2. #SQLSatATL
Kellyn Pot’Vin-Gorman
Technical Intelligence Manager for the Office of CTO,
Delphix
• Multi-platform DBA, (Oracle, MSSQL, MySQL, Sybase,
PostgreSQL…..)
• Oracle ACE Director, (Alumni), Oak Table
• APEX Women in Technology Award, CTA
• STEM education with Raspberry Pi and Python
• Liaison for Denver SQL Server User Group
• Rocky Mountain Oracle Training Days Conference Director
and Board Director
• Author, blogger, (http://dbakevlar.com)
3. #SQLSatATL
Copy Data Management: Virtualized sanity for the DBA
Realist.
Provisioning: Patching, refreshing and if you
ask me one more time!
Cloud: Cloudy with a chance of failures.
Security: Yo Developer- Is that the SA password
taped to your monitor??
4. The Life of a DBA
Provision Databases
Refresh and provide data to reporting, testing
and development
Secure database environments
Optimize data access
Collaborate to solve business challenges
5. #SQLSatATL
What is Copy Data Management, (CDM)
The management of all non-production databases.
Broad Term- Physical and virtual clones
Managed or unmanaged
Command line or User Interface, (or both)
Administrative, Infrastructure, security
6. #SQLSatATL
Storage costs
Thin-provisioning storage avoidance
Data transfer costs
Far less data transferred during provisioning/refresh
operations
As opposed to the volume of data transferred using
traditional cloning techniques
Simplifies Provisioning vs. archaic processes to copy data
Why Use Virtualization for CDM?
7. #SQLSatATL 7
▶▶▶
Virtualize and Deployed▶ ▶ ▶
Copies: 90%+ Repeated Data
Storage Pool for Delphix
QA
DEV PATCH TEST
PRODUCTION
Database/App Tier
1 TB
1 TB
0.6 TB
Read From Production
Spin a VIRTUAL database up a patch test, without having to remove a current development or test one.
TEST
10. #SQLSatATL
Data Virtualization: From Prod to
Virtual
Validated Sync
Environment
Source Environment
SCSI/SSL
Any Storage
Create as many VDBs as needed!
13. #SQLSatATL
• Using any storage and only fraction of space
• Syncs with native or third-party SQL Server backups
• Can maintain two weeks of data changes
• Managed just like any SQL Server database
• Users can instantly provision a read/write virtual copy
of a database
• Can be used for replication, mirroring, and change data
capture (CDC).
This is Data Version Control
16. #SQLSatATL 16
Spin up a new
VIRTUAL DB and SQL
bin Files
Night Time ETL/Maintenance Challenges
Finance
Dev
Test
QA
ETL
BI
Reporting
DBCC’s
Scripted out to spin up new VDBs
to run nightly jobs, maintenance,
etc.
17. #SQLSatATL 17
Epiphany
e·piph·a·ny
əˈpifənē/
noun
a (1) : a usually sudden manifestation or perception of the essential nature or meaning of
something (2) : an intuitive grasp of reality through something (as an event) usually simple and
striking (3) : an illuminating discovery, realization, or disclosure
b : a revealing scene or moment
21. #SQLSatATL 21
Patching and Upgrading Databases
Each patch, would need to be applied to a
development database, requiring outage
to development teams and then tested
before applying to test, UAT and then
onto production.
This has to be performed to EACH
environment, every SQL Server, each
quarter.
Finance
HR
CRM
UAT Test DevProd
22. #SQLSatATL 22
Downtime for valuable resources.
DBAs working afterhours
Each database must have it done and…
The tedious task must be performed over and over
again.
Little opportunity for advanced learning.
Each database may experience different bugs.
Risks/Challenges Of This Approach
23. #SQLSatATL 23
Spin up a new
VIRTUAL DB and SQL
bin files and apply
patch to it.
Environment Virtualization, DB Style
CRM
Finance
HR
24. #SQLSatATL 24
No need to keep the
extra VDBs post
patch to prod.
After Testing, Apply to Production
CRM
Finance
HR
25. #SQLSatATL 25
The Compressed Copies
in the Delphix Engine
are Upgraded!
Environment Virtualization, DB Style
HR
Finance
CRM
28. #SQLSatATL 28
• I didn’t have to take away a valuable resource’s database environment to test
the patches.
