Voice of the DBA
A series of episodes that look at databases and the world from a data professional's viewpoint. Written and recorded by Steve Jones, editor of SQLServerCentral and The Voice of the DBA.
info_outline
Thinking About Technology
07/23/2024
Thinking About Technology
Technology has dramatically changed the world over time. The advent of cars dramatically changed the US, as people could go places and meet others in a way that was difficult and slow before. The telephone let us communicate with people all over the world at a pace that was previously impossible. Computer technology has furthered this at a truly amazing pace, especially since the adoption of mobile devices by so many people. The flexibility in how we can integrate computer technology into our lives has been incredible. However, each technology change brings about plenty of negatives and potential problems as well. I ran across from L. M. Sacasas that has some questions we might ask about any technology, including the software we build. The start of the piece is that most of us don't think about how our work might be misused, which can lead us to dismiss security risks or moral misuse risks. We often don't consider the malicious ways people view applications. Read the rest of
/episode/index/show/voiceofthedba/id/32246052
info_outline
The Biggest Database Professional Challenges Today
07/21/2024
The Biggest Database Professional Challenges Today
Today I have a question for you: What are the three biggest challenges you face today as a database professional? Read the rest of
/episode/index/show/voiceofthedba/id/32152752
info_outline
A Programmer's Attitude
07/18/2024
A Programmer's Attitude
I caught , including themselves. It is written by a software developer for other software developers, but I think it can also apply to database work as well. It is a bit long, but it starts with the nature of abstractions in the world and how they let us work with simpler models of a situation or environment. However, most abstractions are leaky, and our assumptions about them can cause our systems to fail. The leap from trust to abstractions seems a bit funny, but it makes some sense. We ought to simplify our situations so that we can generalize how to solve them, but we also need to verify things. There are a few examples, one of which is we ought to use tests to ensure the code does what we think it does, including using a wide variety of data. We ought to ensure that refactoring something doesn't break the system, or more often for databases, we return the same results. Changing a query to run more efficiently with joins or a window function instead of a loop or subquery should return the same results. Not just for one row but all rows, and across different inputs. Read the rest of
/episode/index/show/voiceofthedba/id/31968907
info_outline
Cloud vs On-premises
07/16/2024
Cloud vs On-premises
The cloud has been a controversial concept for much of its existence. While the idea has been around for many decades, AWS started selling IT services in 2006, with Azure following suit in 2008. Since then, the use of cloud services has grown tremendously. While some applications and organizations have embraced the idea from the beginning. I found many of you at SQL Server Central were very hesitant at first. I guess some of you are still skeptical about the value of a production database in a public cloud. From the beginning, I've felt that cloud computing has a place in the world, but in a way that is more appropriate for some situations than others. In terms of database (and maybe compute services), if you have a very well-known and predictable workload, the cloud can be very expensive. It might still be a good choice, but I think it often isn't. If you have a variable or growing workload, then the cloud might serve you better than trying to keep up with new hardware in your own data center. Read the rest of
/episode/index/show/voiceofthedba/id/32056422
info_outline
Least Privilege
07/14/2024
Least Privilege
I assume that most of you know about the . If not, please read and make sure you understand how you should approach security. In the modern world, we also ought to adapt our systems for , which includes the least privilege principle. However, I wonder how many of your organizations really follow these security guidelines internally. Are you strict about adding limited access and removing it when people change jobs/roles? If you use Windows Auth (or Entra), are your admins doing that or just adding in new roles? Do you scope down database access roles in granular ways or just stick with 1-2 roles for the most common things people do? Read the rest of
/episode/index/show/voiceofthedba/id/31969062
info_outline
The Stretch Database Retirement
07/09/2024
The Stretch Database Retirement
Stretch Database is finally going away. It is being retired. It was deprecated on Nov 16, 2022, from SQL Server 2022. Effective Jul 9, 2024, the supporting Azure service is retired. I saw this in , though I hope anyone using this service has been seeing lots of reminders over the last couple of years. I know I'm getting MySQL retirement notices for one of my services and need to migrate some workloads this month. If you tried this service, you might have realized that the pricing didn't make sense for most of us. If you hadn't tried it, it worked by moving some of the data in your tables into Azure, where it could be queried if needed. It was an interesting idea, though most of us would have wanted this to work between two SQL Server instances, not between SQL Server on-premises and Azure. Read the rest of
/episode/index/show/voiceofthedba/id/32056337
info_outline
An Upgrade Slog
07/07/2024
An Upgrade Slog
