Category Archives: SQL Server

In-Memory OLTP relationship status: “it’s complicated”

Row version lifecycle for In-Memory OLTP

In this post we’re going to talk about a crucial element of the In-Memory database engine: the row version life cycle.

We’ll cover:

why row versions are part of the In-Memory engine
which types of memory-optimized objects create row versions
potential impact on production workloads of using row versioning
and finally, we’ll talk about what happens to row versions after they’re no longer needed

In a world without row versions – as was the case until SQL 2005 – due to the pessimistic nature of the SQL engine, readers and writers that tried to access the same row at the same time would block each other. This affected the scalability of workloads that had a large number of concurrent users, and/or with data that changed often.

Creating row versions switches the concurrency model from pessimistic to optimistic, which resolves contention issues for readers and writers. This is achieved by using a process called Multi-Version-Concurrency-Control, which allows queries to see data as of a specific point in time – the view of the data is consistent, and this level of consistency is achieved by creating and referencing row versions.

Harddrive-based tables only have row versions created when specific database options are set, and row versions are always stored in TempDB. However, for memory-optimized tables, rows versions are stored in memory, and created based on the following conditions, and are not related database settings:

DML memory consumption:

1. INSERT: a row version is created and consumes memory

2. UPDATE: a row version is created, and consumes memory (logically a DELETE followed by an INSERT)

3. DELETE: a row version is NOT created, and therefore no additional memory is consumed (the row is only logically deleted in the Delta file)

Why must we be aware of row versions for memory-optimized tables? Because row versions affect the total amount of memory that’s used by the In-Memory engine, and so you need to allow for that as part of capacity planning.

Let’s have a quick look at how row versioning works. On the following slide you can see that there are two processes that reference the same row – the row that has the pk value of 1.

Before any data is changed, the value of col is 99.

A new row version is created each time a row is modified, but queries issued before the modification commits see a version of the row as it existed before the modification.

Process 1 updates the value of col to 100, and row version A is created. Because this version is a copy of the row as it existed before the update, row version A has a col value of 99.

Then Process 2 issues a SELECT. It can only see committed data, and since Process 1 has not yet committed, Process 2 sees row version A, which has a col value of 99, not the value of 100 from the UPDATE.

Next, Process 1 commits. At this point, the value of co1 in the database is 100, but it’s important to remember that row version A is still in use by the SELECT from Process 2, and that means that row version A cannot be discarded. Imagine this happening on a much larger scale, and think about the amount of memory all those row versions will consume. At the extreme end of this scenario, the In-Memory engine can actually run out of memory, and SQL Server itself can become unstable.

Things to note:

Memory allocated to the In-Memory engine can never be paged out under any circumstance
Memory-optimized tables don’t support compression
That’s why there must be a separate process to reclaim memory used by row versions after they’re no longer needed. A background process called Garbage Collection takes care of this, and it’s designed to allow the memory consumed by row versions to be deallocated, and therefore re-used.

Garbage Collection is designed to be:
Non-blocking
Responsive
Cooperative
Scalable

The following slide shows various stages of memory allocation for an instance of SQL Server, and assumes that both disk-based and memory-optimized tables exist in the database. To avoid the performance penalty of doing physical IOs, data for harddrive-based tables should be cached in the buffer pool. But an ever-increasing footprint for the In-Memory engine puts pressure on the buffer pool, causing it to shrink. As a result, performance for harddrive-based tables can suffer from the ever-growing footprint of the In-Memory engine. In fact, the entire SQL Server instance can be impacted.

We need to understand how Garbage Collection works, so that we can determine what might cause it to fail – or perform below expected levels.

There are two types of objects that can hold rows in memory:

Memory-optimized tables
Memory-optimized table variables

Modifications to data in both types of objects will create row versions, and those row versions will of course consume memory. Unfortunately, row versions for memory-optimized table variables are not handled by the Garbage Collection process – the memory consumed by them is only released when the variable goes out of scope. If changes are made to memory-optimized table variables that affect many rows – especially if the table variable has a NONCLUSTERED index – a large amount of memory can be consumed by row versions (see Connect item here).

The Garbage Collection process

By default, the main garbage collection thread wakes up once every minute, but this frequency changes with the number of completed transactions.

Garbage Collection occurs in two phases:

Unlinking rows from all relevant indexes
Deallocating rows from memory

1. Unlinking rows from all relevant indexes

Before: Index references stale row versions

After: Index no longer references stale row versions. As part of user activity, indexes are scanned for rows that qualify for garbage collection. So stale row versions are easily identified if they reside in an active index range. But if an index range has low activity, a separate process is required to identity stale row versions. That process is called a “dusty corner” sweep – and it has to do much more work than the user activity processes to identify stale rows. This can affect the performance of Garbage Collection, and allow the footprint for the In-Memory engine to grow.

