Sql server operational best practices notes from the field - charley hanania - lausanne - 2011-06-09

934 views

Published on

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
934
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
0
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Sql server operational best practices notes from the field - charley hanania - lausanne - 2011-06-09

  1. 1. Notes from the FieldPresented to the Swiss PASS Chapter - Zurich.Hotel Continental - Lausanne, Switzerland15:30 – 19:00, June 9th 2011Charley Hanania, QS2 AGB.Sc (Computing), MCP, MCDBA, MCITP, MCTS, MCT, Microsoft MVP: SQL ServerSenior Database Specialist
  2. 2. My Background• Now:• Microsoft MVP: SQL Server• Database Consultant at QS2 AG• Formerly:• Production Product Owner of MS SQL Server Platform at UBS Investment Bank• Technical Team Lead• Consultant etc…• ITIL v3 Certified• SQL Server Certified since 1998• On SQL Server since 1995• Version 4 on OS/2• IT Professional since 1992• PASS• Chapter Leader – Switzerland• Regional Mentor – Europe• 24 Hours of PASS Team Member• Event Speaker307 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  3. 3. Contact Info• Email: Charley.Hanania@sqlpass.org• Website: http://www.sqlpass.ch <- Slides here• Twitter: http://www.twitter.com/CharleyHanania• Blog: http://blogs.mssqltips.com/blogs/charleyhanania• Linked-in: http://www.linkedin.com/in/charleyhanania407 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  4. 4. Agenda• Best Practices Defined• “Some” Operational Best Practices• Best Practices in this Presentation1. Obfuscation2. Rubber Stamping your installation3. Using Projects and Solutions4. Governance5. SLA’s, SLE’s, SLO’s6. Monitoring Appropriately7. Diagnostics Reports• Recap• Questions507 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  5. 5. Definition :: Best Practices• Focus SQL Server / Operations• Guidelines, methods, procedures & policies that have been usedwith numerous customers & installations and have assisted with:• Root Cause Analysis• Clarity of Design• Avoidance of Issues• Performance• Security• Disaster• Speed of implementation• System Longevity607 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  6. 6. “Some” Operational Best Practices7Rename SARename AdministratorDisable SASQL IO64KB Cluster SizeMultiple Files/FilegroupsMultiple TempDB FilesPartitioningFiltered IndexesDevelopment StandardsProjects and SolutionsScripting with SQLCMDScripting and Automating with PowershellMultiple development EnvironmentsSingleton Development EnvironmentsPrinciple of Least PrivilegeGovernance through PBMSecurity EngineeringPerformance EngineeringResilience EngineeringBackup/RecoveryCompressionSolid State DisksRecovery PlanningAvailability PlanningDisaster PlanningMonitoringService Level AgreementsService Level ExpectationsService Level ObjectivesTemplated InstallationsCapacity PlanningCheck SheetsRun BooksEncryptionAuthentication CertificatesCode ReusePlan Reuseindexing for ReadIndexing for writeAsynchronous logging & messagingVirtualisationMaintenance CheckingConsolidationBaselinesInstancesPort ChangesSQLServerOperationalBestPractices-NotesfromtheFieldPage FileInstant InitialisationMemory
  7. 7. Best Practices in this Presentation…8Rename SARename AdministratorDisable SASQL IO64KB Cluster SizeMultiple Files/FilegroupsMultiple TempDB FilesPartitioningFiltered IndexesDevelopment StandardsProjects and SolutionsScripting with SQLCMDScripting and Automating with PowershellMultiple development EnvironmentsSingleton Development EnvironmentsPrinciple of Least PrivilegeGovernance through PBMSecurity EngineeringPerformance EngineeringResilience EngineeringBackup/RecoveryCompressionSolid State DisksRecovery PlanningAvailability PlanningDisaster PlanningMonitoringService Level AgreementsService Level ExpectationsService Level ObjectivesTemplated InstallationsCapacity PlanningCheck SheetsRun BooksEncryptionAuthentication CertificatesCode ReusePlan Reuseindexing for ReadIndexing for writeAsynchronous logging & messagingVirtualisationMaintenance CheckingConsolidationBaselinesInstancesPort Changes 07 June, 2011SQLServerOperationalBestPractices-NotesfromtheFieldPage FileInstant InitialisationMemory
  8. 8. Obfuscation 907 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  9. 9. Obfuscation• Why?• Security…• If you can’t find the lock you can’t try your key• If you can’t find the door knob, you can’t open the door• If you can’t find the door you can’t get in nor out.1007 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  10. 10. Obfuscation• Customer Scenarios• Requirement:• Build me a Laptop Demo copy of our offering to Military Security Standards• If lost / stolen its useless• Valid Intellectual property• Full suite of software, middleware, back-end• Fully self-contained1107 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  11. 11. Obfuscation• Customer Scenarios• IP Conscious Customer:• Make sure our data and databases are completely secure.• When you’re done, we’ll contract a Russian hacker to break in.1207 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  12. 12. Obfuscation• Solutions:• Hide…• Change Default SQL Instance• Change Default SQL Ports• Change SA Password• Rename SA Account• Rename Administrator Account• Change Key Windows Ports• eg. RDP• Multi-level Firewalls• Encryption• Manual / Physical Policies of protection 1307 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  13. 13. 14SQLServerOperationalBestPractices-NotesfromtheField07 June, 2011Some Obfuscation Techniques