• I didn’t have to apply the patches to subsequent environments, as they are
virtualized copies of the source, simply requiring a refresh from production,
post final patch.
• I save significant time that commonly has to be allocated to quarterly and
annual maintenance for patching.
• I apply the patch twice- once to test, once to production. I only need to
refresh my environments after I’m done.
• For releases, this can be “containerized”, simplifying release and if required,
rollback.
Patching and Upgrading with
Virtualization
30. #SQLSatATL 30
The CLI, (Command Line Interface) for CDM should be robust and able to incorporate into DevOps
What if I’m Retro- Command Line?
• The name of the VDB you want to create
• The group in which to create the VDB
• The Oracle database name
• The Oracle database unique name
• The Oracle database instance number
• The Oracle database instance name
• The source dSource or VDB from which you wish to provision
• The SCN or timestamp of the point you want to provision from, (commands can be run
to get the list of snapshots or timeflow ranges.)
32. #SQLSatATL 32
What a CLI Scripted Refresh Looks Like
> database
> select <VDB name>
> refresh
> set timeflowPointParameters.type= (one of TimeflowPointBookmark,
TimeflowPointBookmarkTag, TimeflowPointLocation,
TimeflowPointSemantic, TimeflowPointTimestamp as appropriate)
> set timeflowPointParameters.location= (the location, timestamp,
or bookmark you wish to refresh to)
> set timeflowPointParameters.timeflow= (the timeflow associated
with location)
> commit
This can all be called via a Powershell script…
34. #SQLSatATL 34
• Monstrous deployments, (20+) benefit from a scripted, CLI option.
• Single or several VDB deployment.
• When investigating deep level issues, using the CLI can make details
easier to search through.
• When looking for “just the facts”, then a graphical UI is beneficial for high
level error messages.
• Self-service has great benefits and make it simple for those without deep
level skills to take advantage of virtualized environments for development
and testing.
• The CLI helps with DevOps automation and orchestration.
When Do I USE the CLI or Graphical UI?
36. #SQLSatATL
Just copy data and applications into the cloud…
• Straightforward approach
• Inefficient, non-incremental for large environments
• Open-source “bcp” uses encryption, compresses,
and multi-threads
• Archaic processes recommended by vendors
Start with backups to IaaS storage, then populate re-hosted
applications by restoring from those backups
• Cloud backups are easy, known technology
How Are Companies Migrating to
the Cloud?
37. #SQLSatATL
Cost Estimates for Azure
https://azure.microsoft.com/en-
us/pricing/details/storage/blobs/
Storage Capacity LRS
First 1 TB / Month $0.024 per GB
Next 49 TB (1 to 50 TB) / Month $0.0236 per GB
Next 450 TB (50 to 500 TB) / Month $0.0232 per GB
Next 500 TB (500 to 1,000 TB) / Month $0.0228 per GB
ZRS
$0.03 per GB
$0.0295 per GB
$0.029 per GB
$0.0285 per GB
39. #SQLSatATL
Migration Complete…Not so Fast…
• What if you only want dev and test in the cloud.
• Data is migrated, but this doesn’t count for ongoing data loads, application
connectivity across the network.
• To refresh will take considerable time to perform with traditional tools or cloning
methods.
• Rarely a consideration for the difference in cost structure for processing large
amounts of data from on-premise to the cloud.
42. #SQLSatATL
https://docs.microsoft.com/en-us/azure/sql-database/sql-database-cloud-migrate
• Database must be MSSQL 2005 or higher, (easy)
• Ensure that the database is compatible with Azure SQL DB, (correct any incompatible
functions, etc.)
• Must have identified all performance issues that will be impacted beforehand.
• Ensure there is as little physical distance between the cloud data center and bacpac files to
be used for migration.
• Disable management jobs that will hinder migration processing.
• Drop any objects or historical data that can impact migration time and can be performed
post migration.
43. #SQLSatATL
• Performs assessment of IIS environment and creates report of what can be migrated.
• Creates report to document what will require moving and any issues identified.
• Creates any websites and associated databases in preparation for the migration.
• If non-compatible products are in use, (which is in case of 90% of environments) then those
must be addressed manually.
