Press "Enter" to skip to content

Day: September 24, 2020

Operational Database Security in Cloudera Data Platform

Liliana Kadar, et al, walk us through some of the database security and auditing features in Cloudera Data Platform:

Database object-level security is available through the centralized authorization framework of Apache Ranger. 

Both fine-grained access control of database objects and access to metadata is provided. Protected database objects include: database, table, column, view and User Defined Functions (UDFs). 

Fine-grained access control for special administrative operations that can be performed on OpDBMS is also supported. 

Click through for the full story.

Comments closed

Key Metrics for Kafka Monitoring

Preetdeep Kumar shares three metrics which are important for monitoring Kafka clusters:

There are 100s of metrics documented as part of Kafka monitoring out of which CPU, Memory, Disk, and Network related metrics are always useful in monitoring any systems. In this article, I share 3 metrics that I found to be very useful from a development point of view, saved us some time while triaging a few corner cases reported by customers.

Click through for those measures.

Comments closed

Configuration Advice for Using EF Core with Azure SQL DB

Erik Ejlskov Jensen has some advice if you’re using Entity Framework Core with Azure SQL Databases:

If you are connecting from .NET Framework with EF Core 2.x, use .NET 4.6.2 or later. If there are connection errors with this version or newer, the client will retry immediately, and handle transient connection errors gracefully.

If you are using EF Core 3.x, update to 3.1.7 or newer to take advantage of bug fixes in the Microsoft.Data.SqlClient dependency, that has been updated to version 1.1.3. For older EF Core versions, you can opt-in to a newer version (ever 2.0.0 or higher) as described in my blog post.

If you are using EF Core 5, you get the version 2.0.1. Microsoft.Data.SqlClient, which includes advanced Azure Active Directory authentication options.

Click through for more tips, including how to set up automated retry of commands.

Comments closed

Azure SQL Managed Instance Updates

Borko Novakovic gives us a rundown of improvements to Azure SQL Managed Instances:

Azure SQL Managed Instance provide management operations that you can use to automatically deploy new managed instances, update instance properties, and delete instances when no longer needed. Most of the management operations in SQL Managed Instance are long-running but until now it was not possible for customers to get detailed information about operation status and progress in an easy and transparent way.
Through the introduction of a new CRUD API, the SQL Managed Instance resource is now visible from when the create request is submitted. In addition, the new OPERATIONS API adds the ability to monitor management operations, see operation steps, and take dependent actions based on operation progress.
Check out this blog post to learn how to effectively utilize new APIs in real-word scenarios.

If this product potentially fits your needs, also check out Vladimir Ivanovic’s post on performance improvements:

Previously, the tempdb I/O operations were governed as part of the instance log rate cap (which used to be configured to 22 MB/s for General Purpose and 48 MB/s for Business Critical). With this set of improvements, tempdb I/O operations are no longer governed as part of the instance log rate cap, allowing for a significantly higher tempdb I/O rates.

The improved tempdb performance will greatly improve the speed of tempdb-bound operations, such as running queries with large sorts/spills, or data loading through tempdb.

It looks like they’ve upped the caps on several storage-related limits for no extra charge.

Comments closed

Discovering MrbMiner

Randolph West gives us the low-down on some malware:

Tencent Security has released a report (written in Chinese) describing a new malware attack by the name of “MrbMiner” on SQL Server instances exposed to the Internet with passwords that can be brute-forced.

According to the report it installs an application written in C# by the name of assm.exe which communicates with a command-and-control server to download a digital coin mining tool, which may be disguised as various Windows system services. The malware uses several techniques to ensure that it sticks around.

Randolph has some more advice on how to determine if it is on one of your servers.

One quick thing I’d like to point out is that this is not a flaw within SQL Server; it only infects a machine which has a username and password it can guess.

Comments closed

Power BI Premium Per-User Licensing

John White has some thoughts on a big announcement at Ignite:

The new Premium per user (PPU) license promises to solve this problem. Premium per user will be a new license that will include all of the capabilities of the Pro license, but will also include almost all of the features available in Premium. It will NOT include unlimited sharing. Users with this license will be able to publish content to a PPU workspace, and that content can be consumed by other users that have a PPU license.

The next question is of course going to be “great, so how much is it?”. Therein lies the rub.

This is why I’m interested, but not yet excited. I’d expect it to be more than $10 per user per month, as otherwise nobody would get a Pro SKU. But where, exactly, it lands above that is the key question. The number $50 per user per month comes to mind—the idea being that you save money up to 100 users, after which point it makes sense to switch to the fixed-price licensing. We’ll see what the real number looks like once they announce it.

Comments closed

Shipping Jupyter Books to the ADS Marketplace

Emanuele Meazzo shows one good use of the Azure Data Studio Extension Generator:

The recently released Extension Generator for Azure Data Studio has opened up yet another way to ship Notebooks and Books to ADS allowing you to easily author your extensions.

In my previous post I’ve detailed how you can now access a Book remotely, now, if you want the book to be actually installed in your ADS instance, you can install it as an extension!

It looks like the process isn’t entirely smoothed out yet, but they’re working on it.

Meanwhile, you can also check out Emanuele’s post on how to get the SQL Server Diagnostic Book as an extension.

Comments closed