Embed Size (px)
Citation preview
Enterprise-Grade SQL Server Deployments in AWS Tom Fuller – Enterprise Solutions Architect
Agenda
• What is Enterprise-Grade? • Delivery Models and Choices • Reliability • Performance • Security • Cost Optimization • Operations • Questions
Cloud Humor
What is “Enterprise-Grade”?
1 Delivery Models
Delivery Models for SQL Server
Amazon RDS for SQL Server • Fully managed service • Easy to set up, operate, scale • Managed high availability solution • Automated provisioning, patching,
backup and recovery • Failed instance replacement
SQL Server on EC2 Instances • Resizable computing capacity • Preconfigured SQL Server AMIs • Full control over the instances • You are responsible for tuning,
patching, backup and recovery, HA, management, security, etc.
Overview of Features
Amazon RDS for SQL Server SQL Server on Amazon EC2
Versions Supported: 2008 R2, 2012 2005*, 2008*, 2008 R2, 2012, 2014
Editions Supported: Express, Web, Standard, Enterprise
High Availability: Automated failover, Multi-AZ Self-managed (AlwaysOn, Mirroring, Log Shipping)
Encryption: Encrypted Storage using Amazon KMS (all editions); TDE Support
Authentication: SQL Server Authentication only Windows and SQL Server Auth.
Backups: Managed Automated Backups Leverage Maintenance Plans, or 3rd party
Patching and Maintenance:
Automatic Software Patching Self-managed
* Self installed
Control vs. Cost Comparison Cost
Control
• We recommend you consider RDS first • Focus on tasks that bring value to your
customers/users • Focus on high level tuning and optimizations • Remove your dependency on special
clustering, replication, and backup techniques
• There are still always going to be reasons to run with full control but make sure they’re worth it!
SQL Server on RDS
SQL Server on EC2
Amazon RDS SQL Server Tooling Support
• Most things still work: • SQL Server Management
Studio • SQL Server Tuning Advisor • SQL Server Agent (partial) • SQL Server Logs (agent,error)
• Not available: • SSAS • SSIS • SSRS
• Not supported: • Maintenance Plans • Database Mail • Linked Servers • MSDTC • Windows Integrated
Security • > 4 TB DB • 30 db per instance
2 Reliability
Amazon RDS for SQL Server • Multi-AZ Mode (high safety or high performance): • Primary and secondary DB nodes in different Availability
Zones (AZ) • Leverages SQL Server Mirroring • Automatic failover (1-2 min. typically)
High Availability (HA)
High Availability (HA)
SQL Server on Amazon EC2 • Native SQL Server Features: • Log Shipping: typically used for DR, increases availability • Database Mirroring: mirrors principal to secondary • AlwaysOn Availability Groups: failover of database group
Amazon RDS Built-in Management Features
• Automated backup and recovery Max. Retention: 35 days Restore to any second, typically up to the last 5 minutes
• Push-button DB instance class scaling • Automatic host replacement
Amazon RDS Built-in Management Features
• Automatic minor version upgrade • Pre-configured parameters and options • Configurable administrative windows of time:
Backup Window: at least 30min once a day Maintenance Window: at least 30min once a week
SQL Server Disaster Recovery (DR)
• AWS is designed to protect you from regional events • Replicating across regions is an option • On-Premise DR in AWS very popular
• Store Backup Data • Pilot-Light using log shipping
Manage Your SQL Server Resources on AWS
Amazon EC2 & RDS
Management Console
AWS Command Line Tools (CLI)
or AWS Tools for PowerShell
AWS SDKs AWS CloudFormation
templates
Multiple ways to start and manage your AWS SQL Server resources
3 Performance
Elasticity
• Range of DB instance type – From: 1 vCPU and 1 GB of RAM – To: 36 vCPUs and 244 GB of RAM
• Grouped in instance families • Not all editions available for all classes in Amazon
RDS • Scale up/down by changing instance type/class • Scale out/in by adding/removing read replicas (not in
RDS)
Decoder Ring
c4.large Instance family
Instance generation
Instance size
Broad Set of Compute Instance Types
M3
General purpose
M1
Compute optimized
C3
C1 CC2
Storage and IO optimized
HS1
I2 HI1
G2
GPU enabled
CG1
Memory optimized
R3
M2 CR1
C4 D2 M4
Amazon EBS
• Network attached block device – Independent data lifecycle – Virtual disks – Multiple volumes per EC2 instance – Only one EC2 instance per volume
• POSIX-compliant file systems – Virtual disk ideal for: OS boot device; file systems
• Raw block devices – Ideal for databases – Other raw block devices
Storage System I/O Performance
Amazon RDS Amazon EC2 Type Size Performance Size Performance Burst Capacity Pricing Model
Magnetic Storage
20 GiB – 1 TiB ~ 100 IOPS 1 GiB – 1 TiB ~ 100 IOPS
Yes, several hundred IOPS
Allocated storage; I/O operations
General Purpose (SSD)
20 GiB – 6 TiB (min. 100 GiB recommended)
3 IOPS/GiB
1 GiB – 16 TiB 3 IOPS/GiB for volumes 1 TiB or less, up to 10,000 IOPS for larger volumes
Yes, up to 3000 IOPS per volume, subject to credits (< 1 TiB in size)
Allocated storage
Provisioned IOPS (SSD)
