Presentation is loading. Please wait.

Presentation is loading. Please wait.

SQL Server in AWS on Linux

Published byMiroslava Němečková Modified over 6 years ago

Similar presentations

Presentation on theme: "SQL Server in AWS on Linux"— Presentation transcript:

1 SQL Server in AWS on Linux
The gotchas, the pain, and the resolution. It’s easier than you’d think.

2 Who am I? Stacy Hein 20 years IT experience
17 years of SQL Server experience Version 6.5 through now Worked in most industries and sizes of companies Consulting experience with several companies Worked as an Senior Escalation Engineer for the SharePoint 365 Team at Microsoft Masters of Science Cybersecurity from Excelsior College DCS – Cybersecurity and Information Assurance (Student) 2 | 9/19/2018 | Footer Goes Here

3 Background Skills Know something about Linux PowerShell or bust
Pluralsight – Linux Server Skills for Windows Administrators skills becoming a must PowerShell or bust PowerShell is open source now, can install on Linux SQL Server Command-Line

4 Background Skills Information from Amazon on EC2 instances
General AWS Information Security basics DON’T do everything from root. Create separate accounts for the systems admins and SQL admins When setting up server and security, consider that AWS uses deny all setting by default Setup VPCs for the servers In larger organizations, this is done by the network admins

5 Security Basics – Shared Responsibility Model
Amazon Web Services. (2017). Amazon Shared Responsibility Model. Retrieved from

6 Security Basics – Shared Responsibility Model
AWS Shared Responsibility Model AWS provides secure infrastructure and services Customer is responsible for secure operating systems, platforms, and data

7 Security Basics – Shared Responsibility Model
Bottom line is that they provide secure infrastructure, container services, and abstracted services. You’re responsible for everything else.

8 Security Basics – Shared Responsibility Model
Infrastructure Services EC2 – Elastic Compute Cloud EBS – Elastic Block Store Auto-Scaling VPC –Virtual Private Clouds

9 Security Basics – Shared Responsibility Model
Container Services Elastic Beanstalk (Application deployment) Elastic Map Reduce (big data or is it BIG DATA?) Uses Hadoop Amazon RDS (Relational Database Services) Six flavors (Amazon Aurora, PostgreSQL, MySQL, MariaDB, Oracle, and Microsoft SQL Server)

10 Security Basics – Shared Responsibility Model
Abstracted Services Database (static or static-ish), high-level storage, and messaging Glacier (Archival) S3 (Simple Storage Service) object storage with a simple web service interface DynamoDB (NoSQL option in AWS) NoSQL solution (fast retrieval)

11 Security Basics – Shared Responsibility Model
Simple Queueing Service (SQS) Manage queueing between individual components of code or services Simple Service (SES)

12 Security Basics – Shared Responsibility Model
IAM – Identity and Access Management – feature used by you to enhance security provided by AWS IAM planning, maintenance, and overall governance is important to your organization Some helpful features There are pre-defined roles but you can create your own (Ex. DatabaseAdministrator)

13 Security Basics – Shared Responsibility Model
You can make permissions as granular as needed for your organization Ex. DBAs aren’t creating VPCs or limit access to your instances as you would with SQL Allows you to separate duties as needed in your organization for compliance Can be used for compliance when combined with other services (e.g. Cloud Trail Services) Logging, monitoring, and auditing

14 Initial Info Used to set EBS drives up ahead of time Don’t need to do that anymore. You can set them up during the server setup process. Need at least 3.25GB of memory to run Only been tested up to 256GB This is above the AWS and Azure free tiers. But you can still set them up, you just pay for the running time and data movement.

15 Initial Info Configuration Items Are you going to setup HADR?
Disk Setup Memory Processor Affinity Are you going to setup HADR? MS is trying to get all the HADR options for SQL on Windows ported to Linux, most are not there yet Options Simple HADR VM Failover

16 Initial Info - HADR Options
Simple HADR VM failover Resilience against guest and OS level failures Unplanned and planned events Minimum downtime for patching and upgrades RTO in minutes Backup/Restore Protection against accidental or malicious data corruption Disaster recovery protection RTO in minutes to hours Standard HADR Failover cluster Linux (HeartBeat, LinuxHA, etc) Instance level protection Automatic failure detection and failover Resilience against OS and SQL Server failures RTO in seconds to minutes

17 Initial Info - HADR Options
Standard HADR continued Log shipping Simple disaster-recovery solution for a single primary database and one or more secondary databases, each on a separate instance of SQL Server. Supports limited read-only access to secondary databases (during the interval between restore jobs). Allows a user-specified delay between when the primary server backs up the log of the primary database and when the secondary servers must restore (apply) the log backup. A longer delay can be useful, for example, if data is accidentally changed on the primary database. If the accidental change is noticed quickly, a delay can let you retrieve still unchanged data from a secondary database before the change is reflected there. Basic availability groups – 2 nodes (in progress) Synchronous or asynchronous mode RTO in seconds Disaster recovery protection Resilience against guest and OS level failures Unplanned and planned events Minimum downtime for patching and upgrades

18 Initial Info - HADR Options
Mission-critical HADR (in progress) Availability groups with several nodes

19 Initial Info - Security Options
Always Encrypted Always Encrypted is a feature designed to protect sensitive data Allows clients to encrypt sensitive data inside client applications and never reveal the encryption keys to the Database Engine Row-Level Security Row-Level Security enables customers to control access to rows in a database table based on the characteristics of the user executing a query Dynamic Data Masking Dynamic data masking limits (DDM) sensitive data exposure by masking it to non-privileged users. It can be used to greatly simplify the design and coding of security in your application.