I saw a blog post from Randolph West recently that asked It's a bit of a process, involving an intermediate version and two restores. He also points out the need to run DBCC after the first restore, which is a good idea. I wonder how many people would take the time to do this, or even think about it as an upgrade step? This was interesting to read as I had a customer ask me about doing this a few months back. They were trying to clean up their database estate and modernize some of their older systems. This was becoming a big project for them, as they had several pre-2017 systems, none of which were in support. Auditors, regulatory authorities, and even business partners see this as a large security risk and get concerned if you're running older software. Read the rest of
/episode/index/show/voiceofthedba/id/31968727
info_outline
Midsummer Fun
07/04/2024
Midsummer Fun
Yesterday was Independence Day in the US and a day off for me. Today, I'm back to work. Same for my rocket engineer son, one day off. My wife remembers a few of her companies giving a 4-day weekend when a holiday falls on a Tuesday or Thursday, but that hasn't been my experience and isn't this week. I know we're barely into summer, which technically started Jun 21, but most of my life has measured summer between the end of one school year and the beginning of another. That's usually late May (Memorial Day) to early September (Labor Day). I think that's a very American thing, as I know lots of my friends in Europe are just starting their break between two grade years. For those of you in the Southern Hemisphere, I'm sure this time of year is even more different. Read the rest of
/episode/index/show/voiceofthedba/id/31968622
info_outline
Xp_cmdshell Use Cases
07/02/2024
Xp_cmdshell Use Cases
I had someone ask me recently how to run xp_cmdshell on a Linux version of SQL Server. I told them you can't, as it's an and not one that I expect to see released. I had to double-check, since I did think that supporting a BASH shell was a possibility, but it wasn't added to the product. In the feedback forums, I saw a request for , though the feedback from MS is to use CLR for this. They suggest external access permissions, but those aren't supported on Linux. I also didn't see a request for shell scripts added, and I'm not sure I want one. Read the rest of
/episode/index/show/voiceofthedba/id/31887412
info_outline
The Cost of Rework
06/30/2024
The Cost of Rework
I often deal with customers who are looking to improve the way they build and manage database software. These could be small companies or large enterprises, with teams of developers trying to enhance their application software to solve new business problems. Often those enhancements require new data, with the related schema changes in a database. Even if there isn't any new data, often we need to query data in new ways, combing, filtering, aggregating, and otherwise transforming data into extra information that a business can use. Solving many of these problems is iterative by nature. We try one thing, then another. Often a developer might experiment with a data model or query, trying to match a requirement they've been given. Once they produce a solution, we may find problems in testing, or far too regularly, in production. These could be data-related issues, where the developer hasn't considered values in their solution (zeros, blank or long strings, extreme dates, etc.). These could be logical errors, where the developer just made a mistake. There could also be a problem with the requirement, where the customer provided an incomplete or incorrect specification to the developer. Read the rest of
/episode/index/show/voiceofthedba/id/31888002
info_outline
What Metrics Do You Collect?
06/27/2024
What Metrics Do You Collect?
One of the hot terms in software these days is observability. There are a few definitions (, ), but essentially this is the insight into how your software runs and performs using metrics, logs, traces, etc. In DevOps, we do this with an eye toward improving performance and identifying the root cause of issues. The focus is slightly different from monitoring, where we often focus more on resources and health. We need both, but often in trying to improve software and the behavior for users, developers need observability. Infrastructure people responding to acute issues and looking to ensure we have the capacity, availability, and other x-bilities, that need monitoring. Today I'm wondering if you collect a variety of types of metrics for your software that might tell you how your system is running. What things are important to you in order to better serve your clients? If you're a DBA/sysadmin, what is important to you? If you are a developer, are there different types of data you want? Read the rest of
/episode/index/show/voiceofthedba/id/31887792
info_outline
Where to Test Your Code
06/25/2024
Where to Test Your Code
The last 10-15 years in software development have seen a widespread embracing of unit testing. Before the popularity of mobile phones and their apps, most of the organizations I'd worked in gave lip service to automated unit testing, and often even more complex integration/system tests. These days, it seems more and more people embrace unit testing, and I hear about that often from customers and attendees at events. I don't often hear about more comprehensive integration and system testing, I found that looked at how the social network was built. The article is partially paywalled, but I have subscribed because of the interesting thoughts they publish. In this article, there was a really interesting part of the article on testing. This is a section titled "Integration tests over unit tests". Read the rest of
/episode/index/show/voiceofthedba/id/31887592
info_outline
What Do You Want to Learn?
06/23/2024
What Do You Want to Learn?
