Migrate data from a self-managed SQL Server database to an ApsaraDB RDS for SQL Server instance by using a physical protocol gateway - Data Transmission Service

This topic describes how to migrate data from a self-managed SQL Server database hosted on an Elastic Compute Service (ECS) instance, in a data center, or on a cloud server of another cloud service provider to an ApsaraDB RDS for SQL Server instance by using a physical protocol gateway in the Data Transmission Service (DTS) console. A physical protocol gateway is easy to use, ensures fast and stable migration, is suitable for all scenarios, and can effectively improve migration efficiency.

Prerequisites

The self-managed SQL Server database must meet the following requirements:
- The self-managed SQL Server database runs SQL Server 2019, SQL Server 2017, SQL Server 2016, SQL Server 2014, SQL Server 2012, SQL Server 2008 R2, or SQL Server 2005.
  Note
  The self-managed SQL Server database resides on an ECS instance, in a data center, or on a third-party cloud server. The self-managed SQL Server database cannot be an RDS instance.
- The physical protocol gateway of Database Backup (DBS) is installed on the server on which the self-managed SQL Server database resides. For more information, see Appendix: Create a physical protocol gateway.
  Note
  You must install the physical protocol gateway in the same region as the RDS instance.
The RDS instance must meet the following requirements:
- The RDS instance runs SQL Server 2019, SQL Server 2017, SQL Server 2016, SQL Server 2012, or SQL Server 2008 R2.
- The RDS instance runs the same major engine version as the self-managed SQL Server database or a later version.
The following permissions are granted by using your Alibaba Cloud account:
- An AccessKey pair is created, and the AccessKey ID and AccessKey secret are obtained. The AccessKey pair is used for identity verification when you register with or log on to the DBS console from your backup gateway. For more information, see Create an AccessKey pair.
- The AliyunDBSFullAccess permissions is obtained if you want to add a backup gateway as a Resource Access Management (RAM) user. For more information, see Grant permissions to RAM users.
  Note
  - By default, the preceding permissions are granted to your Alibaba Cloud account when you activate DBS.
  - After you add a backup gateway, the backup gateway is available in the DBS console to all RAM users that belong to your Alibaba Cloud account.

Comparison between physical gateway-based migration and logical data migration

Item	Physical gateway-based migration	Logical data migration
Migration principle	The native physical backup protocol is used to write data to the destination database as data blocks.	The JDBC protocol is used to obtain SQL statements and write the statements to the destination database.
Operating system	Only SQL Server on Windows is supported. The version of the desktop operating system cannot be earlier than Windows XP. The version of the server operating system cannot be earlier than Windows Server 2003.	Unlimited.
Deployment	A physical protocol gateway must be installed on the server on which the database resides.	You do not need to install a gateway.
Network connectivity	The server on which the database resides can connect to the network of Alibaba Cloud. Note If the server on which your self-managed SQL Server database resides cannot access the Internet but uses a bastion host for network communication, you can migrate data from the self-managed SQL Server database to an RDS instance by following instructions provided in Migrate data from a self-managed SQL Server database to an ApsaraDB RDS for SQL Server instance by using the physical gateway on a bastion host.	The port to connect to the database must be enabled, or leased line-based connections must be established.
Source database permissions	The sysadmin role is required.	The SELECT permission is required for schema migration and full migration. The sysadmin permission is required for incremental migration. For more information, see Permissions required for database accounts.
Destination database version	The engine version of the destination database must be the same or later than the engine version of the source database.	You can migrate data from a source database that runs an engine version later than or earlier than the engine version of the destination database.
Destination database accessibility	The destination database is inaccessible during data migration.	You can read data from or write data to the destination database during data migration.
Limits on tables that can be migrated from the source database	Memory tables cannot be migrated. Fields of the FileStream and FileTables types cannot be migrated.	For more information, see Migrate data from a self-managed SQL Server database to an ApsaraDB RDS for SQL Server instance.
Migration scenarios	Data can be migrated from self-managed databases to the cloud. Note The self-managed SQL Server databases can reside on ECS instances, in data centers, or on third-party cloud servers.	Data can be migrated from self-managed databases or cloud-hosted databases to the cloud.
Migration efficiency	High.	Medium.
Data processing extract, transform, load (ETL)	Not supported.	Supported.
Table-level data filtering	Not supported.	Supported.
Database-level data filtering	Supported.	Supported.

