyRetention": "P45D"
          }
        },
        {
          "apiVersion": "2017-10-01-preview",
          "type": "Microsoft.Sql/servers/databases/backupShortTermRetentionPolicies",
          "name": "${azurerm_sql_server.example.name}/${azurerm_sql_database.example.name}/default",
          "properties": {
            "retentionDays": 14
          }
        }
      ]
    }
    DEPLOY

  deployment_mode = "Incremental"
}

我在 azurerm terraform 提供程序 github 站点的 Issue 1802 中从 drdamour 那里得到的。这最终对我的场景来说效果不是很好,因为它不跟踪 Terraform 中的对象,但它可能对你有用。

或者我最终只是使用 azure rest 命令从 azure cli 调用它,例如:

az rest --method put --uri https://management.azure.com/subscriptions/[subscription]/resourceGroups/[resourcegroup]/providers/Microsoft.Sql/servers/[servername]/databases/[databasename]/backupLongTermRetentionPolicies/default?api-version=2017-03-01-preview --body "{\"properties\":{\"weeklyRetention\":\"P4W\",\"yearlyRetention\":\"P7Y\",\"weekOfYear\":1}}"

设置长期保留,然后:

az rest --method put --uri https://management.azure.com/subscriptions/[subscription]/resourceGroups/[resourcegroup]/providers/Microsoft.Sql/servers/[servername]/databases/[databasename]/backupShortTermRetentionPolicies/default?api-version=2017-10-01-preview --body "{\"properties\":{\"retentionDays\":14}}"

设置短期保留。我喜欢这个解决方案,因为它简单且幂等。

有关 API 的更多详细信息,请参见 Short Term Retention Policies and Long Term Retention Policies

我想指出,根据开发团队(source) azurerm_sql_database is not getting updated anymore. Instead, all new features are added to azurerm_mssql_database, which actually deploys the same database types. According to the Terraform documentationazurerm_mssql_database支持短期备份(时间点恢复)和长期备份. 这可以通过以下内联块来管理:

A long_term_retention_policy 块支持以下内容:

weekly_retention - (Optional) The weekly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 520 weeks. e.g. P1Y, P1M, P1W or P7D.

monthly_retention - (Optional) The monthly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 120 months. e.g. P1Y, P1M, P4W or P30D.

yearly_retention - (Optional) The yearly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 10 years. e.g. P1Y, P12M, P52W or P365D.

week_of_year - (Optional) The week of year to take the yearly backup in an ISO 8601 format. Value has to be between 1 and 52.

A short_term_retention_policy 块支持以下内容:

retention_days - (Required) Point In Time Restore configuration. Value has to be between 7 and 35.

如果您不知何故来自 azurerm_sql_database 并想迁移到 azurerm_mssql_database,您可以按照以下步骤操作。这个我自己做过,很简单

  • 运行:地形状态 rm“azurerm_sql_database.database”
  • 将资源更改为 azurerm_mssql_database,包括适当的字段
  • 运行:地形导入azurerm_mssql_database.database“/very/long/database/id”
  • 运行:地形应用

https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mssql_database

.