En ny standard for En ny standard for høytilgjengelighethøytilgjengelighet

Jon JahrenProduktsjef, Microsoftjon.jahren@microsoft.com

Optimize Optimize performanceperformanceManage mixed Manage mixed workloadsworkloadsScale Scale performanceperformance

Ensure system Ensure system availabilityavailabilityMinimize planned Minimize planned downtimedowntimeConcurrent data Concurrent data accessaccess

Secure data Secure data accessaccessProtect your Protect your systemsystemSimplify Simplify compliancecompliance

Highly secure data access

Highly secure configurationRich authenticationGranular authorization

Help protect your dataTransparent data encryptionExtensible key management

Simplify complianceAll actions auditableEnterprise-wide security policies

Encrypt data and log filesProtect backup files and detached database files

Transparent to applicationNo application modifications required to take advantage of encryption

Secure with Database Encryption Key (DEK); DEK encrypted with

A password Service Master KeyCan use a Hardware Security Module (HSM) to store keys

Use encrypted data in another server

Import DEK to new serverAttach encrypted database filesRestore an encrypted backup

SQL Server 2008SQL Server 2008

DEK

Client ApplicationClient Application

Encrypted Dataata Page

Simplify key Simplify key managementmanagement

Consolidate and Consolidate and simplify encryption simplify encryption

across across the enterprisethe enterprise

Store keys in Store keys in removable hardware removable hardware

such such as USB drivesas USB drives

Create an Audit objectAutomatically log actionsLog To various formats

A file, the Windows Application Log, or the Windows Security Log

Create an audit specification Include server and database actions in an auditPredefined action groupsIndividual action filters

Define security policies Define audit, access policies by using Policy Management Framework

Authentication standardPassword policies

Define surface area configurations as policies

Apply across the enterpriseUsing Configuration ServersHelps to ensure enterprise-wide compliance

Simplify ComplianceSimplify ComplianceSecure AccessSecure Access

Trustworthy Computing

Granular Granular AuthorizationAuthorization

Data Data EncryptionEncryption

Rich Rich AuthenticationAuthentication AuditingAuditing

Secure Secure ConfiguratioConfiguratio

nsns

Protect DataProtect Data

Principals Principals and Securablesand SecurablesRolesRolesCatalog Catalog SecuritySecurityExecution Execution ContextContextUser SchemaUser SchemaSeparationSeparation

Kerberos/NTLMKerberos/NTLMPassword Policy Password Policy EnforcementEnforcementEnd Point End Point AuthenticationAuthenticationEncrypted Login Encrypted Login CredentialsCredentialsSingle Sign-OnSingle Sign-On

Native Native Cryptographic Cryptographic CapabilitiesCapabilitiesTransparent Transparent Data Data EncryptionEncryptionExtensible Key Extensible Key ManagementManagement

Enterprise-wide Enterprise-wide Security Security PoliciesPoliciesSecurity Security UpdatesUpdatesSurface Area Surface Area MinimizedMinimized

All Actions All Actions AuditedAuditedAudit Actions to Audit Actions to File, Windows File, Windows Application Log, Application Log,

and Windows and Windows Security logSecurity logCapture and Capture and Audit DDL Audit DDL ActivitiesActivities

Optimize Optimize performanceperformanceManage mixed Manage mixed workloadsworkloadsScale Scale performanceperformance

Ensure system Ensure system availabilityavailabilityMinimize Minimize planned planned downtimedowntimeConcurrent Concurrent data accessdata access

Secure data Secure data accessaccessProtect your Protect your systemsystemSimplify Simplify compliancecompliance

Help ensure system availability

Failover clusteringDatabase mirroringLog shippingReplication

Minimize planned downtime

Backup compressionDynamically add resourcesOnline operationsEnhance concurrent

data accessDatabase snapshotsSnapshot isolation levels

Major changes in cluster setup:In place upgrade not possible (but probably not desirable anyway)SQL Server cluster setup has moved to the 7.0 model of setting SQL Servers up and then reconfiguring individually into the cluster

Other changes:New Cluster Validation ToolImprovements in operations (e.g. troubleshooting using Event Tracing instead of the cluster log)16 nodes now supportedNo longer need all cluster nodes in the same subnet

For more details see the AppCompat/Upgrade course or:

http://www.microsoft.com/windowsserver2008/failover-clusters.mspx

Commit

Write to local log

Transmit to mirror

Write to remote

log

LogLog

Acknowledge

Committed in log

Constantly redoing on mirror

Acknowledge

DBDBDBDB LogLog

11

22

22

33

44

55

66

77

Three modes of operationHigh Availability - synchronous mirroring with a witness

Automatic detection/failoverNo data loss

High Protection - synchronous mirroring without a witnessManual failoverNo data loss, but possibly downtime

High Performance - asynchronous mirroringManual failoverSome data loss possible (but not guaranteed)

Consequences of failure depend on what failed and the mode of the database mirroring partnership

SQL Server crashesInstant detection of failure

Windows/hardware crashesFailure detection depends on partner timeout setting

Log drive pulled outFailure detection takes 40 seconds

Corrupt pageFailure detection depends on what hits the corrupt page

Performance improvements

Log compression

Automatic page repair

Prevents a corrupt data page from making a database unavailableMirroring partner detects bad database pageRequests valid copy from partner

