Course Topics
description
Transcript of Course Topics
Course Topics
Administering SQL Server 2012 Jump Start01 | Install and Configure SQL Server 04 | Manage Data
02 | Maintain Instances and Databases 05 | Implement Security
03 | Performance Optimization and Troubleshooting 06 | High Availability Options
Click to edit Master subtitle style02 | Maintain Instances and
DatabasesGeorge Squillace | Senior Technical Trainer – New Horizons Great LakesRichard Currey | Senior Technical Trainer – New Horizons United
Module 2 Overview• Transparent Data Encryption• Database Compression• Server and Database Options• Affinity and Parallelism• Automation: SQL Agent Jobs and Alerts• Database Mail
Topic: Transparent Data Encryption
Topic: Transparent Data Encryption • What Problems Does Transparent Data Encryption
(TDE) Solve and How Does It Solve Them?• Basics on SQL Server Encryption and Key Hierarchy• How Is TDE Applied?• Key Protection Issues and Potential TDE “Gotchas”
What Problems Does TDE Solve and How Does It Solve Them?• Encryption in general– Protecting data in motion (e.g., SSL, TLS, IPSec)– Protecting data at rest (e.g., EFS, BitLocker, TDE)
• Provides “real-time I/O encryption and decryption of the data and log files” in the event the media is stolen
• Protects data “at rest” in the event that a data file, log file, or backup file is stolen
• Leverages the SQL Server key hierarchy
Basics on SQL Server Encryption and Key Hierarchy• Service Master Key• Master Key• Certificate• Database Key
How Is TDE Applied?• Create a Database Master key– This may also create a Service Master Key (if it didn’t
already exist)• Create a certificate based on the Master Key • Create a database encryption key• Set encryption to ON
Key Protection Issues and Potential TDE “Gotchas”• Inability to recover database• Inability to move database• Performance overhead of 3-8%• Precautions– Backup the Service Master Key– Backup your Master Key– Backup your Database Key
• Reference– How to Restore a TDE-enabled backup
DEMOImplementing Transparent Data Encryption
Topic: Database Compression
Topic: Database Compression• What Is Data Compression?• Which Database Objects Can Be Compressed?• How Is Data Compression Implemented?
What Is Data Compression?• Definition: reducing the size that certain databases
occupy by trading CPU cycles (abundance) in order to reduce I/O effort (constrained)
• Compression options– Page-by-page– Row-by-row
• Not to be confused with backup compression
Which Database Objects Can Be Compressed?• Heap (unclustered table)• Clustered table• Nonclustered index• Indexed view• Partitions of a partitioned table; each partition can
vary the compression type• NTFS compression for FILESTREAM objects• Backup files
How Is Database Compression Implemented?• Row compression– How it works– Code: CREATE TABLE T1 (c1 int, c2 nvarchar(50) ) WITH (DATA_COMPRESSION
= ROW);
• Page compression– How it works– Code: CREATE TABLE T2 (c1 int, c2 nvarchar(50) ) WITH (DATA_COMPRESSION
= PAGE);
• Estimate effect using sp_estimate_data_compression_savings
• Restrictions– There are a zillion restrictions
DEMOImplementing Database Compression
Topic: Server and Database Options
Topic: Server and Database Options• Available Server-level Options• How to Change Server-level Options• Available Database-level Options• How to Change Server and Database Options
Available Server-level Options• 17 basic options• 69 total options• Sample options–Minimum server memory (MB)
and minimum server memory – Ad hoc distributed queries– xp_CMDShell Not all options have been placed “within
reach.” A special setting actually enables access to special settings. Do you follow?
How to Change Server-level Options• GUI (some options)• sp_Configure for basic options• sp_Configure for advanced options– First, turn on Show Advanced Options – Then list them– Then activate desired option(s)– RECONFIGURE
• Notable: authentication mode can’t be switched this way but xp_regwrite can be used
Available Database-level Options• Option categories– Auto options– Cursor options– Database availability options– External access options– Recovery options– Snapshot isolation options– SQL options
How to Change Server and Database Options• Code– ALTER DATABASE DBx SET
____• GUI– Can’t change every option
DEMOUsing ALTER DATABASE to Change Database Availability
Topic: Affinity and Parallelism
Topic: Affinity and Parallelism• What Are CPU Affinity and IO Affinity?• Parallelism Defined• Configuring CPU Affinity, IO Affinity, and Maximum
Degree of Parallelism (MAXDOP)
What Are CPU Affinity and IO Affinity?• CPU affinity– Binds processors to specific threads
• IO affinity• When should one change the default configuration?• Apartment threading• NUMA
Parallelism Defined• Definition: Using multiple CPU threads to process a query• Sometimes desirable, sometimes not
– “Index operations that create or rebuild an index, or drop a clustered index and queries that use CPU cycles heavily are the best candidates for a parallel plan.”
• Factors involved in determining whether or not the query optimizer chooses a parallel execution plan– Computer or VM requires more than one CPU or CPU core– Threads must be available– Certain operations ignore the possibility of parallelism– Estimated query cost compared to cost threshold for parallelism setting– Availability of statistics
• MAXDOP “Settable” at:– Instance level– Query level
• Cost threshold for parallelism (server option)
Configuring CPU Affinity, IO Affinity, and Maximum Degree of Parallelism (MAXDOP)
• CPU affinity– ALTER SERVER CONFIGURATION
• Don’t configure the same processor for both thread scheduling and I/O processing
DEMOConfiguring Maximum Degree of Parallelism (MAXDOP)
Topic: Automation: SQL Agent Jobs and Alerts
Topic: Automation: SQL Agent Jobs and Agent Security• Automation: Agent Jobs• Job Step Security• Job Step Security: Proxies and Credentials• Job Administration and Delegation Security• Agent Alerts
Automation: Agent Jobs• Basic job architecture– Jobs– Steps and subsystems• T-SQL• CMD Exec• Windows PowerShell• SSIS• Analysis Services
– Schedules– Operators
Job Step Security• T-SQL job steps– Job owned by
sysadmin?• EXECUTE AS
– Job not owned by sysadmin?
• Other job step subsystems– Job owned by
sysadmin?• Proxy
– Job not owned by sysadmin?
Job Step Security: Proxies and Credentials• Why use advanced job step
security?• Component Precedence– Job step points to an available
agent proxy– Agent proxy points to a
credential (server–level principal)
– Credential points to a Windows user account assigned privileges
Job Administration and Delegation Security• What if I don’t want job administrators to
be sysadmin members?– Three available agent database roles, only in
MSDB:• SQLAgentUserRole
– Can manage owned jobs and schedules• SQLAgentReaderRole
– User role inclusive– View multi-server jobs and properties– List all available jobs, schedules and
their properties• SQLAgentOperatorRole
– Reader role inclusive– View properties of operators and proxies
Why doesn’t the Agent node appear here?
DEMOConfiguring Operators, Agent Jobs, Job Steps, and Schedules
Agent Alerts• Basic alert architecture– Alert type• Event Alert• WMI Alert• Performance Object
– Response• Notification of an operator• Execute job
Thought question:What could executing a job possibly accomplish?
DEMOCreating a Performance Condition Alert
Topic: Database Mail
Topic: Database Mail• Requirement: SMTP server– Potentially configured for relay
• Database mail profiles– Private– Public
• Profiles provide limitations on attachment extensions and attachment size
• Calls msdb.dbo.sp_send_dbmail• Don’t forget to maintain database mail history by using– dbo.sysmail_delete_mailitems_sp– dbo.sysmail_delete_log_sp
©2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Office, Azure, System Center, Dynamics and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.