Dr. Jekyll and Mr. Hyde

825 views
726 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
825
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
8
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Dr. Jekyll and Mr. Hyde

  1. 1. Dr. Jekyll and Mr. Hyde SQLCLR For DBAs and Developers
  2. 2. Agenda <ul><li>SQLCLR – what is it? </li></ul><ul><li>Developing .NET code in SQL Server 2005 </li></ul><ul><li>Managing SQLCLR </li></ul><ul><li>Monitoring SQLCLR </li></ul><ul><li>Horrors! </li></ul><ul><li>Best Practices </li></ul><ul><li>SQL Server 2008! </li></ul>
  3. 3. About Speaker <ul><li>Hal Hayes </li></ul><ul><li>MCP </li></ul><ul><li>Founder, Capital Area .NET User Group (Metro DC) </li></ul><ul><li>Architect, Microsoft Technologies </li></ul><ul><li>Presenter, Instructor </li></ul><ul><li>U Va and ODU </li></ul><ul><li>US Navy (ret) </li></ul><ul><li>ACRITECH Corporation </li></ul><ul><li>Software Development Specialists </li></ul><ul><li>Fredericksburg, Va </li></ul><ul><li>Web and Database Development </li></ul><ul><li>Since 2000 </li></ul>
  4. 4. Software Development and Support www.acritech.com www.creativemembersites.com
  5. 5. About the Analogy <ul><li>Strange Case of Dr Jekyll and Mr Hyde , a novella by Robert Louis Stevenson </li></ul><ul><li>“ The work is known for its vivid portrayal of the psychopathology of a split personality; in mainstream culture the very phrase &quot;Jekyll and Hyde&quot; has come to signify wild or bipolar behavior”, Wikipedia. </li></ul><ul><li>Jekyll, represents our IT infrastructure good citizen and friend, Microsoft SQL Server. </li></ul><ul><li>Hyde is represented by the latest feature in SQL Server, SQLCLR , or the ability to write .NET code (as opposed to T-SQL) in the database. </li></ul><ul><li>SQLCLR is a tool, it needs to be used wisely ! </li></ul><ul><li>DBAs cannot get rid of Mr. Hyde now that he is “out of the bottle”, so to speak, but they must learn to manage SQLCLR , understand it, and work to mitigate issues that can arise… </li></ul>Otherwise …
  6. 6. Your Server…
  7. 7. What is SQLCLR? <ul><li>.NET runtime embedded in SQL Server 2005 </li></ul><ul><li>SQL Server embedded Common Language Runtime (SQLCLR) </li></ul><ul><li>Provides capability to develop rich functionality hosted within database server </li></ul><ul><li>Hosting layer provides coordination for assembly loading, threads, memory management, security model, execution context, etc. </li></ul><ul><li>Safely extend SQL Server functionality, unlike extended stored procedures (XPs) </li></ul>SQL Engine Windows SQL OS CLR Hosting Layer
  8. 8. SQLCLR Project Types <ul><li>Stored Procedures </li></ul><ul><li>Triggers </li></ul><ul><li>User Defined Types </li></ul><ul><li>User Defined Functions </li></ul><ul><li>User Defined Aggregates </li></ul>
  9. 9. Why SQLCLR? <ul><li>Replacement of Extended Stored Procedures </li></ul><ul><li>Additional option over T-SQL for computationally intensive task or where .NET has certain advantages (string operations) </li></ul><ul><li>Additional option for procedural type processes that can be performance drains in T-SQL ( cursors ) </li></ul><ul><li>Additional option over using external code processing since operating and transitioning between boundaries can be expensive for large volumes of data </li></ul><ul><li>Ability to create first class objects such as custom aggregates and data types </li></ul>
