已启用 Azure Arc 的 SQL Server(预览)Azure Arc enabled SQL Server (preview)

已启用 Azure Arc 的 SQL Server 是 Azure Arc for servers 的一部分。Azure Arc enabled SQL Server is part of the Azure Arc for servers. 它将 Azure 服务扩展到 SQL Server 实例,这些实例托管在客户的数据中心、边缘或多云环境中的 Azure 外部。It extends Azure services to SQL Server instances hosted outside of Azure in the customer’s datacenter, on the edge or in a multi-cloud environment.

若要启用 Azure 服务,必须使用 Azure 门户和注册脚本向 Azure Arc 注册运行的 SQL Server 实例。To enable Azure services, a running SQL Server instance must be registered with Azure Arc using the Azure portal and a registration script. 注册后,该实例将在 Azure 上表示为“SQL Server - Azure Arc”资源。After registration the instance will be represented on Azure as a SQL Server – Azure Arc resource . 此资源的属性反映一部分 SQL Server 配置设置。The properties of this resource reflect a subset of the SQL Server configuration settings.

可以在运行 Windows 或 Linux 的虚拟机或物理计算机上安装 SQL Server,Windows 或 Linux 通过 Connected Machine 代理连接到 Azure Arc。The SQL Server can be installed in a virtual or physical machine running Windows or Linux that is connected to Azure Arc via the Connected Machine agent. 只要安装了该代理,计算机就会在 SQL Server 实例注册过程中自动进行注册。The agent is installed and machine is and registered automatically as part of the SQL Server instance registration. Connected Machine 代理通过 TCP 端口 443 安全地与 Azure Arc 进行出站通信。The Connected Machine agent communicates outbound securely to Azure Arc over TCP port 443. 如果计算机通过防火墙或 HTTP 代理服务器建立连接以通过 Internet 进行通信,请查看 Connected Machine 的网络配置要求If the machine connects through a firewall or a HTTP proxy server to communicate over the Internet, review the network configuration requirements for the Connected Machine agent.

已启用 Azure Arc 的 SQL Server 的公共预览版支持一组解决方案,这些解决方案需要安装 Microsoft Monitoring Agent (MMA) 服务器扩展并将其连接到 Azure Log Analytics 工作区进行数据收集和报告。The public preview of Azure Arc enabled SQL Server supports a set of solutions that require the Microsoft Monitoring Agent (MMA) server extension to be installed and connected to a Azure Log analytics workspace for data collection and reporting. 这些解决方案包括使用 Azure 安全中心和 Azure Sentinel 的高级数据安全,以及使用按需 SQL 评估功能的 SQL 环境运行状况检查。These solutions include Advanced data security using Azure Security Center and Azure Sentinel, and SQL Environment health checks using On-demand SQL Assessment feature.

下图说明了已启用 Azure Arc 的 SQL Server 的体系结构。The following diagram illustrates the architecture of Azure Arc enable SQL Server.

公共预览版体系结构

必备知识Prerequisites

支持的 SQL 版本和操作系统Supported SQL versions and operating systems

已启用 Azure Arc 的 SQL Server 支持在以下版本的 Windows 或 Linux 操作系统之一上运行的 SQL Server 2012 或更高版本:Azure Arc enabled SQL Server supports SQL Server 2012 or higher running on one of the following versions of the Windows or Linux operating system:

  • Windows Server 2012 R2 和更高版本Windows Server 2012 R2 and higher
  • Ubuntu 16.04 和 18.04 (x64)Ubuntu 16.04 and 18.04 (x64)
  • Red Hat Enterprise Linux (RHEL) 7 (x64)Red Hat Enterprise Linux (RHEL) 7 (x64)
  • SUSE Linux Enterprise Server (SLES) 15 (x64)SUSE Linux Enterprise Server (SLES) 15 (x64)

所需的权限Required permissions

若要将 SQL Server 实例和宿主连接到 Azure Arc,你必须有一个帐户且该帐户有权执行以下操作:To connect the SQL Server instances and the hosting to Azure Arc, you must have an account with privileges to perform the following actions:

  • Microsoft.AzureData/*Microsoft.AzureData/*
  • Microsoft.HybridCompute/machines/readMicrosoft.HybridCompute/machines/read
  • Microsoft.HybridCompute/machines/writeMicrosoft.HybridCompute/machines/write
  • Microsoft.GuestConfiguration/guestConfigurationAssignments/readMicrosoft.GuestConfiguration/guestConfigurationAssignments/read

为了获得最佳安全性,我们建议在 Azure 中创建自定义角色并列出基础权限。For optimal security, we recommend creating a custom role in Azure that has the minimal permissions listed. 若要了解如何在 Azure 中创建自定义角色并配置基础权限,请参阅自定义角色概述For information on how to create a custom role in Azure with these permissions, see Custom roles overview. 若要添加角色分配,请参阅使用 Azure 门户添加或删除角色分配使用 Azure RBAC 和 Azure CLI 添加或删除角色分配To add role assignment, see Add or remove role assignments using Azure portal or Add or remove role assignments using Azure RBAC and Azure CLI.

Azure 订阅和服务限制Azure subscription and service limits

在为 SQL Server 实例和计算机配置 Azure Arc 之前,应查看 Azure 资源管理器订阅限制资源组限制,以规划要连接的计算机数。Before configuring your SQL server instances and machines with Azure Arc, review the Azure Resource Manager subscription limits and resource group limits to plan for the number of machines to be connected.

网络配置和资源提供程序Networking configuration and resource providers

查看 Connected Machine 代理所需的网络配置、传输层安全性和资源提供程序Review networking configuration, transport layer security and resource providers required for Connected machine agent.

支持的 Azure 区域Supported Azure regions

此公共预览版已在以下区域推出:The public preview is available in the following regions:

  • 美国东部East US
  • 美国东部 2East US 2
  • 美国西部 2West US 2
  • 澳大利亚东部Australia East
  • Southeast AsiaSoutheast Asia
  • 北欧North Europe
  • 西欧West Europe
  • 英国南部UK South

后续步骤Next steps