cloud os workload mobility private public hosted
TRANSCRIPT
SQL Server High Availability and Disaster Recovery on Windows Azure VMs (IaaS)Corey Sanders, Luis Vargas, Sanjay Mishra
DBI-B306
Usage-Based and Flexible
AutomatedHybrid and Managed
Cloud OS Workload Mobility PRIVATEPUBLIC HOSTED
Windows Azure Principles
Managed Hybridautomatedusage
basedeconomics elastic
always up.always on.
Pay for what you use!
Pay by the minuteMSDN Usage
PowerShell Automation
Easy Scale-OutEasy Scale-Up
Simple Load-BalancingManaged
AvailabilityEasy Hybrid
Infrastructure Services on Windows Azure
Support for key server apps
IT Pro experienceSharePoint 2010SharePoint 2013
SQL Server 2008 R2 WebSQL Server 2008 R2 StandardSQL Server 2008 R2 EnterpriseSQL Server 2012 ExpressSQL Server 2012 WebSQL Server 2012 StandardSQL Server 2012 Enterprise
BizTalk Server 2013Dynamcis GP 2013+Dynamics NAV 2013+Forefront Identity Manager 2010 R2Project Server 2013System Center SuiteTeam Foundation Server
Looking for more on SP? MDC-B213
Infrastructure Services on Windows Azure
Storage Manageability and Mobility
Support for key server apps
IT Pro experience
Windows Azure
Your Data Center
Windows Server 2012
Infrastructure Services on Windows Azure
Storage Manageability and Mobility
Support for key server apps
IT Pro experience
High availability features
High availability features
Physical Machines
Power UnitRack Switch
Availability Set
VM1
VM1 VM2 VM2
Load-Balanced Set
Load Balanc
er
Looking for more on DR? MDC-B371
Availability SLA: 99.95%
Infrastructure Services on Windows Azure
Storage Manageability and Mobility
Advanced Hybrid Networking
Support for key server apps
IT Pro experience
High availability features
Windows Azure
WA Gatew
ay
On-premises
Your datacenter
Hardware VPN or Windows RRAS
Virtual Network
<subnet 1>
<subnet 2>
<subnet 3>
DNS ServerSite-to-Site VPN
Virtual Networks – Site-to-Site
Generic VPN devices must support
• IKE v1, IKE v2
• AES 128, 256
• SHA1, SHA2
• Windows Server
• Routing and Remote Access Service (RRAS)
New: Software based VPN gateway
More Options for Getting Your Virtual Network StartedLooking for more on Virtual Networks?
MDC-B360
Windows Azure
On-premises
Your datacenter
Individual computers behind corporate firewall
Point-to-Site VPN
Remote workers
Virtual Networks – Point-to-Site
Virtual Network
<subnet 1>
<subnet 2>
<subnet 3>
DNS Server
Hardware VPN or Windows RRAS
Site-to-Site VPN
Looking for more on Point-to-site? MDC-B360 and MDC-B370
WA Gatew
ay
Infrastructure Services on Windows Azure
Storage Manageability and Mobility
Advanced Hybrid Networking
Support for key server apps
IaaS, PaaS, and Agility
IT Pro experience
High availability features
IaaS and PaaS together
Pay by the minute
VMs Stops/Payment Stops
MSDN agility
MSDN Usage Improvements
21
MSDN products can be used on Virtual Machines
Single monetary credit instead of plethora of meters
Focusing on Dev/Test Usage
Looking for more on Dev/Test? MDC-B370
SQL Server HA/DR Scenarios on IaaS• HA within Azure• Availability of SQL Server in Azure VM • Protection from issues impacting SQL Server or VM• Using another SQL Server VM in same Azure DC
• DR between On-Premise and Azure• Ensure availability of on-premise SQL Server (physical or virtual)• Protection from issues impacting on-premise DC• Using a SQL Server VM in Azure
• DR across Azure DCs• Availability of SQL Server in Azure VM • Protection from issues impacting the Azure DC• Using another SQL Server VM in different Azure DC
Why?• Azure’s failure detection for VM (not SQL Server)• SQL Server service could be down or hung• Servicing of guest OS causes downtime• Servicing of SQL Server causes downtime
• Azure’s service healing involves restarting VM in different host• ~12 min downtime each time
• Azure’s upgrade involves servicing host OS and restarting VM in the host• ~15 min downtime each time
Windows Azure
S PP S
VM VM
• Failure detection for SQL Server• Failover takes seconds
What?Configure SQL Server HA on IaaS
Technologies supportedTechnology SQL Server
VersionZero Data Loss Scop
e# Secondaries
AutomaticFailover
ReadableSecondaries
Availability Groups
SQL Server 2012 Yes(Sync Mode)
DB(s)
4 Yes(w/ additional cluster member)
Yes
Database Mirroring
SQL Server 2008 R2SQL Server 2012
Yes (High Safety Mode)
DB 1 Yes(w/ Witness)
Limited(database snapshots)
What?
