Kimberly L. Tripp: Improving *my* SQL skills through your questions! http://www.SQLskills.com/blogs/kimberly

Tuesday, November 06, 2007

Resources and Q&A from our SQLConnections pre-conference workshop: Disaster Recovery - from Planning to Practice to Post-Mortem

And so day 2 ended on Sunday and at that point, it was time for a nice and relaxing dinner with a bunch of other colleagues. Monday was "Microsoft Day" and so much of the day was spent in some great SQL 2008 sessions (more blog entries coming over the next couple of days!). Tonight, we're hanging out, finalizing a few new slides and demos (based on comments/questions over the past couple of days) and I thought I'd get a quick blog post out that covers a lot of the resources and questions we discussed on Sunday.

Here are a couple of links from Paul's blog - related to Sunday's session (#1 was related to the DB Maintenance pre-pre-conference workshop):
Conference Questions Pot-Pourri #2: Database mirroring
CHECKDB From Every Angle: Why would CHECKDB run out of space?

So, have fun and we both look forward to seeing you tomorrow during the official Connections sessions.

The rest of this post contains random but helpful stuff (and in NO particular order at all). And, there's still more coming!

SQL Server 2005 Data Encryption
SQL Server 2005 added many new features around security and data protection - one of which is data encryption. Data encryption protects the data from being accessed by those who cannot "decrypt by key" (based on security rights/certificates used when the data was encrypted)... Well, there's a lot more to it than I really want to get into here BUT, Bob has done some great Security posts on his blog (http://www.SQLskills.com/blogs/BobB) and in his Security Best Practices whitepaper.

What I want to detail here are the administrative repercussions of having encrypted data in a database that's backed up and restored to a DIFFERENT server. See, data encryption is based on a database master key (DMK) this database master key is used to encrypt all data within the database and also used as a level of abstraction from the SMK (Service Master Key - which is tied to the server). However, the DMK only works (by default) with the service (SMK) with which it was created. If a database is backed up and then restored to another server - the DMK has to be opened and re-associated with the SMK of the new server... a very easy thing to do - IF you know the password that was used when the original DMK was created. When you backup and restore to the new server, use these commands to re-associate the DMK with the new server's SMK:

USE DBWithEncryption
go

-- Open the DMK with the SAME password used when created:
OPEN MASTER KEY
DECRYPTION BY PASSWORD = 'strong password that is not easily guessed or even remembered...yes, you might even need to write these down and store them in a safe!!'
go

-- Re-associate the DMK with the SMK of the new instance:
ALTER MASTER KEY
ADD ENCRYPTION BY SERVICE MASTER KEY
go

As an alternative, you could backup the SMK from the source server and restore it as a new SMK for the destination server... but, that implies:
1) you still have access to the source? (some DR situations this might not be possible)
2) you don't mind using the same SMK for multiple servers (which reduces the overall level of security in the data on these servers.

Now, all of this also has an impact on Database Mirroring since Database Mirroring requires that you "prepare" the mirror before you can establish the mirroring partnership (which is a backup/restore across machines). So, a logical question is, what happens with encrypted data if you failover? The answer is that you must provide the automatic decryption of data on the mirror using the sp_control_dbmasterkey_password procedure. Read more about it here: "Managing Metadata When Making a Database Available on Another Server Instance". Or, you could MANUALLY (and only when a failover occurs), re-associate the DMK on the new server. However, this would impact your application and effectively create downtime if someone wanted to access encrypted data before the DMK has been reassociated with the new server's SMK.

Information, Entities, and Objects That Are Stored Outside of User Databases
And, in addition to encryption, there are many other issues that you could run into when dealing with backup/restore, log shipping and/or database mirroring - when you're doing this to a different server. As for a quick list - how are you going to migrate the following to your secondary server:

SQLCLR enabled (sp_configure and/or any other settings that could impact database functionality)
Logins (see KB#246133: How to transfer logins and passwords between instances of SQL Server)
Linked Server settings...
External Batch files used by maintenance, ETL, SQLCLR, etc.
SQL Agent Jobs (this can be easily scripted - but what if they change?)
SSIS Packages (same... as jobs)

The books online section titled: Managing Metadata When Making a Database Available on Another Server Instance has an excellent section that details many of the things to look out for... Start with these lists and BOL topics and then be sure to thoroughly test your application both during regular operations AND off-hours batch/maintenance operations (you'd be surprised at what you might find when you do a large index rebuild or defrag OR some large/complex ETL processA) AND, be sure to test your application on BOTH the Principal AND the mirror AFTER failover (when the former mirror becomes the new principal).