  14. 14. Rubber Stamping your Installation 1507 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  15. 15. Rubber Stamping your installation• Why?• Closer to the single version of the truth.• Know the parameters your system operates under.• Rebuild, reset, replace.• Speed of deployment.1607 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  16. 16. Rubber Stamping your installation• Customer Scenarios• Development / Test / Production Environments were out of Sync• Collations• Service Accounts• File locations• Other Environmental Issues• Changes developed and tested failed or performed badly in Production1707 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  17. 17. Rubber Stamping your installation• Solutions:• Unattended Installation Files• Step-By-Step documentation• Slip-streamed installations• Scripted Installations1807 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  18. 18. 19SQLServerOperationalBestPractices-NotesfromtheField07 June, 2011Creating an Unattended Installation File
  19. 19. Using Projects and Solutions 2007 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  20. 20. Using Projects and Solutions• Why?• Gives order to implementations• Grouping of items for a solution• Search and reuse• Assists in Team-Oriented approaches2107 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  21. 21. Using Projects and Solutions• Customer Scenarios• Teams of 3+ developers• Overwriting each other’s code• Loss of scripts and object definitions• Propagation of the wrong objects to test/production• Unclear path to implementation2207 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  22. 22. Using Projects and Solutions• Solutions:• Use Ticketing system for functionality requests• Agree on scope of work• Develop with clear, sequenced file naming – even scratch files• When ready for promotion into communal development environment,group files into a “Release xxx” project.• Deploy, test etc…2307 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  23. 23. 24SQLServerOperationalBestPractices-NotesfromtheField07 June, 2011Using Projects and Solutions
  24. 24. SLA’s, SLE’s, SLO’s 2507 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  25. 25. SLA’s, SLE’s, SLO’s• What?• SLA: “Service Level Agreement”• Agreement with Business / Management on what theapplications/services/systems will provide to the “end customer”• SLE: “Service Level Expectation”• Agreement of mutual understanding with Business / Management on what theapplications/services/systems will provide to the “end customer”• SLO: “Service Level Objective”• Agreement internally on what the applications/services/systems will provide tothe “end customer”• Focus:• Performance• Availability• Recoverability• [Not Functionality]2607 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  26. 26. SLA’s, SLE’s, SLO’s• Why?• Without agreed, contracted and planned service levels, managementand customers (users) have nothing to track the:• Availability of Service;• Performance of Systems; and• Quality of Implementation.• Management can assign funds, plan and allocate relevant resources tomeet the Agreements• Business understands the true process, business and technicaldependencies of customer facing systems.• Change is entered into warily and with full support of all associatedparties.2707 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  27. 27. SLA’s, SLE’s, SLO’s• Customer Scenarios• 1 Resource :: Developer/DBA/DB{system} Admin for a customer criticalsystem across APAC and Europe.• Management were happy:• Simple Change Management• Quick Feature implementation• Low Costs• High Revenues• Resource was happy:• Job Stability• Developer Artistic Licence• Integral Part of the Team2807 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  28. 28. SLA’s, SLE’s, SLO’s• Customer Scenarios• 1 Resource :: Developer/DBA/DB{system} Admin for a customer criticalsystem across APAC and Europe.• Problem:• Management and Developer had an argument on strategy• Productivity ebbed• Quality degraded• Motivation decreased• Resource was “sick” more often• All Application and system IP was with the 1 Resource!2907 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  29. 29. SLA’s, SLE’s, SLO’s• Customer Scenarios• Very technical team• Eat and Breath Technology• Communication skills – average• Management adapted to Technical Team style• Unmanaged changes• Periods of instability• Overall - best efforts support• Operations Expanded• Customer base increased• Internal and external customers became highly dependant on thetechnology base. 3007 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  30. 30. SLA’s, SLE’s, SLO’s• Customer Scenarios• Very technical team• Eat and Breath Technology• Communication skills – average• Periods of system unresponsiveness• Outages affecting the whole organisation• etc• Periods when users “felt” like there were issues with the application.3107 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  31. 