en ny standard for høytilgjengelighet jon jahren produktsjef, microsoft [email protected]
TRANSCRIPT
![Page 1: En ny standard for høytilgjengelighet Jon Jahren Produktsjef, Microsoft jon.jahren@microsoft.com](https://reader034.vdocuments.mx/reader034/viewer/2022051401/56649d8e5503460f94a779a4/html5/thumbnails/1.jpg)
En ny standard for En ny standard for høytilgjengelighethøytilgjengelighet
Jon JahrenProduktsjef, [email protected]
![Page 2: En ny standard for høytilgjengelighet Jon Jahren Produktsjef, Microsoft jon.jahren@microsoft.com](https://reader034.vdocuments.mx/reader034/viewer/2022051401/56649d8e5503460f94a779a4/html5/thumbnails/2.jpg)
Optimize Optimize performanceperformanceManage mixed Manage mixed workloadsworkloadsScale Scale performanceperformance
Ensure system Ensure system availabilityavailabilityMinimize planned Minimize planned downtimedowntimeConcurrent data Concurrent data accessaccess
Secure data Secure data accessaccessProtect your Protect your systemsystemSimplify Simplify compliancecompliance
![Page 3: En ny standard for høytilgjengelighet Jon Jahren Produktsjef, Microsoft jon.jahren@microsoft.com](https://reader034.vdocuments.mx/reader034/viewer/2022051401/56649d8e5503460f94a779a4/html5/thumbnails/3.jpg)
Highly secure data access
Highly secure configurationRich authenticationGranular authorization
Help protect your dataTransparent data encryptionExtensible key management
Simplify complianceAll actions auditableEnterprise-wide security policies
![Page 4: En ny standard for høytilgjengelighet Jon Jahren Produktsjef, Microsoft jon.jahren@microsoft.com](https://reader034.vdocuments.mx/reader034/viewer/2022051401/56649d8e5503460f94a779a4/html5/thumbnails/4.jpg)
Encrypt data and log filesProtect backup files and detached database files
Transparent to applicationNo application modifications required to take advantage of encryption
Secure with Database Encryption Key (DEK); DEK encrypted with
A password Service Master KeyCan use a Hardware Security Module (HSM) to store keys
Use encrypted data in another server
Import DEK to new serverAttach encrypted database filesRestore an encrypted backup
SQL Server 2008SQL Server 2008
DEK
Client ApplicationClient Application
Encrypted Dataata Page
![Page 5: En ny standard for høytilgjengelighet Jon Jahren Produktsjef, Microsoft jon.jahren@microsoft.com](https://reader034.vdocuments.mx/reader034/viewer/2022051401/56649d8e5503460f94a779a4/html5/thumbnails/5.jpg)
Simplify key Simplify key managementmanagement
Consolidate and Consolidate and simplify encryption simplify encryption
across across the enterprisethe enterprise
Store keys in Store keys in removable hardware removable hardware
such such as USB drivesas USB drives
![Page 6: En ny standard for høytilgjengelighet Jon Jahren Produktsjef, Microsoft jon.jahren@microsoft.com](https://reader034.vdocuments.mx/reader034/viewer/2022051401/56649d8e5503460f94a779a4/html5/thumbnails/6.jpg)
Create an Audit objectAutomatically log actionsLog To various formats
A file, the Windows Application Log, or the Windows Security Log
Create an audit specification Include server and database actions in an auditPredefined action groupsIndividual action filters
![Page 7: En ny standard for høytilgjengelighet Jon Jahren Produktsjef, Microsoft jon.jahren@microsoft.com](https://reader034.vdocuments.mx/reader034/viewer/2022051401/56649d8e5503460f94a779a4/html5/thumbnails/7.jpg)
Define security policies Define audit, access policies by using Policy Management Framework
Authentication standardPassword policies
Define surface area configurations as policies
Apply across the enterpriseUsing Configuration ServersHelps to ensure enterprise-wide compliance
![Page 8: En ny standard for høytilgjengelighet Jon Jahren Produktsjef, Microsoft jon.jahren@microsoft.com](https://reader034.vdocuments.mx/reader034/viewer/2022051401/56649d8e5503460f94a779a4/html5/thumbnails/8.jpg)
