designing quality sql server solutions · 2019-03-08 · database engine is full of security...
TRANSCRIPT
![Page 1: Designing Quality SQL Server Solutions · 2019-03-08 · Database engine is full of security features, that few use Object permissions model Encryption –column data, data files](https://reader034.vdocuments.site/reader034/viewer/2022042310/5ed7fe0fc64afa2ac758857c/html5/thumbnails/1.jpg)
www.coeo.com
Designing Quality SQL Server Solutions
Gavin PaynePrincipal Architect
[email protected]@GavinPayneUK
![Page 2: Designing Quality SQL Server Solutions · 2019-03-08 · Database engine is full of security features, that few use Object permissions model Encryption –column data, data files](https://reader034.vdocuments.site/reader034/viewer/2022042310/5ed7fe0fc64afa2ac758857c/html5/thumbnails/2.jpg)
www.coeo.com
Enterprise and solution IT architect:
Platforms and infrastructures
New and existing environments
Full solution lifecycle focus:
Business technology strategy
Business & technical requirements
Solution design
Solution implementation
Gavin Payne
Designing Quality Solutions
![Page 3: Designing Quality SQL Server Solutions · 2019-03-08 · Database engine is full of security features, that few use Object permissions model Encryption –column data, data files](https://reader034.vdocuments.site/reader034/viewer/2022042310/5ed7fe0fc64afa2ac758857c/html5/thumbnails/3.jpg)
www.coeo.com
Defining and measuring solution quality
Security and Manageability with SQL Server
Performance and Scalability with SQL Server
Agenda
Designing Quality Solutions
![Page 4: Designing Quality SQL Server Solutions · 2019-03-08 · Database engine is full of security features, that few use Object permissions model Encryption –column data, data files](https://reader034.vdocuments.site/reader034/viewer/2022042310/5ed7fe0fc64afa2ac758857c/html5/thumbnails/4.jpg)
www.coeo.com
Anyone who uses any part of SQL Server
In fact, anyone who creates or manages IT solutions
Intended Audience
Designing Quality Solutions
![Page 6: Designing Quality SQL Server Solutions · 2019-03-08 · Database engine is full of security features, that few use Object permissions model Encryption –column data, data files](https://reader034.vdocuments.site/reader034/viewer/2022042310/5ed7fe0fc64afa2ac758857c/html5/thumbnails/6.jpg)
www.coeo.com
Robustness
Assurance
Grade of excellence
Superior
Suitability
What is quality?
Designing Quality Solutions
![Page 7: Designing Quality SQL Server Solutions · 2019-03-08 · Database engine is full of security features, that few use Object permissions model Encryption –column data, data files](https://reader034.vdocuments.site/reader034/viewer/2022042310/5ed7fe0fc64afa2ac758857c/html5/thumbnails/7.jpg)
www.coeo.com
What is solution quality?
Designing Quality Solutions
How well a solution functions
Business logic
Error handling
Integration
How well a solution operates
Manageability
Scalability
Security
![Page 8: Designing Quality SQL Server Solutions · 2019-03-08 · Database engine is full of security features, that few use Object permissions model Encryption –column data, data files](https://reader034.vdocuments.site/reader034/viewer/2022042310/5ed7fe0fc64afa2ac758857c/html5/thumbnails/8.jpg)
www.coeo.com
What is solution quality?
Designing Quality Solutions
How well a solution functions
How well a solution operates
“Business requirements”
Functional requirements
“Technical requirements”
Non-functional requirements
![Page 9: Designing Quality SQL Server Solutions · 2019-03-08 · Database engine is full of security features, that few use Object permissions model Encryption –column data, data files](https://reader034.vdocuments.site/reader034/viewer/2022042310/5ed7fe0fc64afa2ac758857c/html5/thumbnails/9.jpg)
www.coeo.com
Also known as quality attributes
Judge a system’s operation rather than describe its behaviour
Cover every aspect of a solution
Ensure complete lifecycle value:
DesignImplementationOperation
Non-functional requirements
Designing Quality Solutions
![Page 10: Designing Quality SQL Server Solutions · 2019-03-08 · Database engine is full of security features, that few use Object permissions model Encryption –column data, data files](https://reader034.vdocuments.site/reader034/viewer/2022042310/5ed7fe0fc64afa2ac758857c/html5/thumbnails/10.jpg)
www.coeo.com
Different definitions exist: architectural, technical, vendor
Availability Recoverability
Extensibility Reliability
Integrity Scalability
Interoperability Security
Manageability Serviceability
Performance Source: TOGAF 9.1
Pre-defined quality attributes
Designing Quality Solutions
![Page 11: Designing Quality SQL Server Solutions · 2019-03-08 · Database engine is full of security features, that few use Object permissions model Encryption –column data, data files](https://reader034.vdocuments.site/reader034/viewer/2022042310/5ed7fe0fc64afa2ac758857c/html5/thumbnails/11.jpg)
www.coeo.com
How can you use quality attributes?
