Databases

SQL Server 2022 Standard on Ubuntu Server 22.04 with Support by cloudimg User Guide

| Product: SQL Server 2022 Standard on Ubuntu Server 22.04 with Support by cloudimg

Overview

This guide covers the deployment and configuration of SQL Server 2022 Standard on Ubuntu Server 22.04 using cloudimg AMIs from the AWS Marketplace. SQL Server 2022 is the latest major release of Microsoft's relational database platform, running on Ubuntu Server 22.04 LTS for long term support, modern kernel features, and broad ecosystem compatibility.

What's included in this AMI:

  • SQL Server 2022 Standard edition installed at /opt/mssql
  • Ubuntu Server 22.04 LTS operating system
  • SQL Server database port 1433 preconfigured and listening on boot
  • SA (System Administrator) account with a randomly generated password
  • sqlcmd command line tool for database interaction
  • OS package update script for keeping the system current
  • AWS CLI v2 for AWS service integration
  • Systems Manager Agent (SSM) for remote management
  • CloudWatch Agent for monitoring
  • Latest security patches applied at build time
  • 24/7 cloudimg support with guaranteed 24 hour response SLA

Edition Notes: SQL Server 2022 Standard is designed for production workloads with moderate resource requirements. It supports up to 128 GB of buffer pool memory and the lesser of 4 sockets or 24 cores. SQL Server 2022 introduces enhancements over 2019 including improved query processing with parameter sensitive plan optimisation, enhanced Azure integration, ledger database support for tamper evident data, and improved disaster recovery with contained availability groups. Running on Ubuntu 22.04 LTS provides support through April 2027 with extended security maintenance available through 2032.

Prerequisites

Before launching this AMI, ensure you have:

  1. An active AWS account
  2. An active subscription to the SQL Server 2022 Standard on Ubuntu Server 22.04 listing on AWS Marketplace
  3. An EC2 key pair for SSH access
  4. Familiarity with EC2 instance management and SSH

Recommended Instance Type: m5.xlarge (4 vCPU, 16 GB RAM) or larger. Standard edition production workloads benefit from adequate memory for query caching and processing.

Minimum Requirements: 1 vCPU, 2 GB RAM, and 6 GB disk space.

Step 1: Launch the AMI

  1. Navigate to the AWS Marketplace and search for "SQL Server 2022 Standard Ubuntu cloudimg"
  2. Click Continue to Subscribe, accept the terms, then Continue to Configuration
  3. Select your preferred Region and Software Version
  4. Click Continue to Launch
  5. Choose Launch through EC2 for full control over instance configuration
  6. Select your instance type (m5.xlarge recommended for production)
  7. Configure storage: provision adequate gp3 volumes for your database workloads. Consider separate EBS volumes for data and log files for improved performance
  8. Configure your Security Group with the following inbound rules:
Port Protocol Source Purpose
22 TCP Your IP SSH access
1433 TCP Your IP SQL Server database port

Important: Restrict port 1433 to trusted application servers or your IP only. Never expose the SQL Server port to the public internet.

  1. Select your EC2 key pair and launch the instance

Step 2: Connect via SSH

Once your instance is running and has passed both status checks (2/2), connect using SSH:

ssh -i your-key.pem ec2-user@<public-ip-address>

To switch to the root user:

sudo su -

Important: Wait for the EC2 instance to reach 2/2 successful status checks before connecting. Early connection attempts may produce "Permission denied" errors as the instance is still initialising.

Step 3: Retrieve the SA Password

The SA (System Administrator) password is randomly generated at build time and stored in a log file on the instance. Retrieve it by running:

cat /stage/scripts/mssql_admin_password.log

Save this password securely. You will need it to connect to SQL Server.

Step 4: Connect to SQL Server

Use the sqlcmd command line tool to connect to the local SQL Server instance:

sqlcmd -S localhost -U SA

Enter the SA password retrieved in Step 3 when prompted.

Expected output:

1>

You are now connected to SQL Server and can run T-SQL queries.

Step 5: Create a Database and Table

Create a new database:

CREATE DATABASE MyAppDB;
GO

Switch to the new database:

USE MyAppDB;
GO

Create a table:

CREATE TABLE Users (
    UserID INT IDENTITY(1,1) PRIMARY KEY,
    Name NVARCHAR(100),
    Email NVARCHAR(255),
    CreatedAt DATETIME DEFAULT GETDATE()
);
GO

Insert data:

INSERT INTO Users (Name, Email) VALUES ('John Doe', 'john@example.com');
GO

Query data:

SELECT * FROM Users;
GO

Type QUIT to exit the sqlcmd shell.

