This is a continuation of a series of articles on hosting solutions and services on Azure public cloud with the most recent discussion on Multitenancy here This article discusses SQL Server on Azure Arc enabled servers.

Azure Arc-enabled servers expose hybrid inventory to Azure management plane.  The Windows and Linux physical servers and virtual machines hosted outside of Azure, on the corporate network or other clouds can become primary citizens as Azure resources when they are Azure-Arc enabled.

SQL instances are a type of resource in the Azure management plan that plays a critical role in governance and security management. Consequently, SQL Server on Azure Arc enabled servers support a set of solutions that require the Microsoft Monitoring agent server extension to be installed and connected to an Azure Log Analytics workspace.

The previous post described the registration of SQL Server instances on Azure Arc enabled servers and the connectivity modes for these instances. This article describes connecting SQL Server instances to Azure Arc at scale.

Multiple SQL Server instances can be connected to Azure Arc as a single task. Azure policy makes this easy to do. Multiple SQL Server instances installed on multiple Windows or Linux machines can otherwise be connected via scripts.

The name of the builtin policy is to enable multiple instances is “Configure Arc-enabled machines running SQL Server to have SQL Server extension installed”. It is disabled by default but it can be assigned to a scope of choice. This installs the SQL Server extension on all Azure Arc connected servers and will assign Azure Connected SQL Server Onboarding role to Arc managed identity in the specified scope. The extension is responsible for finding and registering the SQL server instances to Azure as well as synchronizing their state with Azure.

The alternative is to use a script that is generated for a single machine. It will connect each machine and all installed SQL Server instances on it to Azure. An active directory service principal is preferred to a higher privileged account such as a tenant Administrator.

Only a certain number of machines can be connected per resource group but there are no limits at the service level.  The networking configuration, transport level security and resource providers required for connected machine agents continue to hold for registering these SQL Server instances.