SQL Azure

Yves Goeleven

Yves Goeleven• Solution Architect @ Capgemini• Board Member Azug.be• yves@goeleven.com• www.goeleven.com• Twitter.com/YvesGoeleven• Facebook• Linkedin

Architecture, Design, Best Practices in Enterprise and Cloud environments

Agenda• Introduction to SQL Azure• SQL Azure Architecture• Availability features• Scalability considerations• Security measures• Wrap up

Introduction to SQL Azure

Introduction

Highly scaled out relational database as a service

• A massively scaled• Multi-tenant relational database service • Built on commodity hardware

• Not database hosting

Extending SQL Data Platform to Cloud

Browser

MSDatacenter

SOAP/RESTHTTP/S

SQL Azure Database (Windows Azure Compute)

Windows Azure Compute

T-SQL (TDS)

App Code(ASP.NET)

SQL Server Reporting Server

(on-premises)

Astoria/REST - EDMHTTP/S

- AD Federation (LiveId /.Net Svcs ACS)

SQL AzureDatabase

T-SQL (TDS)

High-Level Features Self-provisioning and capacity on demand Automatic high-availability Automated management (infrastructure) Symmetry with on-premises platform Simple, flexible pricing model – pay for

what you use New, differentiated capabilities…

Web & Departmental Applications SaaS ISVs (SMB) Enterprise SIs

& Internal MS Properties

Key differentiator for SQL Server platform

Service Provisioning Model• Each account has zero or more servers

– Azure wide, provisioned in a common portal– Billing instrument

• Each server has one or more databases– Contains metadata about the databases– Unit of authentication– Unit of Geo-location

• Each database has standard SQL objects– Unit of consistency– Contains users, tables, views, indices, etc…

Account

Server

Database

Compatibility• Support common application patterns• Logical/policy based administration• Patterns work for SQL Azure and SQL Server• Multi-tenancy considerations

– Throttling and load balancing– Limits on DB size, duration of transaction, etc

Version 1: Address the needs of 95% or more web and departmental application

CompatibilityIncluded in version 1

• Tables, indexes and views• Stored Procedures• Triggers• Constraints• Table variables,

session temp tables (#t)• …

Out of Scope for version 1

• Distributed Transactions• Distributed Query• CLR• Service Broker• Spatial• Physical server or catalog DDL and views

DEMO : A lap around SQL Azure

SQL Azure Architecture

TopologyApplication

InternetAzure Cloud

Loadbalancer

TDS (tcp)

TDS (tcp)

TDS (tcp)

Applications use standard SQL client libraries: ODBC, ADO.Net, PHP, …

Load balancer forwards ‘sticky’ sessions to TDS protocol tier

Security Boundary

SQL SQL SQL SQL SQLSQL

Gateway Gateway Gateway Gateway Gateway Gateway

Gateway: TDS protocol gateway, enforces AUTHN/AUTHZ policy; proxy to CloudDB

Scalability and Availability: Fabric, Failover, Replication, and Load balancing

Gateway• TDS Listener

– Capability negotiation– TDS Packet inspection– Security

• Logical->Physical mapping via metadata catalog• Enabler for multi-tenant capabilities

– Metrics– Billing

• Isolation layer– Security

Gateway

Gateway Process

TDS EndpointAdmin Service

EndpointProtocol ParserProvisioning Endpoint

Business Logic Services

Connection Management

Windows Azure Fabric

Switches

Highly-availableFabric Controller

Out-of-band communication – hardware control In-band communication

– software control

WS08 Hypervisor

VMVM

VM

Control VM

Service RolesControl

Agent

WS08

Node can be a VM or a physical machine

Load-balancers

Fabric Controller

“What” is needed

Make it happen

Fabric

SwitchesLoad-balancers

Fabric Controller

• Fabric Controller (FC) – Maps declarative service

specifications to available resources

– Manages service life cycle starting from bare metal

– Maintains system health and satisfies SLA

• What’s special about it– Enables utility-model

shared fabric– Automates hardware

management

Fabric Controller• Owns all the data center hardware• Uses the inventory to host services

– Similar to what a per machine operating system does with applications

• Provisions the hardware as necessary• Maintains the health of the hardware• Deploys applications to free resources• Maintains the health of those applications

Availability Features

Replication

Replica 1

Replica 2

Replica 3

DB

Single Logical Database Multiple Replicas

Single Primary

Service Resilience• Provisioning

– State machines used to coordinate activities across node (and datacenter) boundaries

– Failed provisioning attempts cleaned automatically after 10 minutes

• Login– Failovers during the login will be transparent (<30

seconds)– Metadata catalog refresh occurs automatically

• Active Session– Surface as connection drops (due to state)

Health Monitoring• Metrics

– Cluster wide performance counters gather key metrics on the service

– Used to alert Operations to issues before they become a problem• Early warning system• Code issues• Capacity warnings

• Health– Exercises the service routinely looking for problems– When issues are encountered runs deep diagnostics

• Network connectivity at the node level• Validate all dependent services (Live DNS, Live ID, etc)

• Monitoring from other MSFT Data Center’s– Validates accessibility from multiple geographic locations– Alerts fired automatically when test jobs fail

Scalability Considerations

A hint from the Business ModelDatabase

Availability

Database will be available/reachable, external connectivity

Proper requests will be processed successfully

> 99.9%

World-wide presence in CY’09: Asia Pacific, EMEA, North America (2)Additional data centers scheduled for 1H CY’10

Business Edition10 GB DB space

$99.99

+ BW

Web Edition1 GB DB space

$9.99Additional 5% promotional discount available to partners

(Except storage and bandwidth)

Introductory Offer (promotion)• Free developer starter offer• Limit one per customer

Standard Consumption Offer• Optimized for cloud elasticity

Subscription Offers (promotion)• Predictable and discounted price

MSDN Premium Offer (promotion)• Available to MSDN Premium subscribers• Limit one per subscription

Low barrier to entry and flexible. Optimized to enable cloud elasticity. Additional promo and program offers

to drive early adoption

Standard

Consumption

All usage at standard rates No limit in the number of

subscriptionsCharged only for what you use

Initial Offers

Database sharding• “Shared-nothing” partitioning scheme• Partition large database

– in multiple small databases– Think of broken glass

• Use parallel fan-out queries– To obtain data– Map-Reduce pattern

Security Measures

Security Model• Uses regular SQL security model

– Authenticate logins, map to users and roles– Authorize users and roles to SQL objects

• Limited to standard SQL Auth logins– Username + password

• Future AD Federation, WLID, etc as alternate authentication protocols

Security model is 100% compatible with on-premise SQL

Differences for administration roles• Master database is effectively ‘read only’• Administration roles have permission for

• CREATE/DROP database • CREATE/DROP/ALTER login• GRANT/REVOKE rights

Network Access Control

• Each server defines a set of firewall rules– Determines access policy based on client IP– By default, there is NO ACCESS to server

• Controlled using Firewall API (masterDB)– sys.firewall_rules, sys.sp_merge_firewall_rule and

sys.sp_delete_firewall_rule

ID Name Start IP End IP Create Modify

1 Office 12.1.2.0 12.1.2.255 2009-09-18 … 2009-09-18 …

2 Home 12.2.2.5 12.2.2.5 2009-09-20 … 2009-09-21 …

More Security Measures• Service

– Secure channel required (SSL)– Denial Of Service trend tracking– Packet Inspection

• Server – IP allow list (Firewall) – Idle connection culling– Generated server names

• Database– Disallow the most commonly attacked user id’s (SA,

Admin, root, guest, etc) – Standard SQL Authentication / Authorization mode

Questions