Sql Azure
Upcoming SlideShare
Loading in...5
×
 

Sql Azure

on

  • 1,601 views

 

Statistics

Views

Total Views
1,601
Views on SlideShare
1,595
Embed Views
6

Actions

Likes
1
Downloads
7
Comments
0

1 Embed 6

http://www.slideshare.net 6

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Sql Azure Sql Azure Presentation Transcript

  • SQL Azure
    Yves Goeleven
  • Yves Goeleven
    Solution Architect @ Capgemini
    Board MemberAzug.be
    yves@goeleven.com
    www.goeleven.com
    Twitter.com/YvesGoeleven
    Facebook
    Linkedin
    Architecture, Design, Best Practices in Enterprise and Cloud environments
  • Agenda
    Introduction to SQL Azure
    SQL AzureArchitecture
    Availability features
    Scalability considerations
    Security measures
    Wrap up
  • Introduction to SQL Azure
  • Introduction
    Highly scaled out relational database as a service
    A massively scaled
    Multi-tenant relational database service
    Built on commodity hardware
    Not database hosting
  • Extending SQL Data Platform to Cloud
    Key differentiator for SQL Server platform
    High-Level Features
    • Self-provisioning and capacity on demand
    • Automatic high-availability
    • Automated management (infrastructure)
    • Symmetry with on-premises platform
    • Simple, flexible pricing model – pay for what you use
    • New, differentiated capabilities…
    Browser
    SQL Azure Database
    (Windows Azure Compute)
    SOAP/REST
    HTTP/S
    Astoria/REST - EDM
    HTTP/S
    App Code
    (ASP.NET)
    SQL Server Reporting Server
    (on-premises)
    Windows Azure
    Compute
    T-SQL (TDS)
    • Web & Departmental Applications
    • SaaS ISVs (SMB)
    • Enterprise SIs
    & Internal MS Properties
    T-SQL (TDS)
    SQL Azure
    Database
    MS
    Datacenter
    - AD Federation (LiveId /.NetSvcs ACS)
  • Service Provisioning Model
    Each account has zero or more servers
    Azure wide, provisioned in a common portal
    Billing instrument
    Each server has one or more databases
    Contains metadata about the databases
    Unit of authentication
    Unit of Geo-location
    Each database has standard SQL objects
    Unit of consistency
    Contains users, tables, views, indices, etc…
    Account
    Server
    Database
  • Compatibility
    Support common application patterns
    Logical/policy based administration
    Patterns work for SQL Azure and SQL Server
    Multi-tenancy considerations
    Throttling and load balancing
    Limits on DB size, duration of transaction, etc
    Version 1: Address the needs of 95% or more web and departmental application
  • Compatibility
    Included in version 1
    Out of Scope for version 1
    Tables, indexes and views
    Stored Procedures
    Triggers
    Constraints
    Table variables, session temp tables (#t)

