Azure SQL Database Indika Dalugama Data platform solution architect Microsoft indalug@microsoft.com datalake.lk
Agenda Overview Azure SQL adapts Azure SQL Instances (single,e-pool and MI) How to Migrate SQL across the on-prem and cloud Demo and customers references Q&A
Data platform continuum Shared Lower cost On premises Hybrid Cloud Off premises Dedicated Higher cost Higher administration Lower administration
Power BI, App Services, Data Factory, Analytics, ML, Cognitive, Bot SQL Data Warehouse Database Services Platform SQL Database MySQL PostgreSQL Intelligent: Advisors, Tuning, Monitoring Flexible: On-demand scaling, Resource governance Trusted: HA/DR, Backup/Restore, Security, Audit, Isolation Azure Compute Azure Storage Global Azure with 38 Regions // // Flexible
AZURE SQL DATABASE THE BEST AND MOST ECONOMICAL CLOUD DESTINATION FOR YOUR SQL SERVER APPS Built-in intelligence Breakthrough productivity and performance Seamless and compatible Competitive TCO Realize up to a 406% ROI over on-premises and hosted solutions
Azure SQL Database benefits Increased productivity Faster time to market Lower TCO Reduced risks 47% staff hours reclaimed for other tasks DB management hours 75% faster app deployment cycles 53% less expensive than on-prem/hosted 71% fewer cases of unplanned downtime Azure SQL Database Other Now, those people can do development and create more revenue opportunities for us. We can get things out faster with Azure SQL Database To be able to do what we re doing in Azure, we d need an investment of millions. The last time we had downtime, a half a day probably lost us $100k *Data source & customer quotes: The Business Value of Microsoft Azure SQL Database Services, IDC, March 2015
The intelligent cloud database Key benefits Learns and adapts Differentiating proof Self-tuning performance with Index Advisor and real-time Threat Detection Scales on the fly One click scaling, over 11 performance tiers with zero downtime Manages 1000s, like one Tenant isolation and automatic management of compute and storage with Elastic Pools Works in your environment Popular platforms & languages, from Python to Ruby to Java to C# to.net Secures & protects Built-in HA and data protection with 99.99% SLA, Geo-Replication, & Point-in-time-Restore
Azure SQL Database Instances Managed Instance Instance scoped programming model with high compatibility to on-premises databases Single Standalone managed database best for predictable and stable workloads Elastic pool Shared resource model best for greater efficiency through multi-tenancy
Intelligent capabilities Built-in performance monitoring with intelligent advisors helps reduce troubleshooting time The Azure management portal exposes real-time metrics Azure SQL Database includes Intelligent advisors: o o o o o Resource Monitoring Query Performance Insight/Query Store Intelligence Insights Azure SQL Analytics Database Advisor
RESOURCE MONITORING master.sys.resource_stats userdb.sys.dm_db_resource_stats Percentages relative to performance level Accessible though Azure Portal Intelligent Insights
Query Performance Insight See how database resources are being consumed See the most CPU-intensive queries: Customize your view by selecting observation interval, number of queries, and aggregation type View aggregated statistics about your workload: total duration and number of executions Drill down to a specific query: Get granular view on query execution intervals View query text
AZURE SQL ANALYTICS Monitoring Azure SQL Database at scale Monitored activities
Database Advisor Improve the database with recommendations Index tuning recommendations tailored to each DB Recommendations are based on the observed usage, and evolve as the DB workload changes Tuning Models Support for CREATE and DROP index Intelligent service for implementing and validating the index recommendations SQL Database Index Advisor Azure Cloud Full-auto mode service takes full care of the indexes for your DB Manual review and apply mode for full control Report + visualization of index impact Parameterize query recommendations Fix schema issues recommendations
POINT-IN-TIME RESTORE Automatic backups sabcp01bl21 sabcp01bl21 Self-service restore Azure SQL Database backups Geo- replicated Azure storage Restore from backup Tiered retention policy 10 years (preview), Long-term backup retention
Most secure database Surrounded by layers of protection Identity Windows authentication NEW Azure Active Directory auth. Most secure database SQL threat analytics NEW Monitor activity SQL auditing Control access Row-level security NEW Dynamic data masking NEW Secure development lifecycle Protect data Always encrypted NEW Transparent data encryption Secure Code Least vulnerable last 6 years
