What are the drawbacks of putting my staging and production dbs into one Azure Elastic Pool?
I have a STAGING and PROD environment, web apps, SQL databases, etc in Azure. Currently, the scale of the SQL db for PROD is much higher than STAGING - no surprises there.
I suppose there is some temptation to save money by pooling these SQL resources together with an SQL Elastic Pool. However I'm concerned that it will create a coupling between STAGING and PROD which everything inside me screams is a bad idea.
What are the legitimate drawbacks that could reasonably affect performance, reliability, security, etc?
sql-server azure
asked yesterday
cottsakcottsak
314420
add a comment |
I have a STAGING and PROD environment, web apps, SQL databases, etc in Azure. Currently, the scale of the SQL db for PROD is much higher than STAGING - no surprises there.
I suppose there is some temptation to save money by pooling these SQL resources together with an SQL Elastic Pool. However I'm concerned that it will create a coupling between STAGING and PROD which everything inside me screams is a bad idea.
What are the legitimate drawbacks that could reasonably affect performance, reliability, security, etc?
sql-server azure
asked yesterday
cottsakcottsak
314420
Embrace the cloud, instead of thinking in multiple static tiers make sure you can spin up and environment fully automated when needed. This allows you first of all to shut them down when not needed, and much more importantly if you need multiple independent thinks (like qualifying the next release and a emergency configuration change) you can do both independently.
– eckes
18 hours ago
thanks @eckes but I'm not going to neednenvironments. I only need 2.
– cottsak
11 hours ago
add a comment |
I have a STAGING and PROD environment, web apps, SQL databases, etc in Azure. Currently, the scale of the SQL db for PROD is much higher than STAGING - no surprises there.
I suppose there is some temptation to save money by pooling these SQL resources together with an SQL Elastic Pool. However I'm concerned that it will create a coupling between STAGING and PROD which everything inside me screams is a bad idea.
What are the legitimate drawbacks that could reasonably affect performance, reliability, security, etc?
sql-server azure
asked yesterday
cottsakcottsak
314420
I have a STAGING and PROD environment, web apps, SQL databases, etc in Azure. Currently, the scale of the SQL db for PROD is much higher than STAGING - no surprises there.
I suppose there is some temptation to save money by pooling these SQL resources together with an SQL Elastic Pool. However I'm concerned that it will create a coupling between STAGING and PROD which everything inside me screams is a bad idea.
What are the legitimate drawbacks that could reasonably affect performance, reliability, security, etc?
sql-server azure
sql-server azure
asked yesterday
cottsakcottsak
314420
asked yesterday
cottsakcottsak
314420
asked yesterday
cottsakcottsak
314420
asked yesterday
cottsakcottsak
314420
asked yesterday
cottsakcottsak
314420
314420
Embrace the cloud, instead of thinking in multiple static tiers make sure you can spin up and environment fully automated when needed. This allows you first of all to shut them down when not needed, and much more importantly if you need multiple independent thinks (like qualifying the next release and a emergency configuration change) you can do both independently.
– eckes
18 hours ago
thanks @eckes but I'm not going to neednenvironments. I only need 2.
– cottsak
11 hours ago
add a comment |
Embrace the cloud, instead of thinking in multiple static tiers make sure you can spin up and environment fully automated when needed. This allows you first of all to shut them down when not needed, and much more importantly if you need multiple independent thinks (like qualifying the next release and a emergency configuration change) you can do both independently.
– eckes
18 hours ago
thanks @eckes but I'm not going to neednenvironments. I only need 2.
– cottsak
11 hours ago
Embrace the cloud, instead of thinking in multiple static tiers make sure you can spin up and environment fully automated when needed. This allows you first of all to shut them down when not needed, and much more importantly if you need multiple independent thinks (like qualifying the next release and a emergency configuration change) you can do both independently.
– eckes
18 hours ago
Embrace the cloud, instead of thinking in multiple static tiers make sure you can spin up and environment fully automated when needed. This allows you first of all to shut them down when not needed, and much more importantly if you need multiple independent thinks (like qualifying the next release and a emergency configuration change) you can do both independently.