There are lots of resources for learning: , , , and other events, conferences, and more. In most of those cases, the editor, author, or speaker is deciding what they want to write about. If you want to learn something different, you need to go search out that information. You can certainly request topics from others, but they may or may not listen to you. At least not as an individual. Read the rest of
/episode/index/show/voiceofthedba/id/31838367
info_outline
Cloud Transformation
06/21/2024
Cloud Transformation
In the last few months, I've been traveling around at a few of the Redgate Summits () running panels on cloud journeys. I've had industry experts, both technical and managerial, discussing their approaches and journeys with advice and caveats for others. It can often be more than just migrating systems, so a lot of people have started to talk about cloud transformation. However, in some cases, this is just a migration. A lot of companies just lift-and-shift their databases into the cloud, along with various other services. While this is a quick way to get into the cloud, it isn't much of a transformation. If you review and right-size the resources you've provisioned, maybe there is a bit of a transformation, but not a lot. Read the rest of
/episode/index/show/voiceofthedba/id/31838272
info_outline
SQL Injection is Not Acceptable
06/18/2024
SQL Injection is Not Acceptable
SQL Injection has been a problem for my entire career. Thirty years ago I could have easily just blamed this on ignorance, as most of our developers didn't think about the nefarious ways that hackers enter data in our applications. These days, there isn't a good reason for this to keep happening, and the problem is us. I think that we don't provide good examples or training on secure coding or secure architecture as a normal part of teaching programming. In many organizations, we don't check for issues and prevent their release. Some do, but many don't. On top of this, the existing code is usually a poor template for writing future code. I do think Microsoft aims for secure coding in SQL Server but in Windows, there is work to be done there. A few months ago, I saw that noted the US CISA organization and the FBI issued (PDF) that noted there is no excuse for SQL Injection vulnerabilities (SQLi) in modern software. This alert notes that SQLi has been an "" since at least 2007. Inside the document on vulnerabilities, it notes that a single quote can't be used in certain fields: username, password, ID field, or numeric field. They also note that co-mingling user data and query data, like constructing queries on demand, is a poor practice. Read the rest of
/episode/index/show/voiceofthedba/id/31780702
info_outline
Five Years and Counting
06/16/2024
Five Years and Counting
I almost called this "chasing a new laptop" since that's what I'm doing, but I decided to add the date because the current laptop I've using was built in March 2019 and got to me in May 2019. I've had an HP Spectre x360, my second HP Spectre, and I've really enjoyed it. I'm also amazed it still runs. On the last few trips, the two rubber strips that run along the bottom (acting as feet) started to peel away. I've never seen that before and I tried to re-attach them a few times, but that didn't work well. Not a big deal, and I can live with that, but then during my Australian tour, the laptop started pausing and freezing a few times. It might be that there is too much software on there and needs a pave-and-reinstall, but I decided to check the age on the machine. That was when I realized it was five years old. It's been a great machine, but I don't think I've ever had a work laptop last that long with daily use. Of course, there was about a year during the pandemic when it was rarely used, so maybe its life lengthened during COVID. Read the rest of
/episode/index/show/voiceofthedba/id/31541882
info_outline
Poor Database Design Realities
06/06/2024
Poor Database Design Realities
One of the interesting things that I see at Redgate Software is how idealistic our developers and engineers can be. They often build our database DevOps products with the idea that customers will use well-designed databases. The systems will have primary keys, foreign keys, defaults, constraints, indexes, and more. Developers will use coding standards, and naming conventions, and will understand what data is stored in tables. Not in every case, but often. After all, that's how we build software, as teams, sharing information, publishing documentation for others, and following best practices. Read the rest of
/episode/index/show/voiceofthedba/id/31541607
info_outline
Using AI for the First Draft
06/04/2024
Using AI for the First Draft
At the Redgate Summit in London, I ran a panel talking about Platform Engineering and how we can make developers more productive. One of the questions from our audience revolved around AI (Artificial Intelligence) technologies and how they might assist. As a note, AI tech includes a lot of different things, like machine learning (ML) among other things, but a lot of people seeing the media and hype around LLMs (large language models) think those are AI. They see AI as what is implemented in ChatGPT and Copilot, which is correct, but incomplete. One of the panelists, Jeff Smith of Redgate, said that he views the output from AI as a first draft, something that bootstraps further work by a human. This can save time and can help someone be more productive, but it's a starting point and a boost, not a final product. Read the rest of
/episode/index/show/voiceofthedba/id/31541527
info_outline
DBCC CLONEDATABASE is Semi-Discontinued
06/02/2024
DBCC CLONEDATABASE is Semi-Discontinued