• The tool is free to start, but will cost as project proceeds in duration.
https://azure.microsoft.com/en-us/downloads/migration-
assistant/?&wt.mc_id=AID559320_SEM_14UHplSj&gclid=CJWky8vB6tICFdG2wAod0SEJqQ
45. #SQLSatATL
Much Improved Option-
1. Data virtualization
Easy, secure, revolutionary
Optimized for faster agile development and testing
Optimized for new costing structures in IaaS
With a software appliance, no concerns about hardware or
software outside of virtualization lock-in.
Migrating from on-prem to IaaS with
Virtualization
47. #SQLSatATL
Data virtualization: from on-premises
into the Cloud
Source DB server
SQL Server 2008-2016
2TB storage
Delphix Virtualization Engine
2 TB storage
Target DB server
SQL Server 2008-2016
No database storage
48. #SQLSatATL
Optimized for the cloud in the first place…not after!
Different cost structures
Much smaller storage footprint, much less data-transfer
How Does Data Virtualization Enhance
this?
49. #SQLSatATL
Traditional copy data management techniques
Developed without concerns about infrastructure chargeback
This corresponds to higher cost.
IaaS vendors monitor storage and data transfers
Help meet SLAs, garner profits
It’s not just the data that exists in the end, so transformations can
equal big money for cloud vendors.
Different cost structures
50. #SQLSatATL
Know Thy Enemy…
• Tune SQL and Apps to perform efficiently as possible- natural
life of database is growth, (in processes, resources, etc.) before
migrating.
• The less network latency, the better- network tracing to
eliminate database blame is important.
• Many of the same tools and data provides value- DMVs provide
data internally to SQL Server.
• Look at management tools such as Cloudmonix, (formerly
AzureWatch) AppDynamics, Dynatrace, Zabbix or Logic Monitor.
51. #SQLSatATL
For Non-Production Systems…
Change the way you’ve always performed tasks.
Performing common tasks the same way as previously might
end up costing more.
Secure Data
All IaaS alternatives promote encryption for data in-flight and
for data at-rest, but encryption may not be the right
answer…
Secondary Considerations
52. #SQLSatATL
All IaaS solutions provide encryption in-flight and encryption at-rest
But encryption doesn’t protect data as much as it needs to be .
Europe already requires data masking, not just data encryption for any
confindential data, (GDPR):
http://ec.europa.eu/justice/data-protection/article-
29/documentation/opinion-
recommendation/files/2014/wp216_en.pdf
Confidential data
53. #SQLSatATL
Encryption is reversible data obfuscation, which is very different from
masking data.
• Data masking is non-reversible.
It solves the issue at the data level.
Is authentication and authorization in non-production in compliance with
security goals?
All organizations will soon need to review if critical data in non-
production environments be accessible to developers, testers and
users.
Confidential data
54. #SQLSatATL
Masking personally-identifiable, (PII, HIPPA, PCI, etc.) information
renders it useless from a security standpoint
Resolves both the technical and personal responsibility issue.
The data can be masked before it moves to non-production,
removing unnecessary risk.
Why Masking is Part of the Answer
56. #SQLSatATL
Data virtualization: transformation by
masking
SQL Server
Validated Sync
Environment
Delphix Masking Engine
Delphix Virtualization Engine
2TB storage
SQL Server Target
No database storage
57. #SQLSatATL
Data virtualization: Masking and then to the
Cloud
Delphix Virtualization Engine
2 TB storage
SQL Server Target
Storage Only for
Masked Data
Delphix Virtualization Engine
2TB storage
Delphix Masking Engine
SQL Server
Validated Sync
Environment
SQL Server Target
Storage Only for
Masked Data
59. #SQLSatATL
On-Prem, Masked, then Replicated to IaaS
Delphix Virtualization Engine
4 TB storage
SQL Server
Validated Sync
Environment
SQL Server Target
Storage Only for Masked
Data
SQL Server Target
Storage Only for Masked
Data
Delphix Virtualization Engine
4 TB storage
SQL Server Target
Storage Only for Masked
Data
Delphix Masking Engine
60. #SQLSatATL
Virtualization Makes Copy Data Management
Simple
Security with masking and encryption is best
Cloud migrations are more successful when
virtualized and planned accordingly.
Patching and Maintenance can be done with less
effort and resources.
