# Provisioning a SQL Server Service

The provisioning app in the DB Services app family helps you provision MS SQL Server database services that can be hosted on the available cloud regions. You can provision the database service on the basis of your workload and choose appropriate editions.

***

## Prerequisites:

* Ensure that you have registered your cloud subscription and added your network details in the Subscriptions application under Governance.\
  For more information on cloud subscriptions, see [Subscriptions](https://docs.tessell.com/tessell/governance/subscriptions).
* Ensure that you have registered your SQL Server licenses based on database editions in the DB governance application under Governance.\
  For more information on licenses, see [DB Governance](https://docs.tessell.com/tessell/governance/db-governance).

***

## Supportability Matrix

For supported features, see [SQL Server Support Matrix](https://docs.tessell.com/tessell/tessell-for-sqlserver/sqlserver-support-matrix).

***

#### STEP 1 OF 9:

## Navigate to Provisioning application

1. From the Tessell home page, select the **Provisioning** application under the DB Services application family in the left navigation bar.\
   Available database engines are displayed and categorized into relational databases, vector databases, and NoSQL databases.
2. From the available options in the relational databases, select **SQL Server** database engine.

**Figure 1: Selecting Provisioning in DB Services**

![](https://3421475909-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FXNKiIctERJykfezXfUU2%2Fuploads%2Fgit-blob-5134d534b38a14dee7783514292a6f5ece872449%2Fprovisioning-landing.png?alt=media)

***

#### STEP 2 OF 9:

## Service Details

1. Specify a name for the database service in the **Service Name** field. This service name is a logical name of the database service on Tessell platform.
   * A service name must begin with a letter, followed by alphanumeric characters. Spaces, hyphens, and underscores are allowed. For example, ‘2my-service’ is not allowed since it begins with a digit.
   * By default, the database service name is auto generated. You can override this name.
2. Optionally, specify a description for your database service in the **Description** box.
3. Click **+Add** next to **Tags** to specify a name and value to your database service tag.
   * You can associate multiple tags with the resources in the database service.
   * Tessell allows for the use of both internal and external tags. While Tessell provides its own internal tags, with this option you can create your own external tags during provisioning.

> **Note**: Tags enhance database service management and enable users to monitor usage, establish ownership, and implement policies more efficiently. You can specify up to 50 external tags per resource.

* Tessell supports following internal tags:
  * TESSELL\_COMPUTE\_RESOURCE\_ID
  * TESSELL\_COMPUTE\_TYPE
  * TESSELL\_DBSERVICE\_ID
  * TESSELL\_DBSERVICE\_NAME
  * TESSELL\_ENTITY\_ID
  * TESSELL\_ENVIRONMENT
  * TESSELL\_REFERENCE\_ID
  * TESSELL\_SUBSCRIPTION\_ID
  * TESSELL\_TENANT\_ID
  * TESSELL\_USER\_ID
* Tags are associated with following cloud resources:
  * Compute (VM/container)
  * Storage (disks, volumes, snapshots)
  * Networking components
  * Backups and snapshots
  * Secrets and keys
  * Monitoring and logging resources.

1. Choose a database edition, SQL Server offers Evaluation, Developer, Standard and Enterprise editions.

   > **Notes**:
   >
   > * License registration is required only for Standard and Enterprise editions.
   > * Tessell works on Bring your own licence model.
   > * Tessell is not responsible for SQL Server licenses of the customer.
2. Choose the desired major software release for this service from the dropdown list.
3. To run a specific minor release version, click the pencil icon and choose the desired minor version number.

   > **Note**: Tessell provides flexible licensing options for database workloads on AWS, supporting licensed images on AWS (AMI), to use your licensed AMI image, please contact Tessell support.

**Figure 2: Service details section**

![](https://3421475909-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FXNKiIctERJykfezXfUU2%2Fuploads%2Fgit-blob-68d11bb0461168754192f6ff8fb34ec97ac7b210%2Fservice-details.png?alt=media)

#### STEP 3 OF 9:

## Cloud Provider Settings

Choose a cloud provider and subscription where you want to run this database instance.

1. Choose a cloud subscription from the **Subscription** dropdown list.
2. Choose a corresponding cloud region to deploy from the **Region** dropdown list.
3. Choose a VPC or VNet depending on the cloud provider to deploy from the dropdown list.\
   Network can be added even after subscription registration in the **Networks** application under **Governance**.
4. Choose an availability zone to deploy from the **Availability Zone** dropdown list.
5. Choose a private subnet to deploy from the **Private Subnet** dropdown list.

