Presentation is loading. Please wait.

Presentation is loading. Please wait.

Page 1 Overview of SQL Azure Jeff Chu | 2010-6-25.

Published byMarianna Bridges Modified over 8 years ago

Similar presentations

Presentation on theme: "Page 1 Overview of SQL Azure Jeff Chu | 2010-6-25."— Presentation transcript:

1 Page 1 Overview of SQL Azure Jeff Chu | 2010-6-25

2 Page 2 Agenda Service Review SQL Azure Architecture & Workflows Service Resilience Service Monitoring Attack Vectors/Security considerations Wrap up

3 Page 3 Review – Conceptual model Subscription –Used to map service usage to the billing instrument –Users may have many subscriptions Logical Server –Akin to SQL Server Instance –Unit of Geo-Location & Billing –1:1 Subscription & server User Database –Restricted T-SQL surface area –Additional catalog views provided e.g. sys.billing, sys.firewall_rules, etc

4 Page 4 SQL Azure Database Customer Value Props Self-provisioning and capacity on demand Symmetry w/ on-premises database platform Automatic high-availability and fault-tolerance Automated DB maintenance (infrastructure) Simple, flexible pricing – “pay as you grow” Browser MS Datacenter SOAP/REST HTTP/S SQL Azure Database (Windows Azure Compute) Windows Azure Compute T-SQL (TDS) App Code (ASP.NET) App Code (ASP.NET) SQL Server Reporting Server (on-premises) Astoria/REST - EDM HTTP/S - AD Federation (LiveId /.Net Svcs ACS) SQL Azure Database SQL Azure Database T-SQL (TDS) Relational database service SQL Server technology foundation Highly symmetrical Highly scaled Database “as a Service” – beyond hosting

5 Page 5 SQL Azure Network Topology Application Internet Azure Cloud Internet Azure Cloud LB TDS (tcp) Applications use standard SQL client libraries: ODBC, ADO.Net, PHP, … Load balancer forwards ‘sticky’ sessions to TDS protocol tier Security Boundary SQL Gateway Gateway: TDS protocol gateway, enforces AUTHN/AUTHZ policy; proxy to CloudDB Scalability and Availability: Fabric, Failover, Replication, and Load balancing

6 Page 6 TDS Gateway TDS Listener –Capability negotiation –TDS Packet inspection –Security Logical->Physical mapping via metadata catalog Enabler for multi-tenet capabilities Isolation layer

7 Page 7 TDS Gateway Layering Gateway Process TDS Endpoint AdminSvc Endpoint Protocol Parser Provisioning Endpoint Business Logic Services Connection Mgmt SQL Scalability and Availability: Fabric, Failover, Replication, and Load balancing

8 Page 8 Provisioning Subscription –Coordinated across all Azure services –Executed in parallel w/retries Server –May occur between data centers –Point where Geo-location is established Database –Always occurs within a single data center –Cross node operations executed during this process e.g. add new db to sys.databases on the master

9 Page 9 Server Provisioning Driven by administrator Portal Provision request is sent to Gateway –Metadata catalog entry created –DNS record (CNAME) created within LiveDNS service –Master DB created On completion metadata catalog updated

10 Page 10 Datacenter (Sub-Region) SQL Azure Server Provisioning Customer Browser Portal LB 11 Front-end Node Live DNS Cluster Live DNS Svc 22 44 Gateway Backend Node Mgmt. Services SQL Server Fabric Backend Node Mgmt. Services SQL Server Fabric Mgmt. Services SQL Server Fabric Front-end Node Gateway Front-end Node Admin Portal Front-end Node Admin Portal 33 Gateway LB 55 66 77

11 Page 11 Database Provisioning Gateway performs stateful TDS packet inspection –Picks out subset of messages –Parses out args for create database Makes entry into Gateway metadata catalog Unused replica set located and reserved Replica set (UserDB) is prepped for use Metadata catalog is updated