61. #SQLSatATL
Want to try it out, download the Delphix Azure Trial! https://www.delphix.com/products/free-trial-
request
Twittter: @DBAKevlar
Linked in: http://linkedin.com/in/kellynpotvin
Blog: http://dbakevlar.com
62. #SQLSatATL 62
Delphix with SQL Server- the Basics
https://docs.delphix.com/docs/delphix-administration/sql-server-environments-and-data-
sources/managing-sql-server-environments/overview-of-setting-up-sql-server-
environments
Delphix Upgrade Workflow: https://community.delphix.com/delphix/topics/tip-of-the-day-
upgrading-a-sql-server-dsource
Upgrading the Dsource after an Upgrade: https://docs.delphix.com/docs/delphix-
administration/sql-server-environments-and-data-sources/virtualizing-databases-using-
delphix-with-sql-server/managing-sql-server-dsources/additional-dsource-
topics/upgrading-a-dsource-after-a-sql-server-upgrade
Delphix in the Cloud
https://www.delphix.com/solutions/cloud-migration-virtual-data
References and Tips
Talk about the future of the DBA with DevOps-
Learn other database platforms
Learn Shell, other than Powershell, learn Python and automation tools for DevOps
ETL, subsets of data, as well as physical and virtual clones, backup, replication.
Where is all that data going?
DBA 1.0/2.0? Does it translate?
Manage all those copies.
80-90% storage savings from traditional migration methods.
Data In flight can be significant cost for many cloud vendors
Network is the new bottleneck. You can avoid that with less copies- one golden copy- we call it the “validated sync environment”
This is the interface for Developers and testers- they can bookmark before important tasks or rewind to any point in the process. They can bookmark and branch for full development/testing needs.
How often does Microsoft send patches?
Do we start picking priorities about what we apply depending on environment access, resources and such?
DBA has to commandeer a database for patch testing.
This has to be performed for EACH environment, 100’s or 1000’s of databases!
Most are not synchronized with production, different outcomes when released to production.
Bugs occurring in one, not another!
Testing upgrades and patches can be greatly simplified using the portability and ease-of-use of Delphix Virtual Databases (VDBs). Here are two approaches that can be used, depending on the upgrade or patch.
Link the production database with the Delphix Server.
Provision a VDB at the existing patch level.
Patch the existing SQL Server bin files against the live VDB.
or
Create the new SQL Server bin file directory and switch the VDB.
Rollback VDB or Refresh from production.
Repeat 3 or 4 until confident.
Once the process has been tested and confirmed, it can be rolled out with confidence into production.
Still, very simple vs. what we write every day to support a simple create table or create database…
Do any of you see the problem with the high level project steps?
We commonly leave optimizing the environment until after we’ve migrated to the cloud.
Standard backup and recovery methods
Replication
Cloning, SSIS Packages to push data to Azure
Continual feed to keep up to date or refresh on regular basis, via archaic tools- bcp, log shipping or paid replication tools.
How many of you have moved dev and test to the cloud? How many moved cloud or moved it first??
If you moved it, would you consider keeping processing the same?
How can the cost structure impact you?
What all has to be moved? What issues are you going to run into?
Optimize first? Why?
And if you choose wrong or use more resources than expected, you can experience severe performance issues.
What resources are you really using? DBAs know, but do the developers and other stakeholders in the cloud migration project?
This is for Azure migrations- the requirements
Create this report- what can be migrated and what can’t?
90% of environments won’t fulfill the requirements and won’t migrate with the cloud migration asst.
Once final tests are done- you are testing.
Perform final migration, final sync to prod and downtime to switch from on-prem to cloud.
By going to a single source, loading to a single source and maintaining a single source, a smaller footprint is attained.
Cost savings in the way of less storage required results in even bigger savings.
Different cloud manufacturers have different pricing structures- verify what you are being charged for and make sure those costs aren’t in contrast with your environment.
Many avoid RDS on Amazon- we don’t support it. For our Oracle customers, too limited.
Before you start, tune SQL instaead of after.
Use network tools like Nagios network analyzer or. Solarwinds Network Performance Monitor, (NPM)
Your performance data can assist you in identifying huge IO, CPU and remote resource work that should be minimized beforehand.
Data in flight can cost you and data processing that was normal on-prem, may need to be redesigned post cloud migration.
Inspect pricing small print carefully and know you’re final decision on *what* choice in cloud and type of service will determine.
Encryption is important for production.
SQL 2016 dynamic data masking isn’t production ready- three steps and I had ‘un-masked
data!
Or does it shift the problem toward authentication and authorization?