You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
@@ -24,18 +24,51 @@ Azure failover groups use the same distributed availability groups technology th
24
24
> - The Azure Arc-enabled SQL Managed Instance in both geo-primary and geo-secondary sites need to be identical in terms of their compute & capacity, as well as service tiers they are deployed in.
25
25
> - Distributed availability groups can be setup for either General Purpose or Business Critical service tiers.
26
26
27
-
To configure an Azure failover group:
27
+
## Prerequisites
28
28
29
+
The following prerequisites must be met before setting up Azure Failover groups between two Arc enabled SQL managed instances:
30
+
1. An Azure Arc data controller and an Arc enabled SQL managed instance provisioned at the primary site with `--license-type` as one of `BasePrice` or `LicenseIncluded`.
31
+
2. An Azure Arc data controller and an Arc enabled SQL managed instance provisioned at the secondary site with identical configuration as the primary in terms of CPU, memory, storage, Service tier, collation etc. AND `--license-type` as `DisasterRecovery`
32
+
33
+
> [!NOTE]
34
+
> - It is important to specify the `--license-type`**during** the Azure Arc SQL MI creation. This will allow the DR instance to be seeded from the primary instance in the primary data center. Updating this property post deployment will not have the same effect.
35
+
36
+
## Deployment process
37
+
Setting up an Azure failover group between two Arc enabled SQL managed instances involves the following steps:
29
38
1. Create custom resource for distributed availability group at the primary site
30
39
1. Create custom resource for distributed availability group at the secondary site
31
-
1. Copy the binary data from the mirroring certificates
40
+
1. Copy the binary data from the mirroring certificates
32
41
1. Set up the distributed availability group between the primary and secondary sites
42
+
either in `sync` mode or `async` mode
33
43
34
44
The following image shows a properly configured distributed availability group:
Failover groups in Arc data services supports two synchronization modes - `sync` and `async` and directly impacts how the data is synchronized between the Arc enabled SQL managed instances, and potentially the performance on the primary Arc SQL managed instance.
50
+
51
+
If primary and secondary sites are within a few miles of each other, `sync` mode could be configured. Otherwise `async` is recommended to avoid any performance impact on the Arc SQL managed instance at the primary site.
52
+
53
+
54
+
## Configure Azure failover group - direct mode
55
+
Follow the steps below if the Arc data services was deployed in `directly` connected mode.
56
+
Once the prerequisites are met, run the below command to setup Azure failover group between the two Arc enabled SQL managed instances:
57
+
58
+
```azurecli
59
+
az sql instance-failover-group-arc create --name <name of FOG> --mi <primary SQL MI> --partner-mi <Partner MI> --resource-group <name of RG> --partner-resource-group <name of partner MI RG>
The above command will create the required custom resources on both primary and secondary sites, and copy the mirroring certificates and configures the failover group between the instances.
67
+
68
+
69
+
## Configure Azure failover group - Indirect mode
70
+
71
+
Follow the steps below if the Arc data services was deployed in `indirectly` connected mode.
39
72
40
73
1. Provision the managed instance in the primary site.
41
74
@@ -96,7 +129,7 @@ The following image shows a properly configured distributed availability group:
96
129
> Ensure the SQL instances have different names for both primary and secondary sites, and the `shared-name` value should be identical on both sites.
97
130
98
131
```azurecli
99
-
az sql instance-failover-group-arc create --shared-name <name of failover group> --name <name for primary DAG resource> --mi <local SQL managed instance name> --role primary --partner-mi <partner SQL managed instance name> --partner-mirroring-url tcp://<secondary IP> --partner-mirroring-cert-file <secondary.pem> --k8s-namespace <namespace> --use-k8s
132
+
az sql instance-failover-group-arc create --shared-name <name of failover group> --name <name for primary FOG resource> --mi <local SQL managed instance name> --role primary --partner-mi <partner SQL managed instance name> --partner-mirroring-url tcp://<secondary IP> --partner-mirroring-cert-file <secondary.pem> --k8s-namespace <namespace> --use-k8s
100
133
```
101
134
102
135
Example:
@@ -107,20 +140,65 @@ The following image shows a properly configured distributed availability group:
107
140
On the secondary instance, run the following command to setup the FOG CR. The ```--partner-mirroring-cert-file``` in this case should point to a path that has the mirroring certificate file generated from the primary instance as described in 3(a) above.
