Co-authored by Djordje Jeremic & Mladen Andzic
Azure SQL Database and Azure SQL Managed Instance are industry leading Platform as a Service (PaaS) database offerings suitable for building applications of any scale. Both these offerings come with core resiliency and reliability promise designed to protect against software or hardware failures.
Occasionally, there may be an outage that disrupts the service's availability, and it's essential to be ready to manage such a scenario. To ensure higher business continuity, consider taking these proactive measures:
- Enable High Availability
Enable zone redundancy to ensure Azure SQL Database or Azure SQL Managed Instance uses availability zones and is resilient to zonal failures. - Enable Disaster Recovery
To achieve redundancy across regions, enable Failover Groups for Azure SQL Database or Azure SQL Managed Instance to quickly recover from a catastrophic and rare regional failure.
Disaster Recovery
Failover groups offer a strong solution for disaster recovery, helping you effectively meet stringent Recovery Time Objective (RTO) and Recovery Point Objective (RPO) goals. Failover Groups offer two failover policies, and we have recently renamed them to make their purposes clear and intuitive:
- Customer Managed Failover Policy
(formerly called ‘Manual’) - Microsoft Managed Failover Policy
(formerly called ‘Automatic’)
We strongly advise customers to set the failover policy to Customer Managed, as it allows you to control when to initiate forced failovers based on specific criteria of your organization and maintain business continuity.
With the Microsoft Managed failover policy, as the name implies, you entrust Microsoft with the responsibility of initiating forced failovers. However, forced failovers are only triggered by Microsoft in extreme situations during a region-wide outage, with failover command issued for all failover groups in the affected region. During an outage, assessing its impact and scale takes time, and we focus on mitigating the outage first. As a result, the decision whether to activate the Microsoft Managed failover policy or the timing of forced failovers can vary significantly, and often, the policy may not be activated. Please see additional considerations for this failover policy.
Call to action
- It is imperative to set the failover policy of your failover groups to Customer Managed. This ensures you have full control over when to initiate forced failovers for Disaster Recovery, based on your assessment of outage impact compared to potential data loss due to forced failover. Follow the steps for Azure SQL Database & Azure SQL Managed Instance to update the failover policy.
- When failover groups are enabled use the read-write listener endpoint in your application connection string, so applications automatically connect to whichever server and database is the current primary.
Resources for Azure SQL DB
- Overview of business continuity
- High availability and disaster recovery checklist
- Disaster recovery guidance
Resources for Azure SQL Managed Instance