Tobiasz Janusz Koprowski presented a beginner's guide to tips and tricks for using Windows Azure SQL Database. The presentation covered key Azure SQL Database concepts like database tiers, performance levels measured in Database Transaction Units (DTUs), data migration options, and compatibility with on-premises SQL Server versions. It provided an overview of supported and non-supported features between SQL Azure and different SQL Server versions. The presentation aimed to help attendees understand how to plan, configure and manage databases in the Azure SQL Database platform.
6. about me
• independent consultant, security & licensing auditor
• Microsoft Certified Trainer
• SQL Server MVP (five years in a row)
• MVP Mentor Program Member
• SharePoint Subject Matter Expert at CQURE
• active blogger, influencer, technical writer
• last 9 years living in Data Processing Center Jungle
• last 15 years working arroung banking and ICT
• Polish Information Technology Society Board Member
7. AGENDA
PART ONE: Slide Talks
plan, compability, features, functionality
PART TWO: Show Time
azure portal, database portal, management studio, 3rd party tools
PART THREE: The Future of DBA
short discussion...
APPENDIX
additional links, q&a
11. PART ONE: Azure Short Introduction
• Windows Azure
Compute:
Virtualized compute environment based
on Windows Server
Storage:
Durable, scalable, & available storage
Management:
Automated, model-driven management of the service
• SQL Azure (cloud-based database)
Database:
Relational processing for structured/unstructured data
• App Fabric (.NET services)
Service Bus:
General purpose application bus
Access Control:
Rules-driven, claims-based access control
13. Data Centers for Azure Platform
North America
US Central - Iowa
US East – Virginia / US East 2 - Virginia
US Gov Iowa – Iowa / US Gov Virginia - Virginia
US North Central - Illinois
US South Central - Texas
US West – California
Asia
Asia Pacific East - Hong Kong
Asia Pacific Southeast – Singapore
Europe
North Europe - Dublin, Ireland
West Europe - Amsterdam, Netherlands
Japan
Japan East - Saitama Prefecture
Japan West - Osaka Prefecture
Oceania (announced, coming soon)
Australia - Sydney, New South Wales
Australia - Melbourne, Victoria
South America (preview)
Brasil - Sao Paulo,
Some datacenters have
servers grouped inside
containers - each
containing
1800-2500 servers.
14. Security Requirements for Azure Platform
As a Service Provider Microsoft has an obligation to passing the several rules for security:
• ISO/IEC 27001:2005
• SAS 70 Type 1 and II
Also they passing (continuisly) several data securing audits:
• PCI DSS
• SOX compliance
• HIPAA compliance
And of course requirements for Data Centers:
• Physical security of the data centers (locks, cameras, biometric devices, card readers,
alarms)
• Firewalls, application gateways and IDS to protect the network
• Access Control Lists (ACLs) applied to virtual local area networks (VLANs) and applications
• Authentication and authorization of persons or processes that request access to data
• Hardening of the servers and operating system instances
• Redundant internal and external DNS infrastructure with restricted write access
• Securing of virtual machine objects
• Securing of static and dynamic storage containers
15. Security Requirements
• ISO/IEC 27001:2005 Audit and Certification
ISO Scope: The following Azure features are in scope for the current ISO audit: Cloud Services (including Fabric and RDFE), Storage (Tables, Blobs,
Queues), Virtual Machines (including with SQL Server), Virtual Network, Traffic Manager, Web Sites, BizTalk Services, Media Services, Mobile
Services, Service Bus, Workflow, Multi-Factor Authentication, Active Directory, Right Management Service, SQL Database, and HDInsight. This
includes the Information Security Management System (ISMS) for Azure, encompassing infrastructure, development, operations, and support for
these features. Also included are Power BI for Office 365 and Power Query Service.
• SOC 1 and SOC 2 SSAE 16/ISAE 3402 Attestations
Scope: The following Azure features are in scope for the current SOC 1 Type 2 and SOC 2 Type 2 attestations: Cloud Services (includes stateless
Web, and Worker roles), Storage (Tables, Blobs, Queues), Virtual Machines (includes persistent virtual machines for use with supported operating
systems) and Virtual Network (includes Traffic Manager).
