Disaster Recovery
Many services within Microsoft Azure provide automatic geo redundant storage. This is achieved using a concept known as region pairs. Each geographical area has at least one region pair, e.g. UK West is the secondary region for UK South. For example if you choose the geo replication option for a storage account, Azure will automatically replicate it to the secondary region for the primary without any additional configuration. Should the primary region fail, the account and storage will be available in the secondary site within a relative short period of time.
Many Azure services also allow the you to choose the region, but typically each service will require additional configuration specific to the service to allow geo redundancy. e.g. Event Hubs allow geo redundancy by configuring a secondary namespace and initiating a pairing. This type of geo redundancy does require individual configuration, however the additional flexibility does allow you to chose the DR region, it does not have to be the secondary region for a geographical pair. Although consideration must be given to topics such as data sovereignty when choosing. Often the paired secondary region is still used to keep all the service together in the desired disaster recovery region.
The following table lists the resources currently supported by SQLBuild and details the Azure and SQLBuild geo redundant options available:
| SQLBuild Resource | Azure GEO Redundancy | SQLBuild Geo Redundancy | Notes |
|---|---|---|---|
| azAdGroup | Automatically replicated globally | n/a | Stored in Azure Active Directory which is internally stored in a highly available CosmosDB replicated worldwide. |
| azAdUser | Automatically replicated globally | n/a | Stored in Azure Active Directory which is internally stored in a highly available CosmosDB replicated worldwide. |
| azAppConfigStore | Geo replication to any region | No | In public preview. Replication will create a new config store when setting up replication. Only one replica per location. |
| azBastion | n/a | n/a | Manually create a Bastion in your DR region, no replication required. |
| azDdosProtectionPlan | n/a | n/a | Manually create a DDOS plan in your DR region. Your DR virtual network scan use a DPP creation in your DR region. |
| azDisk | Geo replicate the backups | n/a | Disks offer no replication options themselves between regions. Your backups should be replicated to your DR region. |
| azEventHub | Geo replication to any region | Yes | Can geo replicate to an empty namespace in a different region. |
| azKeyVault | Automatically replicated to secondary | n/a | Can take up to 20 minutes to failover, primary keyvault is in read only whilst failover occurs. |
| azLocalNetworkGateway | n/a | n/a | Network design should include capability from your local on premise site to the DR region also if required. |
| azManagedIdentity | Automatically replicated globally | n/a | Stored in Azure Active Directory which is internally stored in a highly available CosmosDB replicated worldwide. |
| azManagementGroup | Automatically replicated globally | n/a | Stored in Azure Active Directory which is internally stored in a highly available CosmosDB replicated worldwide. |
| azNetworkInterface | n/a | n/a | Not required, should be part of your network design in your chosen DR region. |
| azNetworkSecurityGroup | n/a | n/a | Not required, should be part of your network design in your chosen DR region. |
| azPublicIP | n/a | n/a | Network Design should include capability for any globally required applications. |
| azRecoveryServicesVault | n/a | n/a | Recovery Service Vault is a logical construct to just collate backups. The backups dictate the redundancy |
| azResourceGroup | n/a | n/a | Just a logical construct, no need to replicate, create in DR site. |
| azRouteTable | n/a | n/a | Not required, should be part of your network design in your chosen DR region. |
| azSqlDatabase | Geo replication | Yes | Geo replication allow for 4 read only replicas within same or different regions but no automatic failover. |
| Failover Groups | Yes | Failover group allow automatic failover for one region but must be to a different region. | |
| azSqlElasticPool | n/a | n/a | Create in the DR region, will be required if databases being added to a failover group are in an elastic pool. |
| azSqlInstance | Failover Groups | No | Failover group allow automatic failover and must be for a different region. |
| azSqlInstancePool | n/a | n/a | Failover groups failover instances whether in a pool or not. |
| azSqlServer | n/a | n/a | Logical construct, create in the DR region, will be required for the failover group configuration. |
| azStorage | Geo replication available to secondary | Yes | Choice of SKU dictates zonal and regional redundancy. |
| azSubnet | n/a | n/a | Not required, should be part of your network design in your chosen DR region. |
| azSubscription | Automatically replicated globally | n/a | Automatically highly replicated by the Azure cloud. |
| azVirtualMachine | Use Azure Site Recovery to replicate VMs | No | Site Recovery can replicate VMs to any region. Site Recovery is currently not supported by SQLBuild. |
| azVirtualNetwork | n/a | n/a | Not required, should be part of your network design in your chosen DR region. |
| azVirtualNetworkGateway | n/a | n/a | VNG’s are regional only, your network design should be using global methods to direct to a VNG within your DR region. |