SQL Server on Azure Arc-enabled servers

You can manage your instances of SQL Server from Azure with SQL Server on Azure Arc-enabled servers.

You can enable SQL Server on Azure Arc-enabled servers. It extends Azure services to SQL Server instances hosted outside of Azure; in your datacenter, on the edge, or in a multi-cloud environment.

To enable Azure services, register a running SQL Server instance with Azure Arc using the Azure portal and a registration script. The registration will install a SQL Arc extension to the Connected Machine agent, which in turn will a SQL Server – Azure Arc resource representing each SQL Server instance installed on that machine. The properties of this resource reflect a subset of the SQL Server configuration settings.

Architecture

The SQL Server instance can be installed in a virtual or physical machine running Windows or Linux that is connected to Azure Arc via the Connected Machine agent. When you register the SQL Server instance, the agent is installed and the machine is registered automatically.

The Connected Machine agent communicates outbound securely to Azure Arc over TCP port 443. If the machine connects through a firewall or an HTTP proxy server to communicate over the Internet, review the network configuration requirements for the Connected Machine agent.

SQL Server on Azure Arc-enabled servers supports a set of solutions that require the Microsoft Monitoring Agent (MMA) server extension to be installed and connected to an Azure Log analytics workspace for data collection and reporting. These solutions include Advanced data security using Azure Security Center and Azure Sentinel, and SQL Environment health checks using On-demand SQL Assessment feature.

The following diagram illustrates the architecture of SQL Server on Azure Arc enable servers.

Customer infrastructure hosts virtualization and persistent storage. Use the Azure portal or the appropriate CLI to manage the SQL Server instance.

To learn more about these capabilities, you can also refer to this Data Exposed episode.

Prerequisites

Supported SQL versions and operating systems

SQL Server on Azure Arc-enabled servers supports SQL Server 2012 or higher running on one of the following versions of the Windows or Linux operating system:

  • Windows Server 2012 R2 and higher
  • Ubuntu 16.04 and 18.04 (x64)
  • Red Hat Enterprise Linux (RHEL) 7 (x64)
  • SUSE Linux Enterprise Server (SLES) 15 (x64)

Note

SQL Server on Azure Arc-enabled servers does not support container images with SQL Server.

Required permissions

To connect the SQL Server instances and the hosting machine to Azure Arc, you must have an account with privileges to perform the following actions:

  • Microsoft.HybridCompute/machines/extensions/read
  • Microsoft.HybridCompute/machines/extensions/write
  • Microsoft.HybridCompute/machines/extensions/delete
  • Microsoft.HybridCompute/machines/read
  • Microsoft.HybridCompute/machines/write
  • Microsoft.GuestConfiguration/guestConfigurationAssignments/read
  • Microsoft.Authorization/roleAssignments/write
  • Microsoft.Authorization/roleAssignments/read

For optimal security, create a custom role in Azure that has the minimal permissions listed. For information on how to create a custom role in Azure with these permissions, see Custom roles overview. To add role assignment, see Add or remove role assignments using Azure portal or Add or remove role assignments using Azure RBAC and Azure CLI.

Azure subscription and service limits

Before configuring your SQL server instances and machines with Azure Arc, review the Azure Resource Manager subscription limits and resource group limits to plan for the number of machines to be connected.

Networking configuration and resource providers

Review networking configuration, transport layer security, and resource providers required for Connected Machine agent.

The resource provider Microsoft.AzureArcData is required to connect the SQL Server instances to Azure Arc. To register the resource provider, follow the instructions in the Prerequisites section.

If you connected an instance of SQL Server ot Azure Arc prior to December 2020, you need to follow the prerequisite steps to migrate the existing SQL Server - Azure Arc resources to the new namespace.

Supported Azure regions

Arc-enabled SQL Server is available in the following regions:

  • East US
  • East US 2
  • West US 2
  • Central US
  • South Central US
  • UK South
  • France Central
  • West Europe
  • North Europe
  • Japan East
  • Korea Central
  • East Asia
  • Southeast Asia
  • Australia East

Next steps