| title | Configure availability group for SQL Server on Linux |
|---|---|
| description | Learn about creating a SQL Server Always On availability group (AG) for high availability on Linux. |
| author | VanMSFT |
| ms.custom | seo-lt-2019 |
| ms.author | vanto |
| ms.reviewer | vanto |
| ms.date | 08/24/2022 |
| ms.topic | conceptual |
| ms.service | sql |
| ms.subservice | linux |
| ms.assetid |
[!INCLUDE SQL Server - Linux]
This article describes how to create a SQL Server Always On Availability Group (AG) for high availability on Linux. There are two configuration types for AGs. A high availability configuration uses a cluster manager to provide business continuity. This configuration can also include read-scale replicas. This document explains how to create the AG for high availability.
You can also create an AG without a cluster manager for read-scale. The AG for read scale only provides read-only replicas for performance scale-out. It does not provide high availability. To create an AG for read-scale, see Configure a SQL Server Availability Group for read-scale on Linux.
Configurations that guarantee high availability and data protection require either two or three synchronous commit replicas. With three synchronous replicas, the AG can automatically recover even if one server is not available. For more information, see High availability and data protection for Availability Group configurations.
All servers must be either physical or virtual, and virtual servers must be on the same virtualization platform. This requirement is because the fencing agents are platform specific. See Policies for Guest Clusters.
The steps to create an AG on Linux servers for high availability are different from the steps on a Windows Server failover cluster. The following list describes the high-level steps:
-
Configure SQL Server on three cluster servers.
[!IMPORTANT] All three servers in the AG need to be on the same platform - physical or virtual - because Linux high availability uses fencing agents to isolate resources on servers. The fencing agents are specific for each platform.
-
Create the AG. This step is covered in this current article.
-
Configure a cluster resource manager, like Pacemaker.
The way to configure a cluster resource manager depends on the specific Linux distribution. See the following links for distribution specific instructions:
[!IMPORTANT] Production environments require a fencing agent, like STONITH for high availability. The demonstrations in this documentation do not use fencing agents. The demonstrations are for testing and validation only.
A Linux cluster uses fencing to return the cluster to a known state. The way to configure fencing depends on the distribution and the environment. Currently, fencing is not available in some cloud environments. For more information, see Support Policies for RHEL High Availability Clusters - Virtualization Platforms.
For SLES, see SUSE Linux Enterprise High Availability Extension.
-
Add the AG as a resource in the cluster.
The way to add the AG as a resource in the cluster depends on the Linux distribution. See the following links for distribution specific instructions:
For information on setting up an availability group for servers with multiple NICs, see the relevant sections for:
[!INCLUDE Create Prerequisites]
The examples in this section explain how to create the availability group using Transact-SQL. You can also use the SQL Server Management Studio Availability Group Wizard. When you create an AG with the wizard, it will return an error when you join the replicas to the AG. To fix this, grant ALTER, CONTROL, and VIEW DEFINITIONS to the pacemaker on the AG on all replicas. Once permissions are granted on the primary replica, join the nodes to the AG through the wizard, but for HA to function properly, grant permission on all replicas.
For a high availability configuration that ensures automatic failover, the AG requires at least three replicas. Either of the following configurations can support high availability:
For information, see High availability and data protection for Availability Group configurations.
Note
The availability groups can include additional synchronous or asynchronous replicas.
Create the AG for high availability on Linux. Use the CREATE AVAILABILITY GROUP with CLUSTER_TYPE = EXTERNAL.
-
Availability group -
CLUSTER_TYPE = EXTERNALSpecifies that an external cluster entity manages the AG. Pacemaker is an example of an external cluster entity. When the AG cluster type is external, -
Set Primary and secondary replicas
FAILOVER_MODE = EXTERNAL. Specifies that the replica interacts with an external cluster manager, like Pacemaker.
The following Transact-SQL scripts create an AG for high availability named ag1. The script configures the AG replicas with SEEDING_MODE = AUTOMATIC. This setting causes SQL Server to automatically create the database on each secondary server. Update the following script for your environment. Replace the <node1>, <node2>, or <node3> values with the names of the SQL Server instances that host the replicas. Replace the <5022> with the port you set for the data mirroring endpoint. To create the AG, run the following Transact-SQL on the SQL Server instance that hosts the primary replica.
Important
In the current implementation of the SQL Server resource agent, the node name must match the ServerName property from your instance. For example, if your node name is node1, make sure SERVERPROPERTY('ServerName') returns node1 in your SQL Server instance. If there is a mismatch, your replicas will go into a resolving state after the pacemaker resource is created.
A scenario where this rule is important is when using fully qualified domain names. For example, if you use node1.yourdomain.com as the node name during cluster setup, make sure SERVERPROPERTY('ServerName') returns node1.yourdomain.com, and not just node1. The possible workarounds for this problem are:
- Rename your host name to the FQDN and use
sp_dropserverandsp_addserverstore procedures to ensure the metadata in SQL Server matches the change. - Use the
addroption in thepcs cluster authcommand to match the node name to the SERVERPROPERTY('ServerName') value and use a static IP as the node address.
Run only one of the following scripts:
- Create Availability Group with three synchronous replicas.
- Create Availability Group with two synchronous replicas and a configuration replica
- Create Availability Group with two synchronous replicas.