– eckes
18 hours ago
thanks @eckes but I'm not going to need
n environments. I only need 2.– cottsak
11 hours ago
thanks @eckes but I'm not going to need
n environments. I only need 2.– cottsak
11 hours ago
add a comment |
2 Answers
2
active
oldest
votes
The biggest push back for sharing Stage and Prod I get come from the Cyber side of the house. If you must demonstrate a clear line of delineation between Stage and Prod, you should not use an elastic pool for both. Other than that, there are not any real technical downsides, you can always mix and match single DBs with a pool. In most cases, an elastic pool is more cost effective but please note the following per our documentation.
There is no per-database charge for elastic pools. You are billed for
each hour a pool exists at the highest eDTU or vCores, regardless of
usage or whether the pool was active for less than an hour.
answered yesterday
Ken W MSFTKen W MSFT
2714
add a comment |
If you have customer or contract requirements that require physical separation of N tiers then you cannot do this. From a security standpoint it's a very bad idea to combine the 2 environments. A great way to pour gasoline on the fire is that if management is pushing for the single pool because of cost then I counter that I'm shocked that the company isn't worth more than the cost of the second pool. I've seen execs try to shave off $5-10k on a project and I call them on it, sure they hate me but it's fact, not opinion. Getting hacked is the scenario of when it will happen, not if it will happen. You can only design that it will be more secure with the proper design. If this company couldn't be sold for $5-10k we have a problem. You should never skimp on security or why not just post all data publicaly so why try to secure it if that's their issue. If you haven't already, look at NIST 800-53 R4 to get a good understanding of a security framework. Also CIS-CAT and their nice scanner tool can help become more secure as well.
answered 20 hours ago
BradBrad
17210
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "2"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f954800%2fwhat-are-the-drawbacks-of-putting-my-staging-and-production-dbs-into-one-azure-e%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
The biggest push back for sharing Stage and Prod I get come from the Cyber side of the house. If you must demonstrate a clear line of delineation between Stage and Prod, you should not use an elastic pool for both. Other than that, there are not any real technical downsides, you can always mix and match single DBs with a pool. In most cases, an elastic pool is more cost effective but please note the following per our documentation.
There is no per-database charge for elastic pools. You are billed for
each hour a pool exists at the highest eDTU or vCores, regardless of
usage or whether the pool was active for less than an hour.
answered yesterday
Ken W MSFTKen W MSFT
2714
add a comment |
The biggest push back for sharing Stage and Prod I get come from the Cyber side of the house. If you must demonstrate a clear line of delineation between Stage and Prod, you should not use an elastic pool for both. Other than that, there are not any real technical downsides, you can always mix and match single DBs with a pool. In most cases, an elastic pool is more cost effective but please note the following per our documentation.
There is no per-database charge for elastic pools. You are billed for
each hour a pool exists at the highest eDTU or vCores, regardless of
usage or whether the pool was active for less than an hour.
answered yesterday
Ken W MSFTKen W MSFT
2714
add a comment |
The biggest push back for sharing Stage and Prod I get come from the Cyber side of the house. If you must demonstrate a clear line of delineation between Stage and Prod, you should not use an elastic pool for both. Other than that, there are not any real technical downsides, you can always mix and match single DBs with a pool. In most cases, an elastic pool is more cost effective but please note the following per our documentation.
There is no per-database charge for elastic pools. You are billed for
each hour a pool exists at the highest eDTU or vCores, regardless of
usage or whether the pool was active for less than an hour.
answered yesterday
Ken W MSFTKen W MSFT
2714
The biggest push back for sharing Stage and Prod I get come from the Cyber side of the house. If you must demonstrate a clear line of delineation between Stage and Prod, you should not use an elastic pool for both. Other than that, there are not any real technical downsides, you can always mix and match single DBs with a pool. In most cases, an elastic pool is more cost effective but please note the following per our documentation.