Simplify ComplianceSimplify ComplianceSecure AccessSecure Access
Trustworthy Computing
Granular Granular AuthorizationAuthorization
Data Data EncryptionEncryption
Rich Rich AuthenticationAuthentication AuditingAuditing
Secure Secure ConfiguratioConfiguratio
nsns
Protect DataProtect Data
Principals Principals and Securablesand SecurablesRolesRolesCatalog Catalog SecuritySecurityExecution Execution ContextContextUser SchemaUser SchemaSeparationSeparation
Kerberos/NTLMKerberos/NTLMPassword Policy Password Policy EnforcementEnforcementEnd Point End Point AuthenticationAuthenticationEncrypted Login Encrypted Login CredentialsCredentialsSingle Sign-OnSingle Sign-On
Native Native Cryptographic Cryptographic CapabilitiesCapabilitiesTransparent Transparent Data Data EncryptionEncryptionExtensible Key Extensible Key ManagementManagement
Enterprise-wide Enterprise-wide Security Security PoliciesPoliciesSecurity Security UpdatesUpdatesSurface Area Surface Area MinimizedMinimized
All Actions All Actions AuditedAuditedAudit Actions to Audit Actions to File, Windows File, Windows Application Log, Application Log,
and Windows and Windows Security logSecurity logCapture and Capture and Audit DDL Audit DDL ActivitiesActivities
![Page 9: En ny standard for høytilgjengelighet Jon Jahren Produktsjef, Microsoft jon.jahren@microsoft.com](https://reader034.vdocuments.mx/reader034/viewer/2022051401/56649d8e5503460f94a779a4/html5/thumbnails/9.jpg)
Optimize Optimize performanceperformanceManage mixed Manage mixed workloadsworkloadsScale Scale performanceperformance
Ensure system Ensure system availabilityavailabilityMinimize Minimize planned planned downtimedowntimeConcurrent Concurrent data accessdata access
Secure data Secure data accessaccessProtect your Protect your systemsystemSimplify Simplify compliancecompliance
![Page 10: En ny standard for høytilgjengelighet Jon Jahren Produktsjef, Microsoft jon.jahren@microsoft.com](https://reader034.vdocuments.mx/reader034/viewer/2022051401/56649d8e5503460f94a779a4/html5/thumbnails/10.jpg)
Help ensure system availability
Failover clusteringDatabase mirroringLog shippingReplication
Minimize planned downtime
Backup compressionDynamically add resourcesOnline operationsEnhance concurrent
data accessDatabase snapshotsSnapshot isolation levels
![Page 11: En ny standard for høytilgjengelighet Jon Jahren Produktsjef, Microsoft jon.jahren@microsoft.com](https://reader034.vdocuments.mx/reader034/viewer/2022051401/56649d8e5503460f94a779a4/html5/thumbnails/11.jpg)
Major changes in cluster setup:In place upgrade not possible (but probably not desirable anyway)SQL Server cluster setup has moved to the 7.0 model of setting SQL Servers up and then reconfiguring individually into the cluster
Other changes:New Cluster Validation ToolImprovements in operations (e.g. troubleshooting using Event Tracing instead of the cluster log)16 nodes now supportedNo longer need all cluster nodes in the same subnet
For more details see the AppCompat/Upgrade course or:
http://www.microsoft.com/windowsserver2008/failover-clusters.mspx
![Page 12: En ny standard for høytilgjengelighet Jon Jahren Produktsjef, Microsoft jon.jahren@microsoft.com](https://reader034.vdocuments.mx/reader034/viewer/2022051401/56649d8e5503460f94a779a4/html5/thumbnails/12.jpg)
Commit
Write to local log
Transmit to mirror
Write to remote
log
LogLog
Acknowledge
Committed in log
Constantly redoing on mirror
Acknowledge
DBDBDBDB LogLog
11
22
22
33
44
55
66
77
![Page 13: En ny standard for høytilgjengelighet Jon Jahren Produktsjef, Microsoft jon.jahren@microsoft.com](https://reader034.vdocuments.mx/reader034/viewer/2022051401/56649d8e5503460f94a779a4/html5/thumbnails/13.jpg)
Three modes of operationHigh Availability - synchronous mirroring with a witness
Automatic detection/failoverNo data loss
High Protection - synchronous mirroring without a witnessManual failoverNo data loss, but possibly downtime
High Performance - asynchronous mirroringManual failoverSome data loss possible (but not guaranteed)
![Page 14: En ny standard for høytilgjengelighet Jon Jahren Produktsjef, Microsoft jon.jahren@microsoft.com](https://reader034.vdocuments.mx/reader034/viewer/2022051401/56649d8e5503460f94a779a4/html5/thumbnails/14.jpg)
Consequences of failure depend on what failed and the mode of the database mirroring partnership
SQL Server crashesInstant detection of failure
Windows/hardware crashesFailure detection depends on partner timeout setting
Log drive pulled outFailure detection takes 40 seconds
Corrupt pageFailure detection depends on what hits the corrupt page
![Page 15: En ny standard for høytilgjengelighet Jon Jahren Produktsjef, Microsoft jon.jahren@microsoft.com](https://reader034.vdocuments.mx/reader034/viewer/2022051401/56649d8e5503460f94a779a4/html5/thumbnails/15.jpg)
Performance improvements
Log compression
Automatic page repair
Prevents a corrupt data page from making a database unavailableMirroring partner detects bad database pageRequests valid copy from partner
Log Stream compression
![Page 16: En ny standard for høytilgjengelighet Jon Jahren Produktsjef, Microsoft jon.jahren@microsoft.com](https://reader034.vdocuments.mx/reader034/viewer/2022051401/56649d8e5503460f94a779a4/html5/thumbnails/16.jpg)
Comparison of transactions per second against network bandwidth, with and without log compression
Percentage increases in throughput is most dramatic for low network bandwidths
![Page 17: En ny standard for høytilgjengelighet Jon Jahren Produktsjef, Microsoft jon.jahren@microsoft.com](https://reader034.vdocuments.mx/reader034/viewer/2022051401/56649d8e5503460f94a779a4/html5/thumbnails/17.jpg)
Comparison of CPU usage against network bandwidth with and without log stream compression
CPU goes up when compression is on, both because of compression/decompression, but also because the server can now process more transactions per second
![Page 18: En ny standard for høytilgjengelighet Jon Jahren Produktsjef, Microsoft jon.jahren@microsoft.com](https://reader034.vdocuments.mx/reader034/viewer/2022051401/56649d8e5503460f94a779a4/html5/thumbnails/18.jpg)
PrincipalPrincipal
WitnessWitness
Data Log
MirrorMirror
Data Log1. Bad Page 1. Bad Page
DetectedDetected
X
2. Request page2. Request page
3. Find page3. Find page
4. Retrieve page4. Retrieve page
5. Transfer page5. Transfer page
6. Write6. Write
PagePage
![Page 19: En ny standard for høytilgjengelighet Jon Jahren Produktsjef, Microsoft jon.jahren@microsoft.com](https://reader034.vdocuments.mx/reader034/viewer/2022051401/56649d8e5503460f94a779a4/html5/thumbnails/19.jpg)
Add and remove nodes without stoppingVisual configuration with Topology WizardAbility to detect conflictsImproved Replication Monitor
Select columns and filter rows for viewing
![Page 20: En ny standard for høytilgjengelighet Jon Jahren Produktsjef, Microsoft jon.jahren@microsoft.com](https://reader034.vdocuments.mx/reader034/viewer/2022051401/56649d8e5503460f94a779a4/html5/thumbnails/20.jpg)
Backup compressionStandard backup commands and interfaceOff by default,configurableRestore from any SQL Server 2008 Edition
Dynamicallyadd resources
Online-Add CPUOnline-Add memory
Backup Compression
![Page 21: En ny standard for høytilgjengelighet Jon Jahren Produktsjef, Microsoft jon.jahren@microsoft.com](https://reader034.vdocuments.mx/reader034/viewer/2022051401/56649d8e5503460f94a779a4/html5/thumbnails/21.jpg)
System Monitor snapshot of backup of 322MB AdventureWorks DB
21
A LOT more CPU used (avg 25%) BUT runtime = 21.6s (45% improvement) and backup stored in 76.7MB (4.2x compression ratio)
Hardly any CPU used (avg 5%), runtime = 39.5s, compression ratio of 0.
