Monthly Archives: January 2008

Bill Gates last day..

This has been out for a few days now, but finally tracked down a decent quality. – check out all the cameos..


SQL Server Database Backups for the enterprise – Part 1

I’ve been working with our team for a while to continually refine our db backup procedures.  We’ve got a fairly complex database environment, with quite a few sql servers in various locations, which prior to SQL SP2 we did backups primarily thru scheduled nightly jobs.  An update in SP2 broke our (basic) model, which re-energized my dreams of db backup automation and a more granular, manageable process. 

 Well, I’m nearly 90% complete with my new model – check back soon for Part 2, where I’ll offer my scripts for download.  Highlights include a single table that allows you to manage your backup job.  This table (briefly) includes the “databases” you want to backup, the backup engine to use (whether local or quest, red-gate, idera, etc), the schedule for backing up databases, including log backups and even file-group backups.  Next I wrote a Stored Proc which loops thru this table looking for backup jobs to run, using the respective backup engine.  The table/SP also includes a feature to write copies of the backup to both the local DB as well as a remote NAS device (or any path you provide in the setup table.) One nice feature about this is you can keep the past 7 days backups local on the machine, in the event you need to do a quick restore, whereas backups older than 7 days get archived to a NAS device, still recoverable, but depending on the location may take additional time to recover.  This helped us to address storage space, both locally and remotely, managing encryption and compression during the process.  While the scope of this little backup ditty grew, the flexibility/usability increased and we were able to pack in alot of functionality, that i thought others could eventually benefit from.  I wrapped up the function with some baselining capabilities, logging the start/end times of each backup with a secondary table, which provides two things.  First, helping us verify a backup runs every night and second, helping use see the backup size and file growth over time enabling us to do better storage/archival projections.  Lastly, it was important to me to make this entire process portable.  Deployment is as easy populating the tables with the DBs you want to backup and then schedule the SP to be run at some nightly interval.  thats it!

Now, before I share the code (hopefully it will be worth the wait),  here are a few things to consider when desinging your backup strategy:

  1. Understand backup types (simple vs. bulk, vs. full)
  2. Know where your backups are (dont want to go searching in time of need)
  3. Encrypt/compress/password protect your backups (as the standard .bak file can be read with notepad!)
  4. DB backups dont contain everything (also need master/userDB,msdb)
  5. Take care of system DBs (master, msdb)
  6. Plan for physical vs. logical failures (nightly backups good enough?  every 5 min/log shipping required?
  7. Ensure recoveryability of a backup (media, network, data – run restore verify only & also test entire recovery model)
  8. Forecast backup trends (do capacity planning and create a formal db recovery plan)
  9. Consider use of direct-attached or online (NAS) volumes for backup – tapes are no longer the standard for backups!
  10. Keep Control – if you are the DBA, dont rely on others with missing documention to jeapordize your restore.

Initial questions to ask.  How much data can be lost? Are there any SLAs you have to support?  What data security considerations are required?  Did you remember to backup indexes?  Some best practices include, running DBCC, then nightly backup with incremental log-backups periodically throughout the day as the business requires.

Hopefully that help to get you into the backup mindset.  Lots of things to consider, and theres certainly no one size-fits-all.  I’ll be posting the source code to my sql scripts in an upcoming post – which I hope can help you save time modernizing your backup efforts!?

What is a Plenum?

During some investigation for our new office space, cabling quickly became a subject of interest.  It seems the previous tenent had been there for some time (nearly 15 years) and underwent numerous updates, most of which ended with cat5 cabling.  Being the bandwidth-hungry company we are, we opted for category 6 cable, giving us the increased throughout and support for future bandwidth intensive applications.  In the past, we had to use plenum cable, as we had plenum space (above ceiling tiles) whereas our new space has higher ceilings direct through to the rafters, so I needed some clarification to justify the extra “plenum rated” expense – which I found below.  Now I’m just waiting for cable vendors input..

According to the National Electric Code (NEC) a plenum is a “compartment or chamber to which one or more air ducts are connected and [which] forms part of the air distribution system.” To qualify as a plenum, the space above an acoustic tile ceiling would have to extend above other rooms in the same building or be open to ducts connecting it to other parts of the building. The concern is that during a fire, if there is burning material in a plenum air space, smoke and fumes can travel through air ducts to the whole building. For this reason, there are codes to restrict the types of materials (such as wiring) that can be placed in the plenum.

It’s quite common to have an acoustic tile ceiling without having a plenum. If your room-dividing walls extend above the dropped ceiling and seal off the space above, you do not have a plenum air space and so may not require plenum-rated wires. (See illustration.) You can lift up an acoustical tile in your room and peek in to see if your room has a plenum.

