SQL 2022 has arrived and in this post I will try out the new setup that should have Azure ARC install embedded.
Table of Contents
Why to use Azure ARC with SQL 2022?
One reason could be security, you will get these features through it.
- Utilize Microsoft Defender for Cloud to safeguard your on-site data.
- Secure identities using Azure Active Directory and single sign-on.
And the second reason could be billing as model as Pay-As-You-Go (PAYG)
And the third reason could be the completely automated technical evaluation of your database.
Setting it up
First, I want to note out that there is a statement saying that Azure ARC has been added as a default part to the setup.
But as we can see in the upcoming parts of this post, there isn’t anything that you choose for Azure ARC during the initial setup, you will just install and register the server to Azure ARC after the setup or before the setup to choose PAYG model.
Little bit confusing, so wanted to clarify this statement!
Onboarding experience
Once you download the media in a way you prefer and start the install, select the licensing model, you will see this screen.
As we can see there is no option for subscription model licensing.
How to enable it?
If you are using an Server outside Azure, the step is to register your server to Azure ARC.
Evaluating with Azure VM
First you will notice this error when you try to onboard Azure VM to ARC
And what is says in the tin.
And this happens because I’m running my VM inside Azure, so there will couple of steps more, not many but some.
Disable connectivity
When running inside Windows VM, do these.
1 2 3 4 5 6 7 8 |
# Set Azure guest agent to disable state Set-Service WindowsAzureGuestAgent -StartupType Disabled -Verbose # Stop the service Stop-Service WindowsAzureGuestAgent -Force -Verbose # Create a Windows Firewall rule to block access New-NetFirewallRule -Name BlockAzureIMDS -DisplayName "Block access to Azure IMDS" -Enabled True -Profile Any -Direction Outbound -Action Block -RemoteAddress 169.254.169.254 |
How it looks like?
If you are wondering what is IDMS is, here is explanation for it.
Azure Instance Metadata Service will provide details on the instances of virtual machines that are currently executing. It can be utilized to set up and administer your virtual computers. The SKU, storage, network setups, and scheduled maintenance activities are all included in this data.
And it will check your Azure VM licensing and activation, this is the reason the blocking is meant for Evaluation purposes only. The following is one thing, you will surely see when you boot the VM for the first time.
And when you open Server activation, it will display that you ain’t legit player.
But this gives an ability to test out that Azure ARC, once done, just un-install the agent, remove VM from ARC, Disable or remove the create IDMS blocking rule and set Guest agent to automatic and start the service.
Still will bring thing back to normal, like we see in the following.
See more information here.
Azure IDMS is an API interface that doesn’t need user authorization and it will work in example with Managed identities that are ran by the VM, so keep this in mind when thinking about security.
Did you know that this IP-address is commonly used also by other Cloud vendors? Like Amazon, they also use this “Magic IP”
Just wanted to shed some light on this steps also, now …
Continuing the process
Azure ARC
Open Azure ARC from https://portal.azure.com/#view/Microsoft_Azure_HybridCompute/AzureArcCenterBlade/~/sqlServers
And choose Connect servers
And you will be presented the process. If you are using an account that has enough rights, the script will handle all the steps, even registering the Resource provider, so you don’t need to worry on it.
Give you Subscription, resource group, location , OS and proxy-address (if needed)
And they will added to the script that you can copy / paste to the VM itself and run.
Note to Microsoft, would you please make this onboarding page a little more interactive, once the deployment is done, it would be nice to show it in this page.
The script
The script will set the parameters you give inside Azure portal and put them as variables.
Then it will download the MSI package
And push the install to the server.
Server side
So, now we have the all-mighty script and once you run it, magic will happen.
Give the code and login.
And the setup will progress and register that provider.
Once done, it will take about 5mins (it was 5min 15sec for me) so accurate!
And done!
How it looks like inside Azure ARC?
When you open the servers control plane in ARC, you will the server onboarded successfully.
How about inside the SQL setup?
Awesome, now we have a possibility to choose pay-as-you-go billing.
But you can also enter the product key if you want to be without the integration to Azure subscription model.
Quick tip! Did you know that you can use INI-file generated with the graphical config for deploying multiple servers silently?
See more information here.
Once you install SQL-server, you can go back to …
Azure ARC SQL-servers
And the your very own SQL-server inside Azure ARC portal.
When you dig deeper, you will see the PAYG licensing model.
And the databases it has.
Once you install either SMSS or Azure Data Studio or both, this is what you will see with the version.
Read more on Microsoft announcement.
Closure
SQL-server keeps evolving also in price. If you need the product key based licensing for it, it will cost a lot more than PAYG model.
PAYG
Editions | Monthly rate (US dollar) | Hourly rate |
---|---|---|
Standard per core | $73 | $0.100 |
Enterprise per core | $274 | $0.375 |
Old school licensing
Editions | Open no-level price (US dollar) | Licensing model | Channel availability |
---|---|---|---|
Enterprise | $13,748[2] | 2 core pack | Volume licensing, hosting |
Standard – per core | $3,586[2] | 2 core pack | Volume licensing, hosting |
Standard – server | $899[2] | Server[3] | Volume licensing, hosting |
Standard – CAL | $209 | CAL | Volume licensing, hosting |
There is also some other nice feature like Disaster recovery from and to Azure SQL Managed-Instance.