**Figure 3 - Cloud provider settings section**

![](https://3421475909-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FXNKiIctERJykfezXfUU2%2Fuploads%2Fgit-blob-68abb2a0a89130bf76a2115e659781f275c32ad0%2Fcloud-settings.png?alt=media)

***

#### STEP 4 OF 9:

## Compute Shape

After you choose the cloud provider, choose a compute shape for the instance. The Tessell team typically collaborates with you to determine the most suitable shape based on your performance needs.

1. Select a workload type, **High Performance** or **Standard** (Default).

   > **Notes**:
   >
   > * The High-performance workload type offers an optimized configuration with increased CPU, memory, and IOPS, making it ideal for applications that are compute or data-intensive.
   > * The Standard workload type offers a balanced configuration of CPU, memory, and storage, making it suitable for general-purpose applications.
   > * Compute shapes cannot be modified after a high-performance workload type service is provisioned.
   > * Tessell supports NVMe controller high performance compute shapes for Azure. These shapes are storage-optimized VMs with local NVMe SSDs designed for IO-intensive SQL Server workloads.
2. Specify the number of vCPUs needed for your instance.\
   This adjusts the compute shapes that are available to you.
3. Select the compute shape for this instance from the available list.\
   For more information on supported compute shapes, see [Tessell compute shapes](https://docs.tessell.com/tessell/getting_started/tessell-compute-shapes).

   > **Note**: Tessell supports custom compute names for SQL Server.
4. Specify the required storage capacity for this instance in the **Storage** field.\
   A range of storage values is displayed as a help text as per the selected compute shape.

   > **Notes**:
   >
   > * In High performance workload type, storage capacity is fixed.
   > * Tessell supports multi-disk striping for SQL Server that can host database files on AWS. This enables storage of more than 16 TB and enhances IOPS and throughput. This feature is not enabled on the portal by default; to use it, please contact Tessell support.
5. Select **Enable encryption at rest** check box to encrypt your data at rest.\
   Tessell encrypts data at rest with a default encryption key. You have the option to choose a different encryption key if needed. To use a different encryption key, ensure that you have registered encryption keys under **Governance** in the **Security** application.

   > **Note**: Tessell's default encryption is cloud native disk encryption.

**Figure 4 - Compute shape section**

![](https://3421475909-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FXNKiIctERJykfezXfUU2%2Fuploads%2Fgit-blob-a7e08525e85e61bbd385ac8e8da962f8ad8198df%2Fcompute-shape.png?alt=media)

#### STEP 5 OF 9:

## High Availability

1. Toggle the switch **High Availability** to create a highly available multi-AZ service by setting up standby database instances in different availability zones.
2. From the **Availability zone** dropdown list, choose an availability zone.
3. From the **Private subnet** dropdown list, select a private subnet for this instance.

**Figure 5 - High Availability section**

![](https://3421475909-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FXNKiIctERJykfezXfUU2%2Fuploads%2Fgit-blob-1d665916259434c33e586bd91e6e9c854ef58d2d%2FHA.png?alt=media)

***

#### STEP 6 OF 9:

## Connectivity

1. Specify a port number for database connection in the **Port** field.\
   SQL Server database uses 1433 as the default port, however you can mention a different port number in the range 1 to 65535.

   > **Note**:
   >
   > * Tessell supports custom security groups that lets you integrate with existing security policies.
   > * Tessell supports custom secret prefix keys that helps with organizational secret management standards.
2. Toggle the switch **Enable SSL for this service** to enable SSL.

   > **Notes**:
   >
   > * Enabling SSL service enhances the security of database connections, safeguarding sensitive information and protecting data exchanged from unauthorized access or interception.
   > * Tessell only supports either SSL or non-SSL connections for all the database services on a VM.
   > * SSL connections use TLS 1.2 encryption to secure data in transit between client applications and database instances.
3. Toggle the switch **Allow public access** to enable public access to the service.\
   This option is only available when a public subnet exists within the VPC/VNet.
4. Specify the allowed IP addresses in the **Add IP address** field.

* Your detected public IP address is automatically fetched and displayed.
* You can add up to 60 IP addresses.

**Figure 6 - Connectivity section**

![](https://3421475909-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FXNKiIctERJykfezXfUU2%2Fuploads%2Fgit-blob-f42773df6e28c1c989550be0bddc245392e7e8dd%2Fconnectivity.png?alt=media)

#### STEP 7 OF 9:

## Configure the database instance

1. Specify the database name in the **Database Name** field.\
   A database name must start with a lowercase, uppercase, **@**, **#** or **\_** and should not contain a comma (,).
2. Specify the instance name to connect to a specific SQL Server instance in the **Instance Name** field.\
   An instance name must begin with a letter, can contain alphanumeric characters and underscores. The character limit is 16.

