Kaushal's Photo
Home Follow on LinkedIn Share on LinkedIn Share on Twitter

Containerizing MS SQL Server in Kubernetes requires careful planning to ensure scalability, reliability, and security. Below are the best practices for running MS SQL Server in Kubernetes:

1. Use StatefulSet for MS SQL Server

  • Why?: StatefulSet ensures stable and unique pod identities, making it ideal for stateful applications like databases.
  • It provides:
    • Stable network identities (e.g., mssql-0, mssql-1).
    • Persistent storage through PersistentVolumeClaims (PVCs).
    • Ordered startup and shutdown for pods.

Example StatefulSet:

apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: mssql
spec:
  serviceName: "mssql-service"
  replicas: 1
  selector:
    matchLabels:
      app: mssql
  template:
    metadata:
      labels:
        app: mssql
    spec:
      containers:
      - name: mssql
        image: mcr.microsoft.com/mssql/server:2019-latest
        ports:
        - containerPort: 1433
        env:
        - name: ACCEPT_EULA
          value: "Y"
        - name: SA_PASSWORD
          valueFrom:
            secretKeyRef:
              name: mssql-secret
              key: sa-password
        volumeMounts:
        - name: mssql-data
          mountPath: /var/opt/mssql
  volumeClaimTemplates:
  - metadata:
      name: mssql-data
    spec:
      accessModes: ["ReadWriteOnce"]
      resources:
        requests:
          storage: 50Gi

2. Use Persistent Storage

  • Why?: Databases require durable storage to persist data beyond the lifecycle of a pod.
  • Use a PersistentVolume (PV) backed by cloud storage (e.g., AWS EBS, Azure Disks, GCP Persistent Disks) or an on-premises storage solution.

Key Recommendations:

  • Use ReadWriteOnce access mode for exclusive access to the disk.
  • Size the storage appropriately based on database needs and growth.
  • Enable snapshots for backup and disaster recovery.

Example PersistentVolumeClaim (PVC):

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: mssql-data
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 50Gi

3. Use Secrets for Credentials

  • Why?: Storing sensitive information like passwords in plaintext is insecure.
  • Store the SA (System Administrator) password in Kubernetes Secrets.

Example Secret:

apiVersion: v1
kind: Secret
metadata:
  name: mssql-secret
type: Opaque
data:
  sa-password: bXlTdXBlclNlY3JldFBhc3N3b3Jk # Base64 encoded password

4. Optimize Resources

  • Allocate sufficient CPU and memory for the SQL Server pod to ensure reliable performance.
  • Use Kubernetes requests and limits to guarantee resource availability and prevent overcommitment.

Example Resource Allocation:

resources:
  requests:
    memory: "2Gi"
    cpu: "1"
  limits:
    memory: "4Gi"
    cpu: "2"

5. Configure Probes

  • Use readiness probes to ensure the SQL Server pod only accepts traffic after initialization.
  • Use liveness probes to restart the pod if SQL Server becomes unresponsive.

Example Probes:

readinessProbe:
  exec:
    command:
    - /opt/mssql-tools/bin/sqlcmd
    - -S
    - localhost
    - -U
    - sa
    - -P
    - "$(SA_PASSWORD)"
    - -Q
    - "SELECT 1"
  initialDelaySeconds: 30
  periodSeconds: 10
livenessProbe:
  exec:
    command:
    - /opt/mssql-tools/bin/sqlcmd
    - -S
    - localhost
    - -U
    - sa
    - -P
    - "$(SA_PASSWORD)"
    - -Q
    - "SELECT 1"
  initialDelaySeconds: 60
  periodSeconds: 30

6. Backups and Disaster Recovery

  • Use scheduled backups to avoid data loss.
  • Consider tools like Velero for Kubernetes-native backup solutions.
  • MS SQL Server supports backup to Azure Blob Storage and other external storage.

Example Backup Command:

BACKUP DATABASE [YourDB]
TO DISK = '/var/opt/mssql/backup/yourdb.bak'

Mount a PersistentVolume to /var/opt/mssql/backup to store backups.

7. Network Configuration

  • Use a ClusterIP Service to expose SQL Server internally for backend microservices.
  • Restrict external access using Network Policies.

Example Service:

apiVersion: v1
kind: Service
metadata:
  name: mssql-service
spec:
  type: ClusterIP
  selector:
    app: mssql
  ports:
  - protocol: TCP
    port: 1433
    targetPort: 1433

8. Monitor and Secure MS SQL Server

  • Monitoring:

    • Use Kubernetes monitoring tools like Prometheus and Grafana.
    • Monitor SQL Server metrics (e.g., CPU, memory, queries per second) via tools like Telegraf or Azure Monitor.

  • Security:

    • Ensure TLS encryption for communication between the application and the database.
    • Limit pod access using Network Policies.
    • Regularly update the MS SQL Server image to patch vulnerabilities.

9. Scale Carefully

  • Databases like MS SQL Server are not typically scaled horizontally (e.g., multiple replicas).
  • Use replication or Always On Availability Groups (Enterprise Edition) for high availability.

10. Test Thoroughly

  • Test database failover, backups, and restore procedures.
  • Simulate high-load scenarios to verify Kubernetes resource allocation and SQL Server performance.

By following these best practices, you can containerize and deploy MS SQL Server in Kubernetes effectively, ensuring a reliable and scalable database solution.

© 2025 Kaushal Kishor. All rights reserved.

Follow on LinkedIn
Private Policy Terms and Conditions