What are the drawbacks of putting my staging and production dbs into one Azure Elastic Pool?
I have a STAGING and PROD environment, web apps, SQL databases, etc in Azure. Currently, the scale of the SQL db for PROD is much higher than STAGING - no surprises there.
I suppose there is some temptation to save money by pooling these SQL resources together with an SQL Elastic Pool. However I'm concerned that it will create a coupling between STAGING and PROD which everything inside me screams is a bad idea.
What are the legitimate drawbacks that could reasonably affect performance, reliability, security, etc?
sql-server azure
add a comment |
I have a STAGING and PROD environment, web apps, SQL databases, etc in Azure. Currently, the scale of the SQL db for PROD is much higher than STAGING - no surprises there.
I suppose there is some temptation to save money by pooling these SQL resources together with an SQL Elastic Pool. However I'm concerned that it will create a coupling between STAGING and PROD which everything inside me screams is a bad idea.
What are the legitimate drawbacks that could reasonably affect performance, reliability, security, etc?
sql-server azure
add a comment |
I have a STAGING and PROD environment, web apps, SQL databases, etc in Azure. Currently, the scale of the SQL db for PROD is much higher than STAGING - no surprises there.
I suppose there is some temptation to save money by pooling these SQL resources together with an SQL Elastic Pool. However I'm concerned that it will create a coupling between STAGING and PROD which everything inside me screams is a bad idea.
What are the legitimate drawbacks that could reasonably affect performance, reliability, security, etc?
sql-server azure
I have a STAGING and PROD environment, web apps, SQL databases, etc in Azure. Currently, the scale of the SQL db for PROD is much higher than STAGING - no surprises there.
I suppose there is some temptation to save money by pooling these SQL resources together with an SQL Elastic Pool. However I'm concerned that it will create a coupling between STAGING and PROD which everything inside me screams is a bad idea.
What are the legitimate drawbacks that could reasonably affect performance, reliability, security, etc?
sql-server azure
sql-server azure
asked 6 hours ago
cottsakcottsak
309420
309420
add a comment |
add a comment |
2 Answers
2
active
oldest
votes
The biggest push back for sharing Stage and Prod I get come from the Cyber side of the house. If you must demonstrate a clear line of delineation between Stage and Prod, you should not use an elastic pool for both. Other than that, there are not any real technical downsides, you can always mix and match single DBs with a pool. In most cases, an elastic pool is more cost effective but please note the following per our documentation.
There is no per-database charge for elastic pools. You are billed for
each hour a pool exists at the highest eDTU or vCores, regardless of
usage or whether the pool was active for less than an hour.
add a comment |
If you have customer or contract requirements that require physical separation of N tiers then you cannot do this. From a security standpoint it's a very bad idea to combine the 2 environments. A great way to pour gasoline on the fire is that if management is pushing for the single pool because of cost then I counter that I'm shocked that the company isn't worth more than the cost of the second pool. I've seen execs try to shave off $5-10k on a project and I call them on it, sure they hate me but it's fact, not opinion. Getting hacked is the scenario of when it will happen, not if it will happen. You can only design that it will be more secure with the proper design. If this company couldn't be sold for $5-10k we have a problem. You should never skimp on security or why not just post all data publicaly so why try to secure it if that's their issue. If you haven't already, look at NIST 800-53 R4 to get a good understanding of a security framework. Also CIS-CAT and their nice scanner tool can help become more secure as well.
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "2"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f954800%2fwhat-are-the-drawbacks-of-putting-my-staging-and-production-dbs-into-one-azure-e%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
The biggest push back for sharing Stage and Prod I get come from the Cyber side of the house. If you must demonstrate a clear line of delineation between Stage and Prod, you should not use an elastic pool for both. Other than that, there are not any real technical downsides, you can always mix and match single DBs with a pool. In most cases, an elastic pool is more cost effective but please note the following per our documentation.
There is no per-database charge for elastic pools. You are billed for
each hour a pool exists at the highest eDTU or vCores, regardless of
usage or whether the pool was active for less than an hour.
add a comment |
The biggest push back for sharing Stage and Prod I get come from the Cyber side of the house. If you must demonstrate a clear line of delineation between Stage and Prod, you should not use an elastic pool for both. Other than that, there are not any real technical downsides, you can always mix and match single DBs with a pool. In most cases, an elastic pool is more cost effective but please note the following per our documentation.
