Your SlideShare is downloading. ×
Dr. Jekyll and Mr. Hyde
Dr. Jekyll and Mr. Hyde
Dr. Jekyll and Mr. Hyde
Dr. Jekyll and Mr. Hyde
Dr. Jekyll and Mr. Hyde
Dr. Jekyll and Mr. Hyde
Dr. Jekyll and Mr. Hyde
Dr. Jekyll and Mr. Hyde
Dr. Jekyll and Mr. Hyde
Dr. Jekyll and Mr. Hyde
Dr. Jekyll and Mr. Hyde
Dr. Jekyll and Mr. Hyde
Dr. Jekyll and Mr. Hyde
Dr. Jekyll and Mr. Hyde
Dr. Jekyll and Mr. Hyde
Dr. Jekyll and Mr. Hyde
Dr. Jekyll and Mr. Hyde
Dr. Jekyll and Mr. Hyde
Dr. Jekyll and Mr. Hyde
Dr. Jekyll and Mr. Hyde
Dr. Jekyll and Mr. Hyde
Dr. Jekyll and Mr. Hyde
Dr. Jekyll and Mr. Hyde
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Dr. Jekyll and Mr. Hyde


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide


  • 1. Dr. Jekyll and Mr. Hyde SQLCLR For DBAs and Developers
  • 2. Agenda
    • SQLCLR – what is it?
    • Developing .NET code in SQL Server 2005
    • Managing SQLCLR
    • Monitoring SQLCLR
    • Horrors!
    • Best Practices
    • SQL Server 2008!
  • 3. About Speaker
    • Hal Hayes
    • MCP
    • Founder, Capital Area .NET User Group (Metro DC)
    • Architect, Microsoft Technologies
    • Presenter, Instructor
    • U Va and ODU
    • US Navy (ret)
    • ACRITECH Corporation
    • Software Development Specialists
    • Fredericksburg, Va
    • Web and Database Development
    • Since 2000
  • 4. Software Development and Support
  • 5. About the Analogy
    • Strange Case of Dr Jekyll and Mr Hyde , a novella by Robert Louis Stevenson
    • “ The work is known for its vivid portrayal of the psychopathology of a split personality; in mainstream culture the very phrase "Jekyll and Hyde" has come to signify wild or bipolar behavior”, Wikipedia.
    • Jekyll, represents our IT infrastructure good citizen and friend, Microsoft SQL Server.
    • Hyde is represented by the latest feature in SQL Server, SQLCLR , or the ability to write .NET code (as opposed to T-SQL) in the database.
    • SQLCLR is a tool, it needs to be used wisely !
    • DBAs cannot get rid of Mr. Hyde now that he is “out of the bottle”, so to speak, but they must learn to manage SQLCLR , understand it, and work to mitigate issues that can arise…
    Otherwise …
  • 6. Your Server…
  • 7. What is SQLCLR?
    • .NET runtime embedded in SQL Server 2005
    • SQL Server embedded Common Language Runtime (SQLCLR)
    • Provides capability to develop rich functionality hosted within database server
    • Hosting layer provides coordination for assembly loading, threads, memory management, security model, execution context, etc.
    • Safely extend SQL Server functionality, unlike extended stored procedures (XPs)
    SQL Engine Windows SQL OS CLR Hosting Layer
  • 8. SQLCLR Project Types
    • Stored Procedures
    • Triggers
    • User Defined Types
    • User Defined Functions
    • User Defined Aggregates
  • 9. Why SQLCLR?
