• Deploy SQL Failover Clustering application (p. 179)
Deploy SQL Server Always On application
The following steps guide you through a SQL Server Always On application deployment with AWS Launch Wizard after you have launched it from the console.
Deploy on Windows
1. When you select Choose application from the AWS Launch Wizard landing page, you are directed to the Choose application wizard, where you are prompted to select the type of application that you want to deploy. Select Microsoft SQL Server, then Create deployment.
2. Under Review Permissions, Launch Wizard displays the AWS Identity and Access Management (IAM) role required for Launch Wizard to access other AWS services on your behalf. For more information about setting up IAM for Launch Wizard, see AWS Identity and Access Management (IAM) (p. 169).
Choose Next .
3. On the Configure application settings page, select the Operating System on which you want to install SQL Server — in this case, Windows.
4. Deployment model. Choose High availability deployment to deploy your SQL Server Always On application across multiple Availability Zones or Single instance deployment to deploy your SQL Server application on a single node.
5. You are prompted to enter the specifications for the new deployment The following tabs provide information about the specification fields.
General
• Deployment name. Enter a unique application name for your deployment.
• Simple Notification Service (SNS) topic ARN — optional. Specify an SNS topic where AWS Launch Wizard can send notifications and alerts. For more information, see the Amazon Simple Notification Service Developer Guide.
• CloudWatch application monitoring (optional for HA deployments). Select the check box to set up monitors and automated insights for your deployment using CloudWatch Application Insights. For more information, see the Amazon CloudWatch User Guide.
• Enable rollback on failed deployment. By default, if a deployment fails, your provisioned resources will not be rolled back/deleted. This default configuration helps you to
troubleshoot errors at the resource level as you debug deployment issues. If you want your provisioned resources to be immediately deleted if a deployment fails, select the check box.
Connectivity
Enter specifications for how you want to connect to your instance and configure your Virtual Private Cloud (VPC).
Key pair name
• Select an existing key pair from the dropdown list or create a new one. If you select Create new key pair name, you are directed to the Amazon EC2 console. From there, under Network and Security, choose Key Pairs. Choose Create a new key pair, enter a name for the key pair, and then choose Download Key Pair.
Important
This is the only opportunity for you to save the private key file. Download it and save it in a safe place. You must provide the name of your key pair when you launch an instance and provide the corresponding private key each time that you connect to the instance.
Return to the Launch Wizard console and choose the refresh button next to the Key Pairs dropdown list. The newly created key pair appears in the dropdown list. For more information about key pairs, see Amazon EC2 Key Pairs and Windows Instances.
Tenancy model (HA deployments only)
Select your preferred tenancy. Each instance that you launch into a VPC has a tenancy attribute.
The Shared tenancy option means that the instance runs on shared hardware. The Dedicated
Deploy on Windows
Host (HA deployments) tenancy option means that the instance runs on a Dedicated Host, which is an isolated server with configurations that you can control. For more information, see Dedicated Hosts.
Virtual Private Cloud (VPC). Choose whether you want to use an existing VPC or create a new VPC.
• Select Virtual Private Cloud (VPC) option. Choose the VPC that you want to use from the dropdown list. If you choose to enable Remote Desktop Gateway access on single-node deployments, then your VPC must include one public subnet and one private subnet. It must include at least two private subnets for HA deployments . Your VPC must be associated with a DHCP Options Set to enable DNS translations to work. The private subnets must have outbound connectivity to the internet and other AWS services (S3, CFN, SSM, Logs). We recommend that you enable this connectivity with a NAT Gateway. For more information about NAT Gateways, see NAT Gateways in the Amazon VPC User Guide.
• Public Subnet. If you choose to enable Remote Desktop Gateway access on single-node deployments, then your VPC must include one public subnet and one private subnet. It must include at least two private subnets for HA deployments. Choose a public subnet for your VPC from the dropdown list. To continue, you must select the check box that indicates that the public subnet has been set up and the private subnets have outbound connectivity enabled.
To add a new public subnet
If a subnet's traffic is routed to an internet gateway, the subnet is known as a public subnet.
If, however, a subnet doesn't have a route to the internet gateway, the subnet is known as a private subnet. To use an existing VPC that does not have a public subnet, you can add a new public subnet using the following steps.