• United Kingdom G-Cloud Impact Level 2 Accreditation
Scope: The following Azure features are in scope for the IL2 accreditation: Virtual Machines, Cloud Services, Storage (Tables, Blobs, Queues,
Drives), and Virtual Network.
• Cloud Security Alliance Cloud Controls Matrix
• Federal Risk and Authorization Management Program (FedRAMP)
• Payment Card Industry (PCI) Data Security Standards (DSS) Level 1
• HIPAA Business Associate Agreement (BAA)
• Family Educational Rights and Privacy Act (FERPA)
16. 碧云寺 - Temple of Azure Clouds
碧
云
寺
T
e
m
p
l
e
o
f
A
z
u
r
e
C
l
o
u
d
s
18. Microsoft Azure Services
Azure Active Directory API Management Application Insights
Automation Backup Batch BizTalk Services Azure CDN Cloud
Services Data Factory DocumentDB Event Hubs ExpressRoute
HDInsight Key Vault Machine Learning Managed Cache Media
Services Mobile Engagement Mobile Services Multi-Factor
Authentication Notification Hubs Operational Insights Redis Cache
RemoteApp Scheduler Azure Search Service Bus Site Recovery
SQL Database Storage StorSimple Stream Analytics Traffic
Manager Virtual Machines Virtual Network Visual Studio Online
Websites
19. SQL Database in the Cloud
A relational database-as-a-service that makes tier-1
capabilities easily accessible
◦ Scalable to thousands of databases
◦ Predictable performance you can dial up or down
◦ Availability-backed by replicas & uptime SLA
◦ Data protection via auditing, restore & geo-
replication
◦ Programmatic DBA-like functionality for efficient
DevOps
◦ Self-managed for near-zero maintenance
20. Virtual Machines
Launch Windows Server and Linux in minutes
◦ Scale from 1 to 1000s of VM Instances
◦ Built-in Virtual Networking, Load Balancing
◦ Leverage Hybrid Consistency with On-Premises
◦ Microsoft SQL Server and SharePoint Server
◦ Oracle, MySQL, Redis, MongoDB
◦ Save money with per-minute billing
21. HDInsight
Our 100% Apache Hadoop-based service in the cloud
◦ Scale to petabytes on demand
◦ Process unstructured and semi-structured data
◦ Develop in Java, .NET, and more
◦ No hardware to buy or maintain
◦ Pay only for what you use
◦ Spin up a Hadoop cluster in minutes
◦ Visualize your Hadoop data in Excel
◦ Easily integrate on-premises Hadoop clusters
22. Machine Learning
Powerful cloud-based predictive analytics
◦ Designed for new and experienced users
◦ Proven algorithms from MS Research, Xbox and Bing
◦ First class support for the open source language R
◦ Seamless connection to HDInsight for big data solutions
◦ Deploy models to production in minutes
◦ Pay only for what you use. No hardware or software to buy.
23. Express Route
Experience a faster, private connection to Azure
◦ Private Connections to Azure
◦ Increased reliability and speed
◦ Lower latencies
◦ Higher security
◦ Significant cost benefits possible
◦ Directly connect from your WAN
24. Key Vault
Safeguard cryptographic keys and other secrets used by cloud apps and services
◦ Increase security and control over keys and passwords
◦ Create and import encryption keys in minutes
◦ Applications have no direct access to keys
◦ Use FIPS 140-2 Level 2 certified HSMs
◦ Reduce latency with cloud scale and global redundancy
25. Traffic Manager
Geo-route incoming traffic to your app for better performance and availability
◦ Improve app availability with automatic failover
◦ Increase your app’s responsiveness
◦ Enable smooth cloud migration
◦ Distribute your app traffic equally or with weighted values
◦ A/B test new deployments
◦ Seamlessly combine on-premises and cloud
26. Operational Insights
Gain deeper insight into your environments
◦ Collect, search and visualize machine data
◦ Manage and forecast the capacity of your infrastructure
◦ Assess the safety and security of your servers
◦ Track server configuration changes
◦ Proactively avoid workload problems
◦ Ensure your servers are up to date
27. Visual Studio Online
Ship better software with Visual Studio Online
◦ Free for up to five users
◦ Unlimited private source code repositories
◦ Use Visual Studio, Eclipse, or your own tools
◦ Track bugs, work items, feedback and more
◦ Monitor your apps and services
◦ Scales to any team size
29. SQL Azure few days ago
We want to work with SQL Azure (oops SQL Database)
Size does matter?
◦ Personal: 1GB, 5GB
◦ Business: 10GB, 20 GB, 30 GB, 40 GB, 50 GB, 100 GB, 150 GB (3x50)
◦ “Private”: less than 100 MB ($4.995 / month)
Version does matter?
◦ 10.25 my first experience, but after July 2011 Service Release…
◦ 11.0.9214.51 now > close to SQL Server 2012
Row Versioning-Based Isolation Levels
◦ Both the READ_COMMITTED_SNAPSHOT and ALLOW_SNAPSHOT_ISOLATION database options
are set to ON in Microsoft Azure SQL Database.
◦ Because SET <snapshot_option> in the ALTER DATABASE Transact-SQL statement is not supported,
these database options cannot be changed.
error msg 40544:
The database has reached its size quota. Partition or delete data, drop indexes,
or consult the documentation for possible resolutions.
30. SQL Azure now
Size does matter?
◦ Personal: 1GB, 5GB
◦ Business: 10GB, 20 GB, 30 GB, 40 GB, 50 GB, 100 GB, 150 GB (3x50)
◦ “Private”: less than 100 MB ($4.995 / month)
Size does matter!
◦ BASIC
size: 100MB, 500MB, 1GB, 2GB
performance: 5DTU
◦ STANDARD
size: 100MB, 500MB, 1GB, 2GB, 5GB, 10GB, 20GB, 30GB, 40GB, 50GB, 100GB, 150GB, 200GB, 250GB
performance: S0 10DTU, S1 20DTU, S2 50DTU
◦ PREMIUM
size: 100MB, 500MB, 1GB, 2GB, 5GB, 10GB, 20GB, 30GB, 40GB, 50GB, 100GB, 150GB, 200GB, 250GB,
500GB
performance: P10 100DTU, P2 200DTU, SP3 800DTU
What is DTU
DTUs provide a way to describe the relative capacity of a performance level of
Basic, Standard, and Premium databases. DTUs are based on a blended measure
of CPU, memory, reads, and writes.
31. PART ONE: SQL Azure and DTU
Service
Tier/Performance
Level
DTU MAX DB Size
Max Worker Threa
ds
Max Sessions
Benchmark
Transaction Rate
Predictability
Basic
5 2 GB 30 300
16,600 transactions
per hour
Good
Standard/S0
10 250 GB 60 600
521 transactions
per minute
Better
Standard/S1
20 250 GB 90 900
934 transactions
per minute
Better
Standard/S2
50 250 GB 120 1,200
2,570 transactions
per minute
Better
Premium/P1
100 500 GB 200 2,400
105 transactions
per second
Best
Premium/P2
200 500 GB 400 4,800
228 transactions
per second
Best
Premium/P3
800 500 GB 1,600 19,200
735 transactions
per second
Best
32. SQL Azure Collation
Collation does it matter?
◦ default database collation used by Microsoft Azure SQL Database is
SQL_LATIN1_GENERAL_CP1_CI_AS, where LATIN1_GENERAL is English (United States),
CP1 is code page 1252, CI is case-insensitive, and AS is accent-sensitive
◦ SQL_Latin1_General_CP1_CI_AS
◦ When using an on-premise SQL Server, you can set collations at server, database,
column, and expression levels.
◦ Microsoft Azure SQL Database does not allow setting the collation at the server level.
◦ To use the non-default collation with Microsoft Azure SQL Database, set the collation
with the Create Database Collate option, or at the column level or the expression level.
◦ SQL Database does not support the Collate option with the Alter Database command.
