Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.

PASS 17: RDS SQL Server on Amazon Web Services Overview

1.191 visualizaciones

Publicado el

Learn how Amazon RDS makes it easy to deploy and operate a highly available and scalable SQL Server database in the cloud with cost-efficient and resizable capacity.

  • Sé el primero en comentar

PASS 17: RDS SQL Server on Amazon Web Services Overview

  1. 1. Richard Waymire, Principal DB Specialist SA, AWS Amazon Web Services RDS SQL Server Overview
  2. 2. Please silence cell phones Please silence cell phones 2
  3. 3. Free online webinar events Free 1-day local training events Local user groups around the world Online special interest user groups Business analytics training Free Online Resources PASS Blog White Papers Session Recordings Newsletter www.pass.org Explore everything PASS has to offer PASS Connector BA Insights Get involved
  4. 4. Session evaluations Download the GuideBook App and search: PASS Summit 2017 Follow the QR code link displayed on session signage throughout the conference venue and in the program guide Your feedback is important and valuable. Go to passSummit.com Submit by 5pm Friday, November 10th to win prizes. 3 Ways to Access:
  5. 5. Richard Waymire Principal DB Specialist SA, AWS SQL Server DB Specialist, AWS SQL Server specialist Solution Architect for the Americas. SQL Server Experience 24 years of SQL Server experience, including 12+ years at Microsoft with the SQL Server Team Numerous Publications/Papers Author/co-author of several books and whitepapers on SQL Server going back to SQL Server 6.5/richardwaymire @rwaymi
  6. 6. • AWS Overview • How can I run SQL Server workloads on AWS? • Performance of SQL Server RDS • High Availability and Reliability • Tuning and Configuration Management at scale • Active Directory Integration • Networking and Security for RDS SQL Server • Enabling Data Access and Movement Agenda
  7. 7. AWS Overview
  8. 8. What are the primary drivers for moving to the cloud? $ Move from capital expense to variable expense Stop guessing capacity Increased agility Go global in minutes Breadth of services
  9. 9. Broad and Deep Functionality
  10. 10. Achieve Low Latency and High Availability in All Regions Region & Number of Availability Zones AWS GovCloud (2) EU Ireland (3) US West Frankfurt (2) Oregon (3) London (2) Northern California (3) Asia Pacific US East Singapore (2) N. Virginia (5), Ohio (3) Sydney (3), Tokyo (3), Seoul (2), Mumbai (2) Canada Central (2) China Beijing (2) South America São Paulo (3) 16 Regions – 44 Availability Zones – 74 Edge Locations Announced Regions Paris, Ningxia, Stockholm, Hong Kong, Bahrain, AWS Gov Cloud East
  11. 11. Compute Storage AWS Global Infrastructure Database Application Services Deployment & Administration Networking AWS Database Services Scalable High Performance Application Storage in the Cloud Amazon RDS Amazon DynamoDB Amazon Redshift Amazon ElastiCache Amazon Database Migration Service
  12. 12. Simple and fast to deploy Fully managed = low admin Fast, predictable performance Easy to scale Cost-effective Open Source Engines: MySQL, PostgreSQL, MariaDB Commercial Engines: Oracle, SQL Server MySQL Compatible Engine: Aurora Amazon RDS
  13. 13. How can I run SQL Server workloads on AWS? SQL Server as Managed Service Automation, Configuration at Scale No Data Lock-in
  14. 14. Choose the best path for your needs
  15. 15. Managed physical infrastructure Managed OS installation Managed scaling OS level control Choose the best path for your needs Managed physical infrastructure Managed DB install and backups Managed OS and patching Managed high availability and scaling
  16. 16.  App optimization, tuning  Deployment  Monitoring  High availability  Backups  DB & OS patching Your responsibility  App optimization, tuning  Deployment  Monitoring
  17. 17. Which one is right for you? Amazon RDS for SQL Server Consider RDS first Focus on: • Business value tasks • High-level tuning tasks • Schema optimization No in-house database expertise SQL Server on Amazon EC2 Need full control over: • DB instance • Backups • Replication • Clustering Use options not in Amazon RDS