Limits

Category	Description
Limits on the source database	Only SQL Server on Windows is supported. The version of the desktop operating system cannot be earlier than Windows XP. The version of the server operating system cannot be earlier than Windows Server 2003. The size of the source database cannot exceed the remaining storage of the destination RDS instance. Otherwise, the cloud migration fails. The server on which the source database resides can access the Internet. The name of the source database cannot be the same as the name of the destination database on the RDS instance. The name of the source database cannot be the same as the names of some system databases or other database names that cannot be used. Examples: `reserved_dbname = ["master", "tempdb", "msdb", "model", "distribution","rdscore","sys_info"]` The network settings of the source database must meet the following requirements: If the firewall for the source database is disabled and the source database is a self-managed database on an ECS instance, you can connect the source database and the destination database over a virtual private cloud (VPC) or the Internet. If the firewall for the source database is disabled and the source database is a self-managed database that does not reside on an ECS instance, you can connect the source database and the destination database over the Internet. If the firewall for the source database is enabled, you must allow requests from `*.aliyuncs.com` to ensure that the source database can be connected to the destination database.
Database version and edition	The destination SQL Server version must be later than or the same as the source SQL Server version. The versions and editions of SQL Server are in the following sequential orders: 2019 > 2017 > 2016 > 2012 > 2008 R2 > 2005 SQL Server Developer > SQL Server Standard > SQL Server Web > SQL Server Express Note For more information about the migration mappings that are supported by each edition, see the Migration types that are supported by each SQL Server version section in this topic.
In-Memory OLTP feature and Mirroring technology	The In-Memory Online Transaction Processing System (OLTP) feature of SQL Server is incompatible with the Mirroring technology. If the In-Memory OLTP feature is enabled for your source database, the destination database cannot be an ApsaraDB RDS instance of High-availability Edition.
Number of databases	The maximum number of databases that you can create in an ApsaraDB RDS instance varies based on the instance type. If you need to migrate multiple databases to an ApsaraDB RDS instance, make sure that the number of databases in the destination instance after the migration does not exceed the limit. For more information, see Maximum number of databases.
Other limits	When a physical migration task is in progress, you cannot back up databases. If you want to back up databases during physical migration, you must enable COPY_ONLY. Fields of the FileStream and FileTables types cannot be migrated. You can migrate a single database, multiple databases, or the entire instance. Memory tables cannot be migrated.

Usage notes

During data migration, data can be incrementally written to the self-managed SQL Server database. We recommend that you do not write data to the self-managed SQL Server database during the workload switchover to prevent data inconsistency.
During incremental migration, the RDS instance becomes temporarily unavailable. Wait until the incremental migration task is complete and use the RDS instance after the workloads are switched over to the RDS instance.

Migration types that are supported by each SQL Server version

Engine version of the self-managed SQL Server database	Engine version of the RDS instance
SQL Server Developer, SQL Server Standard, SQL Server Web, and SQL Server Express	SQL Server Enterprise
SQL Server Standard, SQL Server Web, and SQL Server Express	SQL Server Standard
SQL Server Web and SQL Server Express	SQL Server Web

Procedure

Go to the Data Migration Tasks page.
1. Log on to the Data Management (DMS) console.
2. In the top navigation bar, click DTS.
3. In the left-side navigation pane, choose DTS (DTS) > Data Migration.
Note
- Operations may vary based on the mode and layout of the DMS console. For more information, see Simple mode and Configure the DMS console based on your business requirements.
- You can also go to the Data Migration Tasks page of the new DTS console.
From the drop-down list next to Data Migration Tasks, select the region in which the data migration instance resides.
Note If you use the new DTS console, you must select the region in which the data migration instance resides in the upper-left corner.

Click Create Task and configure the source and destination instances.

Warning After you configure the source and destination databases, we recommend that you read the limits displayed at the top of the page. Otherwise, the task may fail or data inconsistency may occur.

