I’ve seen many articles recently explaining what Microsoft do to make the data stored in a SQL Azure databases is resilient, they normally always start with someone asking why they have to have primary keys or clustered indexes on all their tables. It’s great that Microsoft goes to these extremes to protect against instance or hardware failure but as I found last week, it doesn’t matter how available your data is made if you can’t get to it. Let me explain….
I have a small spread sheet which I made to record my time utilisation in. At the end of every week I run a small VBA script which uploads it to a SQL Server table hosted deep within my company’s corporate network. I thought this would be a good candidate for SQL Azure; rather than fire up a VPN every Friday I could run my VBA script from anywhere with an Internet connection, at home, on 3G, at work, if only that were the case.
Having a small database that’s securely available from anywhere in the world seems a great idea but not one that’s easy to implement. Most corporate database servers have some data on them somewhere which people don’t want getting anywhere near the Internet. Exposing port 1433 to the outside world is a security nightmare waiting to happen for most DBAs. SQL Azure was born to do that and what’s great is that keeping it protected is Microsoft’s job!
I migrated my utilisation database from my internal server to SQL Azure, I changed my connection string, knew it’d be sent encrypted over the Internet and waited for Friday afternoon and my first upload to happen.
Then disaster! All of my migration and re-configuration had been done at home but I tried my first upload from my desk at work. My corporate network’s firewall rules wouldn’t let SQL Server traffic out to the Internet! Apparently there’s no need so there’s no allow rule in place, makes sense I suppose.
My dream of having an always accessible instance of SQL Server available to me was shattered. No matter how much effort Microsoft put into protecting my data it was useless if I couldn’t even access it.
This made me think who SQL Azure is designed for. In hindsight, probably not people like me who just want a “relational database in the cloud”, instead probably more for people who want to deploy a structured application infrastructure, where part of that structure comes from the firewall rules controlling access to the database. At the same time though, I’d have paid £6 a month for a truly “available anywhere” database.