REPEAT_1_Deep_dive_on_new_features_in_Amazon_RDS_for_SQL_Server_DAT364-R1(1).pdf

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Deep dive on new features in
Amazon RDS for SQL Server
Prashant Bondada
D A T 3 6 4 - R
Sr. Database Engineer
Amazon Web Services

Agenda
• Introduction
• Infrastructure
• Security
• Monitoring
• Migration
• Features

Related breakouts
DAT364-R1 – Deep dive on new features in Amazon RDS for SQL Server
DAT311-R – Understanding durability & availability with Amazon RDS for
SQL Server
DAT337 – Running and tuning SQL Server on Amazon RDS

Easily deploy and
maintain hardware,
OS and DB software;
built-in monitoring
Scale compute
and storage with a
few clicks; minimal
downtime for your
application
Automatic Multi-AZ
data replication;
automated backup,
snapshots, and
failover
Data encryption at
rest and in transit;
industry compliance
and assurance
programs
Amazon Relational Database Service (Amazon RDS)
Managed relational database service with a choice of popular database engines
Easy to
administer
Performant &
scalable
Available &
durable
Secure &
compliant

Introduction: Managed service
What does Amazon RDS manage?
➢
➢
➢
➢
➢
➢

Introduction: Configuration
What can you configure?
➢
➢
➢
➢
➢
Deep dive on best practices : https://www.youtube.com/watch?v=4JYS1J5PyHw
➢
➢
➢
➢

Infrastructure: Regions
Available in 23 Regions with 70 Availability Zones
US East (Ohio)
US East (N. Virginia)
US West (N. California)
US West (Oregon)
Asia Pacific (Hong Kong)
Asia Pacific (Mumbai)
Asia Pacific (Osaka-Local)
Asia Pacific (Seoul)
EU (Frankfurt)
EU (Ireland)
EU (London)
EU (Paris)
EU (Stockholm)
Middle East (Bahrain)
South America (Sao Paulo)
AWS GovCloud (US-East)
AWS GovCloud (US-West)
Asia Pacific (Singapore)
Asia Pacific (Sydney)
Asia Pacific (Tokyo)
Canada (Central)
China (Beijing)
China (Ningxia)

Infrastructure: Instance types
M5/R5 instance types
➢ ew size at the high-end : 24XL
➢
➢
T3 instance types
➢ Lower cost than T2
➢ New XL and 2XL sizes
➢
➢ Network and EBS bursting

Infrastructure: Instance types
X1/X1E instance types
➢ Up to ~4TiB of memory
➢ ~4x more memory : CPU ratio
➢ Lowest prices per GiB of memory
➢ Optimal for in-memory workloads

Infrastructure: Performance improvements

Infrastructure: Storage
Up to 16TiB of storage
Volume type: GP2
➢
➢
Volume type: IO1
➢
➢

Security: SQL Server Audit
AWS Cloud
Client
Why?
➢
➢
➢
➢
➢
Client
Corporate
data center

Security: SQL Server Audit
How ?
Enabled via option groups
Where?
Stored in your S3 bucket
Options:
Server-side file compression
Configurable retention

Security – SQL Server Audit (rules)
Dos:
➢ Audit destination : FILE
➢ Filepath : D:rdsdbdataSQLAudit
➢ MAX_ROLLOVER_FILES to Unlimited
➢ Filesize : 2MB–50MB
Don'ts:
➢ Audit name : ‘RDS_....
➢ Shut down server
➢ Browse filepath
➢ MAX_FILES

Security – SQL Server Audit (queries)
-- List events in all Audit files on disk
SELECT event_time,server_principal_name,statement,file_name,client_ip,application_name
FROM msdb.dbo.rds_fn_get_audit_file('D:rdsdbdataSQLAudit*.sqlaudit', default,
default) where server_principal_name !='NT AUTHORITYSYSTEM’
union
SELECT event_time,server_principal_name,statement,file_name,client_ip,application_name
FROM msdb.dbo.rds_fn_get_audit_file('D:rdsdbdataSQLAudittransmitted*.sqlaudit',
default, default)
where server_principal_name !='NT AUTHORITYSYSTEM’ order by event_time desc
-- List all Audit files present on disk
SELECT distinct file_name FROM
msdb.dbo.rds_fn_get_audit_file('D:rdsdbdataSQLAudit*.sqlaudit', default, default)
union
msdb.dbo.rds_fn_get_audit_file('D:rdsdbdataSQLAudittransmitted*.sqlaudit', default,
default)
-- List Audit files not yet uploaded to S3
msdb.dbo.rds_fn_get_audit_file('D:rdsdbdataSQLAudit*.sqlaudit', default, default)