   > **Note**: SQL Server instance name is used in multi-service deployments. This allows you to host multiple isolated SQL Server Instances on a single compute node. When connecting, you must specify the instance name in your connection string to ensure your traffic is routed to the correct logical service.
3. Specify master username that is granted sysadmin server access role in the **Master Username** field.\
   Username must start with a letter and can only contain alphanumeric characters.
4. Specify the master password in the **Master Password** field.\
   The password must be at least 8 characters long and can include alphanumeric characters and the following special characters: **!, #, $, %, @**.
5. Specify a timezone for your instance.

   > **Note**: Timezone is important for ensuring that all timestamps and time-related data stored in the database are accurate and consistent.
6. Toggle the switch **Enable Active Directory Authentication** to authenticate users via Active Directory and apply organization-defined access controls.

   To enable Active Directory Authentication, ensure that you have configured Active Directory Domain in the **DB Governance** app under the **Governance** app family.
7. Expand the **Advanced Configuration** to access further advanced configuration options.

   a. Choose a parameter profile from the **Parameter Profile** dropdown list.

   For more information on parameter profiles, see *DB Governance documentation*.

   To use a custom profile, ensure that you have created a parameter profile in the **DB governance** application under the **Governance** app family.

   b. Click **See Values** to view the parameter names and values corresponding to the parameter profile selected.

   c. Choose an instance level collation from the **Collation** dropdown list.

   When you click the list, the ‘SQL Server Collation’ dialog box opens displaying Available Collations. Select from the list and click **Submit**.
8. Expand **Custom Script** to run a custom script for your instance.\
   Custom script functionality allows for additional customization and automation in managing your database operations efficiently.\
   To use a custom script, ensure that you have uploaded scripts in the **Script Library** application under **DB Services** app family.

   a. Choose a pre-script from the **Pre-Script** dropdown list to execute actions before creating a database.

   > **Note**: Tessell supports Powershell scripts for pre-scripts that are executed after VM creation and database software installation, but prior to the SQL Server instance creation.

   b. Choose a post-script from the **Post-Script** dropdown list to execute actions after creating a database.

   For the post-scripts, Tessell supports both Powershell and SQL scripts. Post-scripts are executed after a SQL Server instance is created.

   Privileged users, such as "ec2-user" on AWS and "azureuser" on Azure, execute Powershell scripts.

   c. After you select a post-script, click the edit icon below the post-script dropdown to choose your preferred post-script version.\
   d. Select the **Ignore Post-Script Failure** checkbox to proceed even if the post-script operation fails.

**Figure 7 - Configure the database instance section**

![](https://3421475909-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FXNKiIctERJykfezXfUU2%2Fuploads%2Fgit-blob-5b2215b4dfd9fdaabafb9d93f36d9dec5a959886%2Fconfigure-db.png?alt=media)

#### STEP 8 OF 9:

## Additional Settings

### **Maintenance window**

1. Expand the maintenance window to choose a specific time for maintenance activities like updates, patches, and OS patching.
2. If a specific time window is chosen, define the start day, start time, and duration, adjustable in 30-minute increments.
3. Toggle the switch **Enable auto minor version update** to allow automatic, seamless minor version updates during this maintenance window.

**Figure 8 - Additional settings section**

![](https://3421475909-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FXNKiIctERJykfezXfUU2%2Fuploads%2Fgit-blob-8e6fbac4e66b0ea42b4185f1053730fd72270471%2Fadditional-settings.png?alt=media)

### **Monitoring Insights**

1. Toggle the switch **Performance Insights** to assess and analyze database load over a specified timeframe. This helps to identify bottlenecks and pinpoint areas requiring performance improvements.

   To enable performance insights, ensure that you create a Monitoring Infra in the **Monitoring Performance Insights Infrastructure** app under the **Infrastructure Management** app family.

**Figure 9 - Monitoring Insights section**

![](https://3421475909-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FXNKiIctERJykfezXfUU2%2Fuploads%2Fgit-blob-f3f6bc5ffe02bf5887b8d1309ad7a233a70f584c%2Fperf-insights.png?alt=media)

### **Observability**

The Observability section allows you to monitor the health of your database service through automated alert policies. These policies are auto-selected based on your current subscription level.

You can view the specific alert policies applied to your service directly from this page.

