72 lines
6.2 KiB
Markdown
72 lines
6.2 KiB
Markdown
|
## SQL Server Always On Groups example
|
||
|
|
||
|
This is an example of building [SQL Server Always On Availability Groups](https://cloud.google.com/compute/docs/instances/sql-server/configure-availability)
|
||
|
using Fabric modules. It builds a two node cluster with a fileshare witness instance in an existing VPC and adds the necessary firewalling.
|
||
|
|
||
|
![Architecture diagram](https://cloud.google.com/compute/images/sqlserver-ag-architecture.svg)
|
||
|
|
||
|
The actual setup process (apart from Active Directory operations) has been scripted, so that least amount of
|
||
|
manual works needs to performed:
|
||
|
|
||
|
- Joining the domain using appropriate credentials
|
||
|
- Running an automatically generated initialization script (`C:\InitializeCluster.ps1`)
|
||
|
- Creating the [Availability Groups using the wizard](https://cloud.google.com/compute/docs/instances/sql-server/configure-availability#creating_an_availability_group)
|
||
|
(please note that healthchecks are automatically configured when the appropriate AGs are created)
|
||
|
|
||
|
To monitor the installation process, the startup scripts log output to Application Log (visible under Windows Logs in Event Viewer)
|
||
|
and to `C:\GcpSetupLog.txt` file.
|
||
|
|
||
|
<!-- TFDOC OPTS files:1 -->
|
||
|
<!-- BEGIN TFDOC -->
|
||
|
|
||
|
## Files
|
||
|
|
||
|
| name | description | modules |
|
||
|
|---|---|---|
|
||
|
| [instances.tf](./instances.tf) | Creates SQL Server instances and witness. | <code>compute-vm</code> |
|
||
|
| [main.tf](./main.tf) | Module-level locals and resources. | <code>project</code> |
|
||
|
| [outputs.tf](./outputs.tf) | Module outputs. | |
|
||
|
| [secrets.tf](./secrets.tf) | Creates SQL admin user password secret. | <code>secret-manager</code> |
|
||
|
| [service-accounts.tf](./service-accounts.tf) | Creates service accounts for the instances. | <code>iam-service-account</code> |
|
||
|
| [variables.tf](./variables.tf) | Module variables. | |
|
||
|
| [vpc.tf](./vpc.tf) | Creates the VPC and manages the firewall rules and ILB. | <code>net-address</code> · <code>net-ilb</code> · <code>net-vpc</code> · <code>net-vpc-firewall</code> |
|
||
|
|
||
|
## Variables
|
||
|
|
||
|
| name | description | type | required | default |
|
||
|
|---|---|:---:|:---:|:---:|
|
||
|
| [ad_domain_fqdn](variables.tf#L111) | Active Directory domain (FQDN) | <code>string</code> | ✓ | |
|
||
|
| [ad_domain_netbios](variables.tf#L120) | Active Directory domain (NetBIOS) | <code>string</code> | ✓ | |
|
||
|
| [network](variables.tf#L38) | Network to use in the project | <code>string</code> | ✓ | |
|
||
|
| [project_id](variables.tf#L27) | Google Cloud project ID | <code>string</code> | ✓ | |
|
||
|
| [sql_admin_password](variables.tf#L102) | Password for the SQL admin user to be created | <code>string</code> | ✓ | |
|
||
|
| [subnetwork](variables.tf#L43) | Subnetwork to use in the project | <code>string</code> | ✓ | |
|
||
|
| [always_on_groups](variables.tf#L135) | List of Always On Groups | <code>list(string)</code> | | <code>["bookshelf"]</code> |
|
||
|
| [boot_disk_size](variables.tf#L90) | Boot disk size in GB | <code>number</code> | | <code>50</code> |
|
||
|
| [cluster_name](variables.tf#L48) | Cluster name (prepended with prefix) | <code>string</code> | | <code>"cluster"</code> |
|
||
|
| [data_disk_size](variables.tf#L96) | Database disk size in GB | <code>number</code> | | <code>200</code> |
|
||
|
| [health_check_config](variables.tf#L147) | Health check configuration | <code title="object({ check_interval_sec = number, healthy_threshold = number, unhealthy_threshold = number, timeout_sec = number, })">…</code> | | <code title="{ check_interval_sec = 2 healthy_threshold = 1 unhealthy_threshold = 2 timeout_sec = 1 }">{…}</code> |
|
||
|
| [health_check_port](variables.tf#L141) | Health check port | <code>number</code> | | <code>59997</code> |
|
||
|
| [health_check_ranges](variables.tf#L60) | Health check ranges | <code>list(string)</code> | | <code>["35.191.0.0/16", "209.85.152.0/22", "209.85.204.0/22"]</code> |
|
||
|
| [managed_ad_dn](variables.tf#L129) | Managed Active Directory domain (eg. OU=Cloud,DC=example,DC=com) | <code>string</code> | | <code>""</code> |
|
||
|
| [node_image](variables.tf#L78) | SQL Server node machine image | <code>string</code> | | <code>"projects/windows-sql-cloud/global/images/family/sql-ent-2019-win-2019"</code> |
|
||
|
| [node_instance_type](variables.tf#L66) | SQL Server database node instance type | <code>string</code> | | <code>"n2-standard-8"</code> |
|
||
|
| [node_name](variables.tf#L162) | Node base name | <code>string</code> | | <code>"node"</code> |
|
||
|
| [prefix](variables.tf#L15) | Prefix used for resources (for multiple clusters in a project) | <code>string</code> | | <code>"aog"</code> |
|
||
|
| [project_create](variables.tf#L174) | Provide values if project creation is needed, uses existing project if null. Parent is in 'folders/nnn' or 'organizations/nnn' format. | <code title="object({ billing_account_id = string parent = string })">object({…})</code> | | <code>null</code> |
|
||
|
| [region](variables.tf#L21) | Region for resources | <code>string</code> | | <code>"europe-west4"</code> |
|
||
|
| [shared_vpc_project_id](variables.tf#L32) | Shared VPC project ID for firewall rules | <code>string</code> | | <code>null</code> |
|
||
|
| [sql_client_cidrs](variables.tf#L54) | CIDR ranges that are allowed to connect to SQL Server | <code>list(string)</code> | | <code>["0.0.0.0/0"]</code> |
|
||
|
| [vpc_ip_cidr_range](variables.tf#L183) | Ip range used in the subnet deployef in the Service Project. | <code>string</code> | | <code>"10.0.0.0/20"</code> |
|
||
|
| [witness_image](variables.tf#L84) | SQL Server witness machine image | <code>string</code> | | <code>"projects/windows-cloud/global/images/family/windows-2019"</code> |
|
||
|
| [witness_instance_type](variables.tf#L72) | SQL Server witness node instance type | <code>string</code> | | <code>"n2-standard-2"</code> |
|
||
|
| [witness_name](variables.tf#L168) | Witness base name | <code>string</code> | | <code>"witness"</code> |
|
||
|
|
||
|
## Outputs
|
||
|
|
||
|
| name | description | sensitive |
|
||
|
|---|---|:---:|
|
||
|
| [instructions](outputs.tf#L19) | | |
|
||
|
|
||
|
<!-- END TFDOC -->
|