Databases
Managed database servers for PostgreSQL and MySQL.
Database servers are Azure managed resources available to use in your compliant environments. They have been provisioned in similar ways as compute nodes to meet the guarantees outlined in MedStack Control's compliance policies.
Overview

Field | Description |
---|---|
Status | The build status of the node from the cloud provider as Creating, Ready, or Deleting. |
Database | The database technology and version. |
Category | The size classification of database server. |
VCPUs | The CPU resource specification of the database server. |
Memory | The memory resource specification of the database server. |
Role | The role of the database as the master or replica. |
Allowed IPs | The number of allowed IP address rules enabled for the database server. |
Specifications
Recently removed versions
MedStack removes support for database versions that are EOL and no longer receive security patches to ensure platform compliance.
Following the community support plan for MySQL and PostgreSQL, we have removed the ability to create MySQL 5.6 and PostgreSQL 10 database servers.
Database type | Supported versions |
---|---|
PostgreSQL | Single server: 11 Flexible database: 11, 12, 13 |
MySQL | Single server: 5.7, 8.x Flexible database: 5.7, 8.x |
Size | vCPU (cores) | Memory (GB) | Storage capacity | Storage IOPS | Max User Connections |
---|---|---|---|---|---|
Basic | 1 | 2 | Up to 1 TB Autogrowth enabled | Variable | 50 |
Basic | 2 | 4 | Up to 1 TB Autogrowth enabled | Variable | 100 |
General purpose | 2 | 10 | Up to 16 TB Autogrowth enabled | 3 IOPS/GB Max 20,000 IOPS | 145 |
General purpose | 4 | 20 | Up to 16 TB Autogrowth enabled | 3 IOPS/GB Max 20,000 IOPS | 245 |
Click here for the full specification of PostgreSQL or MySQL database servers.
Building a production system?
Recommended: General purpose tier database servers target most workloads that require balanced compute and memory with scalable I/O throughput. Examples include servers for hosting web and mobile apps and other enterprise applications.
Basic tier database servers target workloads that require light compute and I/O performance. Examples include servers used for staging, development, testing or small-scale infrequently used applications.
Security
Intrusion detection system
Advanced Threat Protection for Azure Database for PostgreSQL and MySQL is a service used on each database server. It detects anomalous activities indicating unusual and potentially harmful attempts to access or exploit databases and reports this information to MedStack.
SSL connectivity
Azure Database for MySQL supports connecting your database server to client applications using SSL. Enforcing SSL connections between your database server and your client applications helps protect against "man in the middle" attacks by encrypting the data stream between the server and your application.
In some cases, applications require a local certificate file generated from a trusted Certificate Authority (CA) certificate file to connect securely. The certificate to connect to an:
- Azure Database for PostgreSQL server is located at https://www.digicert.com/CACerts/BaltimoreCyberTrustRoot.crt.pem.
- Azure Database for MySQL server which is located at https://www.digicert.com/CACerts/BaltimoreCyberTrustRoot.crt.pem.
Backup and restore
Azure managed databases for MySQL and PostgreSQL are configured to be backed up once to twice per day, depending on the size of the database. Additionally, Azure managed databases are configured to retain backups for the maximum period of 35 days.
Restoring from a database backup must be done through our support team at [email protected] We intend on supporting functionality for self-service restoration for Azure managed databases in the future.
You can read more about the Azure managed databases backup information for MySQL and for PostgreSQL directly on Azure's documentation.
Actions
Create
- Click the Create database button in the cluster you'd like to create a managed database server.

- Select the type of database you'd like to create.
- Configure the database version from the list of supported versions.
- Select the tier and size of the database server as outlined in the specifications section of this guide.
- Configure the initial storage capacity. By default, database server storage capacities will automatically scale upward using Azure's autogrow feature.
Database autogrow enabled
With autogrow enabled, the server storage increases to accommodate the growing data.
For servers with less than 100 GB provisioned storage, the provisioned storage size is increased by 5 GB as soon as the free storage is below the greater of 1 GB or 10% of the provisioned storage.
For servers with more than 100 GB of provisioned storage, the provisioned storage size is increased by 5% when the free storage space is below 5% of the provisioned storage size.
Maximum storage limits apply, as specified here.
- Create a set of credentials to use for connecting to the database.
Remember your credentials
MedStack does not store your database credentials. If you lose the password for the credentials, you can reset the password. If you lose the entire set of credentials, you may contact [email protected] for assistance.
Replicate
You may create read-only replicas of managed database servers by selecting Replicate from the actions menu on a database server.

All replicas are generated in the same region. You can read more about replication for Azure databases for PostgreSQL and MySQL here.
Reset password
You may reset the password configured for the database server by selecting Reset Password from the Actions menu on a database server row.

It's important to note that you cannot reset the username through MedStack Control.
Allowed IPs
You may permit IP addresses external of the cluster with connection privileges to databases on the server by selecting Allowed IPs from the actions menu on a database server.

You can manage rules here to permit and rescind connections from IP addresses outside the cluster. This is especially helpful when performing a migration, connecting a database between clusters, and troubleshooting a database using a workbench or similar utility hosted on a known IP address.
Common use cases
It is common for allowed IP rules to be used to:
- Permit cluster access to database servers provisioned in separate clusters on MedStack Control.
- Manage database servers with database management tools on a web server or local machine.
- Facilitate database migration processes from external systems into MedStack Control.
Delete
You may permanently delete a database server and its backups by selecting Delete from the actions menu on a database server.

Make sure you grab a database dump
MedStack cannot guarantee the availability of a database's backups once a database server has been deleted. Before you delete a database server, we recommend you capture a database dump for PostgreSQL or MySQL.
Connect
You can establish a connection to a database server by making a URI request with the credentials established when creating the database server and the connection strings.
For more information on connecting to a database server, see our guide advising how to connect to a database .
Connection strings
The connection strings to a database server can be found by clicking on the database technology and version.

SSL certificates
In some cases, applications require a local certificate file generated from a trusted Certificate Authority (CA) certificate file to connect securely. The certificate to connect to an:
- Azure Database for PostgreSQL server is located at https://www.digicert.com/CACerts/BaltimoreCyberTrustRoot.crt.pem.
- Azure Database for MySQL server which is located at https://www.digicert.com/CACerts/BaltimoreCyberTrustRoot.crt.pem.
Example
In this example, we'll walk through both the MedStack Control actions and the application layer modifications to establish a connection to a database server and create a database on the database server.
See the example to learn how to connect databases to your applicaiton.
Migrate
Migrating a database can be done easily using the PostgreSQL or MySQL dump and restore functionality.
You must ensure the data is available to be moved into the database. This can be done by:
- Uploading the dump to a Docker volume.
- Baking the dump into a container image.
- Allowing the IP address of a host machine with the dump.
Flexible Database Servers (In Preview)
Flexible Database Servers are the next generation of Azure's managed database services that offer improved reliability, availability, and performance.
Enable Extensions
If you require extensions be enabled on the Flexible Database Server, submit a request to our support team using the Enable Database Extensions form and indicate the extensions to be enabled.
Limits
While this service is marked for General Availability on Azure, MedStack has chosen to temporarily continue using the "In Preview" label due to the following differences between Flexible Database Servers and Database Servers (Single):
- When a Flexible Database Server for PostgreSQL is deleted, the point-in-time backups for the database server are also deleted.
- One-click Flexible Database Server replication is not supported. Only logical replication can be set up between a source and target database.
Updated 7 months ago