Voice of the DBA
A series of episodes that look at databases and the world from a data professional's viewpoint. Written and recorded by Steve Jones, editor of SQLServerCentral and The Voice of the DBA.
info_outline
A Simple Solution
09/12/2024
A Simple Solution
In general, I like simple solutions to problems (and ). They can take work, but a simple solution means it's easy to explain to others, easy for others to refactor/modify, and we limit the amount of effort required to ensure others can use the solution. Sometimes I see very clever engineering solutions, but they become cumbersome to implement and maintain, or worse, no one other than the author understands how they work. In any size organization, that's a piece of technical debt that can cause problems over time. Read the rest of
/episode/index/show/voiceofthedba/id/32878934
info_outline
Casino Night is Back
09/10/2024
Casino Night is Back
We are bringing back the SQL Server Central Opening Night party at the PASS Data Community Summit this year. This was for many years and I'm looking forward to the conference even more. The party will take place Tuesday night, after the Welcome reception. from 8pm-10pm, once again catered as a casino themed party. I'm using the same company we've used in the past, and we'll have a cash bar and lots of prizes. I've already started to make a shopping list of fun things to give out as random prizes as you enjoy the games. In the spirit of competition, we will save a prize or two for the top chip winners. Read the rest of
/episode/index/show/voiceofthedba/id/32886232
info_outline
The Invisible Disk
09/08/2024
The Invisible Disk
I saw a post recently about , where a software consultant had written down his predictions for the future. In this case, he writes about a computer shrinking smaller than today, essentially to one chip, with docking stations wherever you need them. We're already at the place where many of us have an extremely powerful computer in our pockets in the form of a mobile phone. I'm still amazed that I bought a phone recently with half a terabyte of storage. A few years ago I gave a keynote where I looked at the changes in disk storage, starting with an . The capacity was 5MB. I remember working with KB floppy disks and MB hard drives, and lots of different connection technologies: IDE, ESDI, SCSI, and more. I've seen disks shrink from a 5 1/4" form factor to mere wafers with today's NVMe drives. Read the rest of
/episode/index/show/voiceofthedba/id/32799922
info_outline
Container Development Work
09/05/2024
Container Development Work
On my new laptop, I only use containers as database servers. I made the decision not to install SQL Server or PostgreSQL and instead work on containers only. I've written lightly about this, but I set up docker-compose files to load different instances of SQL Server and PostgreSQL (and others) and batch files to start and stop them. I've also set dedicated places on my disk where I can drop backup files and access them from the host. It's 2024. I moved to containers on my laptop exclusively for databases for the first time this year. This is despite the fact that I like containers, am comfortable with them, and find them handy. Moving from installed database server software to containers took a conscious effort, and it took time to configure everything. Really, it took me a bit of time to think about how I'd want to configure my system so that my work in SSMS went smoothly. Read the rest of
/episode/index/show/voiceofthedba/id/32796427
info_outline
Fifty Percent
09/03/2024
Fifty Percent
Most of us will have more than one job in our career. In fact many of us will likely find a new job in the next five years. I hope I'm not in that group, but I recognize that it's a possibility. We never know when our situation will change, or our employer's situation will change. That is one reason I recommend you keep your resume up to date and continue to work on improving your skills. I saw recently from Brent Ozar, in which someone had asked him if they should apply for a job even though they didn't meet all of the requirements or know all of the desired technologies. Brent recommended the person apply, and his reasoning was that often a DBA (or other data pro) often gets asked to do a variety of tasks in an organization. The DBA job often crosses lots of boundaries and may end up working on a Active Directory issues, reporting, ETL, and more. When A DBA leaves a job, the organization looks for a replacement that can handle that same wide variety of things. Read the rest of
/episode/index/show/voiceofthedba/id/32796282
info_outline
Trying New Technology
08/29/2024
Trying New Technology
I had someone ask me about recently. Would I think that's a good choice for a database. I don't really know. From their blog and some online research, maybe, but it's also a minority player in a niche space. I had a chat recently with someone that had implemented , a graph database. Why that and not Neo4J I asked them? Someone at the company had tried it and recommended it. Not a bad reason, as I think experience with tech is important, but it's not the only thing. Read the rest of
/episode/index/show/voiceofthedba/id/32768557
info_outline
A Kafka Introduction
08/27/2024
A Kafka Introduction