Designing Quality Solutions
Solution design standards
Solution development
Acceptance criteria
Critical success factors
In-life operations
Change review processes
Quality Measurement
Availability 99.9%
Performance <1 sec per click
Security Auditing Yes
![Page 12: Designing Quality SQL Server Solutions · 2019-03-08 · Database engine is full of security features, that few use Object permissions model Encryption –column data, data files](https://reader034.vdocuments.site/reader034/viewer/2022042310/5ed7fe0fc64afa2ac758857c/html5/thumbnails/12.jpg)
www.coeo.com
Quality attributes trade-offs
Designing Quality Solutions
Having high quality standards is expensive
Trade-offs between cost and capability are needed
Consider the what-if situations
What if we can’t support Android?
![Page 14: Designing Quality SQL Server Solutions · 2019-03-08 · Database engine is full of security features, that few use Object permissions model Encryption –column data, data files](https://reader034.vdocuments.site/reader034/viewer/2022042310/5ed7fe0fc64afa2ac758857c/html5/thumbnails/14.jpg)
www.coeo.com
Protecting a solution from un-authorised access
What are the potential threats today?
External hackers System administratorsUn-authorised end users
A good permissions model is insufficient these days
Security
Designing Quality Solutions
![Page 15: Designing Quality SQL Server Solutions · 2019-03-08 · Database engine is full of security features, that few use Object permissions model Encryption –column data, data files](https://reader034.vdocuments.site/reader034/viewer/2022042310/5ed7fe0fc64afa2ac758857c/html5/thumbnails/15.jpg)
www.coeo.com
Developers and vendors typically don’t know the minimum permissions required
Users routinely need access to large data sets
For example PowerPivot
System administrators can normally see everything
Common Security Issues
Designing Quality Solutions
![Page 16: Designing Quality SQL Server Solutions · 2019-03-08 · Database engine is full of security features, that few use Object permissions model Encryption –column data, data files](https://reader034.vdocuments.site/reader034/viewer/2022042310/5ed7fe0fc64afa2ac758857c/html5/thumbnails/16.jpg)
www.coeo.com
Database engine is full of security features, that few use
Object permissions model
Encryption – column data, data files
Auditing – access failures, successful access
Separation of duties – Stop DBAs reading data
Why don’t they get implemented very often?
Few can describe their value
Security with SQL Server
Designing Quality Solutions
![Page 18: Designing Quality SQL Server Solutions · 2019-03-08 · Database engine is full of security features, that few use Object permissions model Encryption –column data, data files](https://reader034.vdocuments.site/reader034/viewer/2022042310/5ed7fe0fc64afa2ac758857c/html5/thumbnails/18.jpg)
www.coeo.com
Monitoring and controlling a solution
How does the business monitor the solution’s performance?
It’s probably not a Performance Monitor counter
How easily can you make changes?
If it’s too complex…….
Manageability
Designing Quality Solutions
![Page 19: Designing Quality SQL Server Solutions · 2019-03-08 · Database engine is full of security features, that few use Object permissions model Encryption –column data, data files](https://reader034.vdocuments.site/reader034/viewer/2022042310/5ed7fe0fc64afa2ac758857c/html5/thumbnails/19.jpg)
www.coeo.com
SQL Server has good error handling
How do you capture or find its error messages?
How do you capture your own error messages?
TRY….CATCH….THROW into a logging table
How do you monitor for unusual activity that completed successfully? Bad user activity may not cause errors
Manageability with SQL Server
Designing Quality Solutions
![Page 20: Designing Quality SQL Server Solutions · 2019-03-08 · Database engine is full of security features, that few use Object permissions model Encryption –column data, data files](https://reader034.vdocuments.site/reader034/viewer/2022042310/5ed7fe0fc64afa2ac758857c/html5/thumbnails/20.jpg)
www.coeo.com
These can be complimentary quality attributes
An easy to operate system is a well liked system
Few people seem to implement much security
SQL Server has lots of features
Even if its just to monitor access
Security and Manageability summary
Designing Quality Solutions
![Page 22: Designing Quality SQL Server Solutions · 2019-03-08 · Database engine is full of security features, that few use Object permissions model Encryption –column data, data files](https://reader034.vdocuments.site/reader034/viewer/2022042310/5ed7fe0fc64afa2ac758857c/html5/thumbnails/22.jpg)
www.coeo.com
Performance isn’t the same as scalability
Functionality delivered
In an acceptable time
For a single user
The first quality attribute we consider
But, how do we measure performance?
Performance
Designing Quality Solutions
![Page 23: Designing Quality SQL Server Solutions · 2019-03-08 · Database engine is full of security features, that few use Object permissions model Encryption –column data, data files](https://reader034.vdocuments.site/reader034/viewer/2022042310/5ed7fe0fc64afa2ac758857c/html5/thumbnails/23.jpg)
www.coeo.com
Query design and tuning
Table indexing and statistics
Amount of data being processed
Balance of processing between app and data tiers
Data design
Duplication of data
Ease of finding data
Performance with SQL Server
Designing Quality Solutions
![Page 24: Designing Quality SQL Server Solutions · 2019-03-08 · Database engine is full of security features, that few use Object permissions model Encryption –column data, data files](https://reader034.vdocuments.site/reader034/viewer/2022042310/5ed7fe0fc64afa2ac758857c/html5/thumbnails/24.jpg)
www.coeo.com
Maintaining acceptable performance as utilisation increases
How many concurrent users can we support?
How do data volumes affect performance?
Scalability on day 1 should be perfect
What about day 180 and day 5000?
Scalability requires more than load testing
Scalability
Designing Quality Solutions
![Page 26: Designing Quality SQL Server Solutions · 2019-03-08 · Database engine is full of security features, that few use Object permissions model Encryption –column data, data files](https://reader034.vdocuments.site/reader034/viewer/2022042310/5ed7fe0fc64afa2ac758857c/html5/thumbnails/26.jpg)
www.coeo.com www.coeo.com
Test objective
What type of clustered index allows the fastest inserts?
Regular clustered
GUID
GUID with 50% fill-factor
Clustered ColumnStore index
Hash partitioned index
And what effect does Delayed Durability have?
Scalability Testing
Designing Quality Solutions
![Page 27: Designing Quality SQL Server Solutions · 2019-03-08 · Database engine is full of security features, that few use Object permissions model Encryption –column data, data files](https://reader034.vdocuments.site/reader034/viewer/2022042310/5ed7fe0fc64afa2ac758857c/html5/thumbnails/27.jpg)
www.coeo.com www.coeo.com
Scalability Testing
Designing Quality Solutions
![Page 28: Designing Quality SQL Server Solutions · 2019-03-08 · Database engine is full of security features, that few use Object permissions model Encryption –column data, data files](https://reader034.vdocuments.site/reader034/viewer/2022042310/5ed7fe0fc64afa2ac758857c/html5/thumbnails/28.jpg)
www.coeo.com www.coeo.com
Scalability Testing
Designing Quality Solutions
![Page 29: Designing Quality SQL Server Solutions · 2019-03-08 · Database engine is full of security features, that few use Object permissions model Encryption –column data, data files](https://reader034.vdocuments.site/reader034/viewer/2022042310/5ed7fe0fc64afa2ac758857c/html5/thumbnails/29.jpg)
www.coeo.com www.coeo.com
Test process
Stored procedure that performed 1000 insertsCalculated and logged duration of each insert
Enough concurrent activity to show internal resource waitsNot enough to overwhelm CPU resources
Scalability Testing
Designing Quality Solutions
![Page 30: Designing Quality SQL Server Solutions · 2019-03-08 · Database engine is full of security features, that few use Object permissions model Encryption –column data, data files](https://reader034.vdocuments.site/reader034/viewer/2022042310/5ed7fe0fc64afa2ac758857c/html5/thumbnails/30.jpg)
www.coeo.com www.coeo.com
Test results
96 concurrent threads
Scalability Testing
Designing Quality Solutions
Delayed Durability
(ms per insert)
16.4
5.0
3.6
18.9
6.5
Regular Logging
(ms per insert)
20.5
13.9
14.6
25.1
13.7
Index Type
Regular clustered index
GUID
GUID with fill-factor 50
Clustered ColumnStore
Hash partitioning
![Page 31: Designing Quality SQL Server Solutions · 2019-03-08 · Database engine is full of security features, that few use Object permissions model Encryption –column data, data files](https://reader034.vdocuments.site/reader034/viewer/2022042310/5ed7fe0fc64afa2ac758857c/html5/thumbnails/31.jpg)
www.coeo.com
Resource scalability
Add more – Memory and CPUs
Control utilisation – Resource governor for CPU and IO
Work harder – Data compression
Database scalability
Data type widths
Locking and page latch contention
Scale-out data model
Scalability with SQL Server
Designing Quality Solutions
![Page 32: Designing Quality SQL Server Solutions · 2019-03-08 · Database engine is full of security features, that few use Object permissions model Encryption –column data, data files](https://reader034.vdocuments.site/reader034/viewer/2022042310/5ed7fe0fc64afa2ac758857c/html5/thumbnails/32.jpg)
www.coeo.com
Performance is the most obvious quality attribute
Easiest to define, measure and test
Scalability is what catches people out
It’s not just about the hardware
Nor the number of users
Performance and Scalability summary
Designing Quality Solutions
![Page 33: Designing Quality SQL Server Solutions · 2019-03-08 · Database engine is full of security features, that few use Object permissions model Encryption –column data, data files](https://reader034.vdocuments.site/reader034/viewer/2022042310/5ed7fe0fc64afa2ac758857c/html5/thumbnails/33.jpg)
www.coeo.com
Functional requirements define business value
Non-functional requirements provide in-life success
Also known as quality attributes and can be measured
How can you use them to improve your solution’s quality?
Session Summary
Designing Quality Solutions