  10. 10. Some Useful SQLCLR Tasks <ul><li>String manipulation </li></ul><ul><li>Complex numerical operations </li></ul><ul><li>Use of Regular Expressions for validation </li></ul><ul><li>Complex procedural operations for business logic validation </li></ul><ul><li>Multicolumn Aggregation </li></ul>
  11. 11. Performance Implication <ul><li>SQL Server runs the managed (.NET) code inside the SQL Server process, thus </li></ul><ul><ul><ul><li>CLR requests memory from SQL Server (not Windows) </li></ul></ul></ul><ul><ul><ul><li>SQL Server controls the CLR memory garbage collection </li></ul></ul></ul><ul><ul><ul><li>In-process database access requests are passed internally (avoiding costly network interaction) </li></ul></ul></ul><ul><ul><ul><li>CLR Application Domains (AppDomain) are created and managed by SQL Server </li></ul></ul></ul>
  12. 12. Security <ul><li>When installing the .NET assembly, it must be cataloged by security classification </li></ul><ul><ul><ul><li>SAFE provides limited access to .NET functions (like math and string) and database access to host database only </li></ul></ul></ul><ul><ul><ul><li>EXTERNAL_ACCESS enables ability to communicate outside of the SQL Server instance (like file access or a web service call) </li></ul></ul></ul><ul><ul><ul><li>UNSAFE allows the ability to run “unchained” including running unmanaged code </li></ul></ul></ul>
  13. 13. Security (cont’d) <ul><li>Security (set properly) prevents explicit, dangerous operations </li></ul><ul><li>Security settings do not prevent implicit operations </li></ul><ul><ul><ul><li>Poorly coded SQLCLR operation can corrupt data </li></ul></ul></ul><ul><ul><ul><li>Poorly coded SQLCLR can impact performance </li></ul></ul></ul>ALTER DATABASE acritech SET trustworthy ON
  14. 14. Turning on SQLCLR <ul><li>By default CLR Integration is turned off </li></ul><ul><li>Turn on via the Surface Area Configuration Manager, or </li></ul><ul><li>Transact SQL (T-SQL) </li></ul>EXEC sp_configure ‘clr enabled’, 1 RECONFIGURE GO
  15. 15. Developing SQLCLR <ul><li>Visual Studio 2005 </li></ul><ul><li>Visual Basic and C# have a Database Project </li></ul><ul><ul><ul><li>Streamlines development </li></ul></ul></ul><ul><ul><ul><li>Build and Deploy </li></ul></ul></ul><ul><ul><ul><li>Debugging </li></ul></ul></ul>
  16. 16. Demo #1 <ul><li>Using Visual Studio 2005 </li></ul><ul><li>Create a Stored Procedure </li></ul><ul><li>Includes a connection to retrieve data from within SQL Server </li></ul>
  17. 17. Monitoring <ul><li>Performance Monitor </li></ul><ul><ul><ul><li>New SQL CLRCLR Execution (in microseconds) </li></ul></ul></ul><ul><ul><ul><ul><li>Set scale at 0.000001 </li></ul></ul></ul></ul><ul><ul><ul><li>.NET CLR Exceptions </li></ul></ul></ul><ul><ul><ul><li>.NET CLR Loading (AppDomains and assemblies) </li></ul></ul></ul><ul><ul><ul><li>.NET CLR Memory </li></ul></ul></ul><ul><ul><ul><li>.NET Data provider for SQL Server (tracks number of connects/disconnects per second) </li></ul></ul></ul><ul><li>SQL Profiler </li></ul><ul><ul><ul><li>Assembly Load event class traces when a request to load an assembly is executed </li></ul></ul></ul>
  18. 18. Demo #2 <ul><li>Manually deploying an assembly </li></ul><ul><li>Deploying individual objects (stored procedures, user defined functions, etc.) </li></ul><ul><li>Review of installed components </li></ul><ul><li>View in Visual Studio 2005 </li></ul><ul><li>Execute User Defined Aggregate and User Defined Function </li></ul>
