SQL Server - Features
Architecture
Topologies
Two topologies are available:
Standalone Instance
Always On Cluster
Always On - Topology
The Always On cluster configuration is based on a 3-node topology:
Active Nodes
Two nodes located on the same site.
These nodes are configured to share the load or automatically failover in case of a failure.
An anti-affinity rule ensures that the active nodes do not coexist on the same hypervisor host, thus enhancing resilience.
Passive Node
Located on a secondary site to ensure disaster recovery (DR).
This node does not handle any active requests and is reserved exclusively for failover in the event of active node failure.
Rules and Restrictions for the Passive Node
The passive node is subject to strict restrictions to comply with Microsoft License Mobility with Failover Rights:
No active workload: The passive node cannot execute SQL queries, reports, or user workloads.
Allowed operations:
Database consistency checks.
Full backups and transaction log backups.
Performance and resource monitoring.
Optimized licensing: With Software Assurance, the use of the passive node is included at no additional cost, provided these restrictions are followed.
Benefits of Always On
Fault tolerance: Synchronous replication ensures that data is available in real-time on active nodes.
Disaster recovery: Deploying a passive node on a secondary site enhances security and business continuity.
Simplified maintenance: Planned failovers allow updates or technical interventions without service interruption.
Monitoring and Compliance
Specific monitoring tailored for the Always On cluster is in place to:
Ensure compliance with restrictions related to the passive node.
Monitor performance and automatic failovers.
Prevent risks of non-compliance with licensing rules.
Regions
SQL Server is available on both cegedim.cloud's data centers:
EB4 - Boulogne-Billancourt, France
ET1 - Labège, France
As part of the Always On topology, an inactive node is automatically deployed in a nearby secondary site to enhance the resilience of the cluster:
EB5 (Magny-les-Hameaux, France)
ET2 (Balma, France)
Hosting and Versions
Virtual
2022
Windows Server 2022
Standard or Enterprise
Virtual
2019
Windows Server 2019
Standard or Enterprise
Virtual
2017
Windows Server 2019
Standard or Enterprise
Virtual
2016
Windows Server 2016
Standard or Enterprise
File system
Filesystem layout:
D:\
MSSQL
30 GB
Root instance
E:\
MSSQL_USER_DATA
30 GB
User databases
F:\
MSSQL_USER_LOG
10 GB
User databases log
G:\
MSSQL_TEMPDB
10 GB
TempDB
Virtual machine name restriction
Due to prefixes applied to Active Directory objects, the name of the virtual machine provisioned is restricted to 13 characters maximum for a cegedim.cloud PaaS SQL Server.
Ports
Ports listing:
1433
Server static port listener
TCP
1434
SQL Server Browser
UDP
2382
SQL Server Analysis Services Browser
UDP
2383
SQL Server Analysis Services listener
TCP
5022
SQL Server BDM/AG Endpoint
TCP
Only the SQL Server listener and SQL Server Browser ports are opened inbound in the Windows Firewall by default and enforced through a GPO on the Organization unit.
Modules installed
List of modules installed by default during provisioning:
Database engine
Replication
Full-text Search
Client tools connectivity
SDK
Features
This section is to list which feature / capabilities are available to customer, and how to request / perform them:
Self Service
Customer can perform action autonomously.
On Request
Customer can request for the action to be done to cegedim.cloud support team.
Database Collation
Integration Services
Analysis Services
Reporting Services
Full-Text Search
Export, Import SQL Server backup
Create Always On cluster
Available exclusively for SQL Server 2022 Enterprise edition, consult your service delivery manager for guidance
Security
System login
The SQL Server PaaS runs exclusively in a Windows environment. The standard system login method is RDP (Remote Desktop Protocol).
In order to connect to the virtual machine, you need to have the required privileges either at the domain level or at the local machine level.
Instance login
Authentication is configured by default in mixed mode which provides two login types:
SQL Server login: instance level
Active directory user: domain level - Embedded Windows authentication
Instance login is available locally or remotely:
Locally: once connected in RDP, launch the local SQL Server Management Studio
Remotely: launch the SQL Server Management Studio and specify the target instance
Locally
SSMS can use the Windows user credentials you're already logged with through RDP to login to the SQL Server instance.
Authentication with an SQL login is also possible locally.
Remotely
Specify a target instance in the server name field enforcing the tcp protocol: tcp:HOSTNAME\INSTANCENAME
Just select "SQL Server Authentication" and provide the SQL Login with the associated password.
Authorizations
Authorizations for cegedim.cloud teams are managed by GPO.
Authorization and passwords
This section list the password management for the SQL Server PaaS:
admin account
ANY other account
cgdm_admin account
monitoring account
Customers
Authorizations for customers are managed by the customers itself.
The customer that request a SQL Server instance through ITCare will be automatically granted to connect on the instance. He can grant access to any Active Directory user or group afterwards.
Patching
Patchs are installed during "Patch parties" managed by cegedim.cloud every quarter.
An instance can be patched manually exceptionally if security or bug fixes requires it.
Data location
Datas for cegedim.cloud's SQL Server PaaS are stored on the dedicated virtual machines created upon requesting a PaaS.
These virtual machines and the storage associated are hosted and managed in cegedim.cloud's own data centers.
Last updated