What?Availability Groups
• Provide many other capabilities:• Flexible Failover Policy• Automatic Page Repair• Backups on Secondaries• Improved Manageability• FileStream & FileTable support
• But require:• Windows Cluster• Though no shared storage
• Same Windows Domain• Needs an Active Directory Domain Controller
What?Availability Group Listeners• Not supported yet• Require Floating VIPs • Azure only supports 1 non-floating IP p/VM
• Will support in next couple of months• Built on top of Azure’s Load Balancer (LB) and Windows Cluster QFE• Windows Cluster will reply to LB only on VM hosting Availability Group primary
• In the meantime..• Use Failover Partner (as in Database Mirroring)• Only works with 2 replicas
How?Provision VMs (primary, secondary, cluster member / witness)• Same Affinity Group• Same Azure cluster• Reduces log synchronization latency
• Same Availability Set• Different Fault Domain (rack) and Upgrade Domain• Ensures that a rack failure or Azure’s upgrade impacts at most one replica
• Same VNet• Ensures that VM IPs don’t change after Azure’s service healing (avoids DNS update
time: ~12 min)• Requirement for Active Directory
How?Configure SQL Server technology• Availability Groups
• Setup Active Directory Domain Controller and add VMs to a domain• Create Windows Cluster• Gotcha: Azure’s DHCP assigns a dup IP to the cluster network name (CNN)
Can cause cluster creation to fail Availability Groups don’t use CNN
Workaround: Use CreateAzureFailoverCluster script http://
gallery.technet.microsoft.com/scriptcenter/Create-WSFC-Cluster-for-7c207d3a (temporarily assign link-local IP to CNN during creation)
• Remaining configuration as on-premise
• Tutorial (Powershell): http://msdn.microsoft.com/en-us/library/jj870963.aspx• Tutorial (UI):
http://blogs.msdn.com/b/sqlalwayson/archive/2013/01/23/test-lab-create-an-alwayson-availability-group-in-windows-azure-end-to-end.aspx
How?Configure SQL Server technology
• Database Mirroring• If Windows Authentication is needed
Setup Active Directory Domain Controller and add VMs to a domain
• Configuration as on-premise
• Tutorial (Powershell): http://msdn.microsoft.com/en-us/library/jj870961.aspx
Why?• An event can cause on-prem SQL Server to become
unavailable• Temporarily (e.g. gateway failure)• Permanently (e.g. flooding)
• A disaster recovery site is expensive• Site rent + maintenance• Hardware• Ops
What?• Deploy one or more secondary replicas for on-
premise SQL Server• Replicas continuously synchronize
• At best region: West US, East US, East Asia, Southeast Asia, North Europe, West Europe• Political considerations• Latency
• Low TCO• VM and storage
What?Technologies supported
Technology SQL Server Version
Zero Data Loss Scope
# Secondaries
AutomaticFailover
ReadableSecondaries
Availability Groups
SQL Server 2012 Yes*(Sync Mode)
DB(s) 4 Yes(w/ additional cluster member)**
Yes
Database Mirroring
SQL Server 2008 R2SQL Server 2012
Yes*(High Safety Mode)
DB 1 Yes(w/ Witness)**
Limited(database snapshots)
LogShipping
SQL Server 2008 R2SQL Server 2012
No DB N No Limited(standby state)
* Most customers use Async Mode (High Performance) to avoid impacting primary performance**Async Mode only supports Force Failover to make DR (and potential data loss) a conscious decision
What?Availability Groups• Provide additional benefits:• Integrated HA/DR• Offload Read workloads to Azure• Connect reporting/BI apps• Migrate apps and run against local secondaries
• Offload Backups to Azure• A solution for policy compliance
• Remember it requires:• Same Windows Domain• Needs an Active Directory Domain Controller
How?• Configure VPN tunnel Virtual Network from on-premise
to Azure• Either via VPN device or Win Server 2012 RAS
https://www.windowsazure.com/en-us/manage/services/networking/cross-premises-connectivity/
• Configure SQL Server technology as on-premise• Availability Groups• Add VM to on-premise Windows domain and Windows Cluster• Tutorial: http://msdn.microsoft.com/en-us/library/jj870959.aspx
• Database Mirroring• Tutorial: http://msdn.microsoft.com/en-us/library/jj870964.aspx
• Log Shipping• Tutorial: http://msdn.microsoft.com/en-us/library/jj889442.aspx
redmond.corp.microsoft.com
uswest.internal.cloudapp.net
AD / DNS VPN Device
VPN tunnel
All machines in same Windows Cluster
Availability Group
P
S1
S2
CSNB1755439-GU
VPN Gateway
VirtualNetwork
CSNB1755441-GU
On Prem
Windows Azure
AGCloudReplica
Example of Availability Group spanning On-premise and Azure
Why?