So, what is the code?
According to the National Electric Code (NEC), in plenum air spaces you must use plenum rated cables, also called Communications Plenum Cable (CMP). Plenum cable is only required when cable is installed in a plenum air space. Materials kept below the ceiling — including speaker wire, computer cables, telephone cords, etc. — do not need to be plenum rated according to the NEC.

Remember that even though the National Electric Code may allow non-plenum cable, the final decision is up to your local Fire Marshall.  Most cities adopt the national codes as their own without revision, but some cities modify or expand them and require plenum-rated cable in all situations.  Regardless of the code or its interpretation, your Fire Marshall makes the final decision. We recommend that you contact your Fire Marshall if you have questions.

Why is the regulation for plenum air spaces but not for other wiring such as speaker wire?
It’s dangerous to inhale fumes from any burning material. Speaker wire is no more dangerous than any other plastic item you would find below the ceiling in a typical classroom — computers, carpet, power cords, etc. Therefore, requiring the use of plenum wires within the classroom itself would have little impact. The regulation covers the area where it’s most critical.

How is plenum wire different from other speaker wire?
Plenum rated coating on wire burns at a much higher temperature and emits fewer fumes.

Who sets the guidelines?
The National Electrical Code (NEC) is a set of guidelines recommending procedures to reduce the risk of fires, electric shock and other hazards associated with electrical installations. The code is advisory in nature, but most state and local building departments across the country use the NEC as the basis for their own electrical codes. Some local codes may be more restrictive, so please check with your local Fire Marshall if you’re unsure

TS2/MSDN Highlights – Livonia, MI

Took the trip out to Livonia today to attend a Microsoft MSDN/TS2 Event.  The 1/2 day conference was a pre-event for the upcoming Hero’s Happen Here event, taking place around the country starting in February and making its way to Michigan in March. Below are the highlights of both sessions, as I bounced between the two covering a few seperate subjects of interest.

 Firstly, highlights of Vista, now a year old, presentor took a survey of those using it and those happy, most were, those not were told their performance issues were probably due to faulty video drivers, seemingly taking the easy way out.    SP1 then came up, still not disclosing a release date, but here are some highlights:

  • Improved multi-monitor / graphic card compatibility
  • Increased compatibility with print drivers
  • improved sleep/resume functionality
  • Improved win explorer / IE performance
  • Improved network transfer performance
  • Network boot support for x64 PCs
  • Flash memory support for exFAT
  • est. download size to exceed 1GB! and requires 7-12GB available HD space (most reclaimed)

I’m happy to see several of the SP1 items appear to address items we’ve experienced first hand, guessing we weren’t the only ones..

Next up was Windows 2008 or w2k8 – whereas they touched briefly on the new server core, server manager, policy based QoS and new Windows deployment services.  I’ve seen a few sessions on w2k8 now, and while nothing too revolutionary there do seem to be a few very nice management features, such as read-only domain controllers, stronger virtualization (server, application & management) and of course IIS7.

SQl 2008 also got a brief mention, a few highlights:

  • Enhanced Mirroring
  • Failover clustering
  • Fast Recovery
  • Recource Governer
  • Enhanced Partioning
  • Transparent Encryption

Still no word on encryption/compression of backups – guess they’ll SQL let the ISV market survive a bit longer.

I then bounced over to the MSDN track, taking in yet another IIS 7 session.  The presenter did close with a brief security primer, which i think I’ve seen before, but its probably worth repeating.  The five demonstrated “hacks” were:

  1. Cross-site Scripting or XSS
    • Fix: Microsoft Anti Cross Scripting Library
  2. SQL injection
    • Fix: Use type-safe sql params
    • Restrict permissions of d users (i.e. no xp_cmdshell)
    • Sanitize data input
    • Do not disclose error information
  3. Cross site request forgery
    • Fix: viewStateUserkey = Session.sessionID
  4. Integer overflow:  2147483547 (max int value +1)
    • in C# use ‘checked’ keyword when validating INT values
    • in VB this is already done for you
  5. Insecure direct object reference

TS2 track also discussed (briefly) system center manager, Microsoft home server & data protection manager 2007, but nothing of substance, mostly marketing slides. 

That pretty much covers the highlights from my perspective.

CodeMash day 1 wrap-up

As i put close to day 1 of CodeMash, I’m certainly glad I made the trip.  I’ve met lots of very smart guys (and girls) and, I may have said this before, but its great to see such a vibrant community of vendor agnostic, language neutral people getting together – ok the ruby guys do seem to somewhat dominate conversations, but everyone here seems to have legitimate, genuine interest in promoting the community, for the sake of technology and beaking down barriers.  It’s now cool again to be a .net developer (not that I ever thought it wasnt) as people from all backgrounds are mixing and “mashing” their favorite flavor, based on their assessment of what the right technology to use is, which to me is huge.  We’ve long known every application/requirement is different, yet many shops (admittingly ours to some degree) default to an existing language, partially due to comfort, partially due to standards, but also partially due to lack of knowledge about alternatives.  This conference aims to change that, atleast the last one.  Here, everyone is treated equally and encouraged to experiment with something new, seek best practices (e.g. AGILE), and get informed!  Its a very non-threatening environment with something for everyone.

In the past, at other conferences, you were an outcast if you were a microsoft (or java) guy trying to talk about edge technologies, or more specifically, dynamic languages.  The open-source advocates on “the coasts” tend to shy away from .net/java, my guess is primarily because the reps attending the conferences (which, respectfully very smart cats) aren’t working on large enterprise class applications, such as financial banking systems, SAP, PeopleSoft or manufactoring supply chain – which are the challenges facing most of us MidWesterners.  That said, the “coasts” also tend to have access to more innovate businesses models, whether its the latestest web 2.0 application featured on TechCrunch, digg or just the latest widget from Google, Yahoo or AOL.  Yet, that doesnt mean there isnt a time and place for .net/java – or more specifically, their respective platforms.

Either way, these “un-conference” style events is clearly gaining momentum. I did find it almost shocking at dinner, where I had the liberty of sitting with several of the conference organizers (Dianne Marsh, Bruce Eckel, Bill Wagner & Dick Wall to name a few) that they were not familiar with some of the other “un-conferences” i have attended the past couple years.  They are nearly identical, however with all due respect to the others, I believe CodeMash does raise the bar, the conference has a very polished feel, yet NOT AT ALL stuffy, dull or unproductive.  It’s very much designed by devs for devs, with minimal if any corporate koolaid.  I would like to see more energy around Open Spaces, while available, i dont know that the midwest is familiar with this format yet, as to-date most conference attendees are used to paying big ticket prices and having formal tracks or session paths – Open Spaces builds on the community appeal, turning the focus to attendess (with content actually provided by attendees).  Am sure it will continue to get more popular as people become familiar with it, and everyone realizes they have the opportunity to customize the event into something that is potentially more meaningful for them.  That said, i personally do enjoy some sense of structure and pre-canned sessions, particularly from the industry vets here. 

Lots of great stuff in day 1, my only regret is that I wasnt able to attend all the sessions i wanted, as some overlap existed and I tend to want to learn more than one should in a given day.  Time to recharge the batteries for day two, physically and mentally.

IIS 7.0 keynote @ CodeMash

Having minimal exposure to IIS (only thru local development using Vista) I was anxious to dive under the covers.  Scott Hanselman was the presenter, and I must adit, he had me (and most the audience) laughing out loud thru the first 10 minutes of his speech – nothing to do with IIS whatsoever, but a very microsoft-esq, self-serving, comical lead-in.

Once we got into the presentation, interestingly he choose to showcase .php ontop of IIS.  He opened a pre-canned php picture application and continued to tweak application settings thru IIS/.net without having to modify a line of php code!  pretty cool stuff, including forms-based authentication and lots of http modules, which I found very cool.

Scott closed with some technical difficulties in his demo, highlighting somewhat complex caching, but he handled it well.  His intent seemed geared toward non-microsoft folks considering IIS as a legitimate option (at least on par, if not ahead of apache).  The demo and IIS did look impressive.  I’m now compelled to dive deeper with http modules.

Introducing Facebook Applications

At 9:30 I attended Matt Pizzimenti’s session on Facebook.  It was a indroduction, so much of the content I was semi-familiar with from previous discovery, but it was cool to see some new things, specifically implemented in ruby.  Matt started off with the registration process and went on to explain briefly key aspects of the API using REST.  The API then serves up XML (or optionally JSON).  Next up was authentication and more common method calls.  He went on to explain FBML, FBJS (still emerging), FQL, common libraries and “officially supported” languages, php/java (of course, as FB uses this internally), but un-officially ruby & python.  .net was not referenced, nor did i see it referenced much in my previous reviews, however i did find a few libraries (not officially supported by FB) floating around around on the web, one of which I’ve done some experimenting with (yet I can’t recall the name at time of writing) – damn reception cocktails 🙂

Overall I found the session very good, a follow up primer, but I enjoy seeing things presented a few different ways before I begin my own experimenting..hmm, do I smell an experimental project for Billhighway using ruby??  we’ll have to wait and see.