Log Stream compression

Comparison of transactions per second against network bandwidth, with and without log compression

Percentage increases in throughput is most dramatic for low network bandwidths

Comparison of CPU usage against network bandwidth with and without log stream compression

CPU goes up when compression is on, both because of compression/decompression, but also because the server can now process more transactions per second

PrincipalPrincipal

WitnessWitness

Data Log

MirrorMirror

Data Log1. Bad Page 1. Bad Page

DetectedDetected

X

2. Request page2. Request page

3. Find page3. Find page

4. Retrieve page4. Retrieve page

5. Transfer page5. Transfer page

6. Write6. Write

PagePage

Add and remove nodes without stoppingVisual configuration with Topology WizardAbility to detect conflictsImproved Replication Monitor

Select columns and filter rows for viewing

Backup compressionStandard backup commands and interfaceOff by default,configurableRestore from any SQL Server 2008 Edition

Dynamicallyadd resources

Online-Add CPUOnline-Add memory

Backup Compression

System Monitor snapshot of backup of 322MB AdventureWorks DB

21

A LOT more CPU used (avg 25%) BUT runtime = 21.6s (45% improvement) and backup stored in 76.7MB (4.2x compression ratio)

Hardly any CPU used (avg 5%), runtime = 39.5s, compression ratio of 0.

Uncom

pressed

Com

pressed

System Monitor snapshot of backup of 322MB AdventureWorks DB

22

More CPU used (avg 14.5%) BUT runtime = 36s (almost 50% improvement)

Hardly any CPU used (avg 8%), runtime = 71.0s

Uncom

pressed

Com

pressed

Common questions:“How much compression will I see?”“Will it be comparable to, say, SQL Litespeed?”

One simple answer: “It depends!”All data compresses differently – the compression ratio achieved depends on:

The type of data in the databaseWhether the data in the database is already compressedWhether the data/database is encrypted

SS2005 added the ability to use hot-add memorySS2008 extends the dynamic workload handling capabilities of SQL Server by allowing hot-add CPU

‘Hot-add’ means being able to plug it into the computer while the computer is running, and then reconfiguring SQL Server to make use of the new hardware ONLINE

There are some restrictions for use:The hardware must support hot-add (obviously )SS2008 Enterprise Edition only64-bit Windows Server 2008 Datacenter/Enterprise

SQL Server won’t automatically start using new CPUs

They may not be meant for SQL Server’s use

DBCC CHECKDB is a critical tool for early discovery of database corruptions (usually caused by the IO subsystem)Deep-dive notification

Some algorithms in CHECKDB are written for speed, and so will detect a corruption, but not where exactly the corruption is.In this case, a 2nd pass must be done to pinpoint the corruptionThis can be very time consuming and its unclear what is going on – CHECKDB seems like it’s not progressing but IOs are happeningSQL Server 2008 has new error log output to highlight this process

Higher efficiency parallel page scannerLong-running indexed view and XML index contents checks moved under WITH EXTENDED_LOGICAL_CHECKS option to reduce default run-time

25

Advanced eventing infrastructure for serversAbility to define events to monitor and a variety of ways to consume the events

Synchronous or asynchronousTrigger actions when an event firesUse predicates to filter events from consumersCausality tracking (through inherited IDs)

High performance and good scalabilityCost of firing a single event is extremely small

ETW (Event Tracing for Windows) enabledControlled through T-SQL DDL statements

26

Example scenario (taken from Books Online):Problem

Troubleshooting excessive CPU usage on the serverDMVs show that all queries are ad-hoc user queries but don’t have enough info about queries that have been run

SolutionCreate an Extended Events session that:

Fires an event when a T-SQL statement executesDefines an event action to collect the query planDefines a predicate on a CPU usage thresholdDefines a consumer to write the event payload to a trace file

Examination of the traced query plans allows pinpointing the problem

27

Lock escalation on partitioned tables reduces concurrency as the table lock locks ALL partitions

Only way to solve this currently is to disable escalation

IXX

FG1 FG1 FG1

PartitionedTable

Partition 1 Partition 2 Partition 3

Query 1ESCALATE

Query 2

update update

SQL Server 2008 allows lock escalation to the partition level, allowing concurrent access to other partitions

Escalation to partition level does not block other queries

IX

X

FG1 FG1 FG1

PartitionedTable

Partition 1 Partition 2 Partition 3

Query 1ES

CA

LATE

Query 2

update update

Optimize Optimize performanceperformanceManage mixed Manage mixed workloadsworkloadsScale Scale performanceperformance

Ensure system Ensure system availabilityavailabilityMinimize Minimize planned planned downtimedowntimeConcurrent Concurrent data accessdata access

Secure data Secure data accessaccessProtect your Protect your systemsystemSimplify Simplify compliancecompliance

Optimize performanceData compressionEnhanced partitioningDW query optimizationsImproved indexed viewsPerformance data collection(covered in manageability session)

Manage mixed workloadsResource Governor

Scale up/scale out

SQL Server 2008 providesSQL Server 2008 providesIncreased levels of securityIncreased levels of securityAvailabilityAvailabilityScalability to meet your growing data Scalability to meet your growing data needsneeds

© 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.

The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after

the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.