2. Deallocating rows from memory

Each CPU scheduler has a garbage collection queue, and the main garbage collection thread places items on those queues. There is one scheduler for each queue, and after a user transaction commits, it selects all queued items on the scheduler it ran on, and deallocates memory for those items. If there are no items in the queue on its scheduler, the user transaction will search on any queue in the current NUMA node that’s not empty.

If transaction activity is low and there’s memory pressure, the main garbage-collection thread can deallocate rows from any queue.

So the two triggers for Garbage Collection are memory pressure and/or transactional activity. Conversely, that means if there’s no memory pressure – or transactional activity is low – it’s perfectly reasonable to have row versions that aren’t garbage collected. There’s also no way to force garbage collection to occur.

Monitoring memory usage per table

We can use the sys.dm_db_xtp_table_memory_stats DMV to see how much memory is in use by a memory-optimized table. Row versions exist as rows in the table, which is why when we SELECT from the sys.dm_db_xtp_table_memory_stats DMV, the memory_used_by_table_kb column represents the total amount of memory in use by the table, which includes the amount consumed by row versions. There’s no way to see the amount of memory consumed by row versions at the table or database level.

SELECT CONVERT(CHAR(20), OBJECT_NAME(object_id)) 
      ,* 
FROM sys.dm_db_xtp_table_memory_stats

Monitoring the Garbage Collection process

To verify the current state of garbage collection, we can look at the output from the sys.dm_xtp_gc_queue_stats DMV. The output contains one row for each logical CPU on the server.

SELECT * 
FROM sys.dm_xtp_gc_queue_stats

If Garbage Collection is operational, we’ll see that there are non-zero values in the current_queue_depth column, and those values change every time we select from the queue stats DMV. If entries in the current_queue_depth column are not being processed or if no new items are being added to current_queue_depth for some of the queues, it means that garbage collection is not actively reclaiming memory, and as stated before, that might be ok, depending on memory pressure and/or transactional activity.

Also remember that if we were modifying rows in a memory-optimized table variable, Garbage Collection could not have cleaned up any row versions.

Blocking Garbage Collection

The only thing that can prevent Garbage Collection from being operational is a long running transaction. That’s because long running transactions can create long chains of row versions, and they can’t be cleaned up until all of the queries that reference them have completed – Garbage Collection will simply have to wait.

So – if you expect Garbage Collection to be active, and it’s not, the first thing you should check is if there are any long running transactions.

Summing up

Now you know about how the Garbage Collection process works for row versions, which types of memory-optimized objects you expect it to work with, and how to determine if it’s operational. There’s also a completely separate Garbage Collection process for handling data/delta files, and I’ll cover that in a separate post.

Backup and Recovery for SQL Server databases that contain durable memory-optimized data

7 Replies

With regard to backup and recovery, databases that contain durable memory-optimized tables are treated differently than backups that contain only disk-based tables. DBAs must be aware of the differences so that they don’t mistakenly affect production environments and impact SLAs.

The following image describes files/filegroups for databases that contain durable memory-optimized data:

Data/delta files are required so that memory-optimized tables can be durable, and they reside in Containers, which is a special type of folder. Containers can reside on different drives (more about why you’d want to do that in a bit).

Database recovery occurs due to the following events:

Database RESTORE
Database OFFLINE/ONLINE
Restart of SQL Server service
Server boot
Failover, including
- Availability Groups*
- Log Shipping
- Database mirroring

The first thing to be aware of is that having durable memory-optimized data in a database can affect your Recovery Time Objective (RTO).

Why?

Because for each of the recovery events listed above, SQL Server must stream data from the data/delta files into memory as part of recovery.

There’s no getting around the fact that if you have lots of durable memory-optimized data, even if you have multiple containers on different volumes, recovery can take a while. That’s especially true in SQL 2016 because Microsoft has raised the limit on the amount of memory-optimized data per database from 256GB to multiple TB (yes, terabytes, limited only by the OS). Imagine waiting for your multi-terabytes of data to stream into memory, and how that will impact your SLAs (when SQL Server streams data to memory, you’ll see a wait type of WAIT_XTP_RECOVERY).

*One exception to the impact that failover can have is when you use Availability Groups with a Secondary replica. In that specific scenario, the REDO process keeps memory-optimized tables up to date in memory on the Secondary, which greatly reduces failover time.