SQL Server 2005 Resources

"SQL Server 2005 Failover Clustering" by Allan Hirt
Pro SQL Server 2005 High Availability (Hardcover) by Allan Hirt

SQL Server 2000 Resources

"SQL Server 2000 Failover Clustering" by Allan Hirt
Microsoft SQL Server 2000 High Availability (Paperback) by Allan Hirt, Cathan Cook, Kimberly Tripp, and Microsoft Corp. For this book, Chapter 9 can be downloaded for free from SQLskills. This chapter can be really useful for detailing concepts and technical details about Recovery Models, Performance and Recovery in "Database Environment Basics for Recovery" which still *largely* applies to SQL Server 2005 as well!
Support WebCast: Microsoft SQL Server 2000: Troubleshooting SQL 2000 Virtual Server and Service Pack Setups for Failover Clustering, from February 7, 2003

And, so that's it for this entry. Yes, there's still more to go (from a few questions that I'm waiting on from other folks). So, I do hope to have a few more posts this week AND a post or two what the sessions I saw today (for example Richard Waymire's session on Management Tools and Sunil Agarwal's session on Data Compression).

See you tomorrow!
kt

Conference Resources/Q&A | Events

Tuesday, November 06, 2007 6:01:44 PM (Pacific Standard Time, UTC-08:00)

Comments [0] |

Sunday, November 04, 2007

Resources and Q&A from our SQLConnection [PRE] pre-conference workshop: Database Maintenance - from Planning to Practice to Post-Mortem

OK, well, the first day is over and we're starting to relax... just had a nice meal in our room and we're off to each do a blog post (or what might turn into a couple :) regarding the things we each discussed in our full day workshop today.

So, it was a great day and a great way to start the Connections event. We had roughly 170 people attend our Sunday workshop that started at 9am which is especially impressive in Vegas!! And, it was a great way to start because it felt like everyone was ready with questions and a few folks (especially those with jet-lag) said that they didn't think they'd make it through the day but then were surprised at how fast it went and that we managed to keep them awake :)...

As for the questions, we answered a lot of them during the session but as it always happens, we each remembered additional references, sites, and/or details that we always want to post after the fact - this post is the result. I'll try to put headers on the sections but I think this will be a long one!

Here's a link to Paul's Q&A blog post from today's session:
http://www.sqlskills.com/blogs/paul/2007/11/05/ConferenceQuestionsPotPourri1IndexesStatsCorruptionAndEnterpriseonlyFeatures.aspx

So, have fun and we both look forward to seeing you tomorrow in the pre-conference workshop on Disaster Recovery - from Planning to Practice to Post-Mortem. The rest of this post contains random but helpful stuff (and in NO particular order at all). And, there's at least one more post coming after this one as I still have more to add!

Resource Reference List

KB#909369: SQL Server 2000 Bug where checkpoint is not appropriately clearing the inactive portion of the log
KB#329526: File allocation extension in SQL Server 2000 (64-bit) and SQL Server 2005 (this allows 256KB block allocations)
KB#328551: PRB: Concurrency enhancements for the tempdb database (this refers to trace flag -T1118 for SQL Server 2000 AND how to create tempdb on multiple files when on multiproc machines). A good and very complementary read is the "Working with tempdb" whitepaper. AND, the primary author of this whitepaper (Sunil) will be here at Connections this week, so there's another session to visit.
KB#224071: How to move SQL Server databases to a new location by using Detach and Attach functions in SQL Server
Performance Dashboard Reports (only in SQL Server Management Studio for SQL Server 2005 SP2)
sysinternals Zoomit tool: this is what I was using to magnify various parts of the screen, etc.
SQL Server Customer Advisory Team Blog and specifically the entry on DMVStats. Also, here's an excellent whitepaper called Troubleshooting Performance Problems in SQL Server 2005 as this has numerous DMV queries and helpful details on troubleshooting.
SQLskills Whitepapers list

Progress Report: Online Index Operation
As for the details on this - you want to capture these events: EventClass, TextData, EventSubClass, ObjectID, ObjectName, and BigIntData1

And, for the EventSubClass there are multiple values that will be returned. What I think is the most interesting is that many of these events return only one of the values for either ObjectId or ObjectName...so, beware of filtering!

  1-Start (both ObjectID/ObjectName)
  2-Stage1 start (null for both ID/Name)
  6-Insert row count... (ObjectID only)
  3-Stage1 end (null for both ID/Name)
  7-Complete (both ObjectID/ObjectName)

EventSubClass 6 is definitely the most helpful. In the BigIntData1 column, they will show the current row number being processed (essentially) and so, you can guage roughly how far you have gone as well as how long you have to go. Here's a screen shot to help you get some insight into what you will see: OnlineProgressReport.pdf (690.78 KB).

Some operations (e.g. DBCC CHECKDB (and related), SHRINKFILE, ALTER INDEX...REORGANIZE) produce a value for the percent_complete column in sys.dm_exec_requests. Both of these are helpful for assessing where you're at...

Index Creation/Rebuild Order
Paul's written about this AND he's linking to some relevant posts in his blog post from today's session but here's a VERY quick highlight of a few things we chatted about:

Index CREATION order DOES matter (you should always create the clustered index first and then create the non-clustered (as non-clustered indexes depend on the clustering key)
Index REBUILD order does NOT matter as the physical location of the data isn't interesting to the non-clustered indexes as they reference the data by the row's clustering key

VLFs - Virtual Log Files... too many (and typically very small) OR even possibly too large of VLFs....
We had some great discussions around VLFs and I know I've posted a bit on this in the past but I'm not sure I've posted this much detail. So, here are a few relevant points.