◦ By default, in SQL Database, temporary data will have the same collation as the
database
33. users, migration, automation,
Naming, Logins, Users
◦ Admin, administrator, guest, root, sa
Data Migration Support
◦ You can use:
SQL Server 2008 Integration Services (SSIS)
The bulk copy utility (BCP.exe)
System.Data.SqlClient.SqlBulkCopy class
Scripts that use INSERT statements to load data into the database
SQL Data Compare from Red Gate
◦ You can't use:
The RESTORE statement.
Attaching a database to the SQL Database server.
No SQL Server Agent (almost)
No SQL Server jobs
No SQL Server Browser
No Cross Database queries
34. Indexes
Indexes, of course indexes
◦ You MUST use CLUSTERED INDEX with your (Azure) SQL Database.
◦ Heap tables are not supportes, so You MUST create CLUSTERED INDEX before INSERT
will be executed
error msg 40054:
Tables without a clustered index are not supported in this version of SQL
Server. Create a clustered index and try again.
CREATE TABLE Source (Id int NOT NULL
IDENTITY, [Name] nvarchar(max),
CONSTRAINT [PK_Source] PRIMARY KEY
CLUSTERED
(
[Id] ASC
))
35. SQL Database
Closed connections to the service… by the service
Because of multi-tenant :
◦ Excessive resource usage
◦ Connections that have been idle for 30 minutes or longer (Program assuming your
connection is going to fail)
◦ Failover because of server failures
errors:
40197, 40501, 40544, 40549, 40550, 40551, 40552, 40553, 40613
36. Sample of SQL Compability
In Scope for v1
Constants
Constraints
Cursors
Index management and rebuilding indexes
Local temporary tables
Reserved keywords
Stored procedures
Statistics management
Transactions
Triggers
Tables, joins, and table variables
Transact-SQL language elements such as
Create/drop databases
Create/alter/drop tables
Create/alter/drop users and logins
and so on.
User-defined functions
Views
Out of Scope for v1
Common Language Runtime (CLR)
Database file placement
Database mirroring
Distributed queries
Distributed transactions
Filegroup management
Global temporary tables
Spatial data and indexes
SQL Server configuration options
SQL Server Service Broker
System tables
Trace Flags
Physical server or catalog DDL and views
37. SQL Server 2005 {9.0} NON-Compability
Common Language Runtime (CLR) and CLR User-Defined Types
Database Mirroring
Service Broker
Table Partitioning
Typed XML and XML indexing is not supported. The XML data type is supported by SQL Azure.
38. SQL Server 2008 {10.0} NON-Compability
Change Data Capture
Data Auditing
Data Compression
Extended Events
External Key Management / Extensible Key Management
FILESTREAM Data
Integrated Full-Text Search
Large User-Defined Aggregates (UDAs)
Large User-Defined Types (UDTs)
Performance Data Collection (Data Collector)
Policy-Based Management
Resource Governor
SQL Server Replication
Transparent Data Encryption
39. SQL Server 2008R2 {10.50} NON-Compability
SQL Server Utility
SQL Server PowerShell Provider
Master Data Services
SQL Server Management Studio
does not support Windows Azure SQL Database in versions prior to
SQL Server 2008 R2
40. Connection Model
When writing applications for Windows Azure SQL Database, you can use the following drivers and
libraries:
.NET Framework Data Provider for SQL Server (System.Data.SqlClient) from the .NET Framework
3.5 Service Pack 1 or later.
Entity Framework from the .NET Framework 3.5 Service Pack 1 or later.
SQL Server 2008 R2 Native Client ODBC driver. SQL Server 2008 Native Client ODBC driver is also
supported, but has less functionality.
SQL Server 2008 Driver for PHP version 1.1 or later.
An updated version of SQL Server JDBC Driver 3.0 that supports SQL Database.
Windows Azure SQL Database supports tabular data stream (TDS) protocol client version 7.3 or
later. Earlier versions of TDS protocol are not supported.