Indexes for memory-optimized tables have no physical representation on disk. That means they must be created as part of database recovery, further extending the recovery timeline.

CPU bound recovery

The recovery process for memory-optimized data uses one thread per logical CPU, and each thread handles a set of data/delta files. That means that simply restoring a database can cause the server to be CPU bound, potentially affecting other databases on the server.

During recovery, SQL Server workloads can be affected by increased CPU utilization due to:

low bucket count for hash indexes – this can lead to excessive collisions, causing inserts to be slower
nonclustered indexes – unlike static HASH indexes, the size of nonclustered indexes will grow as the data grows. This could be an issue when SQL Server must create those indexes upon recovery.
LOB columns – new in SQL 2016, SQL Server maintains a separate internal table for each LOB column. LOB usage is exposed through the sys.memory_optimized_tables_internal_attributes and sys.dm_db_xtp_memory_consumers views. LOB-related documentation for these views has not yet been released.

You can see from the following output that SQL 2016 does indeed create a separate internal table per LOB column. The Items_nvarchar table has a single NVARCHAR(MAX) column. It will take additional time during the recovery phase to recreate these internal per-column tables.

Corruption

Because they don’t have any physical representation on disk (except for durability, if you so choose), memory-optimized tables are completely ignored by both CHECKDB and CHECKTABLE. There is no allocation verification, or any of the myriad other benefits that come from running CHECKDB/CHECKTABLE on disk-based tables. So what is done to verify that everything is ok with your memory-optimized data?

CHECKSUM of data/delta files

When a write occurs to a file, a CHECKSUM for the block is calculated and stored with the block. During database backup, the CHECKSUM is calculated again and compared to the CHECKSUM value stored with the block. If the comparison fails, the backup fails (no backup file gets created).

Restore/Recovery

If a backup file contains durable memory-optimized data, there is currently no way to interrogate that backup file to determine how much memory is required to successfully restore.

I did the following to test backup/recovery for a database that contained durable memory-optimized data:

Created a database with only one durable memory-optimized table
Generated an INSERT only workload (no merging of delta/delta files)
INSERTed rows until the size of the table in memory was 20GB
Created a full database backup
Executed RESTORE FILELISTONLY for that backup file

The following are the relevant columns from the FILELISTONLY output. Note the last row, the one that references the memory-optimized filegroup:

There are several things to be aware of here:

The size of the memory-optimized data in the backup is 10GB larger than memory allocated for the table (the combined size of the data/delta files is 30GB, hence the extra 10GB)
The Type for the memory-optimized filegroup is ‘S’. Within backup files, Filestream, FileTable and In-Memory OLTP all have the same value for Type, which means that database backups that contain two or more types of streaming data don’t have a way to differentiate resource requirements for restoring. A reasonable naming convention should help with that.
It is not possible to determine how much memory is required to restore this database. Usually the amount of memory is about the same size as the data/delta storage footprint, but in this case the storage footprint was overestimated by 50%, perhaps due to file pre-creation. There should be a fix in SQL 2016 RC0 to reduce the size of pre-created data/delta files for initial data load. However, this does not help with determining memory requirements for a successful restore.

Now let’s have a look at a slightly different scenario — imagine that you have a 1TB backup file, and that you are tasked with restoring it to a development server. The backup file is comprised of the following:

900GB disk-based data
100GB memory-optimized data

The restore process will create all of the files that must reside on disk, including files for disk-based data (mdf/ndf/ldf) and files for durable memory-optimized data (data/delta files). The general steps that the restore process performs are:

Create files to hold disk-based data (size = 900GB, so this can take quite a while)
Create files for durable memory-optimized data (size = 100GB)
After all files are created, 100GB of durable memory-optimized data must be streamed from the data files into memory

But what if the server you are restoring to only has 64GB of memory for the entire SQL Server instance? In that case, the process of streaming data to memory will fail when there is no more memory available to stream data. Wouldn’t it have been great to know that before you wasted precious time creating 1TB worth of files on disk?

When you ask SQL Server to restore a database, it determines if there is enough free space to create the required files from the backup, and if there isn’t enough free space, the restore fails immediately. If you think that Microsoft should treat databases containing memory-optimized data the same way (fail immediately if there is not enough memory to restore), please vote for this Azure UserVoice item.

SQL Server log shipping within the AWS Cloud

4 Replies

Much of what you see in the blogosphere pertaining to log shipping and AWS references an on-premises server as part of the topology. I searched far and wide for any information about how to setup log shipping between AWS VMs, but found very little. However, I have a client that does business solely within AWS, and needed a solution for HA/DR that did not include on-premises servers.