-
Create AG with three synchronous replicas
CREATE AVAILABILITY GROUP [ag1] WITH (DB_FAILOVER = ON, CLUSTER_TYPE = EXTERNAL) FOR REPLICA ON N'<node1>' WITH ( ENDPOINT_URL = N'tcp://<node1>:<5022>', AVAILABILITY_MODE = SYNCHRONOUS_COMMIT, FAILOVER_MODE = EXTERNAL, SEEDING_MODE = AUTOMATIC ), N'<node2>' WITH ( ENDPOINT_URL = N'tcp://<node2>:<5022>', AVAILABILITY_MODE = SYNCHRONOUS_COMMIT, FAILOVER_MODE = EXTERNAL, SEEDING_MODE = AUTOMATIC ), N'<node3>' WITH( ENDPOINT_URL = N'tcp://<node3>:<5022>', AVAILABILITY_MODE = SYNCHRONOUS_COMMIT, FAILOVER_MODE = EXTERNAL, SEEDING_MODE = AUTOMATIC ); ALTER AVAILABILITY GROUP [ag1] GRANT CREATE ANY DATABASE;[!IMPORTANT] After you run the preceding script to create an AG with three synchronous replicas, do not run the following script:
-
Create AG with two synchronous replicas and a configuration replica:
[!IMPORTANT] This architecture allows any edition of SQL Server to host the third replica. For example, the third replica can be hosted on SQL Server Express Edition. On Express Edition, the only valid endpoint type is
WITNESS.CREATE AVAILABILITY GROUP [ag1] WITH (CLUSTER_TYPE = EXTERNAL) FOR REPLICA ON N'<node1>' WITH ( ENDPOINT_URL = N'tcp://<node1>:<5022>', AVAILABILITY_MODE = SYNCHRONOUS_COMMIT, FAILOVER_MODE = EXTERNAL, SEEDING_MODE = AUTOMATIC ), N'<node2>' WITH ( ENDPOINT_URL = N'tcp://<node2>:<5022>', AVAILABILITY_MODE = SYNCHRONOUS_COMMIT, FAILOVER_MODE = EXTERNAL, SEEDING_MODE = AUTOMATIC ), N'<node3>' WITH ( ENDPOINT_URL = N'tcp://<node3>:<5022>', AVAILABILITY_MODE = CONFIGURATION_ONLY ); ALTER AVAILABILITY GROUP [ag1] GRANT CREATE ANY DATABASE;
-
Create AG with two synchronous replicas
Include two replicas with synchronous availability mode. For example, the following script creates an AG called
ag1.node1andnode2host replicas in synchronous mode, with automatic seeding and automatic failover.[!IMPORTANT] Only run the following script to create an AG with two synchronous replicas. Do not run the following script if you ran either preceding script.
CREATE AVAILABILITY GROUP [ag1] WITH (CLUSTER_TYPE = EXTERNAL) FOR REPLICA ON N'node1' WITH ( ENDPOINT_URL = N'tcp://node1:5022', AVAILABILITY_MODE = SYNCHRONOUS_COMMIT, FAILOVER_MODE = EXTERNAL, SEEDING_MODE = AUTOMATIC ), N'node2' WITH ( ENDPOINT_URL = N'tcp://node2:5022', AVAILABILITY_MODE = SYNCHRONOUS_COMMIT, FAILOVER_MODE = EXTERNAL, SEEDING_MODE = AUTOMATIC ); ALTER AVAILABILITY GROUP [ag1] GRANT CREATE ANY DATABASE;
You can also configure an AG with CLUSTER_TYPE=EXTERNAL using SQL Server Management Studio or PowerShell.
The Pacemaker user requires ALTER, CONTROL, and VIEW DEFINITION permissions on the availability group on all replicas. To grant permissions, run the following Transact-SQL script after the availability group is created on the primary replica and each secondary replica immediately after they are added to the availability group. Before you run the script, replace <pacemakerLogin> with the name of the Pacemaker user account. If you do not have a login for Pacemaker, create a sql server login for Pacemaker.
GRANT ALTER, CONTROL, VIEW DEFINITION ON AVAILABILITY GROUP::ag1 TO <pacemakerLogin>
GRANT VIEW SERVER STATE TO <pacemakerLogin>The following Transact-SQL script joins a SQL Server instance to an AG named ag1. Update the script for your environment. On each SQL Server instance that hosts a secondary replica, run the following Transact-SQL to join the AG.
ALTER AVAILABILITY GROUP [ag1] JOIN WITH (CLUSTER_TYPE = EXTERNAL);
ALTER AVAILABILITY GROUP [ag1] GRANT CREATE ANY DATABASE;[!INCLUDE Create Post]
Important
After you create the AG, you must configure integration with a cluster technology like Pacemaker for high availability. For a read-scale configuration using AGs, starting with [!INCLUDE SQL Server version], setting up a cluster is not required.
If you followed the steps in this document, you have an AG that is not yet clustered. The next step is to add the cluster. This configuration is valid for read-scale/load balancing scenarios, it is not complete for high availability. For high availability, you need to add the AG as a cluster resource. See Next steps for instructions.
Important
After you configure the cluster and add the AG as a cluster resource, you cannot use Transact-SQL to fail over the AG resources. SQL Server cluster resources on Linux are not coupled as tightly with the operating system as they are on a Windows Server Failover Cluster (WSFC). SQL Server service is not aware of the presence of the cluster. All orchestration is done through the cluster management tools. In RHEL or Ubuntu use pcs. In SLES use crm.
Important
If the AG is a cluster resource, there is a known issue in current release where forced failover with data loss to an asynchronous replica does not work. This will be fixed in the upcoming release. Manual or automatic failover to a synchronous replica succeeds.
Configure Red Hat Enterprise Linux Cluster for SQL Server Availability Group Cluster Resources
Configure SUSE Linux Enterprise Server Cluster for SQL Server Availability Group Cluster Resources
Configure Ubuntu Cluster for SQL Server Availability Group Cluster Resources