12 Page 12 SQL Azure Database provisioning TDS Gateway Front-end Node Protocol Parser Gateway Logic Master Cluster Master Node Master Node Components 11 22 33 5566 77 Scalability and Availability: Fabric, Failover, Replication, and Load balancing 44 88 TDS Session Backend Node 1 SQL Instance SQL DB Backend Node 2 SQL Instance SQL DB Backend Node 3 SQL Instance SQL DB

13 Page 13 SQL Azure Login Process Login request arrives at the Gateway Gateway locates MasterDb & UserDb replica sets Credentials are validated against MasterDb TDS session is opened to UserDB and requests are forwarded

14 Page 14 SQL Azure Login Process TDS Gateway Front-end Node Protocol Parser Gateway Logic Global Partition Map Master Node Master Node Components 11 22 4455 66 Scalability and Availability: Fabric, Failover, Replication, and Load balancing 33 77 TDS Session Backend Node 1 SQL Instance SQL DB Backend Node 2 SQL Instance SQL DB Backend Node 3 SQL Instance SQL DB 88

15 Page 15 Service Resilience Provisioning –State machines used to coordinate activities across node (and datacenter) boundaries –Failed provisioning attempts cleaned automatically after 10 minutes Login –Failovers during the login will be transparent (<30 seconds) –Metadata catalog refresh occurs automatically Active Session –Surface as connection drops (due to state)

16 Page 16 Monitoring Service Health Metrics –Cluster wide performance counters gather key metrics on the service –Used to alert Operations to issues before they become a problem Early warning system Code issues Capacity warnings Health –Exercises the service routinely looking for problems –When issues are encountered runs deep diagnostics Network connectivity at the node level Validate all dependent services (Live DNS, Live ID, etc) Monitoring from other MSFT DC’s –Validates accessibility from multiple geographic locations –Alerts fired automatically when test jobs fail

17 Page 17 Security/Attack Considerations Service –Secure channel required (SSL) –Denial Of Service trend tracking –Packet Inspection Server –IP allow list (Firewall) –Idle connection culling –Generated server names Database –Disallow the most commonly attacked user id’s (SA, Admin, root, guest, etc) –Standard SQL Authn/Authz mode

18 Page 18 Wrap Up Reviewed SQL Azure Architecture & Workflows –Provisioning (Server & DB) –Login Service Resilience & Health –Failure detection and correction –How we determine service health Security considerations –Attack vectors and mitigations Questions?

19 Page 19 What are your application’s requirements? Storage and Transactional throughput Storage Requirements LowHigh Transactional Requirements Low High Single Database No Partitioning Partitioned Data Partitioning Based on Application Requirements (Storage) Partitioned Data Partitioning based on Application Requirements (IOPS) Partitioned Data Partitioning based on Application Requirements (IOPS, Storage or both)

20 Page 20 Getting Data Where You Need It SQL Azure Data Sync Service Benefits Scale-out read or read/write Geo replication of data Edge network data distribution Content delivery networks Sync Group SQL Azure

21 Page 21 SQL Azure Data Sync – Overview Offline-Capable Cached Mode Applications On-Premises Applications Sync Group SQL Azure Data Sync Remote Offices & Retail Stores Data Sync SQL Azure Data Sync http://azure.com SQL Azure Data Sync http://azure.com SQL Azure Data Sync Service http://sqlazurelabs.com SQL Azure Data Sync Service http://sqlazurelabs.com

22 Page 22 References SQL Azure Documentation –http://msdn.microsoft.com/en-us/library/ee336279.aspxhttp://msdn.microsoft.com/en-us/library/ee336279.aspx PDC 2009 SQL Azure Sessions –SVC12: SQL Azure Database: Under the hood –SVC06: Scale-out Web Application with SQL Azure Database Tech.Ed 2010 North America SQL Azure Sessions –DAT09: What’s new in SQL Azure Database

Download ppt "Page 1 Overview of SQL Azure Jeff Chu | 2010-6-25."

Similar presentations

A Ridiculously Easy & Seriously Powerful SQL Cloud Database Itamar Haber AVP Ops & Solutions.