    Distributed Transactions
    Distributed Query
    CLR
    Service Broker
    Spatial
    Physical server or catalog DDL and views
  • DEMO : A lap around SQL Azure
  • SQL Azure Architecture
  • Topology
    Applications use standard SQL client libraries: ODBC, ADO.Net, PHP, …
    Application
    Internet
    Azure Cloud
    TDS (tcp)
    Security Boundary
    Load balancer forwards ‘sticky’ sessions to TDS protocol tier
    Loadbalancer
    TDS (tcp)
    Gateway
    Gateway
    Gateway
    Gateway
    Gateway
    Gateway
    Gateway: TDS protocol gateway, enforces AUTHN/AUTHZ policy; proxy to CloudDB
    TDS (tcp)
    SQL
    SQL
    SQL
    SQL
    SQL
    SQL
    Scalability and Availability: Fabric, Failover, Replication, and Load balancing
  • Gateway
    TDS Listener
    Capability negotiation
    TDS Packet inspection
    Security
    Logical->Physical mapping via metadata catalog
    Enabler for multi-tenant capabilities
    Metrics
    Billing
    Isolation layer
    Security
  • Gateway
    Gateway Process
    TDS Endpoint
    Admin Service Endpoint
    Provisioning Endpoint
    Protocol Parser
    Business Logic Services
    Connection Management
  • Windows AzureFabric
    VM
    Control VM
    VM
    VM
    WS08 Hypervisor
    Service Roles
    Control
    Agent
    Out-of-band communication – hardware control
    WS08
    In-band communication – software control
    Load-balancers
    Node can be a VM or a physical machine
    Switches
    Highly-available
    Fabric Controller
  • Fabric Controller
    Fabric Controller
    Fabric Controller (FC)
    Maps declarative service specifications to available resources
    Manages service life cycle starting from bare metal
    Maintains system health and satisfies SLA
    What’s special about it
    Enables utility-model shared fabric
    Automates hardware management
    “What” is needed
    Make it happen
    Fabric
    Switches
    Load-balancers
  • Fabric Controller
    Owns all the data center hardware
    Uses the inventory to host services
    Similar to what a per machine operating system does with applications
    Provisions the hardware as necessary
    Maintains the health of the hardware
    Deploys applications to free resources
    Maintains the health of those applications
  • Availability Features
  • Replication
    Single Logical Database
    Multiple Replicas
    Replica 1
    Single Primary
    Replica 2
    DB
    Replica 3
  • Service Resilience
    Provisioning
    State machines used to coordinate activities across node (and datacenter) boundaries
    Failed provisioning attempts cleaned automatically after 10 minutes
    Login
    Failovers during the login will be transparent (<30 seconds)
    Metadata catalog refresh occurs automatically
    Active Session
    Surface as connection drops (due to state)
  • Health Monitoring
    Metrics
    Cluster wide performance counters gather key metrics on the service
    Used to alert Operations to issues before they become a problem
    Early warning system
    Code issues
    Capacity warnings
    Health
    Exercises the service routinely looking for problems
    When issues are encountered runs deep diagnostics
    Network connectivity at the node level
    Validate all dependent services (Live DNS, Live ID, etc)
    Monitoring from other MSFT Data Center’s
    Validates accessibility from multiple geographic locations
    Alerts fired automatically when test jobs fail
  • Scalability Considerations
  • A hint from the Business Model
    Standard Consumption
    Database Availability
    Initial Offers
    Low barrier to entry and flexible. Optimized to enable cloud elasticity. Additional promo and program offers to drive early adoption
    • Introductory Offer (promotion)
    • Free developer starter offer
    • Limit one per customer
    • Standard Consumption Offer
    • Optimized for cloud elasticity
    • SubscriptionOffers (promotion)
    • Predictable and discounted price
    • MSDN PremiumOffer (promotion)
    • Available to MSDN Premium subscribers
    • Limit one per subscription
    Database will be available/reachable, external connectivity
    Proper requests will be processed successfully
    All usage at standard rates
    No limit in the number of subscriptions
    Charged only for what you use
    Web Edition
    1 GB DB space
    $9.99
    Business Edition
    10 GB DB space
    $99.99
    Additional 5% promotional
    discount available to partners
    (Except storage and bandwidth)
    > 99.9%
    + BW
    World-wide presence in CY’09: Asia Pacific, EMEA, North America (2)
    Additional data centers scheduled for 1H CY’10
  • Database sharding
    “Shared-nothing” partitioning scheme
    Partition large database
    in multiple small databases
    Think of broken glass
    Use parallel fan-out queries
    To obtain data
    Map-Reduce pattern
  • Security Measures
  • Security Model
    Uses regular SQL security model
    Authenticate logins, map to users and roles
    Authorize users and roles to SQL objects
    Limited to standard SQL Auth logins
    Username + password
    Future AD Federation, WLID, etc as alternate authentication protocols
    Security model is 100% compatible with on-premise SQL
  • Differencesforadministrationroles
    Master database is effectively ‘read only’
    Administration roles have permission for
    CREATE/DROP database
    CREATE/DROP/ALTER login
    GRANT/REVOKE rights
  • Network Access Control
    Each server defines a set of firewall rules
    Determines access policy based on client IP
    By default, there is NO ACCESS to server
    Controlled using Firewall API (masterDB)
    sys.firewall_rules, sys.sp_merge_firewall_rule and sys.sp_delete_firewall_rule
  • More SecurityMeasures
    Service
    Secure channel required (SSL)
    Denial Of Service trend tracking
    Packet Inspection
    Server
    IP allow list (Firewall)
    Idle connection culling
    Generated server names
    Database
    Disallow the most commonly attacked user id’s (SA, Admin, root, guest, etc)
    Standard SQL Authentication / Authorization mode
  • Questions