100 GiB – 6 TiB (min. 200 GiB for Standard ed.)
10 IOPS/GiB, up to max. 20,000 IOPS
4 GiB – 16 TiB Up to 20,000 IOPS; ratio: 3 to 30 IOPS per GiB
No, fixed allocation
Allocated storage; Provisioned IOPS
I/O Performance Planning
• Amazon RDS maximum channel bandwidth: 1000 Mbps full duplex
• Amazon EBS maximum volume throughput: 320 MiB/s • IOPS provisioning: each I/O up to 256 KiB = 1 IOPS (SQL
Server Default: 4K) • Average Queue Depth: I/O requests waiting to be serviced • First touch penalty for EBS volumes • Consider Instance Storage with strong backup strategy for high
performance databases • Amazon EC2: Consider striping multiple EBS volumes • Amazon RDS: Storage cannot scale once deployed
4 Security
AWS Shared Responsibility Model
• Moving IT infrastructure to AWS creates a shared responsibility model between the customer and AWS.
• Scope of responsibility depends on the type of service offered by AWS: – Infrastructure – Container – Abstracted Services
• Understanding who is responsible for what is critical to ensuring your AWS data and systems are secure!
Securing SQL Server on AWS
Network Layer Controls
DB Instance Access Controls
Data Access Controls
Encryption
Security layers to consider when deploying SQL Server workloads on AWS:
Securing SQL Server on AWS: Network
• Networking Platform: EC2-VPC is recommended • Private, isolated section of the AWS Cloud • Subnets and AZ specificity (RDS: DB Subnet Groups) • Route Tables and NACLs Security Groups: • Restrict inbound traffic to database-related traffic only • Leverage security group references Public Access: • Limit access to known sources • Potential for more frequent patching
Securing SQL Server on AWS: Instance Access
Amazon Identity and Access Management (IAM) • Control create, modify, delete DB instance rights • Multi-Factor Authentication (MFA) • Grant least privileges to IAM users, groups roles • Use strong password policies • Rotate credentials • Lock away root account credentials • Federated access from Active Directory Amazon CloudTrail • Log AWS API invocations for audit purposes
Securing SQL Server on AWS: Data Access
• Least Privileges logins for workloads, applications and end users
Amazon RDS for SQL Server • SQL Server Authentication only • Use master user login ID only for administrative
purposes
SQL Server on Amazon EC2 • Windows and SQL Server Authentication • Active Directory integration
Securing SQL Server on AWS: Encryption
Data-At-Rest Protection: • Encrypted DB instances using Amazon KMS • SQL Server Transparent Data Encryption (TDE) • SQL Server column-level • Encrypting data in the application before it is
saved to the database instance.
Data-In-Transit Protection: • Support for encrypted connections via SSL
How AWS Services Integrate with AWS Key Management Service
• Two-tiered key hierarchy using envelope encryption
• Unique data key encrypt customer data
• AWS KMS master keys encrypt data keys
• Benefits of envelope encryption: • Limits risk of a compromised data key • Better performance for encrypting large data • Easier to manage a small number of master keys
than millions of data keys
Customer Master Key(s)
Data Key 1
Amazon S3 Object
Amazon EBS
Volume
Amazon Redshift Cluster
Data Key 2 Data Key 3 Data Key 4
Custom Application
AWS KMS
AWS Key Management Service Reference Architecture
Application or AWS Service
+ Data Key Encrypted Data Key
Encrypted Data
Master Key(s) in Customer’s Account
AWS Key Management Service
1. Application or AWS service client requests an encryption key to use to encrypt data, and passes a reference to a master key under the account.
2. Client request is authenticated based on whether they have access to use the master key. 3. A new data encryption key is created and a copy of it is encrypted under the master key. 4. Both data key and encrypted data key are returned to the client. Data key is used to encrypt
customer data and then deleted as soon as is practical. 5. Encrypted data key is stored for later use and sent back to AWS KMS when the source data
needs to be decrypted.
AWS Key Management Service Providing security for your keys
• Plaintext keys are never stored in persistent memory on runtime systems
• Automatically rotate your keys for you • Separation of duties between systems that use master keys and data
keys • Multi-party controls for all maintenance on systems that use your
master keys • See public white papers and Service Organization Control (SOC 1)
compliance package
5 Cost Optimization
Cost Optimization
SQL Server operational cost depends on:
• region selected • instance class/type • storage type and size • runtime • Multi-AZ mode • pricing model • licensing model
Cost Optimization
On-Demand
Pay by the hour No term commitment
EC2 Reserved Instances
No-upfront Partial-upfront All-upfront RIs
RDS Reserved Instances
No-upfront Partial-upfront All-upfront RIs
Reserved Instances (RIs) available for 1 and 3 year terms Save up to 60% over on-demand costs
6 Operations
Monitoring Your SQL Server Workloads
• Set Alarms & Notifications for abnormal conditions
• Default metrics for Amazon EC2 & Amazon RDS
• Add custom metrics (Amazon EC2)
Monitor performance using Amazon CloudWatch
System Center Ops Manager on AWS
• Management Pack for System Center 2012 / 2007 R2
• Resource Pool uses IAM Key for connectivity
• Monitor all of the following: • EC2 Instances • EBS Volumes • ELB load balancers • Auto scaling groups • Elastic beanstalk applications • CloudFormation Stacks • CloudWatch Alarms • CloudWatch Custom Metrics
Summary
1. RDS can be for production workloads 2. You have choices 3. Understand the cost vs. control aspects of your
choice 4. Always remember that AWS is flexible … your
decision is not frozen in time!
Any Questions?