Due to network latency issues and disaster recovery requirements (the log shipping secondary server must reside in a separate AWS region), it was decided to have the Primary server push transaction logs to S3, and the Secondary server pull from S3. On the Primary, log shipping would occur as usual, backing up to a local share, with a separate SQL Agent job responsible for copying the transaction log backups to S3. Amazon has created a set of Powershell functionality embodied in AWS Tools for Windows Powershell, which can be downloaded here. One could argue that Amazon RDS might solve some of the HA/DR issues that this client faced, but it was deemed too restrictive.

S3 quirks

When files are written to S3, the date and time of when the file was last modified is not retained. That means when the Secondary server polls S3 for files to copy, it cannot rely on the date/time from S3. Also, it is not possible to set the LastModified value on S3 files. Instead, a list of S3 file name must be generated, and compared to files that reside on the Secondary. If the S3 file does not reside locally, it must be copied.

Credentials – AWS Authentication

AWS supports different methods of authentication:

IAM roles (details here)
profiles (details here)

From an administrative perspective, I don’t have and don’t want access to the client’s AWS administratove console. Additionally, I needed a solution that I could easily test and modify without involving the client. For this reason, I chose an authentication solution based on AWS profiles that are stored within the Windows environment, for a specific Windows account (in case you’re wondering, the profiles are encrypted).

Windows setup

create a Windows user named SQLAgentCmdProxy
create a password for the SQLAgentCmdProxy account (you will need this later)

The SQLAgentCmdProxy Windows account will be used as a proxy in for SQL Agent job steps, which will execute Powershell scripts. (NOTE: if you change the drive letters and or folder names, you will need to update the scripts in this post)

from a cmd prompt, execute the following:

md c:\Powershell
md c:\Backups\logs

1 2	md c:\Powershell md c:\Backups\logs

Powershell setup

(The scripts in this blog post should be run on the Secondary log shipping server, but with very little effort, they can be modified to run on the Primary and push transaction log backups to S3.)

The following scripts assume you already have an S3 bucket that contains one or more transaction log files that you want to copy to the Secondary server (they must have the extension “trn”, otherwise you will need to change -Match “trn” in the script below). Change the bucket name to match your bucket, and if required, also change the name of the region. Depending on the security configuration for your server, you may also need to execute “Set-ExecutionPolicy RemoteSigned” in a Powershell prompt as a Windows Administrator, prior to executing any Powershell scripts.

After installing AWS Tools for Windows Powershell, create a new Powershell script with the following commands

import-module "C:\Program Files (x86)\AWS Tools\PowerShell\AWSPowerShell\AWSPowerShell.psd1"
Set-AWSCredentials -AccessKey <AccessKey> -SecretKey <SecretKey> -StoreAs default

1 2	import-module "C:\Program Files (x86)\AWS Tools\PowerShell\AWSPowerShell\AWSPowerShell.psd1" Set-AWSCredentials -AccessKey <AccessKey> -SecretKey <SecretKey> -StoreAs default

Be sure to fill in your AccessKey and SecretKey values in the script above, then save the script as C:\Powershell\Setup.ps1. When this script is executed, it will establish an AWS environment based on the proxy for the SQL Agent job step.

The next step is to create a new Powershell script with the following commands:

Set-StrictMode -Version Latest
import-module "C:\Program Files (x86)\AWS Tools\PowerShell\AWSPowerShell\AWSPowerShell.psd1"
Initialize-AWSDefaults -ProfileName default -Region us-east-1

$LSBucketName = "test-bucket"
$S3Objects = Get-S3Object -bucketname $LSBucketName
$FilesOfInterest = $S3objects | Select Key | Where-Object key -Match "trn"
$LogShippingFolder = "C:\Backups\LogShipping"
$ListOfCopiedFiles= @()

foreach ($S3File in $FilesOfInterest ) {
    
    $FileWeWant = $LogShippingFolder + "\" + $S3File.Key
    $LocalExists = Test-Path ($FileWeWant)

    if ($LocalExists -eq $false) {
        Copy-S3Object -BucketName $LSBucketName -Key $S3File.Key -LocalFile $FileWeWant
        $ListOfCopiedFiles = $ListOfCopiedFiles + $S3file.Key
    }
}

# set LastWriteTime on the files just copied, because S3 does not preserve it
Set-Location $LogShippingFolder
$Format = 'yyyyMMddHHmmss'

foreach ($FileItem in $ListOfCopiedFiles) {

    $File = Get-Item $FileItem 

    if ($File.Extension -eq ".bak" -or $File.Extension -eq ".dif" -or $File.Extension -eq ".trn") {
        
