This is a continuation of series of articles on hosting solutions and services on Azure public cloud with the most recent discussion on Multitenancy here This article discusses SQL Server on Azure Arc enabled servers.

Azure Arc-enabled servers expose hybrid inventory to Azure management plane.  The Windows and Linux physical servers and virtual machines hosted outside of Azure, on the corporate network or other clouds can become primary citizens as Azure resources when they are Azure-Arc enabled.

SQL instances are a type of resource in the Azure management plan that plays critical role in governance and security management. Consequently, SQL Server on Azure Arc enabled servers support a set of solutions that require the Microsoft Monitoring agent server extension to be installed and connected to an Azure Log Analytics workspace.

The previous post described the registration of SQL Server instances on Azure Arc enabled servers. This article describes the connectivity modes for these instances.

There are two different connectivity modes:

- directly connected

- indirectly connected

The connectivity mode provides the flexibility to choose how much data is sent to Azure and how users interact with the Arc Data Controller. Depending on the connectivity mode that is chosen, some functionality of Azure Arc-enabled data services may or may not be available. When the instances are directly connected, they can be managed via the Portal, CLI and the ARM APIs.  The experience in directly connected mode is like any other Azure service with provisioning/deprovisioning, scaling and configuring.  When the connectivity mode is indirect, the instances appear on the portal in a read-only view. Actions can be taken on these instances either locally using Azure Data Studio or using the appropriate CLI or the Kubernetes tools like kubectl. 

Azure Active Directory and Azure Role based Access Control can be used only on directly connected instances because a continuous and direct connection is required to provide this functionality. 

Only a certain number of machines can be connected per resource group but there are no limits at the service level.  The networking configuration, transport level security and resource providers required for connected machine agents continue to hold for registering these SQL Server instances.

Instance Metadata information about the connected machines is collected and stored in the region where the Azure Arc machine resource is configured and includes details such as Operating system name and version, Computer name, Computer fully qualified domain name and Connected Machine agent version.

The status for a connected machine can be viewed in the Azure Portal under Azure Arc -> Servers.

The connected machine agent sends a regular heartbeat message from a machine and if it stops, it is assumed to be disconnected within 15 to 30 minutes. The machine identity’s credential is valid up to 90 days and renewed every 45 days. Azure Arc-enabled servers has a limit for the number of instances that can be created in each resource group, but it does not have any limits at the subscription or service level.