There is no per-database charge for elastic pools. You are billed for
each hour a pool exists at the highest eDTU or vCores, regardless of
usage or whether the pool was active for less than an hour.
add a comment |
The biggest push back for sharing Stage and Prod I get come from the Cyber side of the house. If you must demonstrate a clear line of delineation between Stage and Prod, you should not use an elastic pool for both. Other than that, there are not any real technical downsides, you can always mix and match single DBs with a pool. In most cases, an elastic pool is more cost effective but please note the following per our documentation.
There is no per-database charge for elastic pools. You are billed for
each hour a pool exists at the highest eDTU or vCores, regardless of
usage or whether the pool was active for less than an hour.
The biggest push back for sharing Stage and Prod I get come from the Cyber side of the house. If you must demonstrate a clear line of delineation between Stage and Prod, you should not use an elastic pool for both. Other than that, there are not any real technical downsides, you can always mix and match single DBs with a pool. In most cases, an elastic pool is more cost effective but please note the following per our documentation.
There is no per-database charge for elastic pools. You are billed for
each hour a pool exists at the highest eDTU or vCores, regardless of
usage or whether the pool was active for less than an hour.
answered 6 hours ago
Ken W MSFTKen W MSFT
2264
2264
add a comment |
add a comment |
If you have customer or contract requirements that require physical separation of N tiers then you cannot do this. From a security standpoint it's a very bad idea to combine the 2 environments. A great way to pour gasoline on the fire is that if management is pushing for the single pool because of cost then I counter that I'm shocked that the company isn't worth more than the cost of the second pool. I've seen execs try to shave off $5-10k on a project and I call them on it, sure they hate me but it's fact, not opinion. Getting hacked is the scenario of when it will happen, not if it will happen. You can only design that it will be more secure with the proper design. If this company couldn't be sold for $5-10k we have a problem. You should never skimp on security or why not just post all data publicaly so why try to secure it if that's their issue. If you haven't already, look at NIST 800-53 R4 to get a good understanding of a security framework. Also CIS-CAT and their nice scanner tool can help become more secure as well.
add a comment |
If you have customer or contract requirements that require physical separation of N tiers then you cannot do this. From a security standpoint it's a very bad idea to combine the 2 environments. A great way to pour gasoline on the fire is that if management is pushing for the single pool because of cost then I counter that I'm shocked that the company isn't worth more than the cost of the second pool. I've seen execs try to shave off $5-10k on a project and I call them on it, sure they hate me but it's fact, not opinion. Getting hacked is the scenario of when it will happen, not if it will happen. You can only design that it will be more secure with the proper design. If this company couldn't be sold for $5-10k we have a problem. You should never skimp on security or why not just post all data publicaly so why try to secure it if that's their issue. If you haven't already, look at NIST 800-53 R4 to get a good understanding of a security framework. Also CIS-CAT and their nice scanner tool can help become more secure as well.
add a comment |
If you have customer or contract requirements that require physical separation of N tiers then you cannot do this. From a security standpoint it's a very bad idea to combine the 2 environments. A great way to pour gasoline on the fire is that if management is pushing for the single pool because of cost then I counter that I'm shocked that the company isn't worth more than the cost of the second pool. I've seen execs try to shave off $5-10k on a project and I call them on it, sure they hate me but it's fact, not opinion. Getting hacked is the scenario of when it will happen, not if it will happen. You can only design that it will be more secure with the proper design. If this company couldn't be sold for $5-10k we have a problem. You should never skimp on security or why not just post all data publicaly so why try to secure it if that's their issue. If you haven't already, look at NIST 800-53 R4 to get a good understanding of a security framework. Also CIS-CAT and their nice scanner tool can help become more secure as well.
If you have customer or contract requirements that require physical separation of N tiers then you cannot do this. From a security standpoint it's a very bad idea to combine the 2 environments. A great way to pour gasoline on the fire is that if management is pushing for the single pool because of cost then I counter that I'm shocked that the company isn't worth more than the cost of the second pool. I've seen execs try to shave off $5-10k on a project and I call them on it, sure they hate me but it's fact, not opinion. Getting hacked is the scenario of when it will happen, not if it will happen. You can only design that it will be more secure with the proper design. If this company couldn't be sold for $5-10k we have a problem. You should never skimp on security or why not just post all data publicaly so why try to secure it if that's their issue. If you haven't already, look at NIST 800-53 R4 to get a good understanding of a security framework. Also CIS-CAT and their nice scanner tool can help become more secure as well.
answered 1 hour ago
BradBrad
15210
15210
add a comment |
add a comment |
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f954800%2fwhat-are-the-drawbacks-of-putting-my-staging-and-production-dbs-into-one-azure-e%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown