Blog

This week Brent, Erik, and Richie discuss truncating & repopulating, failed logins, their choice for high availability, PowerBI, read committed isolation, parameter sniffing, database mirroring, extended events and failing queries and re-indexing large tables.

Here’s the video on YouTube:

You can register to attend next week’s Office Hours, or subscribe to our podcast to listen on the go.

Enjoy the Podcast?

Don’t miss an episode, subscribe via iTunes, Stitcher or RSS.
Leave us a review in iTunes

Office Hours – 12/20/17

 

Do nightly-reloaded tables need a clustered index?

Brent Ozar: Gordon asks, “Would creating a clustered index on a heap with a very high number of page locks make things better when truncating and repopulating?” That’s interesting.

Erik Darling: When truncating? No, I can’t see how it would help with truncating, and I can see how it might hurt with repopulating because then the data would get ordered by the clustered index. So for that kind of heap, if all you’re doing is truncating and reloading, I can’t really see much benefit to a clustered index; unless you’re doing something real clustery with it later. Like if you need to join that table off to something else later on – but even then, I would probably create and drop the clustered index as needed. I wouldn’t just have it on there all the time.

Richie Rump: Yeah, I’m assuming that if you’re doing truncates on that, there’s no foreign keys in other tables and things like that.

Brent Ozar: That’s a good point, yeah. So it’s one less reason to need non clustered indexes on it.

Richie Rump: Correct.

Erik Darling: Just do column store for everything. There’s no need for any other kind of index at all, ever; just column store everything. Partition and column store, and make sure that you’re loading your data as JSON, I think, is just the key to database success these days.

Brent Ozar: Anything that that doesn’t work for, you should use Hekaton.

Erik Darling: Yeah, totally, or in-memory column store with JSON, I think, is just…

Richie Rump: I like DynamoDB, so let’s do JSON with DynamoDB. How’s that; we good?

Brent Ozar: Cosmos, you’re not remembering the current keywords…

Richie Rump: You know, Microsoft Cosmos, that’s right.

Brent Ozar: Yeah, yeah, and this is why nobody lets you into the MVP club.

Erik Darling: You spent too much time in RDS, man.

Brent Ozar: We don’t use the Cosmos word.

Richie Rump: Yeah, it wasn’t the successful podcast or the 1,500-people user group; that had nothing to do with that.  I think it was working for you, Brent. I think that’s what…

Brent Ozar: It’s probably true; guilt by association.

 

Where can I track down failed logins?

Brent Ozar: John says, “Blitz told me to add alerts, so I did. I am now seeing alerts. I’m getting alerts for severity 16 and severity 20. Looked in the error log and I’m seeing this alert information as well. Where can I find out more about the logins that are trying and failing with an SSPI handshake error?”

Erik Darling: I’m not good at that one.

Brent Ozar: if you wanted to, you could start running an extended events trace to catch failed logins, for example. I would just say check to see the time of day that it happened. If it’s happening at the exact same time every day, it’s really common for penetration testing tools. I’ve seen stuff flag at a certain time every day. And if it’s not your biggest concern, feel free to leave off those sev20 errors if you’re not worried about those.

 

When I need to restore 10 tables, how do I handle foreign keys?

Brent Ozar: J.H. says, “When I restore around ten tables – not the entire database – those ten tables have foreign key dependencies. Any handy tricks that would help me track down all the other foreign keys in other tables, dropping those keys, inserting the data and then recreating the keys?”

Erik Darling: So how are you only restoring certain tables? Are you using a third-party tool or are you doing a select into a different database? Obviously, there’s no object level restore natively with SQL Server, so that would be my first thing. I do know that Aaron Bertrand has a pretty nifty script out there on the internet that will script drop and create statements for all of your foreign keys; so that might be one way to go. If you wanted to just script it out and do it, I don’t know if it will work for absolutely everything, but it’s Aaron, so I trust it for the most part.

Brent Ozar: I agree with that.

Richie Rump: I don’t know. I get kind of [crosstalk] when you start talking about dropping foreign keys, then reloading data, then applying the foreign keys. I mean, are we sure that data hasn’t been removed and what kind of – because when you reapply those foreign keys and data has been removed in the child table, or the parent table, then it’s not going to be there. You’re not going to be able to apply that key back.

Brent Ozar: I’d be curious as to how often you have to do it too. You can tell we like this question a lot. Not that we don’t like all the questions; you’re all wonderful snowflakes that are going to melt. But this is really interesting – how often do you have to do it? Is it part of a regular data warehouse type process or is it something that you only have to do every now and then for emergencies? That’s really cool.

 

What high availability feature is the best?

Brent Ozar: Ron says, “What is your choice for high availability? I can tolerate up to one minute of downtime.”

Erik Darling: I would say, you know, ye olde failover cluster is my favorite thing in the world.

Brent Ozar: And what do you like about failover clusters?

Erik Darling: They’re  not availability groups is primarily what I like about them. Just for the environments that I’ve been a part of they’ve made the most sense because we already had the San, we already had the shared storage. It was fairly easy to set up and get all that stuff running. You know, with an AG, we would have had to have had separate storage and, you know, probably messed stuff up that way. But, that failover cluster gave us pretty quick failover; even with dozens of terabytes on there. It was pretty easy to manage quorum in all of that; once you got your head wrapped around that. And since it was a two-node failover cluster and both were in the same data center, I didn’t have to worry too much about crazy split brained stuff happening off somewhere else.

Brent Ozar: I highly recommend checking out our post, the 9 Letters that Get DBAs Fired. And we walk you through how to interpret the right HA and DR mechanisms for your goals… Methanisms – crystal methanisms…

Erik Darling: Method Mans…

Richie Rump: You got that click bait thing nailed down tight, man. There’s a lock on that.

Brent Ozar: I’m telling you, I love over hyping and sensationalizing things; it really gets people’s attention. It’s really good stuff.

Erik Darling: And sensualizing as well, not just sensational…

Brent Ozar: Making them sensational. Ron Saxer notices the gremlin on there; oh yeah.

 

What tool should I use instead of Access?

Brent Ozar: Let’s see here, James May – and I hope this is the real James May, because that would be really cool if he was on the webcast…

Erik Darling: You mean Jimmy May, right?

Brent Ozar: That too. Wow, I never thought that Jimmy May has James May’s name.

Erik Darling: Yeah, they made him put his full name in the GoToWebinar thing.

Brent Ozar: That’s incredible. He says, “I have an Access problem. [crosstalk] We have to build a whole new data mart with over 100 reports and I’d like to put it in literally anything other than access. What tool would you recommend and how would you go win around the Access guy?” I have the answer – PowerBI. I’m all about PowerBI. I think PowerBI… Your faces are so – what?

Richie Rump: Oh, there’s still the Access guy; he’s still around? He didn’t die of old ace?

Erik Darling: Hide his dentures.

Richie Rump: The one Access guy, he has a job. Mind you, I’m the only one with an Access certification on the team.

Brent Ozar: This is true. So as someone with an Access certification, Richie, what’s your opinion?

Richie Rump: I don’t know; I stopped using access 20 years ago.

Brent Ozar: I would totally go down the PowerBI route. PowerBI, Microsoft is investing in it, it looks gorgeous – it looks really pretty. There are a ton of gotchas, like joins in between multiple tables – you can only use one field to join between them, so you have to create another calculated field to reinforce joins. There’s a lot of gotchas, but I really like where they’re going with it. But if the access guy can get it to work, I’m also kind of like, go…

Richie Rump: Yeah, okay, so if you’re building a whole new data mart with 100 plus new reports, yeah, definitely go with PowerBI. You could put that online, you could view it mobile – I mean, there’s a whole bunch of other good stuff that’s kind of in there that you’re going to want to utilize. And as soon as the executives see it on their phone, they’ll be like, “I want more of this. This is what I want.” When I was at a previous company, eight years ago when we were able to put it on an iPad, it’s like all the executives just lost their mind. It’s the same thing with the phone. So now I can get access to all my reports and it’s real time – or near real time – and it’s all my data’s right there so I can ignore my family while I’m sitting there checking up on financial reports. They’re going to want that.

 

Why is RCSI not enabled by default?

Brent Ozar: Eric Swiggum asks a really good question. He says, “Why is read committed snapshot isolation not enabled by default? I call foul.”

Erik Darling: I don’t disagree.

Richie Rump: Change it to the default.

Brent Ozar: That’s true, make it on the new servers that you build. So for those of you who haven’t played around with RCSI, it allows readers to not block writers and writers to not block readers. We have a page on it if you go to BrentOzar.com/go/RCSI, originally written by Kendra Little, who has a phenomenal set of isolation level stuff over on her own site, LittleKendra.com. She’s got a new training site called SQLWorkbooks.com as well too. She’s really into isolation level stuff. She has a webcast coming up on February 8^th, Snapshot Isolation on AG Secondaries. But we’re 100% with you, it’s the default in Azure, it’s the default in availability groups, secondaries, all kinds of cool stuff there.

Richie Rump: So how can you make it the default, Brent? Which way would you do that on your own servers?

Brent Ozar: Let’s see. So I would right-click on a database and go into properties, and then there’s isolation levels inside there that you can change to read committed snapshot – why would I do that? Hold on, we have a guidepost on this.

Richie Rump: I guess that softball was more like a curve.

Brent Ozar: I’m looking over at Slack and all of a sudden I’m like, “No, bad idea…”

Richie Rump: It was a Wiffle Ball; you thought it was going straight and then it curved.

Brent Ozar: Oh, bad idea. So read down through this – and the one thing that’s a gotcha with enabling RCSI is it’s an alter to the database and you have to be the only active connection. So you have to put the database in single user mode. So just [inaudible] something that you want to think about doing after hours.

Richie Rump: Is that one of those things that you could add to model?

Brent Ozar: I believe so. I don’t know why it wouldn’t be.

Richie Rump: That would be my first guess. If you wanted the default, just throw it into model.

Brent Ozar: Let me get the question list back out because I’ve thoroughly hosed up my screen.

Erik Darling: If I was starting a brand-new app, I would 100% start everything off with using RCSI from the get-go. I wouldn’t do anything else.

Brent Ozar: Just get that locking problem out of the way before you get started.

Richie Rump: yeah, absolutely, I agree 100%.

 

How do I encrypt all connections with TLS?

Brent Ozar: J.H. says, “His application team is requesting all SQL Server communications to be secured. What would need to be done from a DBA end? What are the differences between TLS 1.2 and forcing encryption protocol?”

Erik Darling: Oh boy…

Brent Ozar: Aaron has a post on this too as well if I remember. There are a whole lot of gotchas that are terrifying. I would start here. So search for Aaron Bertrand SQL Server support for TLS 1.2.

 

Why is my query slow in the application, but fast in SSMS?

Brent Ozar: Abdel says, “I have a situation where the stored proc is slower than running from the SQL in the stored proc just by itself.” So he runs the stored proc from one place, then he copies out the T-SQL, pastes it in SSMS and it runs slower. He says, “I would expect the stored proc to run faster. Have you seen this before and what should I look for in these types of situations?

Erik Darling: Mark it.

Brent Ozar: We’re 13 minutes in?

Erik Darling: Yep.

Brent Ozar: I’ll let you answer. [crosstalk]

Erik Darling: You left the web browser up; honestly… So what you’re most likely running into is something called parameter sniffing, and there’s a great post by a fellow named Erland Sommarskog, and it’s all about why that might be happening to you. It’s a long read, but it’s well worth it because – this is one of those career investment reads. This is like getting a college degree in something that I wouldn’t know anything about.

 

I want to do minimally logged bulk loads…

Brent Ozar: Alright, next up, Mahesh says, “Is it possible to perform minimally logged bulk loads to a table with clustered and non clustered indexes? I turn on trace flag 610 but it is not performing in my situation.”

Erik Darling: Nope, there’s a whole website written about this stuff by Microsoft, and you can’t have non clustered indexes on a table and get minimal logging. It has to be a heap or it has to be an empty non clustered index. Like if the clustered index already has stuff in there then you can’t get it. So there’s a whole lot of gotchas around it. Minimal logging is one of those, “What if it’s Tuesday on Mars,” performance benefits to me. When it works on an insert, it’s beautiful, but it works under such limited conditions. I see a lot of people who go into simple recover model or go into bulk log and it’s still not working for them. And I’m like, “Well bad things happened; you didn’t do something right. You didn’t follow the steps here.

 

Should I use database mirroring for SharePoint?

Brent Ozar: Alright, let’s see, Barab says, “I have SharePoint and I want to do basic database mirroring; just plain old database mirroring. Have you seen this with your customers and are they able to get SharePoint to work after breaking the mirrors on the DR side?” Oh man, it’s been years since I’ve done this.

Erik Darling: I don’t have any practical experiences with it, but this reminds me of – something that I hear a lot of people say when they get into weight lifting and stuff is, “I want to be 300 pounds and shredded.” And I’m like, it’s really hard to do either one of those things. Like it’s hard to be 300 pounds and it’s hard to be shredded. You’re talking about mixing up two things that are kind of hard to mess with individually, never mind like putting them together and making them work at the same time. There’s just not a lot of people out there doing that. I wonder why mirroring and not the AG. Like if you’re going to roll that out these days, I wonder what – like practically why you would do that.

Brent Ozar: Maybe no Windows failover clustering experience, I’m guessing. Yeah, I think we would prefer AGs over database mirroring if we could. It’s included in Standard Edition starting in SQL Server 2016.

Erik Darling: If AGs are out of the question, I might even prefer log shipping to mirroring in that situation, just because I know log shipping works, I know how solid it is and the interoperability of the two things is a little bit less questionable.

 

How would I catch failed SQL statements?

Brent Ozar: let’s see, James May, our favorite Top Gear presenter pops back in with, “I’m getting a very intermittent level 16. Once every couple of days a SQL statement is failing but the logs are getting backed up before I can jump in and query it. How would you go about catching this bug?” I would be curious…

Erik Darling: We have a blog post about that. We have a blog post about – Kendra wrote it – it’s about extended events and catching failing queries. It’s called like Queries Failing in My Database or something.

Brent Ozar: this is what happens when you have thousands… Well, look at that, unbelievable. So assuming you can run extended events, you’re on whatever version that supports that or higher. Super lightweight for stuff like this, as long as you don’t have a lot of queries failing it should be pretty easy. Usually, we’re good about having the – there we go.

Erik Darling: I’m just going to throw a couple of things out there, since the question is still up on the screen. You wouldn’t really want to query the transaction logs to find that sort of thing. That’s not where you find queries that fail, because the transaction log is for modification queries that finished. They wouldn’t be in there; you would most likely just want to look at the error log, not the transaction log. If something is cycling the error logs then you can just look at the prior log because it’s probably not deleting out everything, unless you have some really weird error log cycling thing going on. But if I just wanted to have all the data isolated in one place, I would definitely just go the extended events route.

Brent Ozar: Makes sense. The other reasons that I’ve seen sev16s, the query is too complex and doesn’t produce an execution plan, the query optimizer ran out of resources or whatever. At that point, I’m like, “I don’t even care about capturing the query most of the time. Whoever is having a problem with this query, they can bring it to me and we’ll work together on tuning it, but I don’t want to proactively go looking for a problem like that.”

Erik Darling: It’s going to be one of those in clauses that breaks like the 64MB limit or something. “You put 65,000 nested [inaudible]… What happened?” I don’t know, good lord. It was a case statement with more than 128 nested levels. Like, well, perhaps it’s time to revisit the logic of this query.

Richie Rump: It’s a recursive query, it just keeps calling itself.

Erik Darling: I saw someone using recursive scalar functions last week. So it was like – so it was a scalar function – no it gets better – it’s a scalar function that parses XML. And if it doesn’t find, I think, a parent node, then it passes the next node in and looks for a parent node for that recursively. So it’s like function, does stuff, parses XML. If this is NULL, it recalls the function with the next [crosstalk]. And I’m looking at this, and I’m just like – [crosstalk] client. So I’m looking at this function and I’m like, “Let’s run BlitzCache.” So we run BlitzCache with XPM and this function was running 80,000 times per minute. [inaudible] no, start over again. No, start over again. And we’re looking at the XPM just like – okay, so imagine like one of your cores is dedicated to this query. You are paying $7000 to run this [crosstalk].

 

 

How long will an index rebuild take?

Brent Ozar: J.H. says, “When I’m planning on re-indexing large tables, is there any way to estimate time to complete? We’re trying to avoid locking and blocking users or other processes.”

Richie Rump: But what if you’re trying to do popping and locking?

Brent Ozar: I’m not even going to try and … by doing popping and locking onscreen.

Erik Darling: Dead man walking.

Richie Rump: That was a break dance reference, for anybody who wasn’t alive during the 80s. Just put that out there…

Brent Ozar: So boy, the thing that’s really awesome in there is the new ability to rebuild indexes at low priority; starting in SQL Server 2014. I guess it is an Enterprise Edition only feature, since that’s the online option.

Erik Darling: 2017 has a resume-able online index rebuild. I don’t think we blogged about that. Generally, we don’t spend too much time blogging about ways that people should be rebuilding their indexes; that’s the thing. Try not to give too much advice on it…

Brent Ozar: That is true. So this is the way to do it at low priority, and you don’t block anybody else.

 

Can Richie demo a pop and lock?

Brent Ozar: Daryl asks, “Can Richie please demo a pop and lock?”

Erik Darling: Yeah, go for it, Richie.

Richie Rump: Nope.

Erik Darling: Do it on your couch so you…

Richie Rump: Nope. Like somewhere around 1984 there was a movie called Breakin’. Maybe you need to pull that one out. It has some really great characters like Special K and Ozone, Turbo, Jean-Claude Van Damme is one of the dancers. I mean, it will give you a real nice flavor for the 80s and what you missed.

Erik Darling: Turbo was bad as hell, man.

Richie Rump: Turbo was the man.

Erik Darling: What was the other good one? There was Breakin’, Beat Street.

Richie Rump: Beat Street, Breakin’ 2: Electric Boogaloo.

Erik Darling: Those are all fine movies that featured breakdancing heavily.

 

I changed the service account, but…

Brent Ozar: Hanan says, “I changed the service account running SQL Server via the configuration manager. After that change the instance is running and everything seems okay, but when I check the local policies GUI, the new account has not been granted any of the required rights like log in as a service, bypass traverse checking, et cetera. Is there something I should need to set up manually?”

They’re supposed to be taken care of by configuration manager, which leads me to think that either you checked on the wrong server – like you ran config manager on the wrong server. Maybe you weren’t logged in as somebody with admin rights. I mean, there could be a long list of things that was done. What I would try is go try it again. Go try to change the logon account again. It will have to wait until restart before stuff takes effect, but then at least you can see if the permissions are getting granted.

Erik Darling: I was just breakdancing; I don’t know if you all missed it?

Brent Ozar: Oh, that’s what it was. Oh…

Erik Darling: You didn’t see? Because I did some really awesome stuff; I actually just have a … desk for other reasons.

Brent Ozar: Ah, no, for once you had the webcam above the desk turned on instead of the one below the desk. I think we’ve asked for that one to be permanently deactivated.

Richie Rump: Especially since he’s not wearing any pants, yeah.

Erik Darling: I actually still have my morning sweatpants on.

Brent Ozar: You have separate sweatpants for the afternoon?

Erik Darling: yeah, who doesn’t? You don’t have afternoon – what am I, a farmer? Of course, I have separate sweatpants for the time of day. [crosstalk].

Richie Rump: I’m like, “Sweatpants, what are those? I have no idea”

Erik Darling: They’re what you go to the gym in, Richie.

Richie Rump: Jim lives down the street, bro.

Brent Ozar: I should put in a plug for Sleepy Jones. Sleepy Jones has phenomenal pajamas. This is pretty much what I’ve been living in these days when I don’t have to go get on a webcast. So I can’t say enough good things about Sleepy Jones Pajamas. This webcast is brought to you by Sleepy Jones Pajamas.

Erik Darling: What the hell just happened?

Brent Ozar: Thanks, everybody, and we will see y’all next week at Office Hours. Adios.

This week Tara, Erik, and Richie discuss virtualization, replication & mirroring, switching SQL service logins to an AD account, temporal tables, tempdb issues, migrating from SQL 2015, and Richie’s outdoor adventures in “Breath of the Wild.”

Here’s the video on YouTube:

You can register to attend next week’s Office Hours, or subscribe to our podcast to listen on the go.

Enjoy the Podcast?

Don’t miss an episode, subscribe via iTunes, Stitcher or RSS.
Leave us a review in iTunes

Office Hours – 12/13/17

 

Should I add hardware when doing a P2V?

Erik Darling: So Thomas is asking a very good question about migrate, about doing a P to V; the old physical to virtual. “I’m on five-year-old hardware and I’m virtualizing the server; should I add more resources or would the age of the physical boxes be offset by the newer hardware of the VM host?” If you guys were looking to figure out if your virtualized hardware were adequate, what would you look at?

Tara Kizer: Are you asking us, Richie and me? Well, the companies I’ve worked for, we have a performance test team that can run synthetic production loads and see if we have adequate hardware; so that’s always where we would start to answer that question. We have load testing tools that can tell us if we’re going to do okay or not.

Erik Darling: Alright, well pretend that someone doesn’t work for a billion dollar a year chip manufacturer. Where might you start [crosstalk] this stuff?

Tara Kizer: What about you?

Erik Darling: That’s a good question. So where I would start – you were already kind of doing your own form of load testing here. If you just restore whatever production databases you have on there and you do kind of regular maintenance work – like, you know, you run CHECKDB, you do some full backups, or god forbid you run an index rebuild – those are all pretty good ways to test and see if the hardware is enough of an improvement. Because hopefully, you’ve been doing that stuff on your old server too and you can figure out if those basic tasks finish in about either the same, or hopefully faster, then they do on the old hardware. If you’re breaking about even, the chances are your queries will break about even too.

Tara Kizer: That sounds about right.

Erik Darling: As always, measure your wait stats. If you have a wait to run any kind of fake workload on there, go ahead and do that. SQL Query Stress is a pretty good tool for just running a whole bunch of queries over and over again. OStress is another good tool – part of the RML utilities thing that Microsoft publishes. Those are two pretty good ways to just spin up some fake workloads on a new server. That’s how I usually do it. I actually have – do I have a blog post? I think I do.

So back when we wrote white papers for Google…

Richie Rump: You have all the blog posts; what are you talking about? “Do I have a blog post?” Well yeah, sir, you have all of them.

Tara Kizer: Thanks, Brent.

Richie Rump: Great post, Brent.

Erik Darling: Why didn’t that work?

Tara Kizer: [crosstalk] Thanks, Brent thing, while he’s looking, that used to drive me a little bit crazy on my blog posts, but I’m getting better at accepting that everyone thinks that it’s always Brent writing the blog posts. I only do like four per year, so I don’t have to get upset that often.

(Brent adds: it’s an ongoing thing around here that you, dear reader, don’t read the author names on the posts, and you assume that I write everything. If you really wanna make a blogger happy, use their name in the comment, like “Great post, Tara” – assuming of course that you use the right name. In fact, you should probably just assume that it was NOT me, hahaha.)

Erik Darling: It’s a good way to avoid getting upset. Blogging, in general, is just an upsetting process. So a while back, when we were writing white papers for Google about how to test, doing different stuff in the cloud, Tara did stuff on AGs and DR, and I did stuff on performance tuning – and I wrote a blog post about how to use OStress and agent jobs to run all different stored procedures in different ways. So if you want to go take a look at that, I stuck it in the chat comments so you can go and look and you can figure out how to run all sorts of crazy stuff on your server and give that hardware a good kick in the nards.

Tara Kizer: What was that, Richie? Was that a cat? It went by so fast…

Richie Rump: Yeah, it jumped from here, it snuck underneath, like under the camera, and then just started jiggling my monitor; and I’m like get out.

Erik Darling: enough about Richie’s cats – boring. The next thing I know you’ll be taking pictures of your food; nightmares.

Richie Rump: That’s Brent, which he’s doing right now.

Erik Darling: That’s true. He is currently taking pictures of his fancy breakfast.

Richie Rump: Rosé all day.

 

How fast does my bandwidth need to be for AGs?

Erik Darling: Shree is asking a very good question for Tara. “Since we talked about network speed, what’s the expected good bandwidth between two data centers in different cities when using Always On availability groups?

Tara Kizer: So the answer is more dependent upon if you’re going to go synchronous or asynchronous. If you’re using an asynchronous replica and this also pertains to database mirroring, same basic thing – synchronous versus asynchronous. If a data center is in another city, it’s not within a couple of miles from the data center, I do not recommend using synchronous replica or mirroring because of the – even 15 milliseconds network latency can be noticeable enough, it can degrade performance enough, for users to notice. I’ve accidentally left a database mirroring session in synchronous mode after a failover, we used async failover, then you switch the sync and do the failover so you don’t have any data loss, and I forgot to switch it back to async after the failover. It took a few days to realize what was going on, like, “I don’t know why it’s slower there,” because I don’t know that we had great wait stats on that stuff back in that version; it’s been quite a few years.

But to answer your question, if you were to go with synchronous replica across two cities, you better have a very small load. If you have a busy system, you’re not going to be able to do it. So I generally recommend synchronous at the same data center next rack over, same subnet, everything and then asynchronous to another city; so a disaster recovery site. As far as answering the question about network speed, well if it’s asynchronous, what matters is that you don’t get too much latency. So monitoring latency – but generally speaking, 15 milliseconds would be my target, or better.

Erik Darling: I’m with you on that. 15 to 20 is a pretty good target for latency from one site to another. One tool that you can use that’s absolutely free to test that sort of thing – you know, we always tell folks about using CrystalDiskMark to test their disks, but one good way to test your network is a free tool called Iperf. Iperf.exe – and Iperf lets you set up basically a ping flooding server on one end and then a client on the other end, and you can just send data back and forth and it will give you the network speed and how much data sent across and how much loss there was. So it’s a little bit more involved than just like a ping or like a traceroute or something, because it does send data across, but it’s a very good way to measure network speeds. I’ve used that a couple of times when kicking around hardware for clients.

Tara Kizer: Never heard of it, cool.

Erik Darling: I think even David Klee might even have a blog post where he shows you how to use it. So go out there and try to find that.

Tara Kizer: I did have a recent client that was using synchronous to another city, and it was about 500 miles and the wait stats show that they weren’t having an issue but they were going to be growing and growing and growing. So I was like, “Well you might not have an issue now, but you may in the future.”  So I did give them some HADR talk.

Richie Rump: So all I heard from that question was, “What is the airspeed velocity of an unlatent swallow?”

Tara Kizer: Alright, fantastic.

Erik Darling: Nerd alert.

 

If I switch all my SQL Server’s logins…

Tara Kizer: James asks a question, a security question, “If you had to switch all your SQL Server’s logins to an AD account, how would you check that doesn’t wreck any of your applications?” Well, you need to do this in a test environment, making sure that – so SQL Server logins, all that really needs to happen is make sure that SQL Server can come online and all the features that you’re using there work. So if you’re changing the agent job, make sure that that jobs are still running. But as far as your applications, no, but start in a test environment so that the production maintenance window – you don’t have any issues during that.

Richie Rump:  you know, one of the cool things I’ve been playing with this week is creating a cluster in RDS and doing that all using script; scripting all the logins and scripting all the stuff and scripting all the instances. And that has been super cool, being able to bring up a database and tear it down, bringing up the cluster and then adding all these instances to it, then going and start removing pieces from the cluster. Like what if you removed the writer or what if you removed one of the readers and you just start swapping things in and out? Oh man, that crap is powerful, and this is all from script. You can do it all right from script; there’s no need to go to the window or the console or anything. It’s just, do it, and then come in and out. Scary as hell if you’re talking about production instances, but man, I was having a blast yesterday trying to figure all that crap out.

Tara Kizer: Are you being sarcastic with blast?

Richie Rump: No, it was fun. Trying to figure out what the correct syntax is in a script, that was rough. But once I got everything working and I was able to start throwing instances out there, it’s just a matter of, “Hey, I’m going to remove this,” and it’s gone. Or, “Hey I’m going to go ahead and add another one,” and it was just there. It was like – now all of a sudden, you can start checking in your VPCs, all your networking stuff, all your database stuff, and that’s all a script that goes into GitHub and if you ever need to redeploy to a test environment, it’s just here. “Guys, run this script,” and there it goes, off and it runs, and it’s a completely different environment. Oh man, I probably need to write a post about that. that was a lot of fun.

Tara Kizer: Nesta is asking is the script that you wrote was PowerShell? Which I actually teased him earlier in our company chat room… I know the answer.

Richie Rump: No PowerShell… No, what I was doing is using Cloud Formation, which is AWS’s way to do JSON or YAML to generate pieces of cloud. So pretty much anything that you want to create in AWS, you can use cloud formation and just, with the script, do that. and I was using the serverless project as a container for that because I understand that and it’s easy for me to put environment variables everywhere and not hardcoding usernames and passwords and stuff like that into it. I’m sure you could do it using cloud formation; I just haven’t bothered to do it. And the rest of the app that I was working with was in serverless, and it was just a matter of a one line command line, it goes off and it just does everything that you need it to do.

Tara Kizer: All on one line?

Richie Rump: All on one line.

Tara Kizer: I guess that’s how it was when I was having to write the Google white paper for creating a VM and saving availability group there. There was a lot in one line for sure, but yes, figuring out the syntax was problematic. To me, it actually felt like PowerShell.

Richie Rump: Well, it’s kind of poorly documented. Because there was one issue I ran into where I was declaring the password and user in the instance, and I was also declaring it in the cluster, and then it gave me this bogus error just saying, “Hey, you want to declare that in the cluster.” And it didn’t tell me to remove it from the instance, so it tool a little digging for me to figure out, like oh, you only want it in a cluster, you don’t want it in the instance. So as soon as I had to remove a whole bunch of things, things started working. It was like, come on, you guys can write error messages a little better than this. it was like, “Please remove this from the instance because you declared in the cluster. But no, it was this really bogus, crazy – you really didn’t know what was going on with that error. I should probably blog that error too because I screen-shotted that one. I said, “This is a good one, this is crazy.”

 

Is OLE Automation a security risk?

Tara Kizer: Alright, Dee asks, “What are your thoughts on having Ole Automation enabled?” It’s a security concern. So I don’t know if you have any security audits, but that’s one of the items that they want you to have disabled. It’s by default disabled – same thing as xp_cmdshell, it’s a security risk. Whether or not you need it may be another story, so you can sometimes get around security audits by disabling and enabling as needed, but I don’t ever enable it on the servers I’ve supported. If you need it then you need it, but what are you doing that you need that type of thing? Why do you need that enabled on SQL Server? Why not do that type of task somewhere else?

 

 

Should I encrypt pre-2016 servers?

Tara Kizer: James asks, “Is it worth encrypting pre-2016 servers or should I upgrade to 2016 and then encrypt?” I don’t know that there’s any benefit to pre encrypting, except maybe your maintenance window will be faster because it doesn’t have to encrypt. I don’t know.

Richie Rump: I kind of see this as more of a business requirement. It’s kind of outside the technical realm. Regardless of pre-2016 or 2016, you have the requirement to encrypt, then you should encrypt at the version that you’re in and then worry about upgrading to a later – they’re not one is better versus another – you have a business requirement. Any version of SQL Server that is supported is going to be able to handle the encryption. If you need to do it then do it. Of course, those requirements need to be prioritized by your management. And hey, what’s more important; us upgrading or us doing the encryption? And meanwhile, you’ve got to let them know that there’s no technical difference between the two. There’s no benefit to one versus another. I would definitely do it in a test environment first, get more familiarized with the encryption and the certificates. It does get a little wonky there because it’s very different, but that’s a business thing and it doesn’t really depend on any technical things that the SQL Server has.

Erik Darling: Is my audio any better?

Richie Rump: Yes, you’re here.

Tara Kizer: So far so good.

Richie Rump: It’s the voice in my head, can you hear that?

Erik Darling: God, is that you?

 

What authors do you read?

Tara Kizer: Thomas says, “I see John Grisham and a dictionary. Who are some of the authors behind you, Tara?” The funny thing is, this actually is not my office. I’m at my parent’s house. I’ve moved into a new house and this is brand new construction and we have no internet. Been there for two weeks tomorrow, still no internet. I’ve been working at the library, I’ve been working at Starbucks and I’m so annoyed with the public at this point and I wanted to attend Office Hours, so I went over to my mom’s house, which isn’t too far away. My mom’s a big John Grisham fan. I definitely have read John Grisham. Also, Dean Koontz is also another one that’s in the background. You probably can see, or I’ve zoomed out too much, but there’s childhood pictures on the wall back there; probably some embarrassing ones, so don’t zoom in.

Richie Rump:  So I did read Murder on the Orient Express about a month ago when I was in jury duty; sitting there waiting for the entire day. And we saw the movie adaptation last night and it wasn’t bad. I was expecting meh, but it wasn’t bad. There was differences, but I was like, okay I could live with those differences. The guy who played Aaron Burr in Hamilton was in the movie, and I was like, “Aaron Burr did it; he did it.” I was screaming it because there was only four people in the theatre, “Aaron Burr did it.”

 

Are tempura tables delicious?

Erik Darling: So what questions you want me to get on?

Tara Kizer: Temporal tables – I can answer temp tables, but temporal tables – can you tell us everything you know about temporal tables, and our answer is, “Well I know nothing.” So moving on…

Erik Darling: I mean, I like them more than like change tracking and change data capture, but I haven’t used them a ton. I have a couple of blog posts about them. There are some blog posts out in the world about them. They’re probably more informative than anything I’m going to tell you here in the next five minutes. But I do like them and I like the idea of them, I do think it’s a much better way than having devs try and roll their own sort of system of keeping track of data changes over time. It really does depend on what your use case for them is going to be though.

Richie Rump: Okay, so think of me as a SQL Server noob for the new stuff. Tell me about temporal tables and what they can do, please.

Richie Rump: Why do you always ask the noob questions? So temporal tables…

Richie Rump: because I’ve been using Postgres, man, come on now.

Erik Darling: So temporal tables are like having a shadow copy of your table. So you have like the main copy of your table and then you have this shadow copy of your table that tracks all of the changes to data made in the base table. So you can actually query backwards in time and you can look at how your data has changed over time and you can actually, if you needed to, go back and actually pull data out and fix data with what’s in there.

So I don’t know if it’s a really sneaky way for Microsoft to not have to put object level restore back into the product, but temporal tables are a really cool way to – it’s almost like Oracle Flashback where you can – like, “Oh no, we need the table as of now, let’s just query how it used to be.” So it’s very neat for that stuff.

Tara Kizer: So if you were to use it for auditing data changes, do you just query that table or then do you move it to an auditing table; historical tables?

Erik Darling: No, you just query the table and you can see there are some keywords with the dates that you want to look at and you can do like as of or dates between and stuff like that. so you can see how data looked on a certain date, between certain dates and you can just see how particular data has changed over time.

Richie Rump: So then if I delete data, that will be there as well, or not be there?

Erik Darling: Yes – well deleted data, it will show it’s deleted…

Tara Kizer: And then you could purge the data so it’s not massive, if you wanted to.

Erik Darling: I believe you could set retention policies on it, so you can decide how much data you want to keep in there.

Tara Kizer: In what version does this start on?

Erik Darling: 2016.

Tara Kizer: I had a feeling it was newer. I had a recent client who was doing auditing via triggers, and their design was not going to – and the way that they implemented it was bad for scaling reasons. I’m kind of okay with if you just quickly dump the data into another table as is, you know, the before and after. But they were doing some off things, you know, they weren’t on 2016, but maybe that’s something I could include in the future. “When you get to 2016, look into this instead.”

Erik Darling: If you ever get to 2016, you lazy, lazy people.

Richie Rump: We’re almost in 2018, come on now, seriously.

Erik Darling: SQL Server 2018 is on the way. Here you are… This week, my clients are running – I’m looking at two servers and the clients are running 2008 and 2008 R2. It’s like why? They’re seven and ten years old at this point. I’m like why can’t anyone just upgrade? What is the hold-up? What is the issue? Which I’m sure is a question that Microsoft asks as well.

 

Is trace flag 834 a good thing?

Tara Kizer: Adam asks, “What are the concerns and gotchas to watch for when enabling trace flag 834, which is the large page allocations and buffer pool?” I don’t know. I’ve never implemented that trace flag. How about you, Erik?

Erik Darling: I mean, I’ve just never seen it make a difference. It’s like one of those old DBA fables, where it’s just like, “Oh all we need is the large pages and everything will be cool.” But I’ve just never seen it actually fix a problem and I’ve never seen it like even kind of improve a problem in a way where it was like, “Okay, we made it past this benchmark so now we can really focus on the stuff that will fix problems.” I’m sure that someone wrote a really interesting blog post about how cool it is for one particular thing, but often in the real world, I’ve just never seen it do much of anything good.

Tara Kizer: The trace flags that I go with are the ones that are recommended by SQL Server experts, the known people in the community that are saying, “These trace flags, you should just go ahead and enable everywhere.” And then, you know, specific issues that I’m encountering, maybe I need a database mirroring or replication trace flag so they can ignore each other and not have too much latency. So I don’t go ahead and implement trace flags just because.

Erik Darling: I guess, you know, if I was going to voice a  concern about them, my concern would be like, have you tested it in a way that you’ve seen it improve upon a problem? Like do you enable it in a development environment and – are you sure that you have a problem it’s going to solve? You’ve watched it solve a problem somewhere else and now we’re going to roll it out in production. Like that’s my concern, that you’re button smashing and you’re not actually fixing a problem.

 

Is it bad when TempDB runs out of space?

Tara Kizer: Alright, [Rod] has a maintenance job that’s got an error and its tempdb ran out of space tempdb because the primary filegroup is full. Any reason for concern? Well, you may need more tempdb space in order for that job to finish. And maybe it’s not just that job; maybe it’s the other load that’s occurring plus the job running at the same time. So your queries need space in tempdb to do work. Maybe you’re using temporary tables, maybe it’s a sort, maybe you’re spilling to disk, who knows what. There’s lots of reasons why tempdb gets used. And tempdb gets used a lot on SQL Server, even if you’re not doing temporary tables, it still is being used. And if you got that error, is this job important? Does it need to be able to complete successfully? And if it does and it’s continuing to fail, look at the query. Is there anything weird about the query that maybe you can make it more efficient so it uses less tempdb space, or maybe you just need to add more storage so that tempdb can grow and you don’t have that error.

I’ve said this several times in Office Hours, but I literally have supported a server had a 500GB tempdb data file sizes. There were eight files but they totaled 500GB. And I’ve got some clients who are like, “Oh my god, I’ve got 8GB to 20GB tempdb.” That’s nothing. That cost you a quarter. So I don’t worry about the temodb space. I want the queries and jobs to complete successfully. I will go back and look at the queries that may be causing it to grow past some number. There are ways to make better use of tempdb.

Erik Darling: Yeah, I think I would want to look at what the job running is. I know that DBCC CHECKDB has the tendency to use a whole heck of a lot of tempdb space. And if you’re rebuilding indexes with sort and tempdb on, you’re going to be using an awful lot of tempdb. And if all of the sporting that goes on for statistics updates – so if you’re doing statistics updates on rather large tables with a full scan, those sorts can actually go off the tempdb. And I’ve seen those sorts fill tempdb up, even on servers that have tempdb the size of what Tara’s talking about with the 500GB allotted to it. All the stuff she said, plus take a look at what the jobs you’re doing are. As always, we will not recommend that you just go and keep rebuilding indexes blindly and just hope that they fix something. Make sure that the indexes that you’re rebuilding actually need the rebuild to happen and that you’re fixing more than you’re hurting by doing it.

 

Any gotchas with upgrading SQL Server 2005?

Tara Kizer: Alright, one last question from James. He’s got a brand new job, and they do have a SQL Server 2005 server. It’s not his fault, he wants to make that clear; this is a new job, he’s inherited it. I don’t want to say how old he was in 2005. “Are there any gotchas I need to watch out for when I upgrade?” I mean, what are you upgrading to? I don’t think you can even go from 2005 to 2016, you know, you need a hop. So you’re going to need a 2012 box, and I wouldn’t recommend just stopping at 2012. We’re in 2017, so I’d probably go for 2016 or 2017. I don’t care which one between the two, really, unless you’re going for some feature – but you’re going to need to do a hop, probably to 2012 and then over to the new version.

Now, you can do that all in the same maintenance window, because it’s just going to be a backup and restore then another backup and restore, and you don’t have to do full backups, you can do this through log shipping and just keep sending it over to the newest server. As far as gotchas, I would recommend running the upgrade advisor tools to see if you’ve got any code. If you’re using stored procedures, it can analyze your code and let you know if you’ve got anything that may break in the newer version, but obviously, you’re going to have to test this in a test environment. In companies I’ve worked for, we’ve done full regression tests. It can take three months of testing only for a SQL Server upgrade. And obviously, they try to get in application bugs and features as well during that time, but do a full test cycle. The upgrade advisor can be helpful for that. I’m pretty sure it still exists in newer versions.

Erik Darling: Yeah, the other thing I would just be aware of is the new cardinality estimator. So if you’re moving up to 2014 or beyond, the new CE can really help queries or really hurt queries or a strange mix of the two. So before you go and set that database into the new compatibility mode, make sure that you do some testing on how your queries react to it.

Richie Rump: Or just roll it back to the old compatibility mode until you have to test.

Erik Darling: Yeah, whatever, Richie. Thanks for being thoughtful.

Richie Rump:  I’ll stop, dude. All my thoughts right now are on the Last Jedi, so…

Erik Darling: You’re in a very Jedi state of mind being that thoughtful about things, rolling stuff backwards and forwards and testing. Look at you. I bet you’d unit test that, wouldn’t you?

Richie Rump: I absolutely would.

 

DBAtools.io plug

Tara Kizer: One last comment from Thomas, just because it’s based upon James’ question, “DBA tools for migration for the win.” DBA Tools is a PowerShell script. I highly recommend checking out the website for it and seeing if there’s any scripts that could help you do your job. They do have migration scripts, so that is helpful. But as a long time DBA, I’m so used to my own backup restore and doing a differential and chaining together transaction logs. It’s super easy, I don’t need a script. I have custom T-SQL scripts anyway for it that I wouldn’t bother with PowerShell for that task because I’ve been around so long.

Erik Darling: Maybe if I had to transport a bunch of settings and users and all that other stuff, the PowerShell command would make sense. But just for moving the actual data over, I’m going to want something that reduces the cutover time, not something that is just part of the cutover time. Like if it’s just doing a straight backup and restore for a smaller database, not a big deal. As soon as you start getting up into like 50GB, 100GB, 200GB plus databases, you’re really going to want to do mirroring or log shipping or something else that gives the ability to do a faster cutover to the new server.

Richie Rump: Yeah, and if you’re not familiar with PowerShell, I wouldn’t start with a migration trying to get familiar with it.

Tara Kizer: Definitely in a test environment first for it. Troubleshooting those errors is horrible.

Erik Darling: Yeah. I think we have] reached about the limit of our time here. We went a little bit over because we talked about Zelda too much. I hope you’ll forgive us; we tried to make it up on the backend. Thank you, everyone for joining us. I apologize about my potato-y audio and video. I’m going to call Time Warner and yell at them again. Tara and Richie, do you want to say anything?

Tara Kizer:  Nope, bye.

Richie Rump: Go climb something…

Tara Kizer: Bye.