This page provides information about CockroachDB Dedicated clusters on Microsoft Azure, including frequently asked questions and limitations. To create a cluster, refer to Create a CockroachDB Dedicated Cluster.
Limitations
CockroachDB Dedicated clusters on Azure have the following temporary limitations. To express interest or request more information about a given limitation, contact your Cockroach Labs account team. For more details, refer to the FAQs.
Regions
For the list of supported Azure regions, refer to Azure Regions.
Editing and scaling
- A cluster must have at minimum three nodes. A multi-region cluster must have at minimum three nodes per region. Single-node clusters are not supported.
- To add or remove regions from a cluster on Azure, you must use the CockroachDB Cloud API. Refer to Scale, edit or upgrade a cluster.
- After it is created, a cluster's storage can be increased in place, but cannot subsequently be decreased or removed.
Networking
- Azure Private Link is not yet available. IP Allowlisting allows you to restrict the IP addresses that can connect to your cluster.
Observability
- Exporting metrics to Datadog is available. Enable the Datadog integration in the CockroachDB Cloud Console or with the Cloud API.
- Exporting metrics to Azure Monitor is not yet available. To express interest, contact your Cockroach Labs account team.
- Log Export is not yet available.
Other features
PCI-Ready features are not yet available on Azure. To express interest, contact your Cockroach Labs account team.
FAQs
The following sections provide more details about CockroachDB Dedicated on Azure.
Are multi-region clusters supported?
Yes.
Can CockroachDB Serverless clusters be deployed on Azure?
CockroachDB Serverless is not currently available on Azure.
Are horizontal and vertical scaling supported?
Yes. Refer to Cluster Management.
What Azure regions can we choose?
Refer to Azure Regions.
What kind of compute and storage resources are used?
Dedicated clusters on Azure use Dsv4-series VMs and Premium SSDs. This configuration was selected for its optimum price-performance ratio after thorough performance testing across VM families and storage types.
CockroachDB Dedicated clusters can be created with a minimum of 4 vcPUs per node on Azure.
Can we use credits to pay for clusters on Azure?
Yes, existing CockroachDB Cloud customers can pay for the usage of CockroachDB Dedicated clusters on Azure with their available credits. To add additional credits to your CockroachDB Cloud organization, contact your Cockroach Labs account team.
What backup and restore options are available for clusters on Azure?
Managed-service backups automatically back up clusters on Azure, and customers can take and restore from manual backups to Azure storage (Blob Storage or ADLS Gen 2). Refer to the blog post CockroachDB locality-aware Backups for Azure Blob for an example.
Is it possible to take encrypted backups?
Yes, customers can take and restore from encrypted backups on Azure storage by using an RSA key stored in Azure Key Vault.
Are changefeeds available?
Yes, customers can create and configure changefeeds to send data events in real-time from a CockroachDB Dedicated cluster to a downstream sink such as Kafka, Azure storage, or Webhook. Azure Event Hubs provides an Azure-native service that can be used with a Kafka endpoint as a sink.
Can we export logs and metrics from a cluster on Azure to Azure Monitor or a third-party observability service?
Exporting metrics to Datadog is supported. Refer to Export Metrics From a CockroachDB Dedicated Cluster. It’s not yet possible to export cluster logs or metrics to Azure Monitor or to another third-party observability service. To express interest in this feature, contact your Cockroach Labs account team.
Are CockroachDB user-defined functions available for clusters on Azure?
Yes, user-defined functions are supported for CockroachDB Dedicated clusters on Azure. The same CockroachDB binaries are used across CockroachDB Cloud deployment environments, and all SQL features behave the same on Azure as on GCP or AWS.
Can we migrate from PostgreSQL to CockroachDB Dedicated on Azure?
CockroachDB supports the PostgreSQL wire protocol and the majority of PostgreSQL syntax. Refer to Supported SQL Feature Support. The same CockroachDB binaries are used across CockroachDB Cloud deployment environments, and all SQL features behave the same on Azure as on GCP or AWS.
How are clusters on Azure isolated from each other? Do they follow a similar approach as on AWS and GCP?
CockroachDB Cloud follows a similar tenant isolation approach on Azure as on GCP and AWS. Each Dedicated cluster is created on an AKS cluster in a unique VNet. Implementation details are subject to change.
Can we use Single-Sign On to sign-in to and manage clusters on Azure?
Yes, Cloud Organization SSO is supported. This feature is unrelated to the cluster's deployment environment.
What secure and centralized authentication methods are available for Dedicated clusters on Azure?
Human users can connect using Cluster SSO, client certificates, or the ccloud command or SQL clients.
Application users can connect using JWT tokens or client certificates.
How is data encrypted at rest in a cluster on Azure?
Customer data at rest on cluster disks is encrypted using server-side encryption of Azure disk storage. CockroachDB’s file-based encryption at rest and Customer-Managed Encryption Keys (CMEK) are not yet available. To express interest, contact your Cockroach Labs account team.
All client connections to a CockroachDB Dedicated cluster on Azure, as well as connections between nodes, are encrypted using TLS.
Can we use private connectivity methods, such as Private Link, to securely connect to a cluster on Azure?
You can configure IP allowlisting to limit the IP addresses or CIDR ranges that can access a CockroachDB Dedicated cluster on Azure. Azure Private Link is not yet available. To express interest, contact your Cockroach Labs account team.
Was this helpful?