First, the size and number of VLFs is determined by the size of the "fragment" added to the transaction log. The "fragment" is added at the time the log is created or anytime the log grows (either manually or automatically). The number of VLFs can be predicted from the following quick guide:

If the fragment is less than 64MB, then up to 4 VLFs will be added (the reason I say "up to" 4 VLFs are added is because really small fragments - fragments under 1MB - will actually add even fewer VLFs and I can't remember (nor do I care :) what the exact cut-offs are for < 1MB.
If the fragment is greater than or equal to 64MB and less than 1GB, then 8 VLFs will be added.
If the fragment is greater than or equal to 1GB, then 16 VLFs will be added.

So, if you create a database with a 100MB log (just as a simple example), you will get 8 - 12.5MB logs... if you then increase the log to 150MB then you will add 4 more VLFs. This really isn't all that bad and in general, I recommend that you have less than 100 VLFs. Often I'll find folks that have thousands and this results in VLF fragmentation. I blogged about this originally here: http://www.sqlskills.com/blogs/kimberly/2005/06/25/8StepsToBetterTransactionLogThroughput.aspx and the steps to help minimize it are there as well. Also, as an update to that post - use DBCC SHRINKFILE with the NOTRUNCATE as it appears to have special meaning on the transaction log... but, I still need to investigate this one a bit more.

Finally, if you pre-create too large of a transaction log then you might have new/different problems... the most likely is that the log doesn't clear as often (because you haven't spilled into a new VLF OR you have a transaction that happens to span two VERY large VLFs) and the effect can be that performance is slowed by the less frequent clearing that has to happen on a very large log... As a way to minimize this, the best way to create larger logs (logs in the 10GB+ range), is to create them in multiple chunks (for example 4-8GB chunks so that you end up with VLFs that are 256MB-512MB instead of 4GB because you created a 48GB log to start).

Installation Instructions for the post-conference workshop AND the HOLs DVD
And, for those of you who want to play with the DVD we handed out today... here are the "generic" setup instructions:
Generic HOLs DVD SETUP Instructions.pdf (20.31 KB)

OK, that's it for today and we look forward to another infomation/question packed session tomorrow!

Cheers,
kt

Conference Resources/Q&A | Events | Resources

Sunday, November 04, 2007 8:11:20 PM (Pacific Standard Time, UTC-08:00)

Comments [1] |

Saturday, November 03, 2007

And so another conference begins... it's time for Fall SQL Connections - in Vegas!

OK, so for those of you who watch our (Paul's and my) blogs... you know it's time for SQLConnections. We're in Vegas (and it's Paul's first time here!) and the conference is the largest it's ever been with over 5000 people!!! We arrived a couple of days early so that Paul could experience a bit of Vegas... last night we went out to dinner with Gert and Karen (Gert's wife) and Michele and Andres (Michele's husband) and we went to Mix. I have to admit that I didn't like my main course all that much (I had only one bite of the Cod dish) but everyone else loved theirs (especially the steak/foie gras special)... the 24,000 sphere chandelier was VERY cool and the views of the Strip are outstanding. Tonight we're (MLB/Andres/us) off to see Elton John. Gert and Karen are off celebrating their anniversary... CONGRATS!!

And today, we're getting ready for the conference - having just picked up our shirts (which Paul - yes PAUL - is about to iron...lol) - we swung by to checkout how things are going in terms of setup. It's always amazing to me to see how much goes on behind the scenes of some of these big events (I blogged about some of the behind the scenes of TechEd here) and well, we caught the 30+ people who were setting up and "building bags" for the 5000+ attendees.......

And, so begins our first conference as a married couple... and all of our sessions (for the most part) are together. It's actually really fun to do sessions together as we're able to bounce things off of each other, take notes on things we want to change and/or questions that are asked AND it allows us to keep things moving without a lot of stops. And, to be honest, it's not quite as tiring... but, with 2 pre-conference workshops, 5 sessions at the conference, multiple meetings/dinners/side-events and then a hands-on post-conference workshop on Friday - we'll both be pretty tired!!! We get back home late Friday night and then we have about 30 hours in Redmond to relax (NOT!) before we head to TechEd ITForum in Barcelona next week. From Barcelona we head to Zurich for a TechNet DeepDive session on Database Maintenance...... November is quite a month for getting around!!

Hope to see you here (or in Spain... or in Zurich... or next year),
kt

Events

Saturday, November 03, 2007 1:59:33 PM (Pacific Standard Time, UTC-08:00)

Comments [2] |

Theme design by Jelle Druyts

Pick a theme:

Calendar

July 2008

Sun

Mon

Tue

Wed

Thu

Fri

Sat