Security: SQLAgentOperatorRole
SQLAgentUserRole
➢ Permissions on self-owned jobs and job schedules
➢
SQLAgentOperatorRole
➢ Permissions on all jobs and job schedules
➢ Allows for individual admin/DBA accounts

Security: SQLAgentOperatorRole
SQLAgentOperatorRole
➢ Master user not part of the role by default
➢ Master user has ’ALTER’ privileges on the role
Blog:
https://aws.amazon.com/blogs/database/leveraging-
sqlagentoperatorrole-in-rds-sql-server/

Monitoring: Amazon CloudWatch Logs integration
Users
Amazon
CloudWatch
Trigger
AWS Lambda
function
EMA L
Amazon Elasticsearch
Service
Export to
Amazon S3
Bucket
Email notification
Amazon Simple
Notification Service
Amazon RDS
for SQL Server

Agent Logs and/or Error Logs in CloudWatch
Near real-time upload
Records node status
UTC time zone
Disabled on restores
/aws/rds/instance/reinvent-cwl-demo/agent
/reinvent-cwl-demo
/aws/rds/instance/reinvent-cwl-demo/error
reinvent-cwl-demo.node1
/aws/rds/instance/reinvent-cwl-demo/rds-events
reinvent-cwl-demo.primary-node-status

Users
Amazon
CloudWatch
Trigger
AWS Lambda
function
EMA L
Amazon Elasticsearch
Service
Export to
Amazon S3
Bucket
Email Notification
Amazon Simple
Notification Service
Amazon RDS
for SQL Server

Sample Lambda function
import json
import boto3
import gzip
import base64
def lambda_handler(event, context):
cwl_data = event['awslogs']['data’]
compressed_cwl_data = base64.b64decode(cwl_data)
uncompressed_cwl_data = gzip.decompress(compressed_cwl_data)
cwl_data_json = json.loads(uncompressed_cwl_data)
cwl_events = cwl_data_json['logEvents’]
email_message="”
for cwl_message in cwl_events:
email_message=email_message+" "+cwl_message["message"]
client = boto3.client('sns’)
response = client.publish(
TargetArn="arn:aws:sns:us-west-2:000000000000:bondadap_email",
Message=json.dumps({'default': json.dumps(email_message)}),
MessageStructure='json'
)

Monitoring: Performance insights
Easy-to-understand dashboard
Session and system-level monitoring
Wait event information
Free tier
Configurable retention
‘0x’ + SQL D = SQL handle

Monitoring: Performance insights
SQL Server 2012
SQL Server 2017

Migration: Native backups/restores
Restore databases up to
16TiB
➢ Multiple backup files
➢ Up to 10 files per backup
Reduced downtime
migrations
➢ Differential restores
➢ Log restores
AWS Cloud
Corporate
data center
Microsoft SQL Server
databases

8:25 8:35 8:40 8:45 8:50 8:55 9:00 9:05 9:10 9:15 9:20 9:25 9:30 9:35 9:40 9:45
START
MIGRATION
9:50 9:55
FULL
FULL
FULL
D
I
F
F
D
I
F
F
DIFF
L
O
G
1
L
O
G
1
LOG
1
L
O
G
2
L
O
G
2
RESTORES
UPLOADS
BACKUPS
END
MIGRATION
10:00
L
O
G
2
APP.
DOWN
8:25 8:35 8:40 8:45 8:50 8:55 9:00 9:05 9:10 9:15 9:20 9:25 9:30 9:35 9:40 9:45
START
MIGRATION
9:50 9:55
FULL
FULL
FULL
D
I
F
F
D
I
F
F
DIFF
L
O
G
1
L
O
G
1
LOG
1
L
O
G
2
L
O
G
2
RESTORES
UPLOADS
BACKUPS
END
MIGRATION
10:00
L
O
G
2
APP.
DOWN