Section	Parameter	Description
N/A	Task Name	The task name that DTS automatically generates. We recommend that you specify a descriptive name that makes it easy to identify the task. You do not need to specify a unique task name.
Source Database	Select an existing DMS database instance	The database instance that you want to use. You can choose whether to select an existing instance based on your business requirements. If you select an existing instance, DTS automatically populates the parameters for the database. If you do not select an existing instance, you must manually configure parameters for the database.
	Database Type	The type of the source database. Select SQL Server.
	Access Method	The access method of the source database. Select Physical Protocol.
	Instance Region	The region in which the self-managed SQL Server database resides.
	Physical Protocol Gateway (DBS Backup Gateway)	The physical protocol gateway that is used for this task. Note For more information about how to install a physical protocol gateway, see the Appendix: Create a physical protocol gateway section in this topic.
	Hostname or IP address	The hostname or IP address of the self-managed SQL Server database. Default value: localhost.
	Port Number	The service port number of the self-managed SQL Server database. Default value: 1433.
Destination Database	Select an existing DMS database instance	The instance that you want to use. You can choose whether to use an existing instance based on your business requirements. If you select an existing instance, DTS automatically applies the parameter settings of the instance. You do not need to configure the corresponding parameters again. If you do not use an existing instance, you must configure parameters for the database.
	Database Type	The type of the destination database. Default value: SQL Server.
	Access Method	The access method of the destination database. Default value: Alibaba Cloud Instance.
	Instance Region	The region in which the destination ApsaraDB RDS for SQL Server instance resides.
	Instance ID	The ID of the destination ApsaraDB RDS for SQL Server instance.
	Database Account	The database account that is used to access the destination ApsaraDB RDS for SQL Server instance. Note For more information about how to create a database account and grant permissions to the account, see Create an account and Modify the permissions of a standard account on an ApsaraDB RDS for SQL Server instance.
	Database Password	The password that is used to access the destination ApsaraDB RDS for SQL Server instance.

Click Test Connectivity and Proceed.
In the CIDR Blocks of DTS Servers dialog box, click Test Connectivity and Proceed.
If the source or destination database is an Alibaba Cloud database instance, such as an ApsaraDB RDS for MySQL or ApsaraDB for MongoDB instance, DTS automatically adds the CIDR blocks of DTS servers to the IP address whitelist of the instance. If the source or destination database is a self-managed database hosted on an Elastic Compute Service (ECS) instance, DTS automatically adds the CIDR blocks of DTS servers to the security group rules of the ECS instance, and you must make sure that the ECS instance can access the database. If the source or destination database is a self-managed database that is deployed in a data center or provided by a third-party cloud service provider, you must manually add the CIDR blocks of DTS servers to the IP address whitelist of the database to allow DTS to access the database. For more information, see the "CIDR blocks of DTS servers" section of the Add the CIDR blocks of DTS servers to the security settings of on-premises databases topic.
Warning If the CIDR blocks of DTS servers are automatically or manually added to the IP address whitelist of the database instance or ECS security group rules, security risks may arise. Therefore, before you use DTS to migrate data, you must understand and acknowledge the potential risks and take preventive measures, including but not limited to the following measures: enhance the security of your account and password, limit the ports that are exposed, authenticate API calls, regularly check the IP address whitelist or ECS security group rules and forbid unauthorized CIDR blocks, and connect the database to DTS by using Express Connect, VPN Gateway, or Smart Access Gateway.

Select the objects to be migrated and configure advanced settings.

Parameter	Description
Task Stages	To perform only full data migration, select Full Data Migration, which is required by default. To ensure service continuity during data migration, select Full Data Migration and Incremental Data Migration. Note If Incremental Data Migration is not selected, we recommend that you do not write data to the source instance during data migration. This ensures data consistency between the source and destination databases.
Source Objects	The objects in the source database. Select one or more objects from the Source Objects section and click the icon to add the objects to the Selected Objects section. Note You can migrate a database, multiple databases, or the entire instance.
Selected Objects	The objects to be migrated.

Click Next: Advanced Settings to go to the Advanced Settings page.

Parameter	Description
Set Alerts	Specifies whether to set alerts for the data migration task. If the task fails or the migration latency exceeds the threshold, the alert contacts will receive notifications. Valid values: No: does not set alerts. Yes: sets alerts. If you select Yes, you must also set the alert threshold and alert contacts. For more information,see Configure monitoring and alerting when you create a DTS task.
Retry Time for Failed Connection	The retry time range for failed connections. If the source or destination database fails to be connected after the data migration task is started, DTS immediately retries a connection within the time range. Valid values: 10 to 1440. Unit: minutes. Default value: 720. We recommend that you set the parameter to a value greater than 30. If DTS reconnects to the source and destination databases within the specified time range, DTS resumes the data migration task. Otherwise, the data migration task fails. Note If you set different retry time ranges for multiple data migration tasks that have the same source or destination database, the shortest retry time range that is set takes precedence. When DTS retries a connection, you are charged for the DTS instance. We recommend that you specify the retry time range based on your business requirements. You can also release the DTS instance at your earliest opportunity after the source and destination instances are released.