Uncom
pressed
Com
pressed
![Page 22: En ny standard for høytilgjengelighet Jon Jahren Produktsjef, Microsoft jon.jahren@microsoft.com](https://reader034.vdocuments.mx/reader034/viewer/2022051401/56649d8e5503460f94a779a4/html5/thumbnails/22.jpg)
System Monitor snapshot of backup of 322MB AdventureWorks DB
22
More CPU used (avg 14.5%) BUT runtime = 36s (almost 50% improvement)
Hardly any CPU used (avg 8%), runtime = 71.0s
Uncom
pressed
Com
pressed
![Page 23: En ny standard for høytilgjengelighet Jon Jahren Produktsjef, Microsoft jon.jahren@microsoft.com](https://reader034.vdocuments.mx/reader034/viewer/2022051401/56649d8e5503460f94a779a4/html5/thumbnails/23.jpg)
Common questions:“How much compression will I see?”“Will it be comparable to, say, SQL Litespeed?”
One simple answer: “It depends!”All data compresses differently – the compression ratio achieved depends on:
The type of data in the databaseWhether the data in the database is already compressedWhether the data/database is encrypted
![Page 24: En ny standard for høytilgjengelighet Jon Jahren Produktsjef, Microsoft jon.jahren@microsoft.com](https://reader034.vdocuments.mx/reader034/viewer/2022051401/56649d8e5503460f94a779a4/html5/thumbnails/24.jpg)
SS2005 added the ability to use hot-add memorySS2008 extends the dynamic workload handling capabilities of SQL Server by allowing hot-add CPU
‘Hot-add’ means being able to plug it into the computer while the computer is running, and then reconfiguring SQL Server to make use of the new hardware ONLINE
There are some restrictions for use:The hardware must support hot-add (obviously )SS2008 Enterprise Edition only64-bit Windows Server 2008 Datacenter/Enterprise
SQL Server won’t automatically start using new CPUs
They may not be meant for SQL Server’s use
![Page 25: En ny standard for høytilgjengelighet Jon Jahren Produktsjef, Microsoft jon.jahren@microsoft.com](https://reader034.vdocuments.mx/reader034/viewer/2022051401/56649d8e5503460f94a779a4/html5/thumbnails/25.jpg)
DBCC CHECKDB is a critical tool for early discovery of database corruptions (usually caused by the IO subsystem)Deep-dive notification
Some algorithms in CHECKDB are written for speed, and so will detect a corruption, but not where exactly the corruption is.In this case, a 2nd pass must be done to pinpoint the corruptionThis can be very time consuming and its unclear what is going on – CHECKDB seems like it’s not progressing but IOs are happeningSQL Server 2008 has new error log output to highlight this process
Higher efficiency parallel page scannerLong-running indexed view and XML index contents checks moved under WITH EXTENDED_LOGICAL_CHECKS option to reduce default run-time
25
![Page 26: En ny standard for høytilgjengelighet Jon Jahren Produktsjef, Microsoft jon.jahren@microsoft.com](https://reader034.vdocuments.mx/reader034/viewer/2022051401/56649d8e5503460f94a779a4/html5/thumbnails/26.jpg)
Advanced eventing infrastructure for serversAbility to define events to monitor and a variety of ways to consume the events
Synchronous or asynchronousTrigger actions when an event firesUse predicates to filter events from consumersCausality tracking (through inherited IDs)
High performance and good scalabilityCost of firing a single event is extremely small
ETW (Event Tracing for Windows) enabledControlled through T-SQL DDL statements
26