I've heard of Kafka before. I know it's an Apache project and you can download or read more at . I knew it was a way of moving data around, some sort of ETL tool useful for moving things around. More like a message and queueing system, which is a tool that seems like a great idea, but one that everyone struggles to work with. And one that seemed complex. The overview is that Kafka is "a distributed system consisting of servers and clients that communicate via a high-performance . It can be deployed on bare-metal hardware, virtual machines, and containers in on-premise as well as cloud environments." Read the rest of
/episode/index/show/voiceofthedba/id/32768437
info_outline
Your Computer Science Education
08/22/2024
Your Computer Science Education
I know a lot of people in this business do not have computer science degrees. While some do, I suspect it's a minority. I'm certainly curious, so if you want to share your education experience in a comment, tell me if you have a degree and what the focus was, as well as answer a few other questions. At recently, professors and from talked about their computer science curriculum for growing the next generation of professionals. Along the way, they also asked the audience these questions: Read the rest of
/episode/index/show/voiceofthedba/id/32546332
info_outline
A Lack of Architecture and Planning
08/18/2024
A Lack of Architecture and Planning
A few weeks ago, I was sitting in the audience, waiting for my turn to speak at Just before me, Xe Iaso delivered a funny and thought-provoking talk on . It was very well done and had me feeling nervous about following that session. The talk is a bit of a satirical look at an interview Xe had for a company that tried to get them to derive an architecture for a large distributed system. It was interesting to hear Xe note that often we have architecture diagrams of what we'd like to have, but never an explanation of how we implement a large system, especially one that has to grow as our workload grows. Read the rest of
/episode/index/show/voiceofthedba/id/32546217
info_outline
What Do You Drop?
08/15/2024
What Do You Drop?
Many years ago I was training for a triathlon. I had competed in the the previous year in Virginia Beach and wanted to do it again. I had a young child, work was busy, and I was struggling to find time to swim, bike, and run every week. One night, I was at a work event with a customer who was also a triathlete. He was much more competitive and successful than I was at competing in triathlons, and he told me I should just get up earlier and find time to train or ensure I spent time after work on training before I went home to ensure I was meeting my goals. That sounded fine. Want to be better at something, then spend time on it. Certainly, that's what I often advocate for your career. Spend time on your career. Read the rest of
/episode/index/show/voiceofthedba/id/32546112
info_outline
Prevent Complete SQL Injection
08/13/2024
Prevent Complete SQL Injection
I would hope most of you reading this know what SQL Injection (SQi) is and how you can prevent it. Or at least what patterns cause problems. If not, here's that is worth reading. If you have more questions, . SQL Injection has been, and continues to be, a problem in many systems. In fact, I chatted with Mike Walsh recently after he'd published on an attack for one of his clients. He has some notes that explain how your database server might be vulnerable, as well as a description of a recent attack example. He also notes that many of you are responsible for protecting data, which is separate from other security mechanisms. You need to be sure you are protecting your data, even in vendor applications. Read the rest of
/episode/index/show/voiceofthedba/id/32545982
info_outline
A Checklist for Learning
08/12/2024
A Checklist for Learning
One of the challenges many people have is focusing their learning efforts along some path. The best way to move forward is with steady effort that guides you through steps to build knowledge or skill. However, with so much information out there on the Internet, how do you decide where you focus your efforts? Lots of people choose a random method, but the world is full of those people, many of whom never develop strong skills. That might be fine if you are an hobby guitarist or piano player, but it's not the best way to approach your career. Read the rest of
/episode/index/show/voiceofthedba/id/32545807
info_outline
Send Metrics Not Logs
08/08/2024
Send Metrics Not Logs
This is part of a series on observability, a concept taking hold in modern software engineering. One of the interesting things I saw in was that they are sometimes bandwidth-constrained at remote sites. In an early version of their platform, they sent logs back to HQ, and their logs used all the available bandwidth, so they were unable to process credit card transactions. While most of us don't deal with lots of remote offices sending data back to a central data warehouse, we do often work in distributed environments, and we may send data to/from a cloud or even employees' remote offices. Or maybe we send a lot of data between components. Bandwidth is very good in many parts of the world, but it isn't infinite. Read the rest of
/episode/index/show/voiceofthedba/id/32419797
info_outline
Responding to a Disaster
08/02/2024
Responding to a Disaster
