Skip to main content Link Menu Expand (external link) Document Search Copy Copied

Create an Azure MySQL Database service

You now have the compute service that will host your applications and the config server that will be used by your migrated application. Before you start deploying individual microservices as Azure Spring Apps applications, you need to first create an Azure Database for MySQL Flexible Server-hosted database for them. To accomplish this, you can use the following guidance:

You will also need to update the config for your applications to use the newly provisioned MySQL Server to authorize access to your private GitHub repository. This will involve updating the application.yml config file in your private git config repo with the values provided in the MySQL Server connection string.

Your MySQL database will also have a firewall enabled. This firewall will by default block all incoming calls. You will need to open this firewall in case you want to connect to it from your microservices running in the AKS cluster.

Step by step guidance

  1. Run the following commands to create an instance of MySQL Flexible server. Note that the name of the server must be globally unique, so adjust it accordingly in case the randomly generated name is already in use. Keep in mind that the name can contain only lowercase letters, numbers and hyphens. In addition, replace the <myadmin-password> placeholder with a complex password and record its value.

    MYSQL_SERVER_NAME=mysql-$APPNAME-$UNIQUEID
    MYSQL_ADMIN_USERNAME=myadmin
    MYSQL_ADMIN_PASSWORD=<myadmin-password>
    DATABASE_NAME=petclinic
          
    az mysql flexible-server create \
        --admin-user myadmin \
        --admin-password ${MYSQL_ADMIN_PASSWORD} \
        --name ${MYSQL_SERVER_NAME} \
        --resource-group ${RESOURCE_GROUP} 
    

    During the creation you will be asked whether access for your IP address should be added and whether access for all IP’s should be added. Answer n for no on both questions.

    Wait for the provisioning to complete. This might take about 3 minutes.

  2. Once the Azure Database for MySQL Flexible Server instance gets created, it will output details about its settings. In the output, you will find the server connection string. Record its value since you will need it later in this exercise.

  3. Run the following commands to create a database in the Azure Database for MySQL Flexible Server instance.

     az mysql flexible-server db create \
         --server-name $MYSQL_SERVER_NAME \
         --resource-group $RESOURCE_GROUP \
         -d $DATABASE_NAME
    
  4. You will also need to allow connections to the server from your AKS cluster. For now, to accomplish this, you will create a server firewall rule to allow inbound traffic from all Azure Services. This way your apps running in Azure Kubernetes Service will be able to reach the MySQL database providing them with persistent storage. In one of the upcoming exercises, you will restrict this connectivity to limit it exclusively to the apps hosted by your AKS instance.

     az mysql flexible-server firewall-rule create \
         --rule-name allAzureIPs \
         --name ${MYSQL_SERVER_NAME} \
         --resource-group ${RESOURCE_GROUP} \
         --start-ip-address 0.0.0.0 --end-ip-address 0.0.0.0
    
  5. From the Git Bash window, in the config repository you cloned locally, use your favorite text editor to open the application.yml file. Replace the full contents of the application.yml file with the contents of this application.yml file. The updated application.yml file includes the following changes:

    • It removes the default 0 value for the server.port on line 5.
    • It changes the default spring.sql.init values to use mysql configuration on lines 15 to 19.
    • It adds a spring.datasource property for your mysql database on lines 10 to 14.
    • It adds extra eureka config on lines 61 to 66.
    • It removes the chaos-monkey and mysql profiles.
  6. In the part you pasted, update the values of the target datasource endpoint on line 12, the corresponding admin user account on line 13, and its password on line 14 to match your configuration. Set these values by using the information in the Azure Database for MySQL Flexible Server connection string you recorded earlier in this task.

  7. Save the changes and push the updates you made to the application.yml file to your private GitHub repo by running the following commands from the Git Bash prompt:

    git add .
    git commit -m 'azure mysql info'
    git push
    

    At this point, the admin account user name and password are stored in clear text in the application.yml config file. In one of upcoming exercises, you will remediate this potential vulnerability by removing clear text credentials from your configuration.