  18. 18. SQL Server features at a glance * Self-installed Amazon RDS for SQL Server SQL Server on Amazon EC2 Versions Supported: 2008 R2, 2012, 2014, 2016 2005*, 2008*, 2008 R2, 2012, 2014, 2016 Editions Supported: Express, Web, Standard, Enterprise** High Availability: Self-managed; AlwaysOn, Mirror, Log ShipAWS-managed Encrypted Storage using AWS KMS (all editions); TDE SupportEncryption: Authentication: Windows & SQL authentication Maintenance plans & 3rd party toolsManaged automated backupsBackups: Self-managedAutomatic software patchingMaintenance:
  19. 19. • Nov 2016 – SQL Server 2016 supported • Feb 2017 – SQL Server supports Forced SSL • June 2017 – TDE-encrypted snapshots can be copied cross-region • June 2017 – SQL Server 2016 SP1 supported • June 2017 – Support for stopping/starting Database Instances • July 2017 – EE License Included in all AWS Commercial Regions • August 2017 – Max Storage increased from 4TB to 16TB • Sept 2017 – HIPAA Eligibility achieved • Nov 2017 – Reconfigure Storage Type on Snapshot Restore RDS SQL Server pace of Innovation
  20. 20. Deploy and Operate SQL Server at scale SQL Server as Managed Service Automation, Configuration at Scale No Data Lock-in
  21. 21. Deploy and manage SQL Server Amazon RDS Management Console AWS Command Line Interface (CLI) or AWS Tools for PowerShell AWS SDKs AWS CloudFormation templates Multiple ways to start and manage your SQL Server resources using AWS
  22. 22. New-RDSDBInstance -DBInstanceIdentifier "demo-sqlsrv" -DBInstanceClass "db.r3.large" -Engine "sqlserver-se" -EngineVersion "12.00.4422.0.v1" -AllocatedStorage 200 -StorageType "gp2” -LicenseModel "license-included" -MultiAZ 1 -DBParameterGroupName "demo-2014se" -AutoMinorVersionUpgrade 1 -MonitoringInterval 15 -MonitoringRoleArn "arn:aws:iam:..." -BackupRetentionPeriod 35 -Domain "d-xxxxxxxxxx"-DomainIAMRoleName "rds-ds-access-role" -DBSubnetGroupName "demo-subnets" -VpcSecurityGroupId "sg-xxxxxxxx” -MasterUsername "demoadmin"-MasterUserPassword "demopassword" -StorageEncrypted 1 Automating deployments Launch RDS DB Instance Programmatically
  23. 23. New-RDSDBInstance -DBInstanceIdentifier "demo-sqlsrv" -DBInstanceClass "db.r3.large" -Engine "sqlserver-se" -EngineVersion "12.00.4422.0.v1" -AllocatedStorage 200 -StorageType "gp2” -LicenseModel "license-included" -MultiAZ 1 -DBParameterGroupName "demo-2014se" -AutoMinorVersionUpgrade 1 -MonitoringInterval 15 -MonitoringRoleArn "arn:aws:iam:..." -BackupRetentionPeriod 35 -Domain "d-xxxxxxxxxx"-DomainIAMRoleName "rds-ds-access-role" -DBSubnetGroupName "demo-subnets" -VpcSecurityGroupId "sg-xxxxxxxx” -MasterUsername "demoadmin"-MasterUserPassword "demopassword" -StorageEncrypted 1 Automating deployments Launch RDS DB Instance Programmatically General & Performance
  24. 24. New-RDSDBInstance -DBInstanceIdentifier "demo-sqlsrv" -DBInstanceClass "db.r3.large" -Engine "sqlserver-se" -EngineVersion "12.00.4422.0.v1" -AllocatedStorage 200 -StorageType "gp2” -LicenseModel "license-included" -MultiAZ 1 -DBParameterGroupName "demo-2014se" -AutoMinorVersionUpgrade 1 -MonitoringInterval 15 -MonitoringRoleArn "arn:aws:iam:..." -BackupRetentionPeriod 35 -Domain "d-xxxxxxxxxx"-DomainIAMRoleName "rds-ds-access-role" -DBSubnetGroupName "demo-subnets" -VpcSecurityGroupId "sg-xxxxxxxx” -MasterUsername "demoadmin"-MasterUserPassword "demopassword" -StorageEncrypted 1 Automating deployments Launch RDS DB Instance Programmatically Reliability & Tuning
  25. 25. New-RDSDBInstance -DBInstanceIdentifier "demo-sqlsrv" -DBInstanceClass "db.r3.large" -Engine "sqlserver-se" -EngineVersion "12.00.4422.0.v1" -AllocatedStorage 200 -StorageType "gp2” -LicenseModel "license-included" -MultiAZ 1 -DBParameterGroupName "demo-2014se" -AutoMinorVersionUpgrade 1 -MonitoringInterval 15 -MonitoringRoleArn "arn:aws:iam:..." -BackupRetentionPeriod 35 -Domain "d-xxxxxxxxxx"-DomainIAMRoleName "rds-ds-access-role" -DBSubnetGroupName "demo-subnets" -VpcSecurityGroupId "sg-xxxxxxxx” -MasterUsername "demoadmin"-MasterUserPassword "demopassword" -StorageEncrypted 1 Automating deployments Launch RDS DB Instance Programmatically Domain Membership
