I am experiencing a problem configuring the backup of an SQL database using Azure.
I have web application and an associated Azure SQL database. The app connects to the DB no problem. I have pasted the connection string provided to me by the Azure UI (Home -> SQL Databases -> My SQL Database) into the connection strings section of the configuration for the App Service (Home -> App Services -> My App Service -> Configuration). I created a backup of the App Service (Home -> App Services -> My App Service -> Backups -> Configuration) and ticked my connection string to be back up my database.
After about 20 minutes, the backup fails with the error:
A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: TCP Provider, error: 0 - No such host is known.)
I can connect to the database from the SQL Server Management Studio running on my laptop, and from code running on my laptop, using the server, username and password from the connection string, why can the backup not connect to the database?
Many thanks for any advice.
Linking the same question asked on MSDN: Azure SQL Database Backup Fails, cannot connect to the database.
Please see the Requirements and Restrictions details where this functionality is not supported, which I have listed below the applicable items that apply to your scenario:
The Backup and Restore feature requires the App Service plan to be in the Standard tier or Premium tier. For more information about scaling your App Service plan to use a higher tier, see Scale up an app in Azure. Premium tier allows a greater number of daily back ups than Standard tier.
You need an Azure storage account and container in the same subscription as the app that you want to back up. For more information on Azure storage accounts, see Azure storage account overview.
Backups can be up to 10 GB of app and database content. If the backup size exceeds this limit, you get an error.
Using a firewall enabled storage account as the destination for your backups is not supported. If a backup is configured, you will get failed backups.
If none of the above apply to you, then the issue is an IP Address issue in that you need to enable "Allow access to Azure services" in the firewall for your Azure SQL (logical) Server.
Additional troubleshooting can be performed by leveraging Application Insights to capture the backup failure event and then drill into the collected log detail to see what the specific error is.
Related
Requirement: I wanted to copy data from a specific table/view residing on a on-premise SQL Server to Azure SQL DB.
Infrastructure: As depicted in below picture. Essentially, the Azure network is directly connected with corporate network over Express Route. Thus it's a pure private network connection; as good as the corporate network itself.
Issue/Question: I know there are multiple approaches present to get this operation done and I am not restricted to use ADF copy Data tool only. BUT, for all of these I see some cavets or extra steps needed to be done as below:
ADF Copy Data Tool: Needs a SH-IR and a small MSI package needs to be installed on on-premise machine which hosts the SQL server for registration purpose.
Logic Apps: Needs a Virtual Gateway (OR) ASE
App Service: If the operation is wrapped in a C# application and I choose to deploy to a Azure Web Apps. Then in-order to connect to on-premise SQL Server we need to setup hybrid connection manager and as in #1 we need to install something in on-premise machine.
For my case, none of these extra steps can be done. essentially, the on-premise SQL Server comes under a different BU and thus I don't have any permission there; except they have given grant to a table/view. Thus, none of these extra shitty steps can be done.
Moreover, as mentioned above; since it's connected over express route as direct connection, As can be seen in above picture, both the on-premise and azure SQL are essentially inside the same corporate network. THUS, I should be able to access them directly without configuring any of these extra steps as mentioned above.
Please confirm on these and provide a suggestion.
Thank You.
You can still go with the ADF scenario without a SHIR by creating ADF in a Managed VNET using Private Endpoint. As you already have an ER circuit and have the flexibility to configure the Azure side, can you do this with Azure IR: Access on-premises SQL Server from Data Factory Managed VNet using Private Endpoint - Azure Data Factory | Microsoft Docs
There are 2 solutions which could work for your scenario but even for them to work ,you would need access to on prem SQL server machine access to some extent atleast for one time config and Azure SQL db should be accessible via SSMS installed on on-prem machine.
Using linked server
You can create a linked server ( process explained here https://www.sqlshack.com/create-linked-server-azure-sql-database/ ) on on-prem server and create a agent server job to insert data to azure SQL db table.
Via Python Script
This would need Python installation on on-prem machine. Once installed you can write script to transfer data between on-prem SQL server and Azure SQL db. You can schedule this script again by using an agent server job.
