Search

Chapter 17. Configuring Microsoft SQL Server by using the RHEL system role

download PDF

As an administrator, you can use the microsoft.sql.server Ansible role to install, configure, and start Microsoft SQL Server (SQL Server). The microsoft.sql.server Ansible role optimizes your operating system to improve performance and throughput for the SQL Server. The role simplifies and automates the configuration of your Red Hat Enterprise Linux host with recommended settings to run the SQL Server workloads.

17.1. Installing and configuring SQL server by using the microsoft.sql.server system role with existing certificate files

You can use the microsoft.sql.server Ansible role to install and configure SQL Server version 2019. The playbook in this example also configures the server to use an existing sql_cert certificate and private key files for TLS encryption.

Prerequisites

  • You have prepared the control node and the managed nodes.
  • You are logged in to the control node as a user who can run playbooks on the managed nodes.
  • The account you use to connect to the managed nodes has sudo permissions on them.
  • Minimum 2 GB RAM
  • The ansible-collection-microsoft-sql package is installed on the managed node.
  • The managed node uses one of the following versions: RHEL 7.9, RHEL 8, RHEL 9.4 or later.

Procedure

  1. Create a playbook file, for example ~/playbook.yml, with the following content:

    ---
    - name: Install and configure SQL Server
      hosts: managed-node-01.example.com
      roles:
        - microsoft.sql.server
      vars:
        mssql_accept_microsoft_odbc_driver_17_for_sql_server_eula: true
        mssql_accept_microsoft_cli_utilities_for_sql_server_eula: true
        mssql_accept_microsoft_sql_server_standard_eula: true
        mssql_version: 2019
        mssql_manage_firewall: true
        mssql_tls_enable: true
        mssql_tls_cert: sql_crt.pem
        mssql_tls_private_key: sql_cert.key
        mssql_tls_version: 1.2
        mssql_tls_force: false
        mssql_password: <password>
        mssql_edition: Developer
        mssql_tcp_port: 1433
  2. Validate the playbook syntax:

    $ ansible-playbook --syntax-check ~/playbook.yml

    Note that this command only validates the syntax and does not protect against a wrong but valid configuration.

  3. Run the playbook:

    $ ansible-playbook ~/playbook.yml

Additional resources

  • /usr/share/ansible/roles/microsoft.sql-server/README.md file

17.2. Installing and configuring SQL server by using the microsoft.sql.server system role with the certificate RHEL system role

You can use the microsoft.sql.server Ansible role to install and configure SQL Server version 2019. The playbook in this example also configures the server to use TLS encryption and creates a self-signed sql_cert certificate file and private key by using the certificate system role.

You do not have to call the certificate system role in the playbook to create the certificate. The microsoft.sql.server Ansible role calls it automatically.

Prerequisites

  • You have prepared the control node and the managed nodes.
  • You are logged in to the control node as a user who can run playbooks on the managed nodes.
  • The account you use to connect to the managed nodes has sudo permissions on them.
  • Minimum 2 GB RAM
  • The ansible-collection-microsoft-sql package is installed on the managed node.
  • The managed nodes are enrolled in a Red Hat Identity Management (IdM) domain.
  • The managed node uses one of the following versions: RHEL 7.9, RHEL 8, RHEL 9.4 or later.

Procedure

  1. Create a playbook file, for example ~/playbook.yml, with the following content:

    ---
    - name: Install and configure SQL Server
      hosts: managed-node-01.example.com
      roles:
        - microsoft.sql.server
      vars:
        mssql_accept_microsoft_odbc_driver_17_for_sql_server_eula: true
        mssql_accept_microsoft_cli_utilities_for_sql_server_eula: true
        mssql_accept_microsoft_sql_server_standard_eula: true
        mssql_version: 2019
        mssql_manage_firewall: true
        mssql_tls_enable: true
        mssql_tls_certificates:
          - name: sql_cert
            dns: *.example.com
            ca: self-sign
        mssql_password: <password>
        mssql_edition: Developer
        mssql_tcp_port: 1433
  2. Validate the playbook syntax:

    $ ansible-playbook --syntax-check ~/playbook.yml

    Note that this command only validates the syntax and does not protect against a wrong but valid configuration.

  3. Run the playbook:

    $ ansible-playbook ~/playbook.yml

Additional resources

17.3. Setting up custom storage paths for data and logs

To store your data or logs in a different directory than the default one, specify the custom storage path using the mssql_datadir, mssql_datadir_mode, mssql_logdir, and mssql_logdir_mode variables in an existing playbook. When you define a custom path, the role creates the provided directory and ensures correct permissions and ownership for it.

Important

If you later decide to remove the variables, the storage paths will not change back to the default ones but will store the data or logs in the latest defined paths.

Prerequisites

  • You have prepared the control node and the managed nodes.
  • You are logged in to the control node as a user who can run playbooks on the managed nodes.
  • The account you use to connect to the managed nodes has sudo permissions on them.
  • Minimum 2 GB RAM
  • The ansible-collection-microsoft-sql package is installed on the managed node.
  • The managed node uses one of the following versions: RHEL 7.9, RHEL 8, RHEL 9.4 or later.

Procedure

  1. Edit an existing playbook file, for example ~/playbook.yml, and add the storage and log-related variables:

    ---
    - name: Install and configure SQL Server
      hosts: managed-node-01.example.com
      roles:
        - microsoft.sql.server
      vars:
        mssql_accept_microsoft_odbc_driver_17_for_sql_server_eula: true
        mssql_accept_microsoft_cli_utilities_for_sql_server_eula: true
        mssql_accept_microsoft_sql_server_standard_eula: true
        mssql_version: 2019
        mssql_manage_firewall: true
        mssql_tls_enable: true
        mssql_tls_cert: sql_crt.pem
        mssql_tls_private_key: sql_cert.key
        mssql_tls_version: 1.2
        mssql_tls_force: false
        mssql_password: <password>
        mssql_edition: Developer
        mssql_tcp_port: 1433
        mssql_datadir: /var/lib/mssql/
        mssql_datadir_mode: '0700'
        mssql_logdir: /var/log/mssql/
        mssql_logdir_mode: '0700'

    Enter the permission modes in single quotation marks so that Ansible parses it as a string and not as an octal number.

    If you do not specify the mode and the destination directory does not exist, the role uses the default umask on the system when setting the mode. If you do not specify the mode and the destination directory does exist, the role uses the mode of the existing directory.

  2. Validate the playbook syntax:

    $ ansible-playbook --syntax-check ~/playbook.yml

    Note that this command only validates the syntax and does not protect against a wrong but valid configuration.

  3. Run the playbook:

    $ ansible-playbook ~/playbook.yml

Additional resources

  • /usr/share/ansible/roles/microsoft.sql-server/README.md file
Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.