• Follow the steps in Creating a Subnet in the Amazon VPC User Guide using the existing VPC you intend to use AWS Launch Wizard.
• To add an internet gateway to your VPC, follow the steps in Attaching an Internet Gateway in the Amazon VPC User Guide.
• To configure your subnets to route internet traffic through the internet gateway, follow the steps in Creating a Custom Route Table in the Amazon VPC User Guide. Use IPv4 format (0.0.0.0/0) for Destination.
• The public subnet should have the “auto-assign public IPv4 address” setting enabled. To enable this setting, follow the steps in Modifying the Public IPv4 Addressing Attribute for Your Subnet in the Amazon VPC User Guide.
• Availability Zone (AZ) configuration. You must choose at least two Availability Zones for High Availability (HA) deployments and one Availability Zone for single-node deployments, with one private subnet for each zone that you select. For HA deployments, select the Availability Zones within which you want to deploy your primary and secondary SQL nodes. Depending on the number of secondary nodes that you plan to use to set up a SQL Server Always On deployment, you may have to specify a private subnet for each of them.
Cross-Region replication is not supported.
To create a private subnet
If a subnet doesn't have a route to an internet gateway, the subnet is known as a private subnet. To create a private subnet, you can use the following steps. We recommend that you enable the outbound connectivity for each of your selected private subnets using a NAT Gateway. To enable outbound connectivity from private subnets with public subnet, see the steps in Creating a NAT Gateway to create a NAT Gateway in your chosen public subnet. Then, follow the steps in Updating Your Route Table for each of your chosen private subnets.
Deploy on Windows
• Follow the steps in Creating a Subnet in the Amazon VPC User Guide using the existing VPC you will use in AWS Launch Wizard.
• When you create a VPC, it includes a main route table by default. On the Route Tables page in the Amazon VPC console, you can view the main route table for a VPC by looking for Yes in the Main column. The main route table controls the routing for all subnets that are not explicitly associated with any other route table. If the main route table for your VPC has an outbound route to an internet gateway, then any subnet created using the previous step, by default, becomes a public subnet. To ensure the subnets are private, you may need to create separate route table(s) for your private subnets. These route tables must not contain any routes to an internet gateway. Alternatively, you can create a custom route table for your public subnet and remove the internet gateway entry from the main route table.
If you selected Dedicated host tenancy, you must select a Dedicated Host for each Availability Zone. If you have not allocated any dedicated hosts to your account, you can choose Create new dedicated host to do so from the EC2 console.
• Remote Desktop Gateway preferences (single-node deployments only). When you select Set up Remote Desktop Gateway, enter the public subnet into which to deploy the RDGW instance.
• Remote Desktop Gateway access — Optional. Select Custom IP from the dropdown list.
Enter the CIDR block. If you do not specify any value for the Custom IP parameter, Launch Wizard does not set the inbound RDP access (Port 3389) from any IP. You can choose to do this later by modifying the security group settings via the Amazon EC2 console. See Adding a Rule for Inbound RDP Traffic to a Windows Instance for instructions on adding a rule that allows inbound RDP traffic to your RDGW instance.
• Create new Virtual Private Cloud (VPC) option. Launch Wizard creates your VPC. You can optionally enter a VPC name tag. If you selected Dedicated Host tenancy for high availability deployments, select a primary and secondary Dedicated Host. If you haven't allocated any Dedicated Hosts to your account, select Create a new dedicated host. You will be directed to the EC2 console to create the new host.
• Remote Desktop Gateway preferences (single-node deployments only). When you select Set up Remote Desktop Gateway, only the Remote Desktop Gateway access information will be taken from the VPC.
• Remote Desktop Gateway access — Optional. Select Custom IP from the dropdown list.
Enter the CIDR block. If you do not specify any value for the Custom IP parameter, Launch Wizard does not set the inbound RDP access (Port 3389) from any IP. You can choose to do this later by modifying the security group settings via the Amazon EC2 Console. See Adding a Rule for Inbound RDP Traffic to a Windows Instance for instructions on adding a rule that allows inbound RDP traffic to your RDGW instance.
Active Directory
You can connect to an existing Active Directory or, for high availability deployments, you can create a new one. If you selected the Create new Virtual Private Cloud (VPC) option for high availability deployments, you must select Create a new Active Directory.