![Page 27: En ny standard for høytilgjengelighet Jon Jahren Produktsjef, Microsoft jon.jahren@microsoft.com](https://reader034.vdocuments.mx/reader034/viewer/2022051401/56649d8e5503460f94a779a4/html5/thumbnails/27.jpg)
Example scenario (taken from Books Online):Problem
Troubleshooting excessive CPU usage on the serverDMVs show that all queries are ad-hoc user queries but don’t have enough info about queries that have been run
SolutionCreate an Extended Events session that:
Fires an event when a T-SQL statement executesDefines an event action to collect the query planDefines a predicate on a CPU usage thresholdDefines a consumer to write the event payload to a trace file
Examination of the traced query plans allows pinpointing the problem
27
![Page 28: En ny standard for høytilgjengelighet Jon Jahren Produktsjef, Microsoft jon.jahren@microsoft.com](https://reader034.vdocuments.mx/reader034/viewer/2022051401/56649d8e5503460f94a779a4/html5/thumbnails/28.jpg)
Lock escalation on partitioned tables reduces concurrency as the table lock locks ALL partitions
Only way to solve this currently is to disable escalation
IXX
FG1 FG1 FG1
PartitionedTable
Partition 1 Partition 2 Partition 3
Query 1ESCALATE
Query 2
update update
![Page 29: En ny standard for høytilgjengelighet Jon Jahren Produktsjef, Microsoft jon.jahren@microsoft.com](https://reader034.vdocuments.mx/reader034/viewer/2022051401/56649d8e5503460f94a779a4/html5/thumbnails/29.jpg)
SQL Server 2008 allows lock escalation to the partition level, allowing concurrent access to other partitions
Escalation to partition level does not block other queries
IX
X
FG1 FG1 FG1
PartitionedTable
Partition 1 Partition 2 Partition 3
Query 1ES
CA
LATE
Query 2
update update
![Page 30: En ny standard for høytilgjengelighet Jon Jahren Produktsjef, Microsoft jon.jahren@microsoft.com](https://reader034.vdocuments.mx/reader034/viewer/2022051401/56649d8e5503460f94a779a4/html5/thumbnails/30.jpg)
Optimize Optimize performanceperformanceManage mixed Manage mixed workloadsworkloadsScale Scale performanceperformance
Ensure system Ensure system availabilityavailabilityMinimize Minimize planned planned downtimedowntimeConcurrent Concurrent data accessdata access
Secure data Secure data accessaccessProtect your Protect your systemsystemSimplify Simplify compliancecompliance
![Page 31: En ny standard for høytilgjengelighet Jon Jahren Produktsjef, Microsoft jon.jahren@microsoft.com](https://reader034.vdocuments.mx/reader034/viewer/2022051401/56649d8e5503460f94a779a4/html5/thumbnails/31.jpg)
Optimize performanceData compressionEnhanced partitioningDW query optimizationsImproved indexed viewsPerformance data collection(covered in manageability session)
Manage mixed workloadsResource Governor
Scale up/scale out
![Page 32: En ny standard for høytilgjengelighet Jon Jahren Produktsjef, Microsoft jon.jahren@microsoft.com](https://reader034.vdocuments.mx/reader034/viewer/2022051401/56649d8e5503460f94a779a4/html5/thumbnails/32.jpg)
SQL Server 2008 providesSQL Server 2008 providesIncreased levels of securityIncreased levels of securityAvailabilityAvailabilityScalability to meet your growing data Scalability to meet your growing data needsneeds
![Page 33: En ny standard for høytilgjengelighet Jon Jahren Produktsjef, Microsoft jon.jahren@microsoft.com](https://reader034.vdocuments.mx/reader034/viewer/2022051401/56649d8e5503460f94a779a4/html5/thumbnails/33.jpg)
© 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after
the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.