        $FileNameString = $File.BaseName.substring($File.BaseName.IndexOf("_") + 1)
        $FileNameDateTime = [DateTime]::ParseExact($FileNameString, $Format, [Globalization.CultureInfo]::InvariantCulture)

        if ($File.LastWriteTime -ne $FileNameDateTime) {
            $File.LastWriteTime = $FileNameDateTime
        }
    }
}

Set-StrictMode -Version Latest

import-module "C:\Program Files (x86)\AWS Tools\PowerShell\AWSPowerShell\AWSPowerShell.psd1"

Initialize-AWSDefaults -ProfileName default -Region us-east-1

$LSBucketName = "test-bucket"

$S3Objects = Get-S3Object -bucketname $LSBucketName

$FilesOfInterest = $S3objects | Select Key | Where-Object key -Match "trn"

$LogShippingFolder = "C:\Backups\LogShipping"

$ListOfCopiedFiles= @()

foreach ($S3File in $FilesOfInterest ) {

$FileWeWant = $LogShippingFolder + "\" + $S3File.Key

$LocalExists = Test-Path ($FileWeWant)

if ($LocalExists -eq $false) {

Copy-S3Object -BucketName $LSBucketName -Key $S3File.Key -LocalFile $FileWeWant

$ListOfCopiedFiles = $ListOfCopiedFiles + $S3file.Key

}

# set LastWriteTime on the files just copied, because S3 does not preserve it

Set-Location $LogShippingFolder

$Format = 'yyyyMMddHHmmss'

foreach ($FileItem in $ListOfCopiedFiles) {

$File = Get-Item $FileItem

if ($File.Extension -eq ".bak" -or $File.Extension -eq ".dif" -or $File.Extension -eq ".trn") {

$FileNameString = $File.BaseName.substring($File.BaseName.IndexOf("_") + 1)

$FileNameDateTime = [DateTime]::ParseExact($FileNameString, $Format, [Globalization.CultureInfo]::InvariantCulture)

if ($File.LastWriteTime -ne $FileNameDateTime) {

$File.LastWriteTime = $FileNameDateTime

}

Again you should substitute your bucket and region names in the script above. Note that after the files are copied to the Secondary, the LastModifiedTime is updated based on the file name (log shipping uses the UTC format when naming transaction log backups). Save the Powershell script as C:\powershell\CopyS3TRNToLocal.ps1

SQL Server setup

create a login for the SQLAgentCmdProxy Windows account (for our purposes, we will make this account a member of the sysadmin role, but you should not do that in your production environment)
create a credential named TlogCopyFromS3Credential, mapped to SQLAgentCmdProxy (you will need the password for SQLAgentCmdProxy in order to accomplish this)
create a SQL Agent job
create a job step, Type: Operating System (CmdExec), Runas: TlogCopyFromS3Credential

Script for the above steps

CREATE LOGIN [<DomainName>\SQLAgentCmdProxy] FROM WINDOWS 
CREATE CREDENTIAL TlogCopy WITH IDENTITY = '<DomainName>\SQLAgentCmdProxy', SECRET = '<SecretPasswordHere';
GO
sp_addsrvrolemember @loginame = [<DomainName>\SQLAgentCmdProxy], @rolename = 'sysadmin'
GO
USE msdb;
GO
EXEC msdb.dbo.sp_add_proxy @proxy_name=N'TlogCopyFromS3Credential',@credential_name=N'TlogCopy', @enabled=1;
GO
EXEC msdb.dbo.sp_grant_proxy_to_subsystem @proxy_name=N'TlogCopyFromS3Credential', @subsystem_id=3;
GO
EXEC dbo.sp_add_job
     @job_name = N'CopyTlogsFromS3'
    ,@enabled = 1
    ,@description = N'CopyTlogsFromS3';
GO
EXEC msdb..sp_add_jobserver 
 @job_name = 'CopyTlogsFromS3'
,@server_name = '(local)'
GO
EXEC sp_add_jobstep
     @job_name = N'CopyTlogsFromS3'
    ,@step_name = N'Copy tlogs from S3'
    ,@subsystem = N'CMDEXEC'
    ,@proxy_name = N'TlogCopyFromS3Credential'
    ,@command = N'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\powershell\Setup.ps1"';

CREATE LOGIN [<DomainName>\SQLAgentCmdProxy] FROM WINDOWS

CREATE CREDENTIAL TlogCopy WITH IDENTITY = '<DomainName>\SQLAgentCmdProxy', SECRET = '<SecretPasswordHere';

sp_addsrvrolemember @loginame = [<DomainName>\SQLAgentCmdProxