6.3 Introduction to Azure SQL Databases

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
18 hours 43 minutes
Difficulty
Intermediate
CEU/CPE
9
Video Transcription
00:00
>> Welcome back. In this episode,
00:00
we're going to take a look at Azure SQL Databases.
00:00
Our objectives include understanding
00:00
what SQL Database service is,
00:00
taking a look at our purchase models,
00:00
and some features and compliance options
00:00
inside of the Azure SQL Database Service.
00:00
Chances are you've heard of Microsoft SQL Server before,
00:00
but what offerings are available inside of Azure for SQL?
00:00
The Azure SQL Database is
00:00
a relational database managed service.
00:00
You can create highly available
00:00
and high performance data storage
00:00
for applications and other solutions.
00:00
The service is based on
00:00
the latest stable version of
00:00
the Microsoft SQL Server Database engine.
00:00
In fact, new capabilities are
00:00
released to the SQL database service in
00:00
Azure and then to SQL Server
00:00
itself without requiring any patching or upgrading.
00:00
When working with SQL in Azure as a pass solution,
00:00
there are a couple of
00:00
different deployment models available.
00:00
First, we have an option of a single database.
00:00
This is a fully managed and
00:00
isolated database that can be used
00:00
with modern applications or
00:00
a microservice that needs a single,
00:00
reliable source of data.
00:00
Next, we then have elastic pool,
00:00
where a bunch of single databases
00:00
are grouped together and
00:00
they share a set of resources like CPU and memory.
00:00
Finally, for our PaaS solution,
00:00
we have Managed Instance.
00:00
This is a great option if you're migrating
00:00
existing SQL databases from on-premises and Azure,
00:00
as it's fairly compatible with
00:00
on-premises SQL Server versions.
00:00
It uses the latest stable version
00:00
of the SQL Server features and is very
00:00
similar to an instance of
00:00
the Microsoft SQL Server database engine.
00:00
Finally, we do have a
00:00
non-PaaS solution where basically you're
00:00
deploying a virtual machine
00:00
and installing SQL on top of it.
00:00
You would use this option if you need
00:00
operating system-level access for your SQL Server.
00:00
When purchasing SQL services in
00:00
Azure we have two purchase models to choose from.
00:00
First is vCore-based.
00:00
This allows for scaling your compute and
00:00
storage resources independently of each other.
00:00
Basically, you get more options on choosing
00:00
the number of cores and memory for serving the database.
00:00
Inside a vCore there are
00:00
three tiers of service we can choose from.
00:00
First, we have general purpose,
00:00
hyperscale, and business critical.
00:00
General-purpose balances between compute and
00:00
storage options for budget-oriented solutions,
00:00
while business critical is for applications that
00:00
require high transaction rate and low IO latency,
00:00
and hyperscale is for workloads where
00:00
you need to auto-scale solutions
00:00
for the storage size and
00:00
the ability to scale vertically or horizontally.
00:00
You can see how we can
00:00
configure the different options inside of
00:00
our tiers here based on the number of
00:00
IOPS or latency we need.
00:00
Our next purchase model option is DTU-based.
00:00
DTU-based is a model that has a range of
00:00
compute sizes that include a fixed amount of storage,
00:00
retention periods for backups,
00:00
and a fixed price.
00:00
DTU stands for Database Transaction Units,
00:00
which is a measure of CPU memory,
00:00
reads and writes on our database storage.
00:00
These DTUs are bundles of compute resources
00:00
and storage that determined the database performance.
00:00
Using a DTU model is
00:00
simpler and has fixed payments per month.
00:00
In addition to regular DTUs with
00:00
assigned resources that are always available to them,
00:00
there is also elastic or E-DTUs.
00:00
This is where multiple databases might share
00:00
a pool of resources and this solution
00:00
might be more cost-effective for
00:00
databases that can consume
00:00
a wide variety of resources
00:00
or have unpredictable usage patterns.
00:00
At a given time,
00:00
a database might be experiencing
00:00
higher usage while another one is not.
00:00
So the database with higher usage will use more of
00:00
the resources from the low usage database.
00:00
We also have three tiers with the DTU-based called basic,
00:00
standard, and premium.
00:00
The primary differences between these tiers
00:00
is the maximum backup retention time,
00:00
CPU capacity, and IO throughput.
00:00
When looking at a single database with our DTU limits,
00:00
you can see we have basic standard premium
00:00
and we have two characteristics that we can look at.
00:00
Maximum storage size from
00:00
two gigabytes all the way to four terabytes
00:00
and then the maximum DTU units we
00:00
have all the way from five to 4,000.
00:00
Inside our elastic-DTU limit,
00:00
we still have the storage size per database.
00:00
For elastic-DTU limits, we have our three tiers again,
00:00
and instead of just maximum storage,
00:00
we have maximum storage size per database,
00:00
and then maximum storage size per pool.
00:00
Then we also have the maximum E-DTUs
00:00
per database and per pool,
00:00
as well as the number of databases per pool.
00:00
Utilizing SQL inside of Azure has
00:00
a couple of different features we would
00:00
expect from Cloud services.
00:00
First, we have automatic backups with
00:00
full differential and transaction log backups of SQL.
00:00
We also have point-in-time restores
00:00
which support recovery
00:00
to any point in time within
00:00
the automatic backup retention period.
00:00
We also have active geo-replication where
00:00
single and pooled databases can be configured for
00:00
up to four readable secondary databases
00:00
in the same or different Azure regions.
00:00
This allows you to enable
00:00
your application that might have lots of
00:00
read-only transactions to use
00:00
read-only copies of the SQL database
00:00
in another data center.
00:00
We also have auto-failover over groups,
00:00
which is just groups that enable
00:00
high availability and load balancing at a global scale,
00:00
and then zone redundant databases
00:00
where you can provision databases across
00:00
multiple availability zones within a region so you can
00:00
have additional replicas for
00:00
high availability and higher resilience.
00:00
Azure SQL also comes with
00:00
a variety of security and compliance features.
00:00
First we have data discovery and classification,
00:00
which allows the service to discover, classify,
00:00
label, and protect your sensitive data
00:00
inside the databases.
00:00
We also have vulnerability assessments
00:00
where you can discover and
00:00
remediate potential database problems
00:00
to enhance your security.
00:00
Next we have threat detection where you can find
00:00
anomalous activity that might be harmful,
00:00
such as attempts to access or exploit the database.
00:00
It could also provide recommended actions to take.
00:00
Finally, we have data encryption.
00:00
In the last module we talked about SQL Always Encrypted,
00:00
which allows for working with encrypted data
00:00
that is in transit or being used by the application.
00:00
Azure SQL services also use
00:00
transparent data encryption or TDE for data at rest.
00:00
That does it for some of our SQL
00:00
services inside of Azure.
00:00
Coming up next we're going to jump back to the portal and
00:00
take a look at an Azure SQL Database demo.
00:00
See you in the next episode.
Up Next