  19. 19. Horror! <ul><li>Not an exhaustive list (just enough to scare you) </li></ul><ul><li>Ownership Chaining Issues </li></ul><ul><ul><ul><li>Calling an object from within SQLCLR that the user does not have permissions for </li></ul></ul></ul><ul><li>Long running operations </li></ul><ul><li>Poor security and bad design </li></ul><ul><li>Severe SQL can cause unloading of the AppDomain , impacting other users in the same AppDomain (their SQLCLR calls will fail ) </li></ul>
  20. 20. DEMO Copyright 2007 ACRITECH Corp
  21. 21. Configuration Management and Quality Assurance Issues <ul><li>Developer supplied assembly vs Source Code </li></ul><ul><ul><li>Is the assembly that developer gave you to load really based on the source code they are showing you? </li></ul></ul><ul><li>Improperly caged operations with performance implications </li></ul><ul><ul><li>Did the developer test a sufficient range of inputs? </li></ul></ul><ul><ul><li>Did the developer test with a sufficient volume of data? </li></ul></ul><ul><li>Understanding Ownership Chaining </li></ul><ul><ul><li>What happens when the caller does not have access to the underlying object? </li></ul></ul>Copyright 2007 ACRITECH Corp
  22. 22. Best Practices! <ul><li>Developer and DBA (and/or Data Architect) Team </li></ul><ul><li>Transparency is key! </li></ul><ul><ul><ul><li>DBAs should be part of the Code Reviews </li></ul></ul></ul><ul><ul><ul><li>Provide Source along with Assembly to DBA </li></ul></ul></ul><ul><ul><ul><li>Provide build for DBA (if practical) </li></ul></ul></ul><ul><ul><ul><li>Provide test cases </li></ul></ul></ul><ul><li>Code with Operational System in mind </li></ul><ul><ul><ul><li>Tight, efficient, clear, well-documented code </li></ul></ul></ul><ul><ul><ul><li>Avoid using a generic catch block to catch all exceptions (You should only catch the exceptions that you know how to handle) </li></ul></ul></ul><ul><ul><ul><li>Keep the complexity out of the database </li></ul></ul></ul><ul><ul><ul><li>Test with large volume of data </li></ul></ul></ul><ul><ul><ul><li>Test data should be a close representation of operational data </li></ul></ul></ul><ul><ul><ul><li>Test data should represent as many variations of operational data as possible </li></ul></ul></ul><ul><ul><ul><li>Benchmark Performance </li></ul></ul></ul><ul><ul><ul><li>Stress test </li></ul></ul></ul><ul><li>Prepare for the worst! </li></ul><ul><ul><ul><li>What is your “back-out” strategy? </li></ul></ul></ul><ul><ul><ul><li>Have you tested your strategy? </li></ul></ul></ul>Copyright 2007 ACRITECH Corp
  23. 23. Good Reading <ul><li>MSSQLTIPS! (www.mssqltips.com) </li></ul><ul><li>Database Administrator’s Guide to SQL Server Database Engine .NET CLR Environment, Microsoft TechNet, by Kimberly L. Tripp </li></ul><ul><li>Programming Microsoft SQL Server 2005 , Microsoft Press, Andrew Brust, Stephen Forte </li></ul><ul><li>SQLCLR Security and Designing for Reuse , Code Magazine, May/June 2007, Adam Machanic </li></ul><ul><li>Security in the CLR World Inside SQL Server , Code Magazine, Mar/Apr 2006, Don Kiely </li></ul><ul><li>Pro SQL Server 2005 , APress, 2006, Thomas Rizzo, et al. </li></ul><ul><li>A Developer’s Guide to SQL Server 2005 , Addison-Wesley, 2006, Bob Beauchemin and Dan Sullivan </li></ul><ul><li>Designing Database Solutions by Using Microsoft SQL Server 2005 , Microsoft Press, 2008, Andy Leonard , et al. </li></ul><ul><li>Monitoring and Troubleshooting Managed Database Objects , SQL Server 2005 Books Online (September 2007) </li></ul>Copyright 2007 ACRITECH Corp

×