Azure SQL Database encryption Encryption type Type Customer value Encryption-in-transit Transport Layer Security (TLS) from the client to the server Protects data between the client and the server against snooping and man-in-the-middle attacks. Azure SQL Database is phasing out Secure Sockets Layer (SSL) 3.0 and TLS 1.0 in favor of TLS 1.2. Encryption-at-rest Transparent Data Encryption (TDE) for Azure SQL Database Protects data on the disk. Key management is done by Azure, which makes it easier to obtain compliance. NEW: Store your encryption keys in Azure Key Vault (BYOK) Encryption-end-to-end Always Encrypted for client-side column encryption Data is protected end-to-end, but the application is aware of encrypted columns. This is used in the absence of data masking and TDE for compliance-related scenarios. End-to-end In-transit Customer data At-rest Database files, backups, Tx log, TempDB
Dynamic data masking Limit the exposure of sensitive data by hiding it from users Auto-discovery of potentially sensitive data to mask Configurable masking policy from the Azure portal or via DDL in the server On-the-fly obfuscation of data in query results Flexibility to define a set of privileged users for un-masked data access Azure SQL Database Table.PhoneNo +1-313-555-5796 +972-4-777-1978 +1-248-666-6550 On-the-fly masking of sensitive data in query results PhoneNum XXX-XXX-5796 XXX-XXX-1978
What is SQL Database Managed Instance? A flavor of SQL DB designed to enable easy migration to fully managed PaaS, for almost any application! SQL Database (PaaS) Managed Instance Singleton Elastic Pool Easy lift and shift Fully managed PaaS Full isolation and security New business model Fully-fledged SQL Built on the same Native VNET Competitive instance with nearly PaaS service implementation Transparent 100% compat with on-prem infrastructure All PaaS features Private IP addresses Frictionless
Note: features will be added in stages until General Availability of Managed Instance Security TDE SQL Audit Row level security Always Encrypted Supports compatibility modes (SQL Server 2005+)
Blob Storage On-prem SQL.BAK Managed Instance
DEDICATED RESOURCES THROUGH CUSTOMER ISOLATION VNET support in SQL Database Managed Instance Enable full isolation from other tenants without resource sharing Promote secure communication over private IPs with VNET integration
Azure Database for PostgreSQL Azure Database for MySQL MySQL PostgreSQL Provision in minutes with built-in high availability Predictable performance, inclusive pay-as-you-go pricing Scale on the fly without application downtime Secured to protect sensitive data at-rest and inmotion Automatic backups and Point-In-Time-Restore for up to 35 days Deep integration with Azure Web Apps
MIGRATION TOOLS
SQL SERVER MANAGEMENT STUDIO Migrate a compatible database using SQL Server Management Studio Target DB 2. Import Azure SQL Database SSMS 1. Export OR 1. Deploy Source DB SQL Server
AZURE DATABASE MIGRATION SERVICE Two modes of migration, continuous sync and one time migration Create a new migration project in DMS Copy local backup to Azure storage Restore backup to Azure SQL DB Target DB Azure SQL Database DMS Azure Storage Create local backup Source DB SQL Server
Azure SQL Data Sync SQL Azure Data Sync is a Microsoft Windows Azure web service that provides data synchronization capabilities for Azure SQL databases. SQL Azure Data Sync allows data to be synchronized between on-premises SQL Server databases and Azure SQL databases; in addition, it can also keep multiple Azure SQL databases in sync. SQL Data Sync targets the reference data replication scenario. Its key capabilities are: Sync between SQL Server (2005 SP2 and later) and Azure SQL databases, or between Azure SQL databases One-way and bi-directional sync One-to-one and hub-spoke Table filter and column filter Scheduled and on-demand Eventual consistency Active Geo-Replication, in contrast, targets GeoDR scenario for Azure SQL Database by replicating the database to another region. It only supports one-way replication (secondaries are read-only), replication is at database granularity and no database or column/row filter support, and it is only available for Premium service tier.
MIGRATION COOKBOOK https://azure.microsoft.com/enus/migration/ https://azure.microsoft.com/enus/resources/choosing-your-database-migrationpath-to-azure/en-us/
Azure Data Architecture Guide
Backup/Restore to Managed Instances Demo
We were able to migrate an app with zero friction to a Managed Instance, with features like CLR and SQL Agent just working. Database Migration Service will be crucial for pulling off migrations like this at scale. Sankar G. Prayaga Lead Engineer, EY
We deploy our SQL Server schema elements into a Managed Instance and we point the application via connection string change directly over to the Managed Instance. Eric Fleischman Vice-President and Chief Architect
Q & A?