I saw , which both scared me and didn't make sense. I've used this a few times for a quick copy of a database and like how it works. Discontinuing it seemed strange to me. Then I , which notes that it's not being supported for production deployments. The post doesn't explain why, but I'm guessing this is because all the stats and other metadata moves, and this might mess up the optimizer if different data is added. I don't know who deploys production databases like this, but I could see people who have federated or sharded databases using this to create a new blank copy and then uploading data into it. Or maybe people who need new databases that are distributed onto remote office/edge devices used it? If you use this to create production dbs, let me know. Read the rest of
/episode/index/show/voiceofthedba/id/31541447
info_outline
Life in a Startup
05/30/2024
Life in a Startup
I have worked for a few startup companies, including SQL Server Central. Each has been a different experience, and I learned a lot at each stop. However, I'm not sure I'd want to go through that process again at my age. I was thinking about the challenges and the excitement of being at a startup while reading about . The post doesn't go a lot into the technical details or the working life, but it is an interesting read from a VC investor. I also found this post on , which talks about what the author thinks about before trying to start a company. He compares this with life in a Big Tech company, which relates to lots of companies, in technology or not. The main differences are lower salaries, less infrastructure, lots of work, and upside in a startup. Big companies have higher salaries and more perks, less stress and responsibility, and not a lot of context-switching. In general, that's been true in my experience, though in bigger companies that didn't think they were software companies, I sometimes could end up with a lot of context-switching. Read the rest of
/episode/index/show/voiceofthedba/id/31411057
info_outline
Common Algorithm Concerns
05/28/2024
Common Algorithm Concerns
When we build software, many of us use the same algorithms to solve problems. We might choose a similar method for a quicksort or a lambda validation or a regular expression. For database work, your code for a running total (or other common challenge) is likely very similar to many other people. At least on the same platform. You might solve this differently in SQL Server and Oracle, but for the same type of database, many of us write very similar code. Actually, for many developers, they copy and paste an answer from SQL Server Central, Stack Overflow, or another site. I'm not sure if I think this is good or bad, as it's a good idea to reuse code if it solves the same problem. If you copy it and don't test it, that's bad. After all, the code might not solve your slightly different problem if you don't check it. Read the rest of
/episode/index/show/voiceofthedba/id/31410962
info_outline
Managed Instance Impressions
05/26/2024
Managed Instance Impressions
Several years ago, I heard about a new product coming in Azure that would provide an IaaS (infrastructure as a service) VM to run SQL Server, with Microsoft managing most of the admin tasks for the instance, like patching and backups. That didn't seem like a big load to me, and I wondered if anyone would actually pay for this product. After all, don't most companies find managing patches and backups? That product became , and I've been surprised at the adoption. Quite a few clients have adopted this as a way to lift and shift (mostly) to the cloud in an easy fashion without the restrictions of Azure SQL Database. This looks like a "normal" on-premises SQL Server, and there are both high-performance (Business Critical tier) and average-performance (General Purpose tier) versions of the product that let you choose what level of price/performance you need to achieve. Read the rest of
/episode/index/show/voiceofthedba/id/31410882
info_outline
The Costs and Rewards of Speaking
05/23/2024
The Costs and Rewards of Speaking
Most of the people I know who speak at a or user group aren't paid for their efforts. At many of the community events, the speakers are volunteering their time. Many are also paying for their own way to those events not located in their area. A few, such as me, might get a company to cover their travel expenses, but often this doesn't include time. If I attend a SQL Saturday, I still have a bunch of work on M-F that needs to be done. No comp time for these events. That being said, I'm happy to donate some time and money to community events. Some speakers build and teach full-day sessions, usually called pre-conference sessions, for which they are paid. There can be competition at large events like the PASS Data Community Summit and SQL Bits to get a session since the payment can be rewarding. I've seen some speakers make USD$1k or so, which can cover travel expenses, and others make over USD$10k, which is a nice payday. Read the rest of
/episode/index/show/voiceofthedba/id/31392767
info_outline
Invisible Downtime
05/21/2024
Invisible Downtime
has a concept I've never heard about: invisible downtime. This is the idea that there are problems in your application that the customer sees. Your servers are running, but the application doesn't work correctly or is pausing with a delay that impacts customers. From an IT perspective, the SLA is being met and there aren't any problems. From a customer viewpoint, they're ready to start looking at a competitor's offering. Lots of developers and operations people know there are issues in our systems. We know networks go down or connectivity to some service is delayed. We also know the database gets slow, or at least, slower than we'd like. We know there are poor-performing code and under-sized hardware, running with storage that doesn't produce as many IOPs as our workload demands. We would also like time to fix these issues, but often we aren't given any resources. Read the rest of
/episode/index/show/voiceofthedba/id/31311032
info_outline
Kubernetes is Cool, But ...