Connecting to Windows Azure SQL Database by using OLE DB or ADO is not supported
Support for ASP.NET controls
Clients connect directly to a database
41. Security Model
Uses regular SQL security model
◦ Authenticate logins, map to users and roles
◦ Authorize users and roles to SQL objects
Support for standard SQL Auth logins
◦ Username + password
AD Federation, WLID – Windows Live ID, etc as alternate authentication protocols
[admin, administrator, guest, root, sa]
Security model is 100% compatible with on-premise SQL
42. Scenarios for V1
Departmental Applications
◦ Simple application built by individual or department
◦ Need simple deployment, self-management, IT: “Empowerment and Governance”
Web Applications
◦ Small business or startup that uses the cloud as their IT
◦ Simple deployment, self-management, scale on demand
ISV
◦ ISV hosting software on behalf of customer
◦ Multi-tenant support for billing and isolation
Data Hub (Shortly After V1)
◦ Sharing and aggregating of data across tiers and across enterprises
◦ Centralized place for data, high scale, sync with existing data sources
43. Points of Difference
Point of Difference On-premise SQL Server Windows Azure SQL Database
Where you manage server-level
security
The Security folder in SQL Server Management
Studio'sObject Explorer
The master database
Server-level security role for
creating logins
securityadmin fixed server role loginmanager database role in the master database
Commands for managing logins
CREATE LOGIN CREATE LOGIN
ALTER LOGIN ALTER LOGIN
DROP LOGIN DROP LOGIN
(There are some parameter limitations and you must be
connected to the master database)
View that shows all logins
sys.syslogins (sys.sql_logins for SQL Server
authentication logins)
sys.sql_logins
(You must be connected to the master database)
Server-level role for creating
databases
dbcreator fixed database role dbmanager database role in the master database
Command for creating a database CREATE DATABASE
CREATE DATABASE
(There are some parameter limitations and you must be
connected to the master database)
Dropping databases DROP DATABASE
DROP DATABASE
If a user is in the dbmanager role, they have permission
to DROP any database, regardless of which user originally
created it.
View that lists all databases
sys.databases sys.databases
(view) (You must be connected to the master database)
44. SQL Database Federations
One or more tables within a database are split by row and portioned across multiple
databases (federation members) /sharding/
A federation is a collection of database partitions that are:
◦ defined by a federation distribution scheme, known as the federation scheme.
◦ federation scheme defines a federation distribution key,
◦ (which determines the distribution of data to partitions within the federation)
◦ federation distribution key must be an INT, BIGINT, UNIQUEIDENTIFIER, or VARBINARY
◦ only one federation scheme and one federation distribution key for a federation.
45. PART ONE: Adventure with WASD
Adventure…
… of course Adventure Works 2012 for SQL Database
Adventure Works for SQL Server 2012
◦ Release date: March 2012
Adventure Works for SQL Azure
◦ Release date: April 2012
51. PART THREE: Future of the DBA’s
SQL Server on Premise
◦ same job (almost like always)
◦ same tasks, planning, architecture
◦ same problems
◦ same fun especially with new versions every… two years?
52. PART THREE: Future of the DBA’s
New horizons, new skills
SQL as a servis (SQL Azure Database)
not very new but still new concepto of work
some restriction (in minus)
some improvements (such a security)
53. PART THREE: Future of the DBA’s
Automation behind our business
someone (in MS DC) making half of our job
we can forget about few important features/tasks:
◦ tempdb
◦ mirroring
◦ auditing
◦ backup & restore
what is our role?