Server Components

Component Software Home
SQL Server 2022 Standard /opt/mssql

Note: Component versions may be updated on first boot by the automatic OS package update script finding new versions in the system package repositories.

Filesystem Layout

Mount Point Size Description
/ 38 GB Root filesystem
/boot 2 GB Operating system kernel files
/opt/mssql 9.8 GB SQL Server installation directory

Managing the SQL Server Service

SQL Server is managed via systemd and starts automatically on boot.

Check service status:

systemctl status mssql-server

Stop SQL Server:

systemctl stop mssql-server

Start SQL Server:

systemctl start mssql-server

Restart SQL Server:

systemctl restart mssql-server

Scripts and Log Files

Script/Log Path Description
initial_boot_update.sh /stage/scripts Updates the OS with the latest packages on first boot
initial_boot_update.log /stage/scripts Output log for the boot update script
mssql_admin_password.log /stage/scripts Contains the randomly generated SA password

On Startup

An OS package update script runs on first boot to ensure the image is fully up to date. You can disable this by removing the script and its crontab entry:

rm -f /stage/scripts/initial_boot_update.sh

crontab -e
# Delete the following line, save and exit:
@reboot /stage/scripts/initial_boot_update.sh

Troubleshooting

Cannot connect via SSH

  1. Wait for the EC2 instance to reach 2/2 status checks
  2. Verify your security group allows port 22 from your IP
  3. Confirm you are using the correct key pair and connecting as ec2-user
  4. Check the instance system log in the AWS Console for boot errors

SQL Server service not running

  1. Check service status: systemctl status mssql-server
  2. Review the SQL Server error log: cat /var/opt/mssql/log/errorlog
  3. Verify sufficient disk space: df -h /opt/mssql
  4. Ensure the instance has at least 2 GB RAM

Cannot connect to SQL Server on port 1433

  1. Verify the service is running: systemctl status mssql-server
  2. Check the security group allows port 1433 from your IP
  3. Test local connectivity: sqlcmd -S localhost -U SA
  4. Check SQL Server is listening: ss -tlnp | grep 1433

SA password not working

  1. Retrieve the password again: cat /stage/scripts/mssql_admin_password.log
  2. Ensure you are copying the entire password without extra whitespace
  3. If needed, reset the SA password using mssql-conf:
sudo systemctl stop mssql-server
sudo /opt/mssql/bin/mssql-conf set-sa-password
sudo systemctl start mssql-server

High memory usage

  1. SQL Server Standard can use up to 128 GB of buffer pool memory by design
  2. Configure memory limits with mssql-conf:
sudo /opt/mssql/bin/mssql-conf set memory.memorylimitmb 4096
sudo systemctl restart mssql-server
  1. Ensure the instance type provides sufficient RAM for your workload

Ubuntu specific package update issues

  1. If the boot update script encounters errors, check the log: cat /stage/scripts/initial_boot_update.log
  2. Run a manual update: sudo apt update && sudo apt upgrade -y
  3. Verify the Microsoft SQL Server repository is configured: cat /etc/apt/sources.list.d/mssql-server*.list

Security Recommendations

  • Restrict port access: Only allow SQL Server port 1433 from trusted application servers or specific IP addresses
  • Change the SA password: Replace the default generated password with a strong, unique password after first login
  • Create application specific logins: Avoid using the SA account for application connections; create dedicated logins with minimal required permissions
  • Enable encrypted connections: Configure SQL Server to use TLS/SSL for client connections
  • Enable ledger tables: SQL Server 2022 supports ledger database for tamper evident record keeping of sensitive data
  • Keep SQL Server updated: Apply cumulative updates and security patches when available
  • Keep Ubuntu updated: Regularly run sudo apt update && sudo apt upgrade to apply OS security patches
  • Monitor access: Review SQL Server error logs regularly for failed login attempts
  • Configure backups: Set up regular database backups using SQL Server Agent or AWS Backup
  • Use AWS security features: Leverage VPC security groups, NACLs, and private subnets to restrict network access
  • Secure the password file: After retrieving the SA password, consider removing or restricting access to /stage/scripts/mssql_admin_password.log
  • Configure UFW firewall: Ubuntu includes the Uncomplicated Firewall; consider enabling it with rules matching your security group for defence in depth

Support

If you encounter any issues with this product, contact cloudimg support:

  • Email: support@cloudimg.co.uk
  • Website: www.cloudimg.co.uk
  • Support hours: 24/7 with guaranteed 24 hour response SLA