SlideShare une entreprise Scribd logo

SQL under the hood

Eduardo Castro
Eduardo Castro

In this presentation we review some internal process inside SQL Azure. Regards, Ing. Eduardo Castro, PhD

1  sur  25
SQL Azure DatabaseUnder the hood Ing. Eduardo Castro, PhD Comunidad Windows ecastro@grupoasesor.net http://ecastrom.blogspot.com
Agenda Service Review SQL Azure Architecture & Workflows Service Resilience Service Monitoring Attack Vectors/Security considerations Wrap up
What is “SQL Azure”?
The Azure Services PlaformAn illustration .NET Services SQL Azure Applications Windows Azure Applications Windows Mobile Windows Vista/XP Windows Server Others
Review – Conceptual model Subscription Used to map service usage to the billing instrument Users may have many subscriptions Logical Server Akin to SQL Server Instance Unit of Geo-Location & Billing 1:1 Subscription & server User Database Restricted T-SQL surface area Additional catalog views provided e.g. sys.billing, sys.firewall_rules, etc
SQL AzureA relational DB in the cloud SQL Azure Database Data Hub Others (Future) Relational database as a service Highly available, automatically maintained Extension of the SQL Server Data Platform .NET Services SQL Services Applications Live Services Windows Azure Applications Windows Mobile Windows Vista/XP Windows Server Others
Extending SQL Server Data Platform to the Cloud Data Sync Reference Data Database Symmetric Programming Model Data Hub Aggregation ,[object Object]
Future Offerings
Additional data platform capabilities: Reporting, BI
New services: Reference Data,[object Object]
The Evolution of SDS Evolves BrowserApplication Application Application BrowserApplication Application ODBC, OLEDB, ADO.Net PHP, Ruby, … REST Client SQL Client* REST Client Cloud Cloud Windows Azure REST (Astoria) Web App ADO.Net + EF REST Client HTTP+REST HTTP+REST HTTP TDS HTTP Windows Azure Web App SQL Client* Data Center Data Center TDS + TSQL Model REST/SOAP + ACE Model SDS Next SDS Current * Client access enabled using TDS for ODBC, ADO.Net, OLEDB, PHP-SQL, Ruby, …
SQL Azure Network Topology Applications use standard SQL client libraries: ODBC, ADO.Net, PHP, … Application Internet Azure Cloud TDS (tcp) Security Boundary Load balancer forwards ‘sticky’ sessions to TDS protocol tier LB TDS (tcp) Gateway Gateway Gateway Gateway Gateway Gateway Gateway: TDS protocol gateway, enforces AUTHN/AUTHZ policy; proxy to CloudDB TDS (tcp) SQL SQL SQL SQL SQL SQL Scalability and Availability: Fabric, Failover, Replication, and Load balancing
TDS Gateway TDS Listener Capability negotiation TDS Packet inspection Security Logical->Physical mapping via metadata catalog Enabler for multi-tenet capabilities Isolation layer
TDS Gateway Layering Gateway Process TDS Endpoint AdminSvc Endpoint Provisioning Endpoint Protocol Parser Business Logic Services Connection Mgmt SQL SQL SQL SQL SQL SQL Scalability and Availability: Fabric, Failover, Replication, and Load balancing
Provisioning Subscription Coordinated across all Azure services Executed in parallel w/retries Server May occur between data centers Point where Geo-location is established Database Always occurs within a single data center Cross node operations executed during this process e.g. add new db to sys.databases on the master
Server Provisioning Driven by administrator Portal Provision request is sent to Gateway Metadata catalog entry created DNS record (CNAME) created within LiveDNS service Master DB created On completion metadata catalog updated
SQL Azure Server Provisioning Live DNS Cluster Customer Browser Live DNS Svc Datacenter (Sub-Region) 1 5 Portal LB Gateway LB 2 4 3 6 Front-end Node Front-end Node Front-end Node Front-end Node Gateway Gateway Admin Portal Admin Portal 7 Backend Node Backend Node Backend Node SQL Server SQL Server SQL Server Mgmt. Services Mgmt. Services Mgmt. Services Fabric Fabric Fabric
Database Provisioning Gateway performs stateful TDS packet inspection Picks out subset of messages Parses out args for create database Makes entry into Gateway metadata catalog Unused replica set located and reserved Replica set (UserDB) is prepped for use Metadata catalog is updated
SQL Azure Database provisioning TDS Gateway 1 Front-end Node Protocol Parser TDS Session 2 3 Gateway Logic Master Node Master Cluster Master Node Components 4 7 5 6 8 Backend Node 1 Backend Node 2 Backend Node 3 SQL Instance SQL Instance SQL Instance SQL DB SQL DB SQL DB Scalability and Availability: Fabric, Failover, Replication, and Load balancing Scalability and Availability: Fabric, Failover, Replication, and Load balancing
SQL Azure Login Process Login request arrives at the Gateway Gateway locates MasterDb & UserDb replica sets Credentials are validated against MasterDb TDS session is opened to UserDB and requests are forwarded
SQL Azure Login Process TDS Gateway 7 1 Front-end Node Protocol Parser TDS Session 2 6 Gateway Logic Master Node Global Partition Map Master Node Components 3 8 4 5 Backend Node 1 Backend Node 2 Backend Node 3 SQL Instance SQL Instance SQL Instance SQL DB SQL DB SQL DB Scalability and Availability: Fabric, Failover, Replication, and Load balancing Scalability and Availability: Fabric, Failover, Replication, and Load balancing
Service Resilience Provisioning State machines used to coordinate activities across node (and datacenter) boundaries Failed provisioning attempts cleaned automatically after 10 minutes Login Failovers during the login will be transparent (<30 seconds) Metadata catalog refresh occurs automatically Active Session Surface as connection drops (due to state)
Monitoring Service Health Metrics Cluster wide performance counters gather key metrics on the service Used to alert Operations to issues before they become a problem Early warning system Code issues Capacity warnings Health Exercises the service routinely looking for problems When issues are encountered runs deep diagnostics Network connectivity at the node level Validate all dependent services (Live DNS, Live ID, etc) Monitoring from other MSFT DC’s Validates accessibility from multiple geographic locations Alerts fired automatically when test jobs fail
Security/Attack Considerations Service Secure channel required (SSL) Denial Of Service trend tracking Packet Inspection Server IP allow list (Firewall) Idle connection culling Generated server names Database Disallow the most commonly attacked user id’s (SA, Admin, root, guest, etc) Standard SQL Authn/Authz mode
Wrap Up Reviewed SQL Azure Architecture & Workflows Provisioning (Server & DB) Login Service Resilience & Health Failure detection and correction How we determine service health Security considerations Attack vectors and mitigations Questions?

Recommandé

High volume real time contiguous etl and audit
High volume real time contiguous etl and auditHigh volume real time contiguous etl and audit
High volume real time contiguous etl and auditRemus Rusanu
 
Azure service fabric: a gentle introduction
Azure service fabric: a gentle introductionAzure service fabric: a gentle introduction
Azure service fabric: a gentle introductionAlessandro Melchiori
 
Cloud computing architectures
Cloud computing architecturesCloud computing architectures
Cloud computing architecturesMuhammad Aitzaz Ahsan
 
Windows Azure AppFabric
Windows Azure AppFabricWindows Azure AppFabric
Windows Azure AppFabricDavid Chou
 
Towards secure & dependable storage services in cloud computing
Towards secure & dependable storage services in cloud computingTowards secure & dependable storage services in cloud computing
Towards secure & dependable storage services in cloud computingRahid Abdul Kalam
 
[DSBW Spring 2009] Unit 05: Web Architectures
[DSBW Spring 2009] Unit 05: Web Architectures[DSBW Spring 2009] Unit 05: Web Architectures
[DSBW Spring 2009] Unit 05: Web ArchitecturesCarles Farré
 
Windows Azure Diagnostics
Windows Azure DiagnosticsWindows Azure Diagnostics
Windows Azure DiagnosticsNeil Mackenzie
 
Cloud architecture
Cloud architectureCloud architecture
Cloud architectureAdeel Javaid
 

Recommandé

High volume real time contiguous etl and audit
High volume real time contiguous etl and auditHigh volume real time contiguous etl and audit
High volume real time contiguous etl and auditRemus Rusanu
 
Azure service fabric: a gentle introduction
Azure service fabric: a gentle introductionAzure service fabric: a gentle introduction
Azure service fabric: a gentle introductionAlessandro Melchiori
 
Cloud computing architectures
Cloud computing architecturesCloud computing architectures
Cloud computing architecturesMuhammad Aitzaz Ahsan
 
Windows Azure AppFabric
Windows Azure AppFabricWindows Azure AppFabric
Windows Azure AppFabricDavid Chou
 
Towards secure & dependable storage services in cloud computing
Towards secure & dependable storage services in cloud computingTowards secure & dependable storage services in cloud computing
Towards secure & dependable storage services in cloud computingRahid Abdul Kalam
 
[DSBW Spring 2009] Unit 05: Web Architectures
[DSBW Spring 2009] Unit 05: Web Architectures[DSBW Spring 2009] Unit 05: Web Architectures
[DSBW Spring 2009] Unit 05: Web ArchitecturesCarles Farré
 
Windows Azure Diagnostics
Windows Azure DiagnosticsWindows Azure Diagnostics
Windows Azure DiagnosticsNeil Mackenzie
 
Cloud architecture
Cloud architectureCloud architecture
Cloud architectureAdeel Javaid
 
Azure Service Fabric Overview
Azure Service Fabric OverviewAzure Service Fabric Overview
Azure Service Fabric OverviewJoão Pedro Martins
 
Tokyo Azure Meetup #5 - Microservices and Azure Service Fabric
Tokyo Azure Meetup #5 - Microservices and Azure Service FabricTokyo Azure Meetup #5 - Microservices and Azure Service Fabric
Tokyo Azure Meetup #5 - Microservices and Azure Service FabricTokyo Azure Meetup
 
Azure architecture
Azure architectureAzure architecture
Azure architectureAmal Dev
 
Microsoft Database Options
Microsoft Database OptionsMicrosoft Database Options
Microsoft Database OptionsDavid Chou
 
Design and Performance Optimization of Authentication, Authorization, and Acc...
Design and Performance Optimization of Authentication, Authorization, and Acc...Design and Performance Optimization of Authentication, Authorization, and Acc...
Design and Performance Optimization of Authentication, Authorization, and Acc...saidzaghloul
 
Azure in Developer Perspective
Azure in Developer PerspectiveAzure in Developer Perspective
Azure in Developer Perspectiverizaon
 
Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure Jethro Seghers
 
Migrating Existing ASP.NET Web Applications to Microsoft Azure
Migrating Existing ASP.NET Web Applications to Microsoft AzureMigrating Existing ASP.NET Web Applications to Microsoft Azure
Migrating Existing ASP.NET Web Applications to Microsoft AzureIlyas F ☁☁☁
 
tcp cloud - Advanced Cloud Computing
tcp cloud - Advanced Cloud Computingtcp cloud - Advanced Cloud Computing
tcp cloud - Advanced Cloud ComputingMarketingArrowECS_CZ
 
Axon Framework, Exploring CQRS and Event Sourcing Architecture
Axon Framework, Exploring CQRS and Event Sourcing ArchitectureAxon Framework, Exploring CQRS and Event Sourcing Architecture
Axon Framework, Exploring CQRS and Event Sourcing ArchitectureAshutosh Jadhav
 
Global Azure Bootcamp: Azure service fabric
Global Azure Bootcamp: Azure service fabric Global Azure Bootcamp: Azure service fabric
Global Azure Bootcamp: Azure service fabric Luis Valencia
 
Enterprise Software Architecture
Enterprise Software ArchitectureEnterprise Software Architecture
Enterprise Software Architecturerahmed_sct
 
Automated Web Service Change Management (AWSCM) A tool published at IEEE Clou...
Automated Web Service Change Management (AWSCM) A tool published at IEEE Clou...Automated Web Service Change Management (AWSCM) A tool published at IEEE Clou...
Automated Web Service Change Management (AWSCM) A tool published at IEEE Clou...Animesh Chaturvedi
 
Tomcat and MySQL in Windows Azure
Tomcat and MySQL in Windows Azure Tomcat and MySQL in Windows Azure
Tomcat and MySQL in Windows Azure Guada Casuso
 
Webinar - What's new in Axon 3
Webinar - What's new in Axon 3 Webinar - What's new in Axon 3
Webinar - What's new in Axon 3 Allard Buijze
 
Deploying .net application using VSTS on ACS in kubernetes
Deploying .net application using VSTS on ACS in kubernetesDeploying .net application using VSTS on ACS in kubernetes
Deploying .net application using VSTS on ACS in kubernetesgirish goudar
 
Microservices to Scale using Azure Service Fabric
Microservices to Scale using Azure Service FabricMicroservices to Scale using Azure Service Fabric
Microservices to Scale using Azure Service FabricMukul Jain
 
Cloud architecture
Cloud architectureCloud architecture
Cloud architectureMahmoud Moussa
 
Azure paa s v2 – microservices, microsoft (azure) service fabric, .apps and o...
Azure paa s v2 – microservices, microsoft (azure) service fabric, .apps and o...Azure paa s v2 – microservices, microsoft (azure) service fabric, .apps and o...
Azure paa s v2 – microservices, microsoft (azure) service fabric, .apps and o...Tomasz Kopacz
 
WSO2 Product Release Webinar - Introducing the WSO2 Complex Event Processor
WSO2 Product Release Webinar - Introducing the WSO2 Complex Event Processor WSO2 Product Release Webinar - Introducing the WSO2 Complex Event Processor
WSO2 Product Release Webinar - Introducing the WSO2 Complex Event Processor WSO2
 
IBM System x Private Cloud Offering, Advanced Configuration: Architecture and...
IBM System x Private Cloud Offering, Advanced Configuration: Architecture and...IBM System x Private Cloud Offering, Advanced Configuration: Architecture and...
IBM System x Private Cloud Offering, Advanced Configuration: Architecture and...IBM India Smarter Computing
 
Hardening Sql 2008 02
Hardening Sql 2008 02Hardening Sql 2008 02
Hardening Sql 2008 02Eduardo Castro
 

Contenu connexe

Tendances

Tokyo Azure Meetup #5 - Microservices and Azure Service Fabric
Tokyo Azure Meetup #5 - Microservices and Azure Service FabricTokyo Azure Meetup #5 - Microservices and Azure Service Fabric
Tokyo Azure Meetup #5 - Microservices and Azure Service FabricTokyo Azure Meetup
 
Azure architecture
Azure architectureAzure architecture
Azure architectureAmal Dev
 
Microsoft Database Options
Microsoft Database OptionsMicrosoft Database Options
Microsoft Database OptionsDavid Chou
 
Design and Performance Optimization of Authentication, Authorization, and Acc...
Design and Performance Optimization of Authentication, Authorization, and Acc...Design and Performance Optimization of Authentication, Authorization, and Acc...
Design and Performance Optimization of Authentication, Authorization, and Acc...saidzaghloul
 
Azure in Developer Perspective
Azure in Developer PerspectiveAzure in Developer Perspective
Azure in Developer Perspectiverizaon
 
Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure Jethro Seghers
 
Migrating Existing ASP.NET Web Applications to Microsoft Azure
Migrating Existing ASP.NET Web Applications to Microsoft AzureMigrating Existing ASP.NET Web Applications to Microsoft Azure
Migrating Existing ASP.NET Web Applications to Microsoft AzureIlyas F ☁☁☁
 
tcp cloud - Advanced Cloud Computing
tcp cloud - Advanced Cloud Computingtcp cloud - Advanced Cloud Computing
tcp cloud - Advanced Cloud ComputingMarketingArrowECS_CZ
 
Axon Framework, Exploring CQRS and Event Sourcing Architecture
Axon Framework, Exploring CQRS and Event Sourcing ArchitectureAxon Framework, Exploring CQRS and Event Sourcing Architecture
Axon Framework, Exploring CQRS and Event Sourcing ArchitectureAshutosh Jadhav
 
Global Azure Bootcamp: Azure service fabric
Global Azure Bootcamp: Azure service fabric Global Azure Bootcamp: Azure service fabric
Global Azure Bootcamp: Azure service fabric Luis Valencia
 
Enterprise Software Architecture
Enterprise Software ArchitectureEnterprise Software Architecture
Enterprise Software Architecturerahmed_sct
 
Automated Web Service Change Management (AWSCM) A tool published at IEEE Clou...
Automated Web Service Change Management (AWSCM) A tool published at IEEE Clou...Automated Web Service Change Management (AWSCM) A tool published at IEEE Clou...
Automated Web Service Change Management (AWSCM) A tool published at IEEE Clou...Animesh Chaturvedi
 
Tomcat and MySQL in Windows Azure
Tomcat and MySQL in Windows Azure Tomcat and MySQL in Windows Azure
Tomcat and MySQL in Windows Azure Guada Casuso
 
Webinar - What's new in Axon 3
Webinar - What's new in Axon 3 Webinar - What's new in Axon 3
Webinar - What's new in Axon 3 Allard Buijze
 
Deploying .net application using VSTS on ACS in kubernetes
Deploying .net application using VSTS on ACS in kubernetesDeploying .net application using VSTS on ACS in kubernetes
Deploying .net application using VSTS on ACS in kubernetesgirish goudar
 
Microservices to Scale using Azure Service Fabric
Microservices to Scale using Azure Service FabricMicroservices to Scale using Azure Service Fabric
Microservices to Scale using Azure Service FabricMukul Jain
 
Azure paa s v2 – microservices, microsoft (azure) service fabric, .apps and o...
Azure paa s v2 – microservices, microsoft (azure) service fabric, .apps and o...Azure paa s v2 – microservices, microsoft (azure) service fabric, .apps and o...
Azure paa s v2 – microservices, microsoft (azure) service fabric, .apps and o...Tomasz Kopacz
 
WSO2 Product Release Webinar - Introducing the WSO2 Complex Event Processor
WSO2 Product Release Webinar - Introducing the WSO2 Complex Event Processor WSO2 Product Release Webinar - Introducing the WSO2 Complex Event Processor
WSO2 Product Release Webinar - Introducing the WSO2 Complex Event Processor WSO2
 

Tendances (20)

Azure Service Fabric Overview
Azure Service Fabric OverviewAzure Service Fabric Overview
Azure Service Fabric Overview
 
Tokyo Azure Meetup #5 - Microservices and Azure Service Fabric
Tokyo Azure Meetup #5 - Microservices and Azure Service FabricTokyo Azure Meetup #5 - Microservices and Azure Service Fabric
Tokyo Azure Meetup #5 - Microservices and Azure Service Fabric
 
Azure architecture
Azure architectureAzure architecture
Azure architecture
 
Microsoft Database Options
Microsoft Database OptionsMicrosoft Database Options
Microsoft Database Options
 
Design and Performance Optimization of Authentication, Authorization, and Acc...
Design and Performance Optimization of Authentication, Authorization, and Acc...Design and Performance Optimization of Authentication, Authorization, and Acc...
Design and Performance Optimization of Authentication, Authorization, and Acc...
 
Azure in Developer Perspective
Azure in Developer PerspectiveAzure in Developer Perspective
Azure in Developer Perspective
 
Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure Supporting architecture office 365 on windows azure
Supporting architecture office 365 on windows azure
 
Migrating Existing ASP.NET Web Applications to Microsoft Azure
Migrating Existing ASP.NET Web Applications to Microsoft AzureMigrating Existing ASP.NET Web Applications to Microsoft Azure
Migrating Existing ASP.NET Web Applications to Microsoft Azure
 
tcp cloud - Advanced Cloud Computing
tcp cloud - Advanced Cloud Computingtcp cloud - Advanced Cloud Computing
tcp cloud - Advanced Cloud Computing
 
Axon Framework, Exploring CQRS and Event Sourcing Architecture
Axon Framework, Exploring CQRS and Event Sourcing ArchitectureAxon Framework, Exploring CQRS and Event Sourcing Architecture
Axon Framework, Exploring CQRS and Event Sourcing Architecture
 
Global Azure Bootcamp: Azure service fabric
Global Azure Bootcamp: Azure service fabric Global Azure Bootcamp: Azure service fabric
Global Azure Bootcamp: Azure service fabric
 
Enterprise Software Architecture
Enterprise Software ArchitectureEnterprise Software Architecture
Enterprise Software Architecture
 
Automated Web Service Change Management (AWSCM) A tool published at IEEE Clou...
Automated Web Service Change Management (AWSCM) A tool published at IEEE Clou...Automated Web Service Change Management (AWSCM) A tool published at IEEE Clou...
Automated Web Service Change Management (AWSCM) A tool published at IEEE Clou...
 
Tomcat and MySQL in Windows Azure
Tomcat and MySQL in Windows Azure Tomcat and MySQL in Windows Azure
Tomcat and MySQL in Windows Azure
 
Webinar - What's new in Axon 3
Webinar - What's new in Axon 3 Webinar - What's new in Axon 3
Webinar - What's new in Axon 3
 
Deploying .net application using VSTS on ACS in kubernetes
Deploying .net application using VSTS on ACS in kubernetesDeploying .net application using VSTS on ACS in kubernetes
Deploying .net application using VSTS on ACS in kubernetes
 
Microservices to Scale using Azure Service Fabric
Microservices to Scale using Azure Service FabricMicroservices to Scale using Azure Service Fabric
Microservices to Scale using Azure Service Fabric
 
Cloud architecture
Cloud architectureCloud architecture
Cloud architecture
 
Azure paa s v2 – microservices, microsoft (azure) service fabric, .apps and o...
Azure paa s v2 – microservices, microsoft (azure) service fabric, .apps and o...Azure paa s v2 – microservices, microsoft (azure) service fabric, .apps and o...
Azure paa s v2 – microservices, microsoft (azure) service fabric, .apps and o...
 
WSO2 Product Release Webinar - Introducing the WSO2 Complex Event Processor
WSO2 Product Release Webinar - Introducing the WSO2 Complex Event Processor WSO2 Product Release Webinar - Introducing the WSO2 Complex Event Processor
WSO2 Product Release Webinar - Introducing the WSO2 Complex Event Processor
 

En vedette

IBM System x Private Cloud Offering, Advanced Configuration: Architecture and...
IBM System x Private Cloud Offering, Advanced Configuration: Architecture and...IBM System x Private Cloud Offering, Advanced Configuration: Architecture and...
IBM System x Private Cloud Offering, Advanced Configuration: Architecture and...IBM India Smarter Computing
 
IBM SmartCloud Virtual Desktop Infrastructure for Microsoft Windows Server 20...
IBM SmartCloud Virtual Desktop Infrastructure for Microsoft Windows Server 20...IBM SmartCloud Virtual Desktop Infrastructure for Microsoft Windows Server 20...
IBM SmartCloud Virtual Desktop Infrastructure for Microsoft Windows Server 20...IBM India Smarter Computing
 
IBM SmartCloud Enterprise - A Secure Infrastructure for Test and Development
IBM SmartCloud Enterprise - A Secure Infrastructure for Test and DevelopmentIBM SmartCloud Enterprise - A Secure Infrastructure for Test and Development
IBM SmartCloud Enterprise - A Secure Infrastructure for Test and DevelopmentPiotr Pietrzak
 
Migration to IBM SmartCloud Notes
Migration to IBM SmartCloud Notes Migration to IBM SmartCloud Notes
Migration to IBM SmartCloud Notes jackdowning
 
Interconnect session 3498: Deployment Topologies for Jazz Reporting Service
Interconnect session 3498: Deployment Topologies for Jazz Reporting ServiceInterconnect session 3498: Deployment Topologies for Jazz Reporting Service
Interconnect session 3498: Deployment Topologies for Jazz Reporting ServiceRosa Naranjo
 

En vedette (6)

IBM System x Private Cloud Offering, Advanced Configuration: Architecture and...
IBM System x Private Cloud Offering, Advanced Configuration: Architecture and...IBM System x Private Cloud Offering, Advanced Configuration: Architecture and...
IBM System x Private Cloud Offering, Advanced Configuration: Architecture and...
 
Hardening Sql 2008 02
Hardening Sql 2008 02Hardening Sql 2008 02
Hardening Sql 2008 02
 
IBM SmartCloud Virtual Desktop Infrastructure for Microsoft Windows Server 20...
IBM SmartCloud Virtual Desktop Infrastructure for Microsoft Windows Server 20...IBM SmartCloud Virtual Desktop Infrastructure for Microsoft Windows Server 20...
IBM SmartCloud Virtual Desktop Infrastructure for Microsoft Windows Server 20...
 
IBM SmartCloud Enterprise - A Secure Infrastructure for Test and Development
IBM SmartCloud Enterprise - A Secure Infrastructure for Test and DevelopmentIBM SmartCloud Enterprise - A Secure Infrastructure for Test and Development
IBM SmartCloud Enterprise - A Secure Infrastructure for Test and Development
 
Migration to IBM SmartCloud Notes
Migration to IBM SmartCloud Notes Migration to IBM SmartCloud Notes
Migration to IBM SmartCloud Notes
 
Interconnect session 3498: Deployment Topologies for Jazz Reporting Service
Interconnect session 3498: Deployment Topologies for Jazz Reporting ServiceInterconnect session 3498: Deployment Topologies for Jazz Reporting Service
Interconnect session 3498: Deployment Topologies for Jazz Reporting Service
 

Similaire à SQL under the hood

Roles y Responsabilidades en SQL Azure
Roles y Responsabilidades en SQL AzureRoles y Responsabilidades en SQL Azure
Roles y Responsabilidades en SQL AzureEduardo Castro
 
Windows Azure for .NET Developers
Windows Azure for .NET DevelopersWindows Azure for .NET Developers
Windows Azure for .NET Developersllangit
 
SQL Azure the database in the cloud
SQL Azure the database in the cloud SQL Azure the database in the cloud
SQL Azure the database in the cloud Eduardo Castro
 
Day Of Cloud - Windows Azure Platform
Day Of Cloud - Windows Azure PlatformDay Of Cloud - Windows Azure Platform
Day Of Cloud - Windows Azure PlatformWade Wegner
 
SQL Azure Overview - ericnel
SQL Azure Overview - ericnelSQL Azure Overview - ericnel
SQL Azure Overview - ericnelukdpe
 
Building applications using sql azure
Building applications using sql azureBuilding applications using sql azure
Building applications using sql azurepedrojcj
 
SQL Server 2008 for Developers
SQL Server 2008 for DevelopersSQL Server 2008 for Developers
SQL Server 2008 for Developersukdpe
 
Introduction to Windows Azure Platform
Introduction to Windows Azure PlatformIntroduction to Windows Azure Platform
Introduction to Windows Azure PlatformSergejus Barinovas
 
Introduction To Sql Services
Introduction To Sql ServicesIntroduction To Sql Services
Introduction To Sql Servicesllangit
 
Microsoft Zend webcast on Azure
Microsoft Zend webcast on AzureMicrosoft Zend webcast on Azure
Microsoft Zend webcast on AzureJosh Holmes
 
Microsoft/Zend Webcast on Cloud Computing
Microsoft/Zend Webcast on Cloud ComputingMicrosoft/Zend Webcast on Cloud Computing
Microsoft/Zend Webcast on Cloud ComputingJosh Holmes
 
SQL Server Ground to Cloud.pptx
SQL Server Ground to Cloud.pptxSQL Server Ground to Cloud.pptx
SQL Server Ground to Cloud.pptxsaidbilgen
 
Sql azure dec_2010 Lynn & Ike
Sql azure dec_2010 Lynn & IkeSql azure dec_2010 Lynn & Ike
Sql azure dec_2010 Lynn & IkeIke Ellis
 
SQL Azure Dec 2010 Update
SQL Azure Dec 2010 UpdateSQL Azure Dec 2010 Update
SQL Azure Dec 2010 UpdateEric Nelson
 
SQL Azure Dec Update
SQL Azure Dec UpdateSQL Azure Dec Update
SQL Azure Dec UpdateEric Nelson
 
GWAB 2015 - Data Plaraform
GWAB 2015 - Data PlaraformGWAB 2015 - Data Plaraform
GWAB 2015 - Data PlaraformMarcelo Paiva
 
Windows Azure and a little SQL Data Services
Windows Azure and a little SQL Data ServicesWindows Azure and a little SQL Data Services
Windows Azure and a little SQL Data Servicesukdpe
 

Similaire à SQL under the hood (20)

Roles y Responsabilidades en SQL Azure
Roles y Responsabilidades en SQL AzureRoles y Responsabilidades en SQL Azure
Roles y Responsabilidades en SQL Azure
 
Windows Azure for .NET Developers
Windows Azure for .NET DevelopersWindows Azure for .NET Developers
Windows Azure for .NET Developers
 
SQL Azure the database in the cloud
SQL Azure the database in the cloud SQL Azure the database in the cloud
SQL Azure the database in the cloud
 
Sql Azure
Sql AzureSql Azure
Sql Azure
 
Day Of Cloud - Windows Azure Platform
Day Of Cloud - Windows Azure PlatformDay Of Cloud - Windows Azure Platform
Day Of Cloud - Windows Azure Platform
 
SQL Azure Overview - ericnel
SQL Azure Overview - ericnelSQL Azure Overview - ericnel
SQL Azure Overview - ericnel
 
Building applications using sql azure
Building applications using sql azureBuilding applications using sql azure
Building applications using sql azure
 
SQL Azure
SQL AzureSQL Azure
SQL Azure
 
SQL Server 2008 for Developers
SQL Server 2008 for DevelopersSQL Server 2008 for Developers
SQL Server 2008 for Developers
 
Introduction to Windows Azure Platform
Introduction to Windows Azure PlatformIntroduction to Windows Azure Platform
Introduction to Windows Azure Platform
 
Introduction To Sql Services
Introduction To Sql ServicesIntroduction To Sql Services
Introduction To Sql Services
 
Introduction To Cloud Computing
Introduction To Cloud ComputingIntroduction To Cloud Computing
Introduction To Cloud Computing
 
Microsoft Zend webcast on Azure
Microsoft Zend webcast on AzureMicrosoft Zend webcast on Azure
Microsoft Zend webcast on Azure
 
Microsoft/Zend Webcast on Cloud Computing
Microsoft/Zend Webcast on Cloud ComputingMicrosoft/Zend Webcast on Cloud Computing
Microsoft/Zend Webcast on Cloud Computing
 
SQL Server Ground to Cloud.pptx
SQL Server Ground to Cloud.pptxSQL Server Ground to Cloud.pptx
SQL Server Ground to Cloud.pptx
 
Sql azure dec_2010 Lynn & Ike
Sql azure dec_2010 Lynn & IkeSql azure dec_2010 Lynn & Ike
Sql azure dec_2010 Lynn & Ike
 
SQL Azure Dec 2010 Update
SQL Azure Dec 2010 UpdateSQL Azure Dec 2010 Update
SQL Azure Dec 2010 Update
 
SQL Azure Dec Update
SQL Azure Dec UpdateSQL Azure Dec Update
SQL Azure Dec Update
 
GWAB 2015 - Data Plaraform
GWAB 2015 - Data PlaraformGWAB 2015 - Data Plaraform
GWAB 2015 - Data Plaraform
 
Windows Azure and a little SQL Data Services
Windows Azure and a little SQL Data ServicesWindows Azure and a little SQL Data Services
Windows Azure and a little SQL Data Services
 

Plus de Eduardo Castro

Introducción a polybase en SQL Server
Introducción a polybase en SQL ServerIntroducción a polybase en SQL Server
Introducción a polybase en SQL ServerEduardo Castro
 
Creando tu primer ambiente de AI en Azure ML y SQL Server
Creando tu primer ambiente de AI en Azure ML y SQL ServerCreando tu primer ambiente de AI en Azure ML y SQL Server
Creando tu primer ambiente de AI en Azure ML y SQL ServerEduardo Castro
 
Seguridad en SQL Azure
Seguridad en SQL AzureSeguridad en SQL Azure
Seguridad en SQL AzureEduardo Castro
 
Azure Synapse Analytics MLflow
Azure Synapse Analytics MLflowAzure Synapse Analytics MLflow
Azure Synapse Analytics MLflowEduardo Castro
 
SQL Server 2019 con Windows Server 2022
SQL Server 2019 con Windows Server 2022SQL Server 2019 con Windows Server 2022
SQL Server 2019 con Windows Server 2022Eduardo Castro
 
Novedades en SQL Server 2022
Novedades en SQL Server 2022Novedades en SQL Server 2022
Novedades en SQL Server 2022Eduardo Castro
 
Introduccion a SQL Server 2022
Introduccion a SQL Server 2022Introduccion a SQL Server 2022
Introduccion a SQL Server 2022Eduardo Castro
 
Machine Learning con Azure Managed Instance
Machine Learning con Azure Managed InstanceMachine Learning con Azure Managed Instance
Machine Learning con Azure Managed InstanceEduardo Castro
 
Novedades en sql server 2022
Novedades en sql server 2022Novedades en sql server 2022
Novedades en sql server 2022Eduardo Castro
 
Sql server 2019 con windows server 2022
Sql server 2019 con windows server 2022Sql server 2019 con windows server 2022
Sql server 2019 con windows server 2022Eduardo Castro
 
Introduccion a databricks
Introduccion a databricksIntroduccion a databricks
Introduccion a databricksEduardo Castro
 
Pronosticos con sql server
Pronosticos con sql serverPronosticos con sql server
Pronosticos con sql serverEduardo Castro
 
Data warehouse con azure synapse analytics
Data warehouse con azure synapse analyticsData warehouse con azure synapse analytics
Data warehouse con azure synapse analyticsEduardo Castro
 
Que hay de nuevo en el Azure Data Lake Storage Gen2
Que hay de nuevo en el Azure Data Lake Storage Gen2Que hay de nuevo en el Azure Data Lake Storage Gen2
Que hay de nuevo en el Azure Data Lake Storage Gen2Eduardo Castro
 
Introduccion a Azure Synapse Analytics
Introduccion a Azure Synapse AnalyticsIntroduccion a Azure Synapse Analytics
Introduccion a Azure Synapse AnalyticsEduardo Castro
 
Seguridad de SQL Database en Azure
Seguridad de SQL Database en AzureSeguridad de SQL Database en Azure
Seguridad de SQL Database en AzureEduardo Castro
 
Python dentro de SQL Server
Python dentro de SQL ServerPython dentro de SQL Server
Python dentro de SQL ServerEduardo Castro
 
Servicios Cognitivos de de Microsoft
Servicios Cognitivos de de Microsoft Servicios Cognitivos de de Microsoft
Servicios Cognitivos de de Microsoft Eduardo Castro
 
Script de paso a paso de configuración de Secure Enclaves
Script de paso a paso de configuración de Secure EnclavesScript de paso a paso de configuración de Secure Enclaves
Script de paso a paso de configuración de Secure EnclavesEduardo Castro
 
Introducción a conceptos de SQL Server Secure Enclaves
Introducción a conceptos de SQL Server Secure EnclavesIntroducción a conceptos de SQL Server Secure Enclaves
Introducción a conceptos de SQL Server Secure EnclavesEduardo Castro
 

Plus de Eduardo Castro (20)

Introducción a polybase en SQL Server
Introducción a polybase en SQL ServerIntroducción a polybase en SQL Server
Introducción a polybase en SQL Server
 
Creando tu primer ambiente de AI en Azure ML y SQL Server
Creando tu primer ambiente de AI en Azure ML y SQL ServerCreando tu primer ambiente de AI en Azure ML y SQL Server
Creando tu primer ambiente de AI en Azure ML y SQL Server
 
Seguridad en SQL Azure
Seguridad en SQL AzureSeguridad en SQL Azure
Seguridad en SQL Azure
 
Azure Synapse Analytics MLflow
Azure Synapse Analytics MLflowAzure Synapse Analytics MLflow
Azure Synapse Analytics MLflow
 
SQL Server 2019 con Windows Server 2022
SQL Server 2019 con Windows Server 2022SQL Server 2019 con Windows Server 2022
SQL Server 2019 con Windows Server 2022
 
Novedades en SQL Server 2022
Novedades en SQL Server 2022Novedades en SQL Server 2022
Novedades en SQL Server 2022
 
Introduccion a SQL Server 2022
Introduccion a SQL Server 2022Introduccion a SQL Server 2022
Introduccion a SQL Server 2022
 
Machine Learning con Azure Managed Instance
Machine Learning con Azure Managed InstanceMachine Learning con Azure Managed Instance
Machine Learning con Azure Managed Instance
 
Novedades en sql server 2022
Novedades en sql server 2022Novedades en sql server 2022
Novedades en sql server 2022
 
Sql server 2019 con windows server 2022
Sql server 2019 con windows server 2022Sql server 2019 con windows server 2022
Sql server 2019 con windows server 2022
 
Introduccion a databricks
Introduccion a databricksIntroduccion a databricks
Introduccion a databricks
 
Pronosticos con sql server
Pronosticos con sql serverPronosticos con sql server
Pronosticos con sql server
 
Data warehouse con azure synapse analytics
Data warehouse con azure synapse analyticsData warehouse con azure synapse analytics
Data warehouse con azure synapse analytics
 
Que hay de nuevo en el Azure Data Lake Storage Gen2
Que hay de nuevo en el Azure Data Lake Storage Gen2Que hay de nuevo en el Azure Data Lake Storage Gen2
Que hay de nuevo en el Azure Data Lake Storage Gen2
 
Introduccion a Azure Synapse Analytics
Introduccion a Azure Synapse AnalyticsIntroduccion a Azure Synapse Analytics
Introduccion a Azure Synapse Analytics
 
Seguridad de SQL Database en Azure
Seguridad de SQL Database en AzureSeguridad de SQL Database en Azure
Seguridad de SQL Database en Azure
 
Python dentro de SQL Server
Python dentro de SQL ServerPython dentro de SQL Server
Python dentro de SQL Server
 
Servicios Cognitivos de de Microsoft
Servicios Cognitivos de de Microsoft Servicios Cognitivos de de Microsoft
Servicios Cognitivos de de Microsoft
 
Script de paso a paso de configuración de Secure Enclaves
Script de paso a paso de configuración de Secure EnclavesScript de paso a paso de configuración de Secure Enclaves
Script de paso a paso de configuración de Secure Enclaves
 
Introducción a conceptos de SQL Server Secure Enclaves
Introducción a conceptos de SQL Server Secure EnclavesIntroducción a conceptos de SQL Server Secure Enclaves
Introducción a conceptos de SQL Server Secure Enclaves
 

SQL under the hood

  • 1. SQL Azure DatabaseUnder the hood Ing. Eduardo Castro, PhD Comunidad Windows ecastro@grupoasesor.net http://ecastrom.blogspot.com
  • 2. Agenda Service Review SQL Azure Architecture & Workflows Service Resilience Service Monitoring Attack Vectors/Security considerations Wrap up
  • 3. What is “SQL Azure”?
  • 4. The Azure Services PlaformAn illustration .NET Services SQL Azure Applications Windows Azure Applications Windows Mobile Windows Vista/XP Windows Server Others
  • 5. Review – Conceptual model Subscription Used to map service usage to the billing instrument Users may have many subscriptions Logical Server Akin to SQL Server Instance Unit of Geo-Location & Billing 1:1 Subscription & server User Database Restricted T-SQL surface area Additional catalog views provided e.g. sys.billing, sys.firewall_rules, etc
  • 6. SQL AzureA relational DB in the cloud SQL Azure Database Data Hub Others (Future) Relational database as a service Highly available, automatically maintained Extension of the SQL Server Data Platform .NET Services SQL Services Applications Live Services Windows Azure Applications Windows Mobile Windows Vista/XP Windows Server Others
  • 7.
  • 9. Additional data platform capabilities: Reporting, BI
  • 10.
  • 11. The Evolution of SDS Evolves BrowserApplication Application Application BrowserApplication Application ODBC, OLEDB, ADO.Net PHP, Ruby, … REST Client SQL Client* REST Client Cloud Cloud Windows Azure REST (Astoria) Web App ADO.Net + EF REST Client HTTP+REST HTTP+REST HTTP TDS HTTP Windows Azure Web App SQL Client* Data Center Data Center TDS + TSQL Model REST/SOAP + ACE Model SDS Next SDS Current * Client access enabled using TDS for ODBC, ADO.Net, OLEDB, PHP-SQL, Ruby, …
  • 12. SQL Azure Network Topology Applications use standard SQL client libraries: ODBC, ADO.Net, PHP, … Application Internet Azure Cloud TDS (tcp) Security Boundary Load balancer forwards ‘sticky’ sessions to TDS protocol tier LB TDS (tcp) Gateway Gateway Gateway Gateway Gateway Gateway Gateway: TDS protocol gateway, enforces AUTHN/AUTHZ policy; proxy to CloudDB TDS (tcp) SQL SQL SQL SQL SQL SQL Scalability and Availability: Fabric, Failover, Replication, and Load balancing
  • 13. TDS Gateway TDS Listener Capability negotiation TDS Packet inspection Security Logical->Physical mapping via metadata catalog Enabler for multi-tenet capabilities Isolation layer
  • 14. TDS Gateway Layering Gateway Process TDS Endpoint AdminSvc Endpoint Provisioning Endpoint Protocol Parser Business Logic Services Connection Mgmt SQL SQL SQL SQL SQL SQL Scalability and Availability: Fabric, Failover, Replication, and Load balancing
  • 15. Provisioning Subscription Coordinated across all Azure services Executed in parallel w/retries Server May occur between data centers Point where Geo-location is established Database Always occurs within a single data center Cross node operations executed during this process e.g. add new db to sys.databases on the master
  • 16. Server Provisioning Driven by administrator Portal Provision request is sent to Gateway Metadata catalog entry created DNS record (CNAME) created within LiveDNS service Master DB created On completion metadata catalog updated
  • 17. SQL Azure Server Provisioning Live DNS Cluster Customer Browser Live DNS Svc Datacenter (Sub-Region) 1 5 Portal LB Gateway LB 2 4 3 6 Front-end Node Front-end Node Front-end Node Front-end Node Gateway Gateway Admin Portal Admin Portal 7 Backend Node Backend Node Backend Node SQL Server SQL Server SQL Server Mgmt. Services Mgmt. Services Mgmt. Services Fabric Fabric Fabric
  • 18. Database Provisioning Gateway performs stateful TDS packet inspection Picks out subset of messages Parses out args for create database Makes entry into Gateway metadata catalog Unused replica set located and reserved Replica set (UserDB) is prepped for use Metadata catalog is updated
  • 19. SQL Azure Database provisioning TDS Gateway 1 Front-end Node Protocol Parser TDS Session 2 3 Gateway Logic Master Node Master Cluster Master Node Components 4 7 5 6 8 Backend Node 1 Backend Node 2 Backend Node 3 SQL Instance SQL Instance SQL Instance SQL DB SQL DB SQL DB Scalability and Availability: Fabric, Failover, Replication, and Load balancing Scalability and Availability: Fabric, Failover, Replication, and Load balancing
  • 20. SQL Azure Login Process Login request arrives at the Gateway Gateway locates MasterDb & UserDb replica sets Credentials are validated against MasterDb TDS session is opened to UserDB and requests are forwarded
  • 21. SQL Azure Login Process TDS Gateway 7 1 Front-end Node Protocol Parser TDS Session 2 6 Gateway Logic Master Node Global Partition Map Master Node Components 3 8 4 5 Backend Node 1 Backend Node 2 Backend Node 3 SQL Instance SQL Instance SQL Instance SQL DB SQL DB SQL DB Scalability and Availability: Fabric, Failover, Replication, and Load balancing Scalability and Availability: Fabric, Failover, Replication, and Load balancing
  • 22. Service Resilience Provisioning State machines used to coordinate activities across node (and datacenter) boundaries Failed provisioning attempts cleaned automatically after 10 minutes Login Failovers during the login will be transparent (<30 seconds) Metadata catalog refresh occurs automatically Active Session Surface as connection drops (due to state)
  • 23. Monitoring Service Health Metrics Cluster wide performance counters gather key metrics on the service Used to alert Operations to issues before they become a problem Early warning system Code issues Capacity warnings Health Exercises the service routinely looking for problems When issues are encountered runs deep diagnostics Network connectivity at the node level Validate all dependent services (Live DNS, Live ID, etc) Monitoring from other MSFT DC’s Validates accessibility from multiple geographic locations Alerts fired automatically when test jobs fail
  • 24. Security/Attack Considerations Service Secure channel required (SSL) Denial Of Service trend tracking Packet Inspection Server IP allow list (Firewall) Idle connection culling Generated server names Database Disallow the most commonly attacked user id’s (SA, Admin, root, guest, etc) Standard SQL Authn/Authz mode
  • 25. Wrap Up Reviewed SQL Azure Architecture & Workflows Provisioning (Server & DB) Login Service Resilience & Health Failure detection and correction How we determine service health Security considerations Attack vectors and mitigations Questions?
  • 26. Links http://comunidadwindows.org http://ecastrom.blogspot.com http://www.sqlazurelabs.com http://www.microsoft.com/windowsazure/ http://sql.azure.com/
  • 27. Q&A