Configure Managed Instances for Instance Failover Group | AZ-303 Exam Question Answer | Microsoft Azure Architect Technologies

Configure Managed Instances for Instance Failover Group

Prev Question Next Question

Question

You have two Azure SQL Database managed instances in different Azure regions.

You plan to configure the managed instances in an instance failover group.

What should you configure before you can add the managed instances to the instance failover group?

Answers

A. an internal Azure Load Balancer instance that has managed instance endpoints in a backend pool

B. Azure Private Link that has endpoints on two virtual networks

C. an Azure Application Gateway that has managed instance endpoints in a backend pool

D. a Site-to-Site VPN between the virtual networks that contain the instances

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

For two managed instances to participate in a failover group, there must be either ExpressRoute or a gateway configured between the virtual networks of the two managed instances to allow network communication.

You create the two VPN gateways and connect them.

1. Create the gateway for the virtual network of your primary managed instance using the Azure portal.

2. Create the gateway for the virtual network of your secondary managed instance using the Azure portal.

3. Create a bidirectional connection between the two gateways of the two virtual networks.

https://docs.microsoft.com/en-us/azure/azure-sql/managed-instance/failover-group-add-instance-tutorial?tabs=azure-portal#4---create-a-primary-gateway

To configure Azure SQL Database managed instances in an instance failover group, you need to have them in the same Azure region, same subscription, same resource group, and same virtual network. Therefore, to add two managed instances that are in different regions to the instance failover group, you need to connect the virtual networks in which these instances are located.

Option A: An internal Azure Load Balancer instance that has managed instance endpoints in a backend pool is incorrect because an internal Azure Load Balancer is used to balance the incoming traffic between the virtual machines or instances that are in the same virtual network, but it cannot connect different virtual networks.

Option B: Azure Private Link that has endpoints on two virtual networks is the correct option as it allows connectivity between different virtual networks in the same region or different regions. You can use Azure Private Link to connect the virtual networks that contain the managed instances to the same Azure Private Link service.

Option C: An Azure Application Gateway that has managed instance endpoints in a backend pool is incorrect because Azure Application Gateway is used for load balancing the incoming traffic between different services, not for connecting virtual networks.

Option D: A Site-to-Site VPN between the virtual networks that contain the instances is another correct option to connect virtual networks, but it requires more configuration and management overhead than Azure Private Link.

Therefore, the correct answer is B. Azure Private Link that has endpoints on two virtual networks.

Prev Question Next Question