a few weeks ago. On the same day, I didn't. A delay for a few hours, but an easy trip home. Lots of other people didn't have a smooth trip, and I had a few friends who spent an extra night somewhere or had flights canceled and decided not to take a trip. The hit the entire world, causing problems everywhere. Just before that happened, . If you were affected by these, you have my sympathies. If your IT job included responding to these, you get all the virtual hugs from me (). I know what it's like when someone calls you to handle an outage, and I know it can turn your life upside down. Hopefully, it hasn't been too stressful to you. Read the rest of
/episode/index/show/voiceofthedba/id/32419557
info_outline
A Quick Turnaround
07/28/2024
A Quick Turnaround
I visited a customer last week and attended . Both were fun events, and an enjoyable week, though I was away from my wife for 4.5 days, which she didn't love. Today, I had a quick turnaround, heading to Wisconsin Dells for , which I attended last year and enjoyed. I didn't submit this to the event, but got asked to go as part of my job. I accepted, and I'm gone from home for a week between these two trips. I do travel a lot, but these trips got me thinking about how many of us might handle the unexpected demands from our companies. In this case, I had planned on SQL Saturday Baton Rouge, but not a customer visit. I got asked a month ago to add this in, which was fine, but two weeks ago the trip got extended by another day. Just before I got the update from that call, I agreed to go to THAT! for a quick presentation. Read the rest of
/episode/index/show/voiceofthedba/id/32246137
info_outline
Thinking About Technology
07/23/2024
Thinking About Technology
Technology has dramatically changed the world over time. The advent of cars dramatically changed the US, as people could go places and meet others in a way that was difficult and slow before. The telephone let us communicate with people all over the world at a pace that was previously impossible. Computer technology has furthered this at a truly amazing pace, especially since the adoption of mobile devices by so many people. The flexibility in how we can integrate computer technology into our lives has been incredible. However, each technology change brings about plenty of negatives and potential problems as well. I ran across from L. M. Sacasas that has some questions we might ask about any technology, including the software we build. The start of the piece is that most of us don't think about how our work might be misused, which can lead us to dismiss security risks or moral misuse risks. We often don't consider the malicious ways people view applications. Read the rest of
/episode/index/show/voiceofthedba/id/32246052
info_outline
The Biggest Database Professional Challenges Today
07/21/2024
The Biggest Database Professional Challenges Today
Today I have a question for you: What are the three biggest challenges you face today as a database professional? Read the rest of
/episode/index/show/voiceofthedba/id/32152752
info_outline
A Programmer's Attitude
07/18/2024
A Programmer's Attitude
I caught , including themselves. It is written by a software developer for other software developers, but I think it can also apply to database work as well. It is a bit long, but it starts with the nature of abstractions in the world and how they let us work with simpler models of a situation or environment. However, most abstractions are leaky, and our assumptions about them can cause our systems to fail. The leap from trust to abstractions seems a bit funny, but it makes some sense. We ought to simplify our situations so that we can generalize how to solve them, but we also need to verify things. There are a few examples, one of which is we ought to use tests to ensure the code does what we think it does, including using a wide variety of data. We ought to ensure that refactoring something doesn't break the system, or more often for databases, we return the same results. Changing a query to run more efficiently with joins or a window function instead of a loop or subquery should return the same results. Not just for one row but all rows, and across different inputs. Read the rest of
/episode/index/show/voiceofthedba/id/31968907
info_outline
Cloud vs On-premises
07/16/2024
Cloud vs On-premises
The cloud has been a controversial concept for much of its existence. While the idea has been around for many decades, AWS started selling IT services in 2006, with Azure following suit in 2008. Since then, the use of cloud services has grown tremendously. While some applications and organizations have embraced the idea from the beginning. I found many of you at SQL Server Central were very hesitant at first. I guess some of you are still skeptical about the value of a production database in a public cloud. From the beginning, I've felt that cloud computing has a place in the world, but in a way that is more appropriate for some situations than others. In terms of database (and maybe compute services), if you have a very well-known and predictable workload, the cloud can be very expensive. It might still be a good choice, but I think it often isn't. If you have a variable or growing workload, then the cloud might serve you better than trying to keep up with new hardware in your own data center. Read the rest of
/episode/index/show/voiceofthedba/id/32056422
info_outline
Least Privilege
07/14/2024
Least Privilege