31. SLA’s, SLE’s, SLO’s• Solutions:1. Define which applications, systems and services are in production2. Define and categorise them by important to business• Including cost & revenue3. Define metrics focussed on business processes such as:• Customer Creation• Business Transaction completion• Business Transaction retrieval4. Define Capacity / Availability needs such as:• X New Customers per day• Y Business Transactions per hour• Available during core business hours (8x5) etc3207 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  32. 32. SLA’s, SLE’s, SLO’s• Solutions:5. Review Platform abilities based on Definitions• Measure Current as a baseline6. Review Human Resource needs based on defined System Availabilityand Capacity needs.7. Define a plan for when/if system can approach those levels• Redevelopment / refactoring• Personnel Acquisition / Acquiescence8. Measure and Monitor Progress• Stops the fire-fighting• Allows partners and customers to see progress• Gives agility in approach, focussed on importance and need.3307 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  33. 33. Monitoring Appropriately 3407 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  34. 34. Monitoring Appropriately• Why?• If you don’t know, then… You don’t know…• Availability• Capacity• Performance• Recoverability• Reduces Fire-fighting• Leaves your fingers on the Pulse.3507 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  35. 35. Monitoring Appropriately• Customer Scenarios• Too Little:• “Why is my system slow…?”• “Was the system up last night? I tried to…”• How long would it take us to rebuild• Too much:• “We missed the performance issue because we had thousands of PrinterJob Completion entries to close…”• “We can’t add any more SQL Counters as there’s no more capacity in theDW”• “Why’s the Network so slow? Oh, its all the traffic being sent to theMonitoring and alerts DW…”3607 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  36. 36. Monitoring Appropriately• Solutions:• Centralised “System Monitor”-Type Consoles• Environment at a glance• Standard interfaces• Alerts and trending• Agent or Poll methodologies• Technologies:• Systems Centre Operations Manager• Nagios etc• System Monitor• Management Data Warehouse• DMVStats• SQL Server 2008 Management Studio• Activity Monitor/Performance Dashboard Reports• SQL Server Health and History Tool• RML Utilities for SQL Serveretc3707 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  37. 37. Governance 3807 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  38. 38. Governance• Why?• Governance is simply the execution of standards policies• For control• For consistency• For Reporting• For ease of Support and Maintenance3907 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  39. 39. Governance• Customer Scenarios• Too much:• Large Organisation• Such strict policies that everything was either unsupported or an exception.• Reduced Productivity• No policy on items that weren’t covered by the policies.• Too little:• Large Organisation• Do what’s needed to fulfil the requirements• Support nightmare• Great for consultants! • No Standards / documentation either• SLA’s ??? 4007 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  40. 40. Governance• Solutions:• Various frameworks eg. ITIL• For SQL Server Auditing / Control:• DDL Triggers• Policy Based Management• SQL Server Auditing Framework4107 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  41. 41. 42SQLServerOperationalBestPractices-NotesfromtheField07 June, 2011Using Policy Based Management
  42. 42. 43SQLServerOperationalBestPractices-NotesfromtheField07 June, 2011Introduction to SQL Server Audits
  43. 43. Diagnostics Reports 5707 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  44. 44. Diagnostics Reports• Why?• As a tool to help when investigating issues• Is a cursory finger on the pulse• Should be 2-pronged1. Business focussed2. System focussed5807 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  45. 45. Diagnostics Reports• Customer Scenarios• System with thousands of devices reporting on short intervals andbursts (status etc) asynchronously• Business processes triggered on certain criteria• Customer facing interfaces experience varying loads• Database is core to the offering• When looking at issues the general same approach is taken1. Are the feeds running?2. Are they coming through with the expected throughput/latency?3. Are major process components locking / blocking?4. Are the External Interfaces open and serving?5907 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  46. 46. Diagnostics Reports• Solutions:1. Use scripting languages to provide a “printer test page”-type report2. Use Reporting Services to provide a consolidated view of severalsystems3. Use SQL Server Management Studio’s Custom Reports to get instancefocussed info or to report out from a warehouse.6007 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  47. 47. Recap• Best Practices Defined• “Some” Operational Best Practices• Best Practices in this Presentation1. Obfuscation2. Rubber Stamping your installation3. Using Projects and Solutions4. Governance5. SLA’s, SLE’s, SLO’s6. Monitoring Appropriately7. Diagnostics Reports• Recap• Questions6107 June, 2011SQLServerOperationalBestPractices-NotesfromtheField
  48. 48. Questions?SQLServerOperationalBestPractices-NotesfromtheField6207 June, 2011
  49. 49. Now: Refreshments & Networking

×