56. Very Important Article
Authors: Conor Cunningham, Tobias Ternström, Silvano Coriani, Ewan Fairweather
Contributing Author: Ralph Squillace
http://bit.ly/WIHlDL
57. MSDN SQL Database District
Windows Azure SQL Database (formerly SQL Azure) | http://bit.ly/H0Wdfx
◦ What's New in Windows Azure SQL Database (formerly SQL Azure)
◦ Backward Compatibility in Windows Azure SQL Database
◦ Known Issues in Windows Azure SQL Database
◦ Introducing Windows Azure SQL Database
◦ Tutorials
◦ Feedback and Community Information
◦ Windows Azure Platform Management Portal
◦ Windows Azure SQL Database Concepts
◦ Administration
◦ Development
◦ Guidelines and Limitations
◦ Management REST API Reference
◦ Transact-SQL Reference
◦ Errors and Exceptions Reference
58. APPENDIX: additional links
Red Gate Cloud Ready Services
http://cloudservices.red-gate.com/
Windows Azure DataCenter Video
http://www.youtube.com/watch?v=JJ44hEr5DFE
General Guidelines and Limitations (Windows Azure SQL Database)
http://bit.ly/11wB6cK
Adventure Works for SQL Database (formerly SQL Azure)
http://bit.ly/125s0W0
Federations: Building Scalable, Elastic, and Multi-tenant Database Solutions
http://bit.ly/ZxzjmQ | http://bit.ly/15GzIEE
Error Messages (Windows Azure SQL Database)
http://bit.ly/17tnQtE
Compare SQL Server with Windows Azure SQL Database
http://bit.ly/15RyB5u
59. APPENDIX: additional links
Trust Center: Security, Privacy and Compliance Information for Office 365 and
Microsoft Dynamics CRM Online
http://bit.ly/1q4i8bY
Announcing PCI DSS compliance and expanded ISO certification for Windows Azure
http://bit.ly/1tyt7vE
Windows Azure cloud services achieve critical federal security milestone
http://bit.ly/1osDHfi
INFOSYS – Microsoft Data Access Technologies SWOT
http://infy.com/1kgujKC
One year in, and the use cases for Microsoft's SQL Azure are becoming clear
http://bit.ly/TYWRRV
60. APPENDIX: additional links
New Levels of Security via Machine Learning & Combined Data Sets
http://bit.ly/1s6seth
Predict What's Next: Getting Started on Azure Machine Learning - Part 1
http://bit.ly/1BLfWq1
Predict What's Next: How to Get Started with Machine Learning Part 2
http://bit.ly/1BLg099
Introducing Elastic Scale preview for Azure SQL Database
http://bit.ly/1xZk5sG
New D-Series Virtual Machine Sizes
http://bit.ly/10IapFg
61. APPENDIX: additional links
Windows Azure IT Camp Resources–Slide Deck and Hands-on-Lab
http://blogs.technet.com/b/bobh/archive/2013/09/18/windows-azure-it-camp-resources-
slide-deck-and-hands-on-lab.aspx#sthash.yFgxwPLv.dpuf
Microsoft Azure Free one month trial
http://azure.microsoft.com/en-us/pricing/free-trial/?WT.mc_id=AB7B32386
Microsoft Virtual Academy
http://azure.microsoft.com/en-us/pricing/free-trial/?WT.mc_id=AB7B32386
Introducing Elastic Scale preview for Azure SQL Database
http://azure.microsoft.com/blog/2014/10/02/introducing-elastic-scale-preview-for-azure-
sql-database/
Performance Best Practices for SQL Server in Azure Virtual Machines
http://msdn.microsoft.com/en-
us/library/azure/dn133149.aspx?WT.mc_id=Social_SQL_General_DI&WT.mc_id=Social_FB_Out
goingPromotion_20140922_90669619_Microsoft%20SQL%20Server%20-
%20sqlserver&linkId=9703972
62. SQL Database Migration Wizard
v3.11 & v4.11 & v5.11
SQL Database Migration Wizard (SQLAzureMW) is designed to help you migrate your SQL
Server 2005/2008/2012/2014 databases to Azure SQL Database.
Requirements
SQLAzureMW v3x and tools requires .NET Framework 3.5 and SQL Server 2008 R2 SP1
SQLAzureMW v4x and tools requires .NET Framework 4.5 and SQL Server 2012
SQLAzureMW v5x and tools requires .NET Framework 4.5 and SQL Server 2014
AzureMWBatchBackup:
This is used to create a backup of a database schema and data. The data is downloaded via
BCP. The TSQL output from SQLAzureMWBatchBackup can be used by SQLAzureMW or
SQLAzureMWBatchUpload.
SQLAzureMWBatchUpload:
Takes the output from SQLAzureMW or SQLAzureMWBatchBackup and runs it against the
target Azure SQL Database (or SQL Server) server.