* Click **View details** on the Alert Policies panel to open the detailed breakdown.\
  The **Alert Policy details** panel provides a granular look at how your alerts are configured and where notifications are sent.
* **Notification Channels:** Displays the destination where alerts are delivered, such as Slack channels or specific Email addresses.
* **Alert Metrics:** Lists the specific conditions that trigger an alert (For example, Node Down or DB Service Node Down) along with the Severity level (For example, Critical).
* **Metric & Notification Policies:** Shows the underlying policy names and metric types associated with each alert group.

To modify these policies or create new alert profiles, navigate to the **Alerting** app within the **Observability** app family.

**Figure 10 - Observability section**

![](https://3421475909-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FXNKiIctERJykfezXfUU2%2Fuploads%2Fgit-blob-c275e88ba09f546bd864250c4f4b2405c31f5855%2Fobservability.png?alt=media)

### **Availability Machine**

The availability machine allows creation and maintenance of database backups for data protection purposes. The backups are retained for short-term or long-term periods as per RPO policy. You can create snapshots by enabling transactional logs for point-in-time recovery.

1. Select **Include Transactional Logs** to enable point-in-time recovery of your transactional data. This feature is crucial for maintaining data integrity and reducing data loss in case of system failures.\
   These transactional logs correspond to the most recent snapshot captured.
2. Toggle the switch **Schedule Snapshots** to automate data protection and recovery. This feature regularly captures and retains point-in-time backups, enabling robust data protection, precise point-in-time recovery, and efficient cloning.

   > **Note**: For High Performance Computing (HPC), Tessell supports hybrid backup methods that combine Native SQL Server backups and Cloud-native snapshots technology. This implementation ensures minimal data loss and maintains high availability for critical applications.

   1. Choose either a **Standard** or **Custom** configuration type for your RPO policy.

   2. For a **Standard** configuration, specify the snapshot retention days (1 to 35 days) and a snapshot time.

   > **Note**: Logsweep runs every 5 minutes to enable PITR recovery.

   3. For a **Custom** configuration, provide the following details:

      a. From the **RPO Policy** dropdown list, choose an RPO policy.

      To use an RPO policy, ensure that you have created an RPO policy in the **DB governance** app under the **Governance** app family.

      b. Pick a time you wish to take the snapshot of your database service.\
      c. Select the desired frequency for the RPO Policy to create and store snapshot backups.

      * **RPO Policy** - Displays the selected RPO Policy. The possible options are one or more from Continuous Recovery (PITR), Daily Snapshots, Weekly Snapshots, Monthly Snapshots, and Yearly Snapshots, as per the option selected in the RPO policy field above.
      * **Every** - Depending on weekly, monthly, or yearly schedule, select the frequency of the snapshot. For Daily Snapshots, this field provides the scheduled time of the snapshot in the day. For PITR, this is disabled.
      * **Keep for** - Displays the number of days for which a snapshot or a backup needs to be retained as per the selected RPO policy in the above field.

**Figure 11 - Availability machine standard configuration**

![](https://3421475909-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FXNKiIctERJykfezXfUU2%2Fuploads%2Fgit-blob-bc6a2a4a60ce6ff80b8cabae2bee950e53f40189%2FAM-standard.png?alt=media)

**Figure 12 - Availability machine custom configuration**

![](https://3421475909-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FXNKiIctERJykfezXfUU2%2Fuploads%2Fgit-blob-074fcc3bd599a987c388f461dba6f3c55149f887%2FAM-custom.png?alt=media)

#### STEP 9 OF 9:

## Creating a service

You can provision a service in two ways, either using the code or making selections on the Tessell portal’s UI.

1. Using the Tessell portal’s UI:

   a. After you have specified all the necessary details in previous steps, click **+** **Create Service** at the bottom of the form located next to the left navigation bar.

**Figure 13 - Creating a service**

![](https://3421475909-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FXNKiIctERJykfezXfUU2%2Fuploads%2Fgit-blob-48308f3a46eed850b234798fcf8ff19c33dfa29a%2Fleft-bar.png?alt=media)

2. Using the code:

   a. Click **<> Code** in the top-right corner of the Provisioning window to generate an API and Terraform code for your provisioning request.\
   i. Terraform code can also be visualized in other languages, including Shell, Python, Go, Java, JavaScript, and PowerShell.\
   ii. Use the copy icon to copy the code or API endpoint.\
   iii. Use the download icon to download your code.

**Figure 14 - Code for provisioning request**

![](https://3421475909-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FXNKiIctERJykfezXfUU2%2Fuploads%2Fgit-blob-af7022ab2da465b3654b30f4bb2cb96a4984d22b%2Fcode-provisioning.png?alt=media)

After your service creation request is successfully submitted, your database service is created with a "Ready" status and listed in the "My Services" application within a few minutes, depending on your preferences.

***