05/19/2024
Kubernetes is Cool, But ...
is cool, and I think it's really useful in helping us scale and manage multiple systems easily in a fault-tolerant way. Actually, I don't think Kubernetes per se is important itself; more it seems that the idea of some orchestration engine to manage containers and systems is what really matters. As a side note, there are other orchestrators such as , , and . However, do we need to know Kubernetes to use it for databases? This is a data platform newsletter, and most of us work with databases in some way. I do see more databases moving to the cloud, and a few moving to containers. I was thinking about this when I saw a Simple Talk article on . It's a basic article that looks at what the platform consists of, how it works, and how to set up a mini Kubernetes platform on your system. It's well written and interesting, but ... Read the rest of
/episode/index/show/voiceofthedba/id/31310817
info_outline
Creating Candidate Interest
03/04/2024
Creating Candidate Interest
It can be hard to find candidates for positions these days. I know there are a lot of people looking for jobs, but are they the ones you want? Are they a good fit for your team? Those are hard questions to answer when culling through resumes, conducting phone screens, and sitting in interview rooms asking questions from a template. What can be even harder is to compare different candidates when multiple people may interact with the candidates. Even if you do all the work, you're busy. Can you make good comparisons of different individuals that you've spoken to across a few weeks, in between all the real work you're trying to get done? I know I've struggled to do this, no matter how many notes I take or how long the discussions are with other team members. I have had a very mixed bag of success in hiring. Read the rest of
/episode/index/show/voiceofthedba/id/30056948
info_outline
Advice To Be a Better Person
09/14/2023
Advice To Be a Better Person
As a hobby, I coach volleyball for kids. Each year I meet new kids and parents and talk about my philosophy. Part of that is that I teach skills, athletics, how to compete, and more. However, I do emphasize as well that I'm trying to build better people, not just athletes. I want these kids to be better prepared for life, for job interviews, for future teachers and coaches, and for better relationships. While I'm not perfect, or maybe not even a great person, I do try to improve myself on a regular basis. Or at least learn to be a better person to others. This isn't because of any ideal or goal, but because life is more fun when I have more skills. Whether that's working with objects or interacting with people. The smoother things go, the more I enjoy the world. Read the rest of
/episode/index/show/voiceofthedba/id/27874899
info_outline
Large PRs are Bad
07/27/2023
Large PRs are Bad
I heard a joke years ago that went something like this. When a developer gets a pull request for code review that's 100 lines long, they will open the file(s), look at the code, and ensure standards are being followed. They might run some code, they'd walk through the algorithm in their mind, and spend 10, 20, or more minutes examining how the change is built. If you give them a code review of 1000 lines, they'll just assume it's great and approve it in seconds. I know that many developers don't find that funny. Often I meet people that think they're professional and they spend the time needed to examine the changes and ensure they work. I'm sure that many people do this often, and some people are very meticulous about their evaluation of the change. However, everyone gets busy and I know that often depending on who submitted the PR and how busy the reviewers are, the joke does reflect reality. The longer the PR, the less likely someone will either a) spend the time to carefully review it, or b) catch small mistakes. Read the rest of
/episode/index/show/voiceofthedba/id/27459501
info_outline
Better Communication Through Less Messaging
06/01/2023
Better Communication Through Less Messaging
I have learned to really appreciate and enjoy Slack as a messaging tool. It's something I use daily, and a place where many inside my company communicate about all sorts of issues. There certainly can be an overload of channels, but for me, I add and prune channels regularly and it's a good way to segregate conversations. I didn't feel that way when I started. At first, I resisted using it. Now I couldn't imagine not having it, but not everyone feels the same way. There's an article about a SaaS provider and instead using the Basecamp project management platform and keeping communications inside there. Read the rest of
/episode/index/show/voiceofthedba/id/26951202
info_outline
The Danger of Sharing Data
02/22/2023
The Danger of Sharing Data
In the past, many businesses hired employees whose role was deciding which prices to charge for their goods or services. At one point, organizations largely set prices based on their costs, though over time they tend to look at their competitors and set similar prices. If, however, management from multiple companies went into a room and determined prices, this would be price-fixing. is illegal. In many countries, we would not allow different companies to work together in a way that might reduce competition or take advantage of consumers. However, that might be a struggle in the future as we find companies using various services to help them manage their systems. Read the rest of
/episode/index/show/voiceofthedba/id/25894668