Full DB
backup
Upload
backup
to
Amazon
S3
Full
restore
onto
Amazon
RDS
Diff. DB
backup
Upload
backup
to
Amazon
S3
Diff.
restore
onto
Amazon
RDS
Log
backup
Upload
backup
to S3
Log
restore
onto
Amazon
RDS
Finish
restore
on
Amazon
RDS

Backups
exec msdb.dbo.rds_backup_database @source_db_name=‘database_name’,
@s3_arn_to_backup_to=‘arn:aws:s3:::bucket_name/file_name_and_extension’,
@overwrite_s3_backup_file=1,
@type=‘FULL’; --@type=‘DIFFERENTIAL’
Restores
exec msdb.dbo.rds_restore_database @restore_db_name=‘database_name’,
@s3_arn_to_restore_from=‘arn:aws:s3:::bucket_name/file_name_and_extension’,
@type=‘FULL’, ‘DIFFERENTIAL’
@with_norecovery=1; --@with_norecovery=0
exec msdb.dbo.rds_restore_log
@restore_db_name=‘database_name’,
@s3_arn_to_restore_from=‘arn:aws:s3:::bucket_name/file_name_and_extension’,
@with_norecovery=1; --@with_norecovery=0
exec msdb.dbo.rds_finish_restore @db_name=‘database_name’

Migration: Change data capture(CDC)
Known issues with CDC
https://support.microsoft.com/en-gb/help/4459220/incorrect-results-
when-converting-pollinginterval-in-sys-sp-cdc-scan
select @hours = (@pollinginterval - (@minutes * 60) - @seconds) / 60
--- select @hours = (@pollinginterval - (@minutes * 60) - @seconds) / 60 /60
https://support.microsoft.com/en-us/help/4073684/fix-change-data-
capture-doesn-t-work-in-sql-server-2017

Features: Collation
Database level
Server level
➢
➢
SQL_Latin1_General_CP1_CI_AS
➢
➢
➢ --character-set-name”
➢ Collation retained on restores

Features: Increased databases per instance
Instance class
type
Single-AZ
Multi-AZ with
Mirroring
Multi-AZ with
Always-on AGs
db.*.micro to
db.*.medium
30 N/A N/A
db.*.large 30 30 30
db.*.xlarge to
db.*.16xlarge
100 50 75
db.*.24xlarge 100 50 100
Instance consolidation
License savings
Instance type and availability mode dependent

Features: S3 integration
Platform to transfer files from/to S3
Download Audit files from S3
Download data files for Bulk Insert
Transfer files between RDS instances
AWS Cloud
Corporate
data center
App servers

Features: S3 integration
Configured via instance-level roles
Files downloaded to D:S3
Create folders during download
Delete files after processing
Stored procedures/functions
➢
➢
➢
➢
➢

25+ free digital training courses cover topics and services
related to databases, including:
Validate expertise with the new AWS Certified Database - Specialty beta
exam
Learn databases with AWS Training and Certification
• Amazon Aurora
• Amazon Neptune
• Amazon DocumentDB
• Amazon DynamoDB
• Amazon ElastiCache
• Amazon Redshift
• Amazon RDS
Visit aws.training
Resources created by the experts at AWS to help you build and validate database skills

Thank you!
Prashant Bondada
bondadap@amazon.com

REPEAT_1_Deep_dive_on_new_features_in_Amazon_RDS_for_SQL_Server_DAT364-R1(1).pdf

More Related Content

Similar to REPEAT_1_Deep_dive_on_new_features_in_Amazon_RDS_for_SQL_Server_DAT364-R1(1).pdf

Recently uploaded

REPEAT_1_Deep_dive_on_new_features_in_Amazon_RDS_for_SQL_Server_DAT364-R1(1).pdf