I assume that most of you know about the . If not, please read and make sure you understand how you should approach security. In the modern world, we also ought to adapt our systems for , which includes the least privilege principle. However, I wonder how many of your organizations really follow these security guidelines internally. Are you strict about adding limited access and removing it when people change jobs/roles? If you use Windows Auth (or Entra), are your admins doing that or just adding in new roles? Do you scope down database access roles in granular ways or just stick with 1-2 roles for the most common things people do? Read the rest of
/episode/index/show/voiceofthedba/id/31969062
info_outline
The Stretch Database Retirement
07/09/2024
The Stretch Database Retirement
Stretch Database is finally going away. It is being retired. It was deprecated on Nov 16, 2022, from SQL Server 2022. Effective Jul 9, 2024, the supporting Azure service is retired. I saw this in , though I hope anyone using this service has been seeing lots of reminders over the last couple of years. I know I'm getting MySQL retirement notices for one of my services and need to migrate some workloads this month. If you tried this service, you might have realized that the pricing didn't make sense for most of us. If you hadn't tried it, it worked by moving some of the data in your tables into Azure, where it could be queried if needed. It was an interesting idea, though most of us would have wanted this to work between two SQL Server instances, not between SQL Server on-premises and Azure. Read the rest of
/episode/index/show/voiceofthedba/id/32056337
info_outline
An Upgrade Slog
07/07/2024
An Upgrade Slog
I saw a blog post from Randolph West recently that asked It's a bit of a process, involving an intermediate version and two restores. He also points out the need to run DBCC after the first restore, which is a good idea. I wonder how many people would take the time to do this, or even think about it as an upgrade step? This was interesting to read as I had a customer ask me about doing this a few months back. They were trying to clean up their database estate and modernize some of their older systems. This was becoming a big project for them, as they had several pre-2017 systems, none of which were in support. Auditors, regulatory authorities, and even business partners see this as a large security risk and get concerned if you're running older software. Read the rest of
/episode/index/show/voiceofthedba/id/31968727
info_outline
Midsummer Fun
07/04/2024
Midsummer Fun
Yesterday was Independence Day in the US and a day off for me. Today, I'm back to work. Same for my rocket engineer son, one day off. My wife remembers a few of her companies giving a 4-day weekend when a holiday falls on a Tuesday or Thursday, but that hasn't been my experience and isn't this week. I know we're barely into summer, which technically started Jun 21, but most of my life has measured summer between the end of one school year and the beginning of another. That's usually late May (Memorial Day) to early September (Labor Day). I think that's a very American thing, as I know lots of my friends in Europe are just starting their break between two grade years. For those of you in the Southern Hemisphere, I'm sure this time of year is even more different. Read the rest of
/episode/index/show/voiceofthedba/id/31968622
info_outline
Xp_cmdshell Use Cases
07/02/2024
Xp_cmdshell Use Cases
I had someone ask me recently how to run xp_cmdshell on a Linux version of SQL Server. I told them you can't, as it's an and not one that I expect to see released. I had to double-check, since I did think that supporting a BASH shell was a possibility, but it wasn't added to the product. In the feedback forums, I saw a request for , though the feedback from MS is to use CLR for this. They suggest external access permissions, but those aren't supported on Linux. I also didn't see a request for shell scripts added, and I'm not sure I want one. Read the rest of
/episode/index/show/voiceofthedba/id/31887412
info_outline
The Cost of Rework
06/30/2024
The Cost of Rework
I often deal with customers who are looking to improve the way they build and manage database software. These could be small companies or large enterprises, with teams of developers trying to enhance their application software to solve new business problems. Often those enhancements require new data, with the related schema changes in a database. Even if there isn't any new data, often we need to query data in new ways, combing, filtering, aggregating, and otherwise transforming data into extra information that a business can use. Solving many of these problems is iterative by nature. We try one thing, then another. Often a developer might experiment with a data model or query, trying to match a requirement they've been given. Once they produce a solution, we may find problems in testing, or far too regularly, in production. These could be data-related issues, where the developer hasn't considered values in their solution (zeros, blank or long strings, extreme dates, etc.). These could be logical errors, where the developer just made a mistake. There could also be a problem with the requirement, where the customer provided an incomplete or incorrect specification to the developer. Read the rest of
/episode/index/show/voiceofthedba/id/31888002
info_outline
What Metrics Do You Collect?