  26. 26. New-RDSDBInstance -DBInstanceIdentifier "demo-sqlsrv" -DBInstanceClass "db.r3.large" -Engine "sqlserver-se" -EngineVersion "12.00.4422.0.v1" -AllocatedStorage 200 -StorageType "gp2” -LicenseModel "license-included" -MultiAZ 1 -DBParameterGroupName "demo-2014se" -AutoMinorVersionUpgrade 1 -MonitoringInterval 15 -MonitoringRoleArn "arn:aws:iam:..." -BackupRetentionPeriod 35 -Domain "d-xxxxxxxxxx"-DomainIAMRoleName "rds-ds-access-role" -DBSubnetGroupName "demo-subnets" -VpcSecurityGroupId "sg-xxxxxxxx” -MasterUsername "demoadmin"-MasterUserPassword "demopassword" -StorageEncrypted 1 Automating deployments Launch RDS DB Instance Programmatically Networking & Security
  27. 27. RDS SQL Server Creation Demo
  28. 28. Performance of SQL Server RDS SQL Server as Managed Service Automation, Configuration at Scale No Data Lock-in
  29. 29. Service-level performance factors Compute Capabilities vCPUs Memory Capabilities GB of RAM Network Performance MB/s (Throughput) Storage Performance I/O Throughput RDS DB Instance Class RDS Storage Type
  30. 30. Scaling compute resources Range of DB instance classes From: 1 vCPU and 1 GB of RAM To: 40 vCPUs or 244 GB of RAM Grouped in instance families: Standard (db.m4) Memory (db.r3) Burst Capable (db.t2) Scale up or down by changing the instance class R3
  31. 31. • SQL Server workloads typically benefit from large amounts of memory (caching) • Consider db.r3 - Memory Optimized instances • Edition and licensing may impact DB instance class options • DB instances can be modified to change the DB instance class • Requires a reboot (or failover in Multi-AZ) • Can scale compute capacity with the workload, if practical • Storage cannot be scaled once deployed • Plan for data set growth Performance planning
  32. 32. Storage & I/O performance Amazon RDS Amazon EC2 Type Size Performance Size Performance Burst Capacity Pricing Model Magnetic Storage 20 GiB–1 TiB ~100 IOPS 1 GiB–1 TiB ~ 100 IOPS Yes, several hundred IOPS Allocated storage; I/O operations General Purpose (SSD) 20 GiB–4 TiB (min. 100 GiB recommended) 3 IOPS/GiB 1 GiB–16 TiB 3 IOPS/GiB for volumes 1 TiB or less, up to 10,000 IOPS for larger volumes Yes, up to 3000 IOPS per volume, subject to credits (< 1 TiB in size) Allocated storage Provisioned IOPS (SSD) 100 GiB–4 TiB (min. 200 GiB for Standard edition & up) Up to max. 20,000 IOPS 4 GiB–16 TiB Up to 20,000 IOPS No, fixed allocation Allocated storage; Provisioned IOPS
  33. 33. High Availability and Reliability SQL Server as Managed Service Automation, Configuration at Scale No Data Lock-in
  34. 34. Amazon RDS Multi-AZ Always run production workloads in Multi-AZ mode • Primary and secondary DB nodes in different Availability Zones (AZ) • Leverages SQL Server DB Mirroring • Automatic failover (1–2 minutes typically) Consider: • Impact on mirroring of change heavy workloads (for example, index rebuilds)
  35. 35. Amazon RDS Multi-AZ in depth Failure scenarios mitigated: • Loss of availability in primary AZ • Loss of network connectivity to principal DB node • Compute unit or storage failure on principal DB node Failover process: Mirroring stopped Address apply debt Promote to master Change DNS endpoint Provision new secondary Consider: • Implement retry logic at the application layer—trigger manual failover to test
  36. 36. Monitoring SQL Server performance Monitor performance using Amazon CloudWatch Alarms & notifications: Amazon RDS & Amazon EC2 Default metrics: Amazon RDS & Amazon EC2 Custom metrics: Amazon EC2 1 2 3 CPU Utilization Read / Write IOPS Disk Queue Depth Memory (RDS) Storage Space (RDS) Connections (RDS) I/O Throughput (EC2) … Use SQL Server Profiler & Tuning Advisor to trace query performance
  37. 37. Overview: • OS Level Monitoring Metrics – 26 system and per process metrics • Metrics delivered to CloudWatch Logs • Up to 1 second granularity Compared to CloudWatch Metrics: • Agent based metrics collections • There can be differences with CloudWatch metrics due to collection source (hypervisor vs. agent) – eg. CPU Amazon RDS Enhanced Monitoring
  38. 38. Enhanced Monitoring 50+ system/OS metrics | sorted process list view | 1-60 sec granularity alarms on specific metrics | egress to CloudWatch Logs | integration with 3rd-party tools
  39. 39. • Automated backup and recovery • Maximum retention: 35 days • Restore to any second, typically up to the last 5 minutes • Full DB instance snapshots & restore • Backup & Restore using .bak files • Leverages SQL Server’s native backup functionality • 4 TB database size limit Reliability
  40. 40. Tuning and Configuration Management at scale SQL Server as Managed Service Automation, Configuration at Scale No Data Lock-in
  41. 41. • Centralized management of DB engine parameters • Ability to consistently apply configurations to DB instances • Auditability of configuration • Sensible defaults work for most use cases • Ability to create custom parameter groups Parameter Groups Option Groups • Used for enabling additional features • Ability to create custom option groups • Supported options: • Transparent Data Encryption (TDE) in Enterprise Edition only • S3 Backup & Restore Manage the RDS SQL Server configuration
  42. 42. Customizing parameter groups
  43. 43. Customizing parameter groups • Exercise Caution - Change at Your Own Risk! • Not all parameters can be changed, some read only for visibility • Dynamic (applied immediately) vs. Static (requires reboot) • Fixed value, formula driven default, DB instance class dependent, interdependent – for example: Parameter “clr” Enable (1) or disable (0) the common language runtime, default disabled (0). But if enabled, parameter “lightweight pooling” must be disabled (0) Parameter “max server memory (mb)” Memory allowed to be used by the server instance. Default based on instance class: {DBInstanceClassMemory}/ 1048576 Parameter “max worker threads” Number of worker threads available for SQL Server processes. Default is 0 – db engine computed based on formula: 512+ max(0, (vCPUs-4)x16)
  44. 44. Walkthrough: Restoring databases from .bak files
  45. 45. What we need: RDS for SQL Server DB Instance✓ S3 Bucket (to store .bak files)✓ DB Option Group enabling SQLSERVER_BACKUP_RESTORE ✓ SSMS or other client to connect to DB instance ✓
  46. 46. Creating the S3 bucket
  47. 47. Creating the S3 bucket
  48. 48. Creating the S3 bucket
  49. 49. What we need: RDS for SQL Server DB Instance✓ S3 Bucket (to store .bak files)✓ DB Option Group enabling SQLSERVER_BACKUP_RESTORE ✓ SSMS or other client to connect to DB instance ✓
  50. 50. Create & apply DB Option Group
  51. 51. Create & apply DB Option Group
  52. 52. Create & apply DB Option Group
  53. 53. Create & apply DB Option Group
  54. 54. Create & apply DB Option Group
  55. 55. Create & apply DB Option Group
  56. 56. Create & apply DB Option Group
  57. 57. What we need: RDS for SQL Server DB Instance✓ S3 Bucket (to store .bak files)✓ DB Option Group enabling SQLSERVER_BACKUP_RESTORE ✓ SSMS or other client to connect to DB instance and restore✓
  58. 58. Upload .bak file to S3
  59. 59. Upload .bak file to S3
  60. 60. /* Restoring from backup */ exec msdb.dbo.rds_restore_database @restore_db_name='your database name', @s3_arn_to_restore_from='arn:aws:s3:::<bucket>/<file path>'; /* Check job status */ exec msdb.dbo.rds_task_status; Restoring from backup 60
  61. 61. Restoring from backup Importing & Exporting SQL Server Databases: http://amzn.to/2d1RaCp
  62. 62. Restore from S3 Demo
  63. 63. Active Directory Integration SQL Server as Managed Service Automation, Configuration at Scale No Data Lock-in
  64. 64. RDS for SQL Server deployment patterns Standalone DB Instance Microsoft AD integrated DB Instance Integration with existing Active Directory Infrastructure Hybrid on- premise and AWS deployment
  65. 65. Standalone DB instance RDS SQL Server DB Instance • Deployed in a DB Subnet Group • Single-AZ or Multi-AZ (recommended for production) • No directory integration, authenticate via SQL Server Authentication Pros • Simplicity, great for ad-hoc workloads, ETL processes, data conversion and migration Cons • Connection string/application credential management overhead
  66. 66. • Join RDS for SQL Server to a domain • Domain provided by AWS Directory Services • Directory as a managed service • Deploy a Microsoft AD directory • Fully managed AD forest • Primary and secondary domain controllers in different AZs • Ability to establish forest trusts Using Windows Authentication
  67. 67. Microsoft AD integrated DB instance • Cloud-based Active Directory deployment using AWS Directory Services Microsoft AD • Managed directory • Credentials stored and managed in the directory • RDS DB instance joined to the directory operated domain • Add SQL Server logins for domain users, and authenticate using Windows Authentication
  68. 68. Integration with existing Active Directory Microsoft AD directory + external AD • Integrate with existing AD deployment using a Forest Trust • Configure inbound trust on the external forest + outbound trust in the directory • Configure conditional forwarders for the 2 domains Pros • Leverage an existing, self-managed AD deployment with RDS SQL Server Cons • Increased complexity operating 2 domains
  69. 69. Hybrid on-premise and AWS deployment Microsoft AD directory + on-prem AD • Extend your internal network to AWS • Private connectivity to your AWS VPC (VPN, DirectConnect) • We recommend extending your AD deployment to AWS using secondary controllers in your VPC • Establish Forest Trust between the existing AD and the Microsoft AD directory Active Directory integration & deployment patterns Active Directory integration & deployment patterns
  70. 70. Networking and Security for RDS SQL Server SQL Server as Managed Service Automation, Configuration at Scale No Data Lock-in
  71. 71. Securing SQL Server on AWS: network Amazon VPC: Control subnets, AZ specificity (DB subnet groups), route tables and NACLs Security groups: Restrict instance traffic Public access: Avoid it or limit it 1 2 3 VPC
  72. 72. Securing SQL Server on AWS: data Protect data at rest Encrypted DB instances using AWS KMS, TDE, column-level, encrypt before saving Secure data in transit Encrypted connections via SSL 1 2
  73. 73. Securing SQL Server on AWS: access & audit Control: Use AWS Identity and Access Management (IAM) to control instance lifecycle permissions, grant least privileges Audit: Use AWS CloudTrail to log AWS API invocations 2 3 Grant least privileges to applications and end users 1
  74. 74. Enabling Data Access and Movement SQL Server as Managed Service Automation, Configuration at Scale No Data Lock-in
  75. 75. • Manage using common tools: SQL Server Management Studio, sqlcmd, etc. • Data source only for SSAS, SSIS and SSRS • Maximum 30 databases per Amazon RDS instance • Amazon RDS does not provide desktop, Administrator or file-system access to DB instances • Not supported: Maintenance Plans, Database Mail, Linked Servers, MSDTC Amazon RDS SQL Server tooling
  76. 76. Migrating data to & from Amazon RDS .BAK File Save & Restore Leverages SQL Server’s native backup functionality AWS Database Migration Service Minimize downtime during migrations, migrate between different DB platforms, Schema Conversion Tool AWS Marketplace Third-party data import and export tools and solutions 1 3 4 Microsoft SQL Server Database Publishing Wizard, Import/Export Export to T-SQL files, load using sqlcmd 2
  77. 77. Why Microsoft SQL Server on AWS  Largest Global Reach - every region with high availability zones  Cost benefits through license optimizations  Increase innovation and flexibility for future  Improve security posture
  78. 78. Thank You Learn more from Speaker Name Waymire@amazon.com@rwaymi

×