• If you use multiple disks• Azure’s Geo-Replication doesn’t guarantee write order across disks• This can break SQL Server’s recovery requirement (log always more up-to-date than data)
• If Azure’s DR doesn’t satisfy your requirements• NO SLA• Based on Azure tests:• VM recovery: <~24h• Data loss: <~30 min
• Freedom to test and execute DR• Failover to DR site• Verify apps
What?Technologies supported
Technology SQL Server Version
Zero Data Loss Scope
# Secondaries
AutomaticFailover
ReadableSecondaries
Database Mirroring
SQL Server 2008 R2SQL Server 2012
Yes (High Safety Mode)
DB 1 Yes(w/ Witness)
No
Backup to Url SQL Server 2012 SP1 CU2
No DB N/A No No
* Most customers use Async Mode (High Performance) to avoid impacting primary performance**Async Mode only supports Force Failover to make DR (and potential data loss) a conscious decision
What?Availability Groups• Not supported yet• Require same Windows Domain• Azure doesn’t support VNETs between Azure DCs
• Will support later this year• Azure will support VNETs between Azure DCs• Will allow adding VMs to same Windows Domain
• In the meantime..• If a single disk: Depend on Azure storage geo-replication• Use Database Mirroring (at the cost of HA) or Backup to Url• Use Availability Groups with on-premise DR replica
How?Database Mirroring
• Configure a public endpoint for each VM
• Configure Database Mirroring• As on-premise• Certificate-based authentication only
• Tutorial:http://msdn.microsoft.com/en-us/library/jj870960.aspx
Customer Deployment Examples
• An online travel firm• A leading car manufacturer• An online video streaming company• A healthcare CSV
An online Travel firm
• Business• Leading tour operator in Europe.• Sells trips to holiday destinations throughout Europe.• 10 brands, 9 countries• Over 700K passengers in 2011
• Application• Online travel reservation system
• Infrastructure• 1 data center (on-premises)• Use AlwaysOn Availability Groups on-premises today• No DR site• Leverage Azure as DR data center
Architecture Diagram
PRIMARYAvailability Group
SECONDARY
Windows Cluster
On-Premises
SECONDARY
Cloud
A leading car manufacturer
• Business• One of the largest car manufacturer in the World
• Application• car life portal
• Infrastructure• 2 Azure VMs (primary and secondary)• 1 fileshare witness for Windows Server Cluster
An Online Video Streaming company
• Organizational strategy to move to Azure• HA / DR important need• Azure will be used as primary• One secondary in Azure for local HA• Another secondary replica on-premises for DR
Architecture Diagram
PRIMARY
Availability Group SECONDARY
Windows Cluster
On-Premises
SECONDARY
Cloud
A Healthcare CSV• Healthcare software company providing on premises as well as hosted
software• Use Azure as hosting infrastructure• HA / DR needs are important• HIPAA compliance is important• Primary: Azure• Secondary: a copy of data on premises for reporting and
regulatory purposes
Architecture Diagram
PRIMARY
Availability Group SECONDARY
Windows Cluster
On-Premises
SECONDARY
Cloud
ResourcesSQL Server HA/DR on IaaS• Whitepaper with tutorials
http://msdn.microsoft.com/en-us/library/jj870962.aspx
IaaS• Create Virtual Network in Azure
https://www.windowsazure.com/en-us/manage/services/networking/create-a-virtual-network/
• Create Virtual Network from on-premise to Azurehttps://www.windowsazure.com/en-us/manage/services/networking/cross-premises-connectivity/
• Set up Active Directory Domain Controllerhttp://www.windowsazure.com/en-us/manage/services/networking/active-directory-forest/
Track Resources
@sqlserver
mvaMicrosoft Virtual Academy
SQL Server Website
Get Certified!
Hands-On Labs
Download Data Explorer
Download Geoflow
Windows Azure
msdn
Resources for Developers
http://microsoft.com/msdn
Learning
Microsoft Certification & Training Resources
www.microsoft.com/learning
TechNet
Resources
Sessions on Demand
http://channel9.msdn.com/Events/TechEd
Resources for IT Professionals
http://microsoft.com/technet
Evaluate this session
Scan this QR code to evaluate this session and be automatically entered in a drawing to win a prize
© 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.