Azure SQL Database is Microsoft's cloud-based relational database service that is based on the latest SQL Server database engine and delivers predictable performance by dynamic scaling with no downtime. ScaleArc on Azure SQL Database presents sizable performance gains, resiliency, security benefits, as well as application transparency.
This article describes how to set up and configure Azure SQL Database in ScaleArc.
- An active Microsoft Azure subscription with an Azure SQL Database created, configured, and running.
- Select the same region for ScaleArc and the primary SQL Database to avoid network latency for write workloads.
- Enable active geo-replication, where a single logical database is replicated over multiple SQL database servers.
- You have configured the network for SQL Database (make sure Search domain includes your SQL Database domain name, database.windows.net). This is especially important when upgrading from ScaleArc version 3.11 to the latest version.
- ScaleArc is joined to Azure AD.
- You have the necessary SSL certificate and keys at hand. Azure SQL Database requires that you configure SSL to complete the setup.
Configure Azure SQL Database
Follow these steps to set up Azure SQL Database in ScaleArc:
On the ScaleArc dashboard, click on the CLUSTERS tab followed by the Add Cluster button.
- Locate the Servers panel on the Create Cluster screen. This is the third panel on the screen.
Select Cluster for Server Type and AzureSQLDB from the drop-down.
- Click Configure Server. Enter the name of the SQL Database server which has the database for which you wish to create the ScaleArc cluster.
Click Fetch Config. This connects to the Azure SQL Database server and fetches all the databases associated with it in alphabetical order in the drop-down menu. The table below displays the SQL servers that are running the replicated database, along with their Azure regions and related information.For each SQL Database in the drop down menu click Fetch Config to bring up the related nodes. If Fetch Config fails, make sure the DNS is configured properly and is resolving Azure SQL database server names correctly. Additionally, make sure the search domain has database.windows.net added to it and the Azure VM's NSG (Network Security Group) does not include an outbound security rule that might be blocking outgoing connections.
- Click on Add Servers to add the selected servers to the clusters.
- Set up SSL by uploading the SSL certificate and key.
- The Start Cluster after Setup setting determines if the cluster is ON or OFF immediately following setup.
- Click Setup Cluster to complete the configuration.
- If you have incorrectly configured the settings, you may see an error alert.
- Click OK. Any error appears in the Configuration log section of the screen. Review the details and address the error to complete the setup. Note that you can also download a copy of the error for further analysis.
- Click Finish to set up the cluster.
- When completed, the system posts a notification. Note that now ScaleArc Authentication Offload and the Read/Write Split options are ON.
- The cluster appears in the control panel of the dashboard. It displays the Azure SQL Database configuration.
- If you selected the checkbox (default setting) to Start Cluster after Setup, the cluster's green icon indicates that the cluster is running. If you had deselected this option, the cluster icon is red, indicating that you need to explicitly start the cluster. Click START in the status column to run the cluster. The STOP button can be used to stop the cluster if necessary.
Configure for ScaleArc-managed traffic
Make the following changes in order for ScaleArc to manage external traffic.
Set up the firewall rules in Azure SQL Database
Azure SQL Database automatically disallows client connections originating from outside Azure.
You can circumvent this by configuring rules to explicitly allow external traffic from ScaleArc to Azure SQL Database.
Follow these steps to set up the required firewall rules in Azure:
- Whitelist the ScaleArc public address for receiving traffic from the ScaleArc VM.
- Add the ScaleArc IP address for each of the servers in the cluster you created.
Define rules on the Azure VM for the cluster
These steps help you configure external rules on the Azure VM for ScaleArc. Once you have created a ScaleArc cluster, use the following steps to open an inbound port on the Azure VM.
- Go to the Azure Portal and under the VM's NSG, click on Inbound Security rules.
- Click Add.
- Click Advanced to add the Inbound security rules.
Enter the details as shown below. Click OK when done.
Field Description User input Source Any: Accepts traffic from all client IP addresses. CIDR: Specify a single or a block of client IP addresses. Tag: A user-defined label for a single or a range of client IP addresses. Select the CIDR block option. Source IP address range When specified, the database only accepts traffic from one or more specified client IP addresses and blocks out the rest. If you wish to allow another client IP for ScaleArc that is not within this range, you need to create another rule for it.
Specify a ScaleArc IP address or specify a CIDR range.
Do not skip this step.
Destination port range The destination port number. This is the inbound port number of the ScaleArc cluster that you created. Enter the port number for the ScaleArc cluster.