THE SQL Server Blog Spot on the Web

Welcome to SQLblog.com - The SQL Server blog spot on the web Sign in | |
in Search

Adam Machanic

Adam Machanic, Boston-based SQL Server developer, shares his experiences with programming, monitoring, and performance tuning SQL Server. And the occasional battle with the query optimizer.

Log Buffer #21: A Carnival of the Vanities for DBAs

Hello, there!  You’ve somehow managed to navigate your way through the blogosphere and into the 21st edition of Log Buffer.

 

It’s fitting that this is the 21st edition, because that just so happens to be the legal drinking age here in the United States. And the folks over at Oracle sure need a drink or three this week. Computerworld’s Jaikumar Vijayan reported on a study showing that Oracle has more security flaws than SQL Server. And over at IT Toolbox, Chris Eaton was nice enough to link us to the actual study, and in his post also mentioned that a security firm called Argeniss had promised to release one Oracle security flaw every day this week.

 

The Oracle Security Blog's update on the topic, posted a few days after Chris's post, reveals that the week of disclosure is not happening -- at least, not quite yet (Argeniss apparently temporarily "suspended" the project).  But don’t worry!  If you just can’t live without that sticky-sweet feeling of bliss that accompanies finding a particularly nasty hole in someone else's software, head on over to Eddie Awad's blog, where you can learn how to snarf a dangling cursor. And now I will sit back and watch as my inclusion of that phrase gets this post banned by all of my readers' corporate indecency filters. Snarf on!

 

For those serve up your customers' data to hackers on a silver platter live-on-the-edge types in the audience who have time to worry about anything non-security-related amidst all of the concerns being raised,  there were a few interesting tidbits posted this week. Edgar Hoover dished up some tips on using functional indexes in 9i. And Lucas Jellema showed us a way to avoid long strings of UNION ALL'd queries when trying to create "dummy" data. But if you're running on Linux, good luck using these tips at all! Brian Aker clued us into the fact that most installations are incredibly instable and that there just aren't enough experts around to fix the problems. "Free" operating system. Expensive consultant needed to fix it. What doesn't add up here?

 

For better or for worse, life in the MySQL camp was not nearly so exciting this week. Ronald wrote an interesting post about Pluggable Storage Engines, but to me it sounds like it's just metadata management given a snazzy new name. And over at the So What Co-operative blog, Jeff Hunter got some flack because he implied in a post that MySQL isn’t ready for prime time (i.e., no mission critical apps). For shame, Jeff! Rounding things out was a good post by Kevin Burton all about Ethernet latency and how it can affect database performance.

 

It's life as usual for the PostgreSQL and DB2 crowds. Josh the PostgreSQL lead posted not one, but two articles containing performance tips. And Willie Favero pointed out the availability of a couple of new IBM Red Books: One covers the oh-so-popular topic of SOA, and the other is all about LOB data.

 

Which brings us nicely around to the world of SQL Server. You didn’t think I'd forgotten, did you? A good post came from Denis the SQL Menace, who brought to light a not very well publicized feature of SQL Server 2005: the ability to tell the engine to update statistics asynchronously. But this week's highlight came from Mladen Prajdic, who discussed an interesting way to get high-precision performance metrics in SQL Server, via a few SQLCLR routines. The only problem with Mladen's technique is that it appears to only work on a single thread at a time. Still, it's definitely an interesting technique to consider, and a great SQLCLR sample to keep around.

 

In the SQL Server tools department, we were informed by Bart Reed of Red Gate that SQL Prompt 3 might actually be coming some day! I was in the beta for this product, and I have to say that it's looking pretty interesting -- I definitely hope that some day is sooner rather than later, so get back to work and stop blogging, Bart! Luckily, we don't have to wait for Red Gate to get some enhancements to SQL Server Management Studio. Paul A. Mestemaker II provided detailed information on how to add a custom report to Management Studio in SQL Server 2005 SP2. And low and behold, Jasper Smith has already published a very useful report, a recreation of the much-missed Taskpad View from Enterprise Manager.

 

Since not everything in our industry is product-dependent (well, it's not supposed to be), let's not forget that database design is a more or less transferable skill -- at least, if you have any clue about what you're doing. The first consideration is usually data types, but as Tom Kyte pointed out, some people just don't get the difference between strings and all of those other newfangled types (as an aside: it was an Oracle person… should we be surprised?)  Apparently it was character types vs. the world week in DB2 land as well, because Craig Mullins also weighed in with a post on the topic.

 

To close, I'd like to point out that despite Eddie Awad's concerns about laziness, I believe that all of the best computer professionals are lazy at heart. That's why we use macros, create shortcuts, and script/automate everything. We don't like working any more than we have to! And that is why I'll leave it to not-so-lazy people -- like Joe Celko -- to come up with information on techniques such as an additive congruenital method of generating values in pseudo-random order. Uh, yeah.