There is no per-database charge for elastic pools. You are billed for
each hour a pool exists at the highest eDTU or vCores, regardless of
usage or whether the pool was active for less than an hour.
answered yesterday
Ken W MSFTKen W MSFT
2714
answered yesterday
Ken W MSFTKen W MSFT
2714
answered yesterday
Ken W MSFTKen W MSFT
2714
answered yesterday
Ken W MSFTKen W MSFT
2714
2714
add a comment |
add a comment |
If you have customer or contract requirements that require physical separation of N tiers then you cannot do this. From a security standpoint it's a very bad idea to combine the 2 environments. A great way to pour gasoline on the fire is that if management is pushing for the single pool because of cost then I counter that I'm shocked that the company isn't worth more than the cost of the second pool. I've seen execs try to shave off $5-10k on a project and I call them on it, sure they hate me but it's fact, not opinion. Getting hacked is the scenario of when it will happen, not if it will happen. You can only design that it will be more secure with the proper design. If this company couldn't be sold for $5-10k we have a problem. You should never skimp on security or why not just post all data publicaly so why try to secure it if that's their issue. If you haven't already, look at NIST 800-53 R4 to get a good understanding of a security framework. Also CIS-CAT and their nice scanner tool can help become more secure as well.
answered 20 hours ago
BradBrad
17210
add a comment |
If you have customer or contract requirements that require physical separation of N tiers then you cannot do this. From a security standpoint it's a very bad idea to combine the 2 environments. A great way to pour gasoline on the fire is that if management is pushing for the single pool because of cost then I counter that I'm shocked that the company isn't worth more than the cost of the second pool. I've seen execs try to shave off $5-10k on a project and I call them on it, sure they hate me but it's fact, not opinion. Getting hacked is the scenario of when it will happen, not if it will happen. You can only design that it will be more secure with the proper design. If this company couldn't be sold for $5-10k we have a problem. You should never skimp on security or why not just post all data publicaly so why try to secure it if that's their issue. If you haven't already, look at NIST 800-53 R4 to get a good understanding of a security framework. Also CIS-CAT and their nice scanner tool can help become more secure as well.
answered 20 hours ago
BradBrad
17210
add a comment |
If you have customer or contract requirements that require physical separation of N tiers then you cannot do this. From a security standpoint it's a very bad idea to combine the 2 environments. A great way to pour gasoline on the fire is that if management is pushing for the single pool because of cost then I counter that I'm shocked that the company isn't worth more than the cost of the second pool. I've seen execs try to shave off $5-10k on a project and I call them on it, sure they hate me but it's fact, not opinion. Getting hacked is the scenario of when it will happen, not if it will happen. You can only design that it will be more secure with the proper design. If this company couldn't be sold for $5-10k we have a problem. You should never skimp on security or why not just post all data publicaly so why try to secure it if that's their issue. If you haven't already, look at NIST 800-53 R4 to get a good understanding of a security framework. Also CIS-CAT and their nice scanner tool can help become more secure as well.
answered 20 hours ago
BradBrad
17210
If you have customer or contract requirements that require physical separation of N tiers then you cannot do this. From a security standpoint it's a very bad idea to combine the 2 environments. A great way to pour gasoline on the fire is that if management is pushing for the single pool because of cost then I counter that I'm shocked that the company isn't worth more than the cost of the second pool. I've seen execs try to shave off $5-10k on a project and I call them on it, sure they hate me but it's fact, not opinion. Getting hacked is the scenario of when it will happen, not if it will happen. You can only design that it will be more secure with the proper design. If this company couldn't be sold for $5-10k we have a problem. You should never skimp on security or why not just post all data publicaly so why try to secure it if that's their issue. If you haven't already, look at NIST 800-53 R4 to get a good understanding of a security framework. Also CIS-CAT and their nice scanner tool can help become more secure as well.
answered 20 hours ago
BradBrad
17210
answered 20 hours ago
BradBrad
17210
answered 20 hours ago
BradBrad
17210
answered 20 hours ago
BradBrad
17210
17210
add a comment |
add a comment |
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f954800%2fwhat-are-the-drawbacks-of-putting-my-staging-and-production-dbs-into-one-azure-e%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Embrace the cloud, instead of thinking in multiple static tiers make sure you can spin up and environment fully automated when needed. This allows you first of all to shut them down when not needed, and much more importantly if you need multiple independent thinks (like qualifying the next release and a emergency configuration change) you can do both independently.
– eckes
18 hours ago
thanks @eckes but I'm not going to need
nenvironments. I only need 2.– cottsak
11 hours ago