06/27/2024
What Metrics Do You Collect?
One of the hot terms in software these days is observability. There are a few definitions (, ), but essentially this is the insight into how your software runs and performs using metrics, logs, traces, etc. In DevOps, we do this with an eye toward improving performance and identifying the root cause of issues. The focus is slightly different from monitoring, where we often focus more on resources and health. We need both, but often in trying to improve software and the behavior for users, developers need observability. Infrastructure people responding to acute issues and looking to ensure we have the capacity, availability, and other x-bilities, that need monitoring. Today I'm wondering if you collect a variety of types of metrics for your software that might tell you how your system is running. What things are important to you in order to better serve your clients? If you're a DBA/sysadmin, what is important to you? If you are a developer, are there different types of data you want? Read the rest of
/episode/index/show/voiceofthedba/id/31887792
info_outline
Where to Test Your Code
06/25/2024
Where to Test Your Code
The last 10-15 years in software development have seen a widespread embracing of unit testing. Before the popularity of mobile phones and their apps, most of the organizations I'd worked in gave lip service to automated unit testing, and often even more complex integration/system tests. These days, it seems more and more people embrace unit testing, and I hear about that often from customers and attendees at events. I don't often hear about more comprehensive integration and system testing, I found that looked at how the social network was built. The article is partially paywalled, but I have subscribed because of the interesting thoughts they publish. In this article, there was a really interesting part of the article on testing. This is a section titled "Integration tests over unit tests". Read the rest of
/episode/index/show/voiceofthedba/id/31887592
info_outline
What Do You Want to Learn?
06/23/2024
What Do You Want to Learn?
There are lots of resources for learning: , , , and other events, conferences, and more. In most of those cases, the editor, author, or speaker is deciding what they want to write about. If you want to learn something different, you need to go search out that information. You can certainly request topics from others, but they may or may not listen to you. At least not as an individual. Read the rest of
/episode/index/show/voiceofthedba/id/31838367
info_outline
Cloud Transformation
06/21/2024
Cloud Transformation
In the last few months, I've been traveling around at a few of the Redgate Summits () running panels on cloud journeys. I've had industry experts, both technical and managerial, discussing their approaches and journeys with advice and caveats for others. It can often be more than just migrating systems, so a lot of people have started to talk about cloud transformation. However, in some cases, this is just a migration. A lot of companies just lift-and-shift their databases into the cloud, along with various other services. While this is a quick way to get into the cloud, it isn't much of a transformation. If you review and right-size the resources you've provisioned, maybe there is a bit of a transformation, but not a lot. Read the rest of
/episode/index/show/voiceofthedba/id/31838272
info_outline
SQL Injection is Not Acceptable
06/18/2024
SQL Injection is Not Acceptable
SQL Injection has been a problem for my entire career. Thirty years ago I could have easily just blamed this on ignorance, as most of our developers didn't think about the nefarious ways that hackers enter data in our applications. These days, there isn't a good reason for this to keep happening, and the problem is us. I think that we don't provide good examples or training on secure coding or secure architecture as a normal part of teaching programming. In many organizations, we don't check for issues and prevent their release. Some do, but many don't. On top of this, the existing code is usually a poor template for writing future code. I do think Microsoft aims for secure coding in SQL Server but in Windows, there is work to be done there. A few months ago, I saw that noted the US CISA organization and the FBI issued (PDF) that noted there is no excuse for SQL Injection vulnerabilities (SQLi) in modern software. This alert notes that SQLi has been an "" since at least 2007. Inside the document on vulnerabilities, it notes that a single quote can't be used in certain fields: username, password, ID field, or numeric field. They also note that co-mingling user data and query data, like constructing queries on demand, is a poor practice. Read the rest of
/episode/index/show/voiceofthedba/id/31780702