CP003 Azure SQL Database V12 updates and comparison with SQL Server presenta Francesco Diaz - @francedit francesco.diaz@insight.com http://francescodiaz.azurewebsites.net
Data Platform Continuum SQL Database Architecture Agenda SQL Database V12 Server New Features Replica Authentication Security Scaling
Data Platform Continuum
Data platform continuum Shared Lower cost On premises Hybrid Cloud Off premises Dedicated Higher cost Higher administration Lower administration
SQL Database Service A relational database as a service, fully managed by Microsoft. For cloud-designed apps when near-zero administration and enterprise-grade capabilities are key. Perfect for cloud architects and developers looking for programmatic DBA-like functionality. Predictable performance levels Programmatic scale-out Dashboard views of database metrics Self-service restore Disaster recovery Compliance-enabled Familiar & compatible Programmatic Self-managed
How is it different from virtual machines? SQL Server in a virtual machine Azure SQL Database Best for Resources TCO benefits Scalability
Architecture Azure SQL Database
SQL Database Firewall Azure SQL Database Gateway Service Provisioning Billing & Metering Connection Routing TDS Endpoints Machine 1 SQL Server Instance Resource Governor Machine 2 Client Application SQL Server Instance Logical Server (TDS Protocol) Machine 3 SQL Server Instance
Predictable Performance Model
Writes Database performance and throughput -DTUs Compute Reads 0 02341 0 Memory
Azure SQL Database Benchmark (ASDB) https://msdn.microsoft.com/en-us/library/azure/dn741336.aspx
Scaling Up
Upgrading/Downgrading Service Tier T-SQL: ALTER DATABASE Customers MODIFY (edition='standard') PowerShell: Set-AzureSqlDatabase $ctx $db - MaxSizeGB 50 -ServiceObjective $serviceobjective -Force
(some in Preview ) V12 Server Feature Highlights
Logical Server versions Pre-V12 Logical Server many database incompatibilities service tiers Web, Business (not available anymore) Basic, Standard, Premium upgrade to V12 (one-way!) V12 Logical Server Highly compatible with SQL 2014 db engine (and SQL 2016 [CTP]) Service tiers: Basic, Standard, Premium only Performance, manageability improvements New features
SQL Database V12 Added Support: Table Partitioning More DBCC commands CLR Assemblies Data-Masking, RLS, TDE (preview) Azure AD authentication (preview) XML Indexes Tables with no Clustered Index In-Memory (Premium) Full Text Search https://azure.microsoft.com/en-us/documentation/articles/sql-database-transact-sql-information/ Windows auth (*), FILESTREAM, Database Mail, Service Broker, Linked Server, Distributed transactions
Security
Security Improvements in V12 Auditing Dynamic Data-Masking Track database events Mask credit card number XXXX-XXXX-XXXX-1234 Row Level Security Transparent Data Encryption Always Encrypted Bank clerk sees data for his accounts only Database, backups and logs are encrypted -.NET 4.6 client data encryption on Always Encrypted
Auditing Enable Auditing to track database events. Access to data Schema changes (DDL) Data changes (DML) Accounts, roles, and permissions (DCL) Stored Procedure, Login and, Transaction Management. Save them to Storage Account.
Viewing Audit data Activities & Events Access to data Schema changes (DDL) Data changes (DML) Accounts, roles, and permissions (DCL) Security exceptions Access via Azure Storage and Excel & Power Query https://channel9.msdn.com/shows/data-exposed/auditing-in-azure-sql-database
Row Level Security RLS in three steps https://channel9.msdn.com/shows/data-exposed/row-level-security-in-azure-sql-database
Row Level Security RLS in three steps
Row Level Security RLS in three steps
Transparent Data Encryption https://channel9.msdn.com/shows/data-exposed/tde-in-azure-sql-database?ocid=player
Azure AD Authentication with SQL v12 DB string ConnectionString = @"Data Source=n9lxnyuzhv.database.windows.net; Authentication=Active Directory Integrated;"; string ConnectionString = @"Data Source=n9lxnyuzhv.database.windows.net; Authentication=Active Directory Password; UID=bob@contoso.onmicrosoft.com; PWD=MyPassWord!"; SqlConnection conn = new SqlConnection(ConnectionString); conn.open();
Administration structure
Set the Admin
Features and Limitations Only native, federated AD members are supported (NO Microsoft Accounts e.g. francescodiaz@outlook.com) Authorization can be given to ADDUsers and AAD Groups Only one AAD Admin (user or group) at the time Some tools like Excel are not supported Authentication is done via.net Framework Data Provider fo SqlServer (framework 4.6) therefore sqlcmd not supported Two-factor authentication not supported
Transactional Replication
Transactional Replication Seamless integration with SQL Server replication features Transactional Replication supported Available in SQL 2016 CTP3 Will come to previous versions with CUs / SPs
Elastic Database
Azure SQL Database Elastic Database Elastic Database tools: These two tools simplify development and management of sharded database solutions. The tools are: the Elastic Database client library and the Elastic Database split-merge tool. Elastic Database pools (preview): A pool is a collection of databases to which you can add or remove databases at any time. The databases in the pool share a fixed amount of resources (known as database throughput units, or DTUs). You pay a fixed price for the resources, which enables you to easily calculate costs while managing performance. Elastic Database jobs (preview): Use jobs to manage large numbers of Azure SQL databases. Easily perform administrative operations such as schema changes, credentials management, reference data updates, performance data collection or tenant (customer) telemetry collection using jobs. Elastic Database query (preview): Enables you to run a Transact-SQL query that spans multiple databases. This enables connection to reporting tools such as Excel, PowerBI, Tableau, etc.
Elastic Database tools and services overview
Elastic Database Pool
Azure SQL Database Elastic Pool Service Tiers
Elastic Database Jobs Run TSQL scripts on the database pool Requires Service Setup Cloud Service, SQL Azure Database, Service Bus, Storage Account Built-in automatic retries in case of transient failures Integrated with elastic pools in the new Azure Portal
Scaling Out (Sharding) OPTIONAL SECTION Elastic Scale client toos and Split-Merge tools
Elastic Scale Client Tools Set of.net Libraries to enable Sharding of the data tier. Has 4 main components: Shard Map Management Data Dependent Routing Multi-Shard Queries Split-Merge Management
Shard Map Manager Metadata container of defined Maps and Shards Key Shard 1 Server 1, DB A 2 Server 1, DB A 3 Server 1, DB B 4 Server 1, DB B Key Range Shard 100-500 Server 2, DB C 500-1000 Server 2, DB D 1000-1500 Server 3, DB E 1500-2000 Server 4, DB F
Data Dependent Routing Responsible for handing out connections to the correct database based on the shard map Key Range Shard 100-500 Server 2, DB C 500-1000 Server 2, DB D 1000-1500 Server 3, DB E 1500-2000 Server 4, DB F
Multi-Shard Querying Provides Query Abstraction across multiple Shards
DEMO Replication Services To Azure AzureAD Integration Row Level Security Database Elastic Pools Geo High Availability
Review Data Platform Continuum SQL Database Architecture SQL Database V12 Server New Features Replica Authentication Security Scaling
GRAZIE! Francesco Diaz @francedit http://francescodiaz.azurewebsites.net francesco.diaz@insight.com