Azure SQL Managed Instances & ExpressRoute Have a Secret!

TL;DR – Be careful with SQL Managed Instances and ExpressRoute Peering setups!

I encountered an environment with an existing SQL Managed Instance deployed in a delegated subnet. I was doing some digging around to see what networking magic was happening in the background and encountered this little blub:

https://docs.microsoft.com/en-us/azure/azure-sql/managed-instance/connectivity-architecture-overview#networking-constraints

Microsoft peering: Enabling Microsoft peering on ExpressRoute circuits peered directly or transitively with a virtual network where SQL Managed Instance resides affects traffic flow between SQL Managed Instance components inside the virtual network and services it depends on, causing availability issues. SQL Managed Instance deployments to virtual network with Microsoft peering already enabled are expected to fail.

This one was a zinger for me! In this specific instance, the project required an ExpressRoute circuit for both Azure IaaS an Microsoft Services peering. If I didn’t catch this little bugger, we would have been scratching our heads on cut over day.

Managed Instances does a lot of stuff behind the scenes it appears. If you happen to deploy a lot of them, might be a good idea to segregate them as much as possible.

TL;DR – Be careful with SQL Managed Instances and ExpressRoute Peering setups!

Related Posts

AVS SRM and Azure Functions Integration!

Palo Alto HA in Azure

What Is Azure Route Server?