I have a database running on an on-premise SQL Server instance. I've set up a SQL agent to backup the database every night and store in a container in Azure. However, I'm seeing the following error after the job runs:
Message
Executed as user: NT SERVICE\SQLSERVERAGENT. Cannot open backup device 'https://mystorageaccount.blob.core.windows.net/mystoragecontainer/20200102/MYDATABASE_0.bak'. Operating system error 50(The request is not supported.). [SQLSTATE 42000] (Error 3201) BACKUP DATABASE is terminating abnormally. [SQLSTATE 42000] (Error 3013)
The Azure storage account is Storage (general purpose v1).
SQL Server 13.0.5233.0
Microsoft SQL Server Management Studio 14.0.17213.0
Microsoft Analysis Services Client Tools 14.0.1016.232
Microsoft Data Access Components (MDAC) 10.0.14393.0
Microsoft MSXML 3.0 6.0
Microsoft Internet Explorer 9.11.14393.0
Microsoft .NET Framework 4.0.30319.42000
Operating System 6.3.14393
Is there a way of configuring NT SERVICE\SQLSERVERAGENT to connect to the Azure storage container?
All the comments are valid to a certain extent. I finally fixed (term used loosely) backing up my SQL Server database to an Azure storage container using SAS (shared access signature) credentials.
Deleted the existing credential in SQL Server (under Security > Credentials)
In Azure, created an access policy under Storage Account > Container. It's important to define start and expiration dates/times, and time zones along with read, write level.
In Azure, Generate a SAS token for the container. Ensure you set the appropriate start and expiration dates/times along with the timezone. Don't rely on just UTC.
Upload a file to the container to make sure it's all ok.
In SQL Server, create the credentials. The secret should be the SAS token without the preceding ?, so just "sv=...." .
IF NOT EXISTS
(SELECT * FROM sys.credentials
WHERE name = 'https://mystorageaccount.blob.core.windows.net/mycontainer')
CREATE CREDENTIAL [https://mystorageaccount.blob.core.windows.net/mycontainer]
WITH IDENTITY = 'SHARED ACCESS SIGNATURE',
SECRET = 'sv=_my_sas_key_without_?';
Backup the database. The URL and container must match with the credentials - in this case, https://mystorageaccount.blob.core.windows.net/mycontainer .
BACKUP DATABASE [mydatabase]
TO URL = 'https://mystorageaccount.blob.core.windows.net/mycontainer/mydatabase_03012020120400.bak'
WITH FORMAT,
COMPRESSION,
STATS=5,
BLOCKSIZE=65536,
MAXTRANSFERSIZE=4194304;
GO
This seems like access related issue.To be able to back up to Azure Blob Storage, your backup command must have a valid credential that has access to the blob storage. This can be done in two ways:
Review your credentials, make sure your access key is correct and, if you’re using SAS, make sure that the access policy is defined and you are pointing to the correct container that it has access to. For more information on URL backups as well as script samples, please refer:
https://learn.microsoft.com/en-us/sql/relational-databases/backup-restore/sql-server-backup-to-url?view=sql-server-2017
Shared Access Signature
Identity and Access Key
Additional reference:
https://blog.pythian.com/how-to-fix-sql-backup-to-url-failure-operating-system-error-50/
Hope it helps.
Below is the steps i have took to publish my Website to Azure. I have two data connections the "defaultconnection" for users tables log in register etc. The other is a connection to an Azure Sql Database.
On Azure i created a new app service.
In Visual Studio i click on project and select publish.
In the publish Web window that pops up i select Microsoft Azure Web Apps.
In the following window i select the app service i created in Azure.
In the settings window it shows the two connection database connections.
They both have the same connection string which is the Azure hosted Database. I am not sure what to change the connection string to for the users table. I created a SQL database in azure and connected that to the app service then used that connection string for the "defaultconnection". The string is below
Server=tcp:userauthen.database.windows.net,1433;Data Source=userauthen.database.windows.net;Initial Catalog=USERAUTH;Persist Security Info=False;User ID={your_username};Password={your_password};MultipleActiveResultSets=False;Encrypt=True;TrustServerCertificate=False;Connection Timeout=30;
I published to azure and am able to go through the pages but as soon as i try to interact with the database i get an internal server error 500.
I tried publishing the website without userlogin so i could see if it connected to the Azure sql database but i still get the internal server error 500. I am really stuck at this point and any assistance would be helpful.
So i changed the firewall settings to allow certain IP address and it worked. I can access both my databases.
I'm having trouble with Virtual Networks on Azure and I'm very new to all this, so apologies in advance if my question is rather naive.