108
141
109
142
```azurecli
110
-
az sql instance-failover-group-arc create --shared-name <name of failover group> --name <name for secondary DAG resource> --mi <local SQL managed instance name> --role secondary --partner-mi <partner SQL managed instance name> --partner-mirroring-url tcp://<primary IP> --partner-mirroring-cert-file <primary.pem> --k8s-namespace <namespace> --use-k8s
143
+
az sql instance-failover-group-arc create --shared-name <name of failover group> --name <name for secondary FOG resource> --mi <local SQL managed instance name> --role secondary --partner-mi <partner SQL managed instance name> --partner-mirroring-url tcp://<primary IP> --partner-mirroring-cert-file <primary.pem> --k8s-namespace <namespace> --use-k8s
## Manual failover from primary to secondary instance
151
+
## Retrieve Azure failover group health state
152
+
153
+
Information about the failover group such as primary role, secondary role, and the current health status can be viewed on the custom resource on either primary or secondary site.
154
+
155
+
Run the below command on primary and/or the secondary site to list the failover groups custom resource:
156
+
157
+
```azurecli
158
+
kubectl get fog -n <namespace>
159
+
```
160
+
161
+
Describe the custom resource to retrieve the failover group status, as follows:
162
+
163
+
```azurecli
164
+
kubectl describe fog <fog cr name> -n <namespace>
165
+
```
166
+
167
+
## Failover group operations
168
+
169
+
Once the failover groups is setup between two Arc enabled SQL managed instances, different failover operations can be performed depending on the circumstances.
170
+
171
+
Possible failover scenarios are:
172
+
1. The Arc SQL managed instances at both sites are in healthy state and a failover needs to be performed:
173
+
+ perform a manual failover from primary to secondary without data loss by setting `role=secondary` on the primary SQL MI.
174
+
175
+
2. Primary site is unhealthy/unreachable and a failover needs to be performed:
176
+
177
+
+ the primary Arc SQL managed instance is down/unhealthy/unreachable
178
+
+ the secondary Arc SQL managed instance needs to be force-promoted to primary with potential data loss
179
+
+ when the original primary Arc SQL managed instance comes back online, it will report as `Primary` role and unhealthy state and needs to be forced into a `secondary` role so it can join the failover group and data can be synchronized.
180
+
181
+
182
+
## Manual failover (without data loss)
183
+
184
+
Use `az sql instance-failover-group-arc update ...` command group to initiate a failover from primary to secondary. Any pending transactions on the geo-primary instance are replicated over to the geo-secondary instance before the failover.
185
+
186
+
### Directly connected mode
187
+
Run the following command to initiate a manual failover, in `direct` connected mode using ARM APIs:
188
+
189
+
```azurecli
190
+
az sql instance-failover-group-arc update --name <shared name of FOG> --mi <primary Arc SQL MI> --role secondary --resource-group <resource group>
191
+
```
192
+
Example:
119
193
120
-
Use `az sql instance-failover-group-arc ...` to initiate a failover from primary to secondary. The following command initiates a failover from the primary instance to the secondary instance. Any pending transactions on the geo-primary instance are replicated over to the geo-secondary instance before the failover.
In the circumstance when the geo-primary instance becomes unavailable, the following commands can be run on the geo-secondary DR instance to promote to primary with a forced failover incurring potential data loss.
135
213
136
-
Run the below command on geo-primary, if available:
214
+
On the geo-secondary DR instance, run the following command to promote it to primary role, with data loss.
215
+
216
+
> [!NOTE]
217
+
> If the `--partner-sync-mode` was configured as `sync`, it needs to be reset to `async` when the secondary is promoted to primary.
218
+
219
+
### Directly connected mode
220
+
```azurecli
221
+
az sql instance-failover-group-arc update --name <shared name of FOG> --mi <secondary Arc SQL MI> --role force-primary-allow-data-loss --resource-group <resource group> --partner-sync-mode async
Optionally, the `--partner-sync-mode` can be configured back to `sync` mode if desired.
246
+
247
+
At this point, if you plan to continue running the production workload off of the secondary site, the `--license-type` needs to be updated to either `BasePrice` or `LicenseIncluded` to initiate billing for the vcores consumed.
248
+
249
+
148
250
149
-
When you use [SQL Server Management Studio Object Explorer to create a database](/sql/relational-databases/databases/create-a-database#SSMSProcedure), the application returns an error. You can [create new databases with T-SQL](/sql/relational-databases/databases/create-a-database#TsqlProcedure).
0 commit comments