In the lower-right corner of the page, click Next: Save Task Settings and Precheck.
Note
- DTS performs a precheck before a data migration task starts. You can start a data migration task only after the task passes the precheck.
- If the task fails to pass the precheck, click the icon next to each failed item to view details.
  After you troubleshoot the issues based on the causes, you can run a precheck again.
  If you do not need to troubleshoot the issues, ignore the failed items and initiate a new precheck.
On the Precheck step, after Success Rate reaches 100%, click Next: Purchase Instance.
On the buy page, read and agree to the terms of service by selecting the check box.
Click Buy and Start and then Confirm to start the data migration task.
You can click the ID of the data migration task on the Data Migration Tasks page and view the migration progress on the Task Management page.
Note
You can also view the progress of full or incremental migration in the ApsaraDB RDS console. Log on to the ApsaraDB RDS console. On the Instances page, find the instance that you want to view and click the name of the instance. On the page that appears, click Backup and Restoration to view the progress.
When the progress of the full migration task is 100% and the incremental migration task is in the Running state, choose Task Management > Incremental Data Migration, and then click the button for switching workloads to the cloud.
In the Are you sure that you want to switch to the cloud? message, click Start Now and wait until the switchover is complete.
Note
To ensure that data is consistent, we recommend that you stop writing data to the source instance first, wait until the switchover is complete, and then switch your business to the ApsaraDB RDS instance. The switchover process takes several minutes.

Appendix: Create a physical protocol gateway

This section describes how to create a physical protocol gateway.

Prerequisites

You must assign the sysadmin role to the NT AUTHORITY\SYSTEM account. You can execute an SQL statement to assign the role.

ALTER SERVER ROLE [sysadmin] ADD MEMBER [NT AUTHORITY\SYSTEM]
GO

Usage notes

AliyunDBSAgent sets the recovery model of the database that you want to migrate to Full.

Note

If the recovery mode is Full and data is continuously written to the database, the disk space of the source database is occupied. This may exhaust the disk space of the source database. To prevent this issue, we recommend that you execute the following statement to set the recovery model to Simple after a data migration task is complete:

ALTER DATABASE Database name SET RECOVERY Simple;

Procedure

On the Configure Source and Destination Database page, click Create Physical Protocol Gateway.
In the Installation Command dialog box, configure the Backup gateway region and Backup Gateway Network Type parameters. Then, copy the command to install the physical protocol gateway and download the installation package.
Note
- Public Network: You can access DBS by using a public IP address.
- ECS Private Network/VPC: You can access DBS by using a leased line from Alibaba Cloud.
Install AliyunDBSAgent on a Windows device or server.
1. Double-click the setup.exe application in the downloaded file.
2. Select the installation language, click OK, and then click Next.
3. Read and accept the terms of the agreement and click Next.
4. Select DBS Agent and click Next.
5. Select an installation directory, click Next, and then click Yes.
6. Confirm the region that is specified by the Agent Region parameter, enter the AccessKey ID and AccessKey secret, and then click Next.
  Important
  Make sure that the region in which the physical protocol gateway is installed is the same as the region of the RDS instance.
  The AccessKey pair is stored in plaintext in the .\config\dbs-agent.conf file in the installation directory.
7. Confirm the component package that you want to install and click Next.
  The installation starts. The process requires approximately 1 to 5 minutes.
8. Click Done.
  You can view the installation progress of the gateway in the C:\Program Files\aliyun\dbs_agent\logs\agent.log installation directory. If information similar to the following figure is displayed, the gateway is installed.
In the Installation Command dialog box of the DTS console, click Complete Installation.
Check whether the physical protocol gateway is started.
1. In the Run dialog box of Windows, enter services.msc and click OK.
  The service manager dialog box of the system appears.
2. In the service manager dialog box, check whether the AliyunDBSAgent service is started. If the service is not started, right-click AliyunDBSAgent and select Start.
  Note
  By default, the system starts the backup gateway. You can also start and stop the AliyunDBSAgent service in the service manager.
View the created physical protocol gateway.
On the Backup Gateways page of the DBS console, click Refresh to view the created physical protocol gateway.
Note
The name of the new physical protocol gateway starts with DTS_.