Microsoft has recently announced the Business Critical service tier in Azure SQL Database Managed Instance in the general availability. Being a new deployment option in the SQL Database, Managed Instance streamlines SQL Server workloads migration from on-premises to the cloud. It also combines the native SQL server features and capabilities with the benefits of a fully managed database service.
The Business Critical tier is designed for applications that require the highest performance and availability and is the optimal choice for mission-critical workloads. Such improvements in the performance and availability are gained with several isolated Always On replicas and super-fast local SSD storage that result in minimal latency and the highest IO throughput. The Business Critical tier also supports in-memory online transactional processing (OLTP), additional read-only replica (Read Scale-Out), and flexible database layouts that allow for up to 32,767 files per database.
The below diagram illustrates collocated compute and storage in the Business Critical tier:
A detailed comparison between the General Purpose and Business Critical service tiers is available at the Microsoft documentation page.
New capabilities in the SQL Server migrations
Instance-level collations and Azure Active Directory (AAD) logins which simplify SQL Server migrations are now available across both Managed Instance service tiers, General Purpose, and Business Critical tier.
Instance-level collation provides the ability to select the collation type for the system databases and align collations between user databases and tempdb. This makes migration of localized SQL applications to Managed Instance possible without any extra coding.
Active Directory logins
AAD logins allow the specification of users and groups from the Azure Active Directory tenant as true instance-scoped principals. These principals are capable to perform any instance-level operation, including cross-database queries. With the federation between on-premises Active Directory and Azure Active Directory as well as AAD logins support Windows principals can be fully mapped and migrated to the destination Managed Instance. User management in Azure with a single sign-on optimizes security.
Business continuity improvements with Managed Instance
Configure backup retention with point-in-time-restore to gain database-level control over the time intervals ranging from 7 to 35 days in one-day increments, required to recover the data from a user or application error.
An auto-failover group is an extension of active geo-replication that allows the automatic recovery of all user databases hosted on a managed instance in a secondary region. This feature significantly mitigates the loss of data that results from failures or other unplanned events. Users can also benefit from readable secondary databases in the DR region that can be used to offload read-only query workloads.
New security features for Managed Instance
Bring Your Own Key (BYOK)
Bring Your Own Key (BYOK) scenarios are now supported by Transparent Data Encryption (TDE) for Managed Instance. This is implemented via the integration with Azure Key Vault, a cloud-based external key management system for Azure. BYOK support allows now to control important management tasks such as key rotations, key vault permissions, keys deletion, and auditing/reporting on all TDE protectors
The built-in firewall is automatically configured as part of a managed instance deployment and provides full inbound protection. It allows minimal access to the management endpoint deployed in a subnet for IP ranges belonging to Microsoft management and deployment services that run outside of the virtual network. After an instance is deployed, Microsoft automatically maintains this firewall to reflect any changes to the management service IP range.
Scalability and flexibility improvements for apps hosted on Managed Instance
Applications hosted on Managed Instance leverage Azure platform elasticity via the online update service tier operation. This allows for independent compute and storage scaling, reaching ranges from 8 to 80 vCores and from 32GB to 8TB, respectively. The Business Critical allows for up and downscaling within a selected tier as well as hanging the service tier from General Purpose to Business Critical and vice versa. The latter is performed with no application downtime, according to the workload’s requirements.
Cost and operation savings for the SQL Server data
An absence of the costly code rewrites during data migration yields significant capital and operational savings. In addition, Azure Hybrid Benefit and new reserved capacity pricing now available for the Business Critical service tier allow reducing costs even further – up to 80 percent.
Get started with Managed Instance
For quick onboarding visit Microsoft documentation home page and try a 5-Minute Quickstart guide to easily configure the Azure network for Managed Instance or create or scale Managed Instance from the Portal, PowerShell, Azure Command line and ARM templates.
For the optimal performance for your workloads deploy the Business Critical service tier to leverage the premium IO performance, high availability and features such as in-memory OLTP or additional read-only replicas (Read Scale-Out).
Install SSMS 18.0 (preview 5) to take advantage of the recently added features: AAD logins and transactional replication, as well as improved scripting and UI for credentials and audits.
Monitor the performance of your Managed Instance databases, set up automated alerts, and use the artificial intelligence to automatically troubleshoot performance issues with Azure’s native cloud monitoring solution, Azure SQL Analytics.