Problem:
I have a "azure cloud service" (a web application) that has now been added to a azure virtual network. But now it is not able to connect to the SQL Azure database with the following error message:
SqlException (0x80131904): A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: TCP Provider, error: 0 - No such host is known.)]
A Virtual network has been created via the Azure portal following these steps:
http://www.windowsazure.com/en-us/manage/services/networking/create-a-virtual-network/
Then I added the following config to ServiceConfiguration.cscf
<NetworkConfiguration>
<VirtualNetworkSite name="SomeNetwork" />
<AddressAssignments>
<InstanceAddress roleName="Some.Web.App">
<Subnets>
<Subnet name="AName" />
</Subnets>
</InstanceAddress>
</AddressAssignments>
</NetworkConfiguration>
Question
How do I add SQL server to the Virtual network somehow? I have read a few articles and all are directing towards creating a VM in azure and then adding the VM to the virtual network? Is this the only way?
The web application also uses Azure Service Bus and it too now has connectivity issues due to the virtual network. I'm clearly missing something.
You can avoid manual whitelisting of IP addresses on database level by simply making your Azure SQL database a 'linked resource' in your Cloud settings (Cloud -> pick yours -> "Linked Resources").
That way you can connect to Azure SQL Database from cloud app with no extra configuration, except using existing database connection params.
I am currently unable to connect to my Azure SQL database from a separate remote standalone dedicated box in a private datacenter.
I have an Azure SQL database where I manage the list of IP addresses that can connect to this database. This has worked perfectly until now. I have recently set-up a new dedicated box in a private datacenter that needs to query the Azure SQL database at regular 5 second intervals, give or take.
The problem is, this dedicated box cannot establish a connection to the Azure SQL database, despite being able to connect to other remote FTP servers, MySQL servers, etc. The Azure SQL database does have the IP address of the dedicated box on the allowed connection list. Furthermore, I temporarily opened up a massive range of allowed IP addresses (0.0.0.0 -> 255.255.255.255) on the Azure SQL database to see whether this inability to connect may have resulted from IP blocking.
Does anyone have any suggestions or thoughts on what might be causing this and how I could begin debugging the situation better?
To clarify: I can connect to the Azure SQL database from laptops with individual IP addresses in my office and elsewhere, so long as they have been added to the database whitelist; I can make outward connections to remote FTP and MySQL servers from the dedicated box; I have tried to open-up a massive range of allowed IP addresses on Azure SQL with no luck.
Edit
C:\Users\graphite.rack.ID17157>osql -S v7o06blktw.database.windows.net -U XXXXXXX#v7o06blktw -P XXXXXXX
[SQL Server Native Client 11.0] Named Pipes Provider: Could not open a
connection to SQL Server [53].
[SQL Server Native Client 11.0] Login timeout expired
[SQL Server Native Client 11.0] A network-related or instance-specific error
has occurred while establishing a connection to SQL Server. Server is not
found or not accessible. Check if instance name is correct and if SQL Server
is configured to allow remote connections. For more information see SQL Server
Books Online.
To summarize.
Windows Azure SQL Database (formerly known as SQL Azure) works exclusively and only on TCP port 1433. It only support SQL Server Authentication, TCP connection and TDS protocol as of today.
In order to successfully establish connection to SQL Azure one must fulfil the following requirements:
Create SQL Azure server & Database
Setup SQL Azure Server's firewall rules to accept connections from the IP address of application that will connect to that server
Make sure the box (be it Virtual, or home, or whatever) has no blocking outbound TCP port 1433
Explicitly force encryption in connection string
Explicitly chose to not trust server certificate in connection string
Please note that many (if not all) ISPs (Internet Service Providers) and Hosters, as well as IT staff within companies DO block outgoing TCP Port 1433 due to the SQL Slammer worm. This outgoing port blocking appears to be one of the most faced issues of newcommers to SQL Azure.
UPDATE Nov. 2015
As of August 2015, there is preview feature that enables you to use Azure AD to authenticate to Azure SQL Database. You can read more on this new preview feature here: https://azure.microsoft.com/en-us/documentation/articles/sql-database-aad-authentication/
If you're using corporate network for internet access and facing this problem,
a simple way around this is to use your phone's mobile hotspot for internet access instead.
Be sure to disable your ethernet connection too, which may also be connected to the internet.
Spent hours on this issue. The fix for me was finally found to be my setting on the Xfinity firewall. I had it set to high. Once I changed the setting to low security, I could connect to the Azure sql database with no issues.