    • Replacement of Extended Stored Procedures
    • Additional option over T-SQL for computationally intensive task or where .NET has certain advantages (string operations)
    • Additional option for procedural type processes that can be performance drains in T-SQL ( cursors )
    • Additional option over using external code processing since operating and transitioning between boundaries can be expensive for large volumes of data
    • Ability to create first class objects such as custom aggregates and data types
  • 10. Some Useful SQLCLR Tasks
    • String manipulation
    • Complex numerical operations
    • Use of Regular Expressions for validation
    • Complex procedural operations for business logic validation
    • Multicolumn Aggregation
  • 11. Performance Implication
    • SQL Server runs the managed (.NET) code inside the SQL Server process, thus
        • CLR requests memory from SQL Server (not Windows)
        • SQL Server controls the CLR memory garbage collection
        • In-process database access requests are passed internally (avoiding costly network interaction)
        • CLR Application Domains (AppDomain) are created and managed by SQL Server
  • 12. Security
    • When installing the .NET assembly, it must be cataloged by security classification
        • SAFE provides limited access to .NET functions (like math and string) and database access to host database only
        • EXTERNAL_ACCESS enables ability to communicate outside of the SQL Server instance (like file access or a web service call)
        • UNSAFE allows the ability to run “unchained” including running unmanaged code
  • 13. Security (cont’d)
    • Security (set properly) prevents explicit, dangerous operations
    • Security settings do not prevent implicit operations
        • Poorly coded SQLCLR operation can corrupt data
        • Poorly coded SQLCLR can impact performance
    ALTER DATABASE acritech SET trustworthy ON
  • 14. Turning on SQLCLR
    • By default CLR Integration is turned off
    • Turn on via the Surface Area Configuration Manager, or
    • Transact SQL (T-SQL)
    EXEC sp_configure ‘clr enabled’, 1 RECONFIGURE GO
  • 15. Developing SQLCLR
    • Visual Studio 2005
    • Visual Basic and C# have a Database Project
        • Streamlines development
        • Build and Deploy
        • Debugging
  • 16. Demo #1
    • Using Visual Studio 2005
    • Create a Stored Procedure
    • Includes a connection to retrieve data from within SQL Server
  • 17. Monitoring
    • Performance Monitor
        • New SQL CLRCLR Execution (in microseconds)
          • Set scale at 0.000001
        • .NET CLR Exceptions
        • .NET CLR Loading (AppDomains and assemblies)
        • .NET CLR Memory
        • .NET Data provider for SQL Server (tracks number of connects/disconnects per second)
    • SQL Profiler
        • Assembly Load event class traces when a request to load an assembly is executed
  • 18. Demo #2
    • Manually deploying an assembly
    • Deploying individual objects (stored procedures, user defined functions, etc.)
    • Review of installed components
    • View in Visual Studio 2005
    • Execute User Defined Aggregate and User Defined Function
  • 19. Horror!
    • Not an exhaustive list (just enough to scare you)
    • Ownership Chaining Issues
        • Calling an object from within SQLCLR that the user does not have permissions for
    • Long running operations
    • Poor security and bad design
    • Severe SQL can cause unloading of the AppDomain , impacting other users in the same AppDomain (their SQLCLR calls will fail )
  • 20. DEMO Copyright 2007 ACRITECH Corp
  • 21. Configuration Management and Quality Assurance Issues
    • Developer supplied assembly vs Source Code
      • Is the assembly that developer gave you to load really based on the source code they are showing you?
    • Improperly caged operations with performance implications
      • Did the developer test a sufficient range of inputs?
      • Did the developer test with a sufficient volume of data?
    • Understanding Ownership Chaining
      • What happens when the caller does not have access to the underlying object?
    Copyright 2007 ACRITECH Corp
  • 22. Best Practices!
    • Developer and DBA (and/or Data Architect) Team
    • Transparency is key!
        • DBAs should be part of the Code Reviews
        • Provide Source along with Assembly to DBA
        • Provide build for DBA (if practical)
        • Provide test cases
    • Code with Operational System in mind
        • Tight, efficient, clear, well-documented code
        • Avoid using a generic catch block to catch all exceptions (You should only catch the exceptions that you know how to handle)
        • Keep the complexity out of the database
        • Test with large volume of data
        • Test data should be a close representation of operational data
        • Test data should represent as many variations of operational data as possible
        • Benchmark Performance
        • Stress test
    • Prepare for the worst!
        • What is your “back-out” strategy?
        • Have you tested your strategy?
    Copyright 2007 ACRITECH Corp
  • 23. Good Reading
    • MSSQLTIPS! (
    • Database Administrator’s Guide to SQL Server Database Engine .NET CLR Environment, Microsoft TechNet, by Kimberly L. Tripp
    • Programming Microsoft SQL Server 2005 , Microsoft Press, Andrew Brust, Stephen Forte
    • SQLCLR Security and Designing for Reuse , Code Magazine, May/June 2007, Adam Machanic
    • Security in the CLR World Inside SQL Server , Code Magazine, Mar/Apr 2006, Don Kiely
    • Pro SQL Server 2005 , APress, 2006, Thomas Rizzo, et al.
    • A Developer’s Guide to SQL Server 2005 , Addison-Wesley, 2006, Bob Beauchemin and Dan Sullivan
    • Designing Database Solutions by Using Microsoft SQL Server 2005 , Microsoft Press, 2008, Andy Leonard , et al.
    • Monitoring and Troubleshooting Managed Database Objects , SQL Server 2005 Books Online (September 2007)
    Copyright 2007 ACRITECH Corp