We are excited to share that a new, automated way to configure high availability solutions for SQL Server on Azure Virtual Machines (VMs) is now available using our SQL VM resource provider.
To get started today, follow the instructions in the table below.
High availability architectures are designed to continue to function even when there are database, hardware, or network failures. Azure Virtual Machine instances using Premium Storage for all operating system disks and data disks offers 99.9 percent availability. This SLA is impacted by three scenarios – unplanned hardware maintenance, unexpected downtime, and planned maintenance.
To provide redundancy for your application, we recommend grouping two or more virtual machines in an Availability Set so that during either a planned or unplanned maintenance event, at least one virtual machine is available. Alternatively, to protect from data center failures, two or more VM instances can be deployed across two or more Availability Zones in the same Azure region, this will guarantee to have Virtual Machine Connectivity to at least one instance at least 99.99 percent of the time. For more information, see the “SLA for Virtual Machines.”
These mechanisms ensure high availability of the virtual machine instance. To get the same
Azure offers built-in disaster recovery (DR) solution for Azure Virtual Machines through Azure Site Recovery (ASR). In addition to the broadest global coverage, Azure has the most comprehensive resiliency strategy in the industry from mitigating rack level failures with Availability Sets and data center failures with Availability Zones to protecting against large-scale events with failover to separate regions with ASR. A common question we get is about costs associated with configuring DR for Azure virtual machines. We have listened and prioritized.
Configuring disaster recovery for Azure VMs using ASR will incur the following charges.
ASR licensing cost per VM. Network egress costs to replicate data changes from the source VM disks to another Azure region. ASR uses built-in compression to reduce the data transfer requirements by approximately 60 percent. Storage costs on the recovery site. This is typically the same as the source region storage plus any additional storage needed to maintain the recovery points as snapshots for recovery.
You can look at this sample cost calculator for estimating DR costs for a three-tier application using six virtual machines. All of the services are pre-configured in the cost calculator. The six virtual machines have 12 Standard SSD disks and 6
Azure Availability Zones are unique fault-isolated physical locations, within an Azure region, with independent power, network, and cooling. Each Availability Zone is comprised of one or more datacenters and houses infrastructure to support highly available, mission critical applications with fault tolerance to datacenter failures. For IaaS applications running on Azure Virtual Machines, you can build high availability into your business continuity strategy by deploying multiple virtual machines (VMs) across multiple zones within a region. In doing so, VMs are physically separated across zones, and a virtual network is created using load balancers at each site. These locations are close enough for high availability replication, so your applications stay running, despite any issues at the physical locations.
On rare occasions, an entire region could become unavailable due to major incidents such as natural disasters. Non-transient, large scale failures may exceed the ability of high availability (HA) features and require full-fledged disaster recovery (DR). Today, we are announcing the support for disaster recovery of virtual machines deployed in Availability Zones to another region using Azure Site Recovery (ASR). You can now replicate and failover zone pinned virtual machines to other regions within a geographic cluster using Azure Site Recovery. This new capability
The Microsoft Azure Dedicated Hardware Security Module (HSM) service provides cryptographic key storage in Azure and meets the most stringent customer security and compliance requirements. This service is the ideal solution for customers requiring FIPS 140-2 Level 3 validated devices with complete and exclusive control of the HSM appliance. The Azure Dedicated HSM service uses SafeNet Luna Network HSM 7 devices from Gemalto. This device offers the highest levels of performance and cryptographic integration options and makes it simple for you to migrate HSM-protected applications to Azure. The Azure Dedicated HSM is leased on a single-tenant basis.
Key benefits Migrate HSM-protected applications: The Gemalto HSM model uses hundreds of applications such as Oracle DB TDE, Active Directory Certificate Services, Apache/NGINX TLS offload, and your own applications that have integrated with SafeNet HSMs over the last 15 years. This makes it easy for you to migrate applications to Azure Virtual Machines or run hybrid topologies spanning across Azure and on-premises. It can also be used to back up keys on-premises. Once your applications have migrated to Azure, you will achieve low latency (single-digit millisecond) and high throughput for cryptographic operations (10,000 RSA-2048 tps). Azure Dedicated HSM supports up to ten partitions
Azure Hybrid Benefit (AHB) for SQL Server allows you to use on-premises licenses to run SQL Server on Azure Virtual Machines. If you have Software Assurance, you can use AHB when deploying a new SQL VM or activate SQL Server AHB for an existing SQL VM with a pay as you go (PAYG) license. Bring your own license (BYOL) SQL Images on Azure Marketplace should be used to implement SQL Server AHB when deploying a new SQL VM. However, if you already have a SQL VM with a PAYG license, activating AHB currently requires re-deploying the VM with BYOL SQL image.
Today, we are revealing a new, simple way to activate SQL Server AHB on Azure VM with SQL VM Resource Provider. SQL VM resource provider is a new Azure resource provider, Microsoft. SqlVirtualMachine, that supplies SQL Server configurations for an Azure VM as a resource that can be deployed and managed through Azure Resource Manager. This new infrastructure brings a backend management service for SQL Server on Azure VM including dynamic updates of SQL Server settings such as license type. To activate SQL Server AHB for an existing PAYG SQL VM, simply create a Microsoft. SqlVirtualMachine/SqlVirtualMachine type resource for
SQL Server on Azure Virtual Machines is a cost-effective lift and shift method to run SQL Server on Microsoft Azure with full control of the version, edition of SQL Server, operating system, and VM size. Today, we are revealing a new Resource Provider called Microsoft.SqlVirtualMachine, a management service running internally on Azure clusters to handle SQL Server-specific configurations and deployments on Azure VMs. SQL VM resource provider enables dynamic updates of SQL Server metadata and orchestrates multi-VM deployments required for SQL Server HADR architectures. SQL VM resource provider also enables SQL Server specific browse and monitoring experiences.
With SQL VM resource provider, we are introducing three new resource types:
Microsoft.SqlVirtualMachine/SqlVirtualMachine represents SQL Server configurations on an Azure VM. Once created, it links to the existing VM resource with the VirtualMachineResourceId property and gets SQL Server configurations from SQL IaaS Extension properties. SqlVirtualMachine resource type has a property to represent the SQL Server License type. By setting the SQL Server License type to AHUB or PAYG, the SQL Server license can be dynamically updated even after the VM instance is deployed without any downtime. Microsoft.SqlVirtualMachine/SqlVirtualMachineGroup represents a group of SQL VMs that will participate in an HADR architecture. Today we support
This blog post was authored by Mine Tokus, Senior Program Manager, COGS Data – SQL DB.
We recently published “Storage Configuration Guidelines for SQL Server on Azure VM” on the SQL Database Engine Blog summarizing the test findings from running TPC-E profile test workloads on premium storage configuration options. We continued this testing by including Ultra SSD. Ultra SSD is the new storage offering available on Microsoft Azure for mission-critical workloads with sub-millisecond latencies at high throughput. We will summarize the test details and findings in this blog.
We used DS14_v2 VM with 16 cores, 112GB memory and 224GB local SSD for this test. This virtual machine (VM) is capable of scaling up to 51,200 uncached IOPS and 64,000 cached and temporary IOPS. We selected a TPC-E workload representative OLTP app in e-commerce/trade space as the test workload. Our test workload drives a similar percentage of read and write IO activity.
Size vCPU Memory: GiB Temp storage (SSD) GiB Max cached and temp storage throughput: IOPS/MBps (cache size in GiB) Max uncached disk throughput: IOPS/MBps Standard_DS14_v2 16 112 224 64,000/512 (576) 51,200/768 Premium Storage Configuration
For Premium Storage Configuration, we added 10 -P30 disks and enabled RO cache for all
We are very excited to share the general availability (GA) of Avere vFXT for Azure. This culminates months of effort beginning when Microsoft welcomed Avere to the Azure family earlier this year. Customers can now leverage the Avere vFXT to run their high-performance applications in Azure.
The scope of Microsoft Azure’s solutions for high-performance computing (HPC) continues to broaden with Avere vFXT being the latest product to transition from testing to general availability. Avere joins a stellar portfolio of products like Azure Virtual Machines, Azure Batch, Azure CycleCloud, and networking technologies such as Azure ExpressRoute, that helps bring these demanding projects into the cloud without sacrifices.
Since public preview began in late August 2018, customers across the globe have moved new workloads to Azure using our high-performance file caching technology. The Avere vFXT has been deployed at scale, providing data access at very low latency, no matter where the file data originated. The Avere vFXT is deployed as a set of Azure Virtual Machines, adjacent to your cloud-based HPC cluster. The software runs as a cluster of VMs, enabling very high scale and throughput capacity for compute clusters of any size. Sources of storage can also connect into the Avere
Azure Update Management is a service included as part of your Azure Subscription that enables you to assess your update status across your environment and manage your Windows and Linux server patching from a single pane of glass, both for on-premises and Azure.
Update Management is available at no additional cost (you only pay for log data stored in the Azure Log Analytics service) and can easily be enabled on Azure and on-premises VMs. To try it, simply navigate to your VM tab in Azure and enable Update management on one or more of your machines.
Over the past year we’ve been listening to your feedback and bringing powerful new capabilities to Azure Update Management. Here’s a look at some of the new features we have developed with your help.
One of the biggest asks from the community this year is for more flexibility in targeting update deployments, specifically support for groups with dynamic membership. Instead of specifying a static set of machines when you create an update deployment, groups allow you to specify a query that will be evaluated each time an update deployment occurs.
We have released a preview feature that enables you to create an Azure-native
As a cloud service provider, we understand the importance of maintaining the integrity and confidentiality of customer data. To continue to help you maximize your data security and privacy, we are announcing Customer Lockbox for Microsoft Azure. It is a service integrated into Azure portal that gives you explicit control in the very rare instance when a Microsoft Support Engineer may need access to your data to resolve an issue.
There are very few instances, such as a debugging remote access issue, where a Microsoft Support Engineer requires elevated permissions to resolve this issue. In such cases, Microsoft engineers use just-in-time access service that provides limited, time-bound authorization with access limited to the service. While Microsoft has always obtained customer consent for access, Customer Lockbox now gives customers the ability to review and approve or deny such requests from Azure Portal. Until the request is approved, Microsoft Support Engineer will not be granted access.
The entire process is audited so customers maintain full visibility and control. All Customer Lockbox activity will be available in Azure Portal. If you are using Azure Security Center, the VM agent that you have installed on your virtual machines can provide logs on activities