A Ridiculously Easy & Seriously Powerful SQL Cloud Database Itamar Haber AVP Ops & Solutions.
Tableau Software Australia

Tableau Software Australia
System Center 2012 R2 Overview

System Center 2012 R2 Overview
Eric Nelson Application Architect, Microsoft |

Eric Nelson Application Architect, Microsoft |
Application Internet Azure Cloud Internet Azure Cloud LB TDS (tcp) Applications use standard SQL client libraries: ODBC, ADO.Net, PHP, … Load balancer.

Application Internet Azure Cloud Internet Azure Cloud LB TDS (tcp) Applications use standard SQL client libraries: ODBC, ADO.Net, PHP, … Load balancer.
The Microsoft Cloud Azure Platform This presentation incorporates some content from Microsoft.

The Microsoft Cloud Azure Platform This presentation incorporates some content from Microsoft.
“It’s going to take a month to get a proof of concept going.” “I know VMM, but don’t know how it works with SPF and the Portal” “I know Azure, but.

“It’s going to take a month to get a proof of concept going.” “I know VMM, but don’t know how it works with SPF and the Portal” “I know Azure, but.
Asper School of Business University of Manitoba Systems Analysis & Design Instructor: Bob Travica System architectures Updated: November 2014.

Asper School of Business University of Manitoba Systems Analysis & Design Instructor: Bob Travica System architectures Updated: November 2014.
Virtual techdays INDIA │ 9-11 February 2011 The Whole New Windows Azure Platform Management Portal Saranya Sriram │ Developer Evangelist, Microsoft.

Virtual techdays INDIA │ 9-11 February 2011 The Whole New Windows Azure Platform Management Portal Saranya Sriram │ Developer Evangelist, Microsoft.
Windows Azure for scalable compute and storage SQL Azure for relational storage for the cloud AppFabric infrastructure to connect the cloud.

Windows Azure for scalable compute and storage SQL Azure for relational storage for the cloud AppFabric infrastructure to connect the cloud.
Microsoft Load Balancing and Clustering. Outline Introduction Load balancing Clustering.

Microsoft Load Balancing and Clustering. Outline Introduction Load balancing Clustering.
Training Workshop Windows Azure Platform. Presentation Outline (hidden slide): Technical Level: 200 Intended Audience: Developers Objectives (what do.

Training Workshop Windows Azure Platform. Presentation Outline (hidden slide): Technical Level: 200 Intended Audience: Developers Objectives (what do.
Subtitle color From Windows Azure From Outside Microsoft Datacenter From Outside Microsoft Datacenter & Windows Azure Application / Browser Windows.

Subtitle color From Windows Azure From Outside Microsoft Datacenter From Outside Microsoft Datacenter & Windows Azure Application / Browser Windows.
Cost Effort Complexity Benefit Cloud Hosted Low Cost Agile Integrated Fully Supported.

Cost Effort Complexity Benefit Cloud Hosted Low Cost Agile Integrated Fully Supported.
Manage & Configure SQL Database on the Cloud Haishi Bai Technical Evangelist Microsoft.

Manage & Configure SQL Database on the Cloud Haishi Bai Technical Evangelist Microsoft.
Building Offline/Cache Mode Web Apps Using Sync Framework Mike Clark Group Manager Cloud Data Services Team

Building Offline/Cache Mode Web Apps Using Sync Framework Mike Clark Group Manager Cloud Data Services Team
PlacePlace TypeType ServiceService Analysis Caching Integration Sync Search Relational BLOB Query BackupLoad Multi Dim In Memory File XML Reporting.

PlacePlace TypeType ServiceService Analysis Caching Integration Sync Search Relational BLOB Query BackupLoad Multi Dim In Memory File XML Reporting.
Additional SugarCRM details for complete, functional, and portable deployment.

Additional SugarCRM details for complete, functional, and portable deployment.
Windows Azure SQL Database and Storage Name Title Organization.

Windows Azure SQL Database and Storage Name Title Organization.
Hilton Giesenow Principal Consultant, 3fifteen Microsoft MVP.

Hilton Giesenow Principal Consultant, 3fifteen Microsoft MVP.

Similar presentations

Ads by Google