20 Configuring the Instance After Install
mssql-conf is a configuration script that installs with SQL Server vNext CTP 2.1 for both Red Hat Enterprise Linux and Ubuntu. Can use utility to set the following parameters: TCP port Default data directory Default log directory Default dump directory Default backup directory Set traceflags Set collation

21 Installing the SQL Tools
Done separately from instance install Installs command-line tools Microsoft ODBC drivers their dependencies Mssql-tools package contains: sqlcmd: Command-line query utility bcp: Bulk import-export utility

22 Setting up Ubuntu in AWS
DEMO

23 Setting up Ubuntu in AWS
These procedures and tools are changing almost daily!!! Visit these sites: Install SQL on Linux- Install SQL Tools - SQL Management Studio for Windows - Connecting to SQL Server with Putty -

24 Questions?

25 Thank You No, THANK YOU!

26 References and Additional Information
Install SQL on Ubuntu Install SQL on Redhat Install SQL Tools Install SQL Server Management Studio With Linux Support SQL Server on Linux: High availability and security

27 References and Additional Information
SQL Security on Linux Configuring SQL Server on Linux Microsoft Information on Linux AWS Documentation Linux for Windows Admins (Pluralsight)

Download ppt "SQL Server in AWS on Linux"

Similar presentations

1 NETE4631 Cloud deployment models and migration Lecture Notes #4.

1 NETE4631 Cloud deployment models and migration Lecture Notes #4.
INTRODUCTION TO CLOUD COMPUTING CS 595 LECTURE 6 2/13/2015.

INTRODUCTION TO CLOUD COMPUTING CS 595 LECTURE 6 2/13/2015.
High Availability Group 08: Võ Đức Vĩnh50703006 Nguyễn Quang Vũ50703033.

High Availability Group 08: Võ Đức Vĩnh Nguyễn Quang Vũ
© 2015 Dbvisit Software Limited | dbvisit.com An Introduction to Dbvisit Standby.

© 2015 Dbvisit Software Limited | dbvisit.com An Introduction to Dbvisit Standby.
Keith Burns Microsoft UK Mission Critical Database.

Keith Burns Microsoft UK Mission Critical Database.
Enterprise Reporting with Reporting Services SQL Server 2005 Donald Farmer Group Program Manager Microsoft Corporation.

Enterprise Reporting with Reporting Services SQL Server 2005 Donald Farmer Group Program Manager Microsoft Corporation.
A Brief Overview by Aditya Dutt March 18 th ’ 2014 1Aditya Inc.

A Brief Overview by Aditya Dutt March 18 th ’ Aditya Inc.
OM. Brad Gall Senior Consultant

OM. Brad Gall Senior Consultant
Cloud Computing for the Enterprise November 18th, 2011. This work is licensed under a Creative Commons.

Cloud Computing for the Enterprise November 18th, This work is licensed under a Creative Commons.
Chapter 10 : Designing a SQL Server 2005 Solution for High Availability MCITP Administrator: Microsoft SQL Server 2005 Database Server Infrastructure Design.

Chapter 10 : Designing a SQL Server 2005 Solution for High Availability MCITP Administrator: Microsoft SQL Server 2005 Database Server Infrastructure Design.
Mastering Amazon RDS Data Masters. Special Thanks To… Miami Innovation Center for Entrepreneurship www.startup-miami.com/mice.

Mastering Amazon RDS Data Masters. Special Thanks To… Miami Innovation Center for Entrepreneurship
Copyright ®xSpring Pte Ltd, All rights reserved Versions DateVersionDescriptionAuthor May 20121.0First version. Modified from Enterprise edition.NBL.

Copyright ®xSpring Pte Ltd, All rights reserved Versions DateVersionDescriptionAuthor May First version. Modified from Enterprise edition.NBL.
Your First Azure Application Michael Stiefel Reliable Software, Inc.

Your First Azure Application Michael Stiefel Reliable Software, Inc.
Cloud Computing & Amazon Web Services – EC2 Arpita Patel Software Engineer.

Cloud Computing & Amazon Web Services – EC2 Arpita Patel Software Engineer.
Intro to Datazen.

Intro to Datazen.
Enhancing Scalability and Availability of the Microsoft Application Platform Damir Bersinic Ruth Morton IT Pro Advisor Microsoft Canada

Enhancing Scalability and Availability of the Microsoft Application Platform Damir Bersinic Ruth Morton IT Pro Advisor Microsoft Canada
Log Shipping, Mirroring, Replication and Clustering Which should I use? That depends on a few questions we must ask the user. We will go over these questions.

Log Shipping, Mirroring, Replication and Clustering Which should I use? That depends on a few questions we must ask the user. We will go over these questions.
Narasimha Reddy Gopu Jisha J. Agenda Introduction to AlwaysOn * AlwaysOn Availability Groups (AG) & Listener * AlwaysOn Failover * AlwaysOn Active Secondaries.

Narasimha Reddy Gopu Jisha J. Agenda Introduction to AlwaysOn * AlwaysOn Availability Groups (AG) & Listener * AlwaysOn Failover * AlwaysOn Active Secondaries.
Deploying Highly Available SAP in the Cloud

Deploying Highly Available SAP in the Cloud
WINDOWS AZURE AND THE HYBRID CLOUD. Hybrid Concepts and Cloud Services.

WINDOWS AZURE AND THE HYBRID CLOUD. Hybrid Concepts and Cloud Services.

Similar presentations

Ads by Google