 

So with pseudo-randomness in mind, I bid you, kind reader, adieu. And remember to watch out for those pesky dangling cursors! There's no worse feeling than coming in on a Monday morning and settling down with that first hot cup of coffee, only to discover that you've been snarfed over the weekend.

Published Friday, December 01, 2006 7:00 AM by Adam Machanic

Comment Notification

If you would like to receive an email when updates are made to this post, please register here

Subscribe to this post's comments using RSS

Comments

 

Dave Edwards said:

Adam: "There's no worse feeling than coming in on a Monday morning...only to discover that you've been snarfed over the weekend."

Hey Adam, speak for yourself -- I like getting snarfed over the weekend. No accounting for taste, I guess.  And I'm not convinced that a dangling cursor is any more indecent than a hanging chad.

Dave.  ;o)

December 1, 2006 9:35 AM
 

Mike Kruckenberg said:

Nicely done, I like the tone and readability.
December 1, 2006 9:40 AM
 

Denis the SQL Menace said:

Thanks Adam you must have known I hate free time  ;-)



Denis
December 1, 2006 9:47 AM
 

Toby said:

"Metadata management under a new name"? That's a strikingly ignorant remark - as is your Linux slam, "most installations are incredibly unstable". Bias showing?
December 1, 2006 10:04 AM
 

Paul Vallee said:

Toby, dude, it's a blog not journalism. Your editorial stance should be worn on your sleeve!

The answer isn't to slam Adam's work, it's to host your own Log Buffer, eh?

Cheers, and chill,

Paul
December 1, 2006 1:01 PM
 

Greg Linwood said:

Linux was stable enough to blow SQL Server away under an Oracle TPC-C benchmark yesterday. Not only more transactions per sec than SQL Server's biggest benchmark, but it was also only using half the # of CPUs.. Heck, I'm a big SQL Server fan, but let's keep it real (c:
December 1, 2006 2:05 PM
 

Adam Machanic said:

I don't know or claim to know about how stable Linux is or is not (at least, in its current state.)  In a previous life, several years ago, I was a Linux administrator.  We had one server that hadn't been rebooted for over a year and a half.  I can't remember ever seeing a Windows box last nearly that long.  So as far as I'm concerned Linux is/was pretty stable.  But I was just reporting on what Brian Aker said about Linux.  So if you have an axe to grind, it's with him, not me!  I might be doing SQL Server today, but who knows what tomorrow will bring -- no playing favorites on THIS blog... I only play LEAST favorites (i.e., Oracle ;-p)
December 1, 2006 2:49 PM
 

Greg Linwood said:

Sorry Adam - I didn't mean to single you out there, I was really just responding to the quote. It read to me as if nothing's happening in the Oracle / Linux world but the reality is Oracle & Linux just blew SQL Server away in TPC yesterday - more throughput on half the processor capacity is a big fat message that will probably outweigh the negative perception of security vulnerabilities in the long run. It's far easier to fix a few buffer overruns than to make the architectural changes necessary to squeeze more performance from the engine.

Cheers,
Greg
December 1, 2006 7:42 PM
 

Mladen said:

Hey there!
Multi connection Hi perf timer was my next step so here you go:
http://weblogs.sqlteam.com/mladenp/archive/2006/12/02/39124.aspx
December 2, 2006 12:50 PM
 

Jeff Hunter said:

December 5, 2006 4:26 AM
 

Sheeri said:

It really doesn't matter *how many* security bugs they are, but really *how vulnerable* the software is.  If there's only 1 security bug, but the bug is that it's using cleartext passwords, then it's a huge problem.
December 5, 2006 6:34 AM
 

Adam Machanic said:

It could be argued that neither the number of security bugs, nor how vulnerable the software "actually" is, matters.  What really matters is public perception of how vulnerable the software is -- which is probably not at all aligned to reality in most cases.
December 5, 2006 7:08 AM
 

Peter W. DeBetta said:

December 20, 2006 7:28 AM

Leave a Comment

(required) 
(required) 
Submit

About Adam Machanic

Adam Machanic is a Boston-based SQL Server developer, writer, and speaker. He focuses on large-scale data warehouse performance and development, and is author of the award-winning SQL Server monitoring stored procedure, sp_WhoIsActive. Adam has written for numerous web sites and magazines, including SQLblog, Simple Talk, Search SQL Server, SQL Server Professional, CoDe, and VSJ. He has also contributed to several books on SQL Server, including "SQL Server 2008 Internals" (Microsoft Press, 2009) and "Expert SQL Server 2005 Development" (Apress, 2007). Adam regularly speaks at conferences and training events on a variety of SQL Server topics. He is a Microsoft Most Valuable Professional (MVP) for SQL Server, a Microsoft Certified IT Professional (MCITP), and an alumnus of the INETA North American Speakers Bureau.

This Blog

Syndication

Powered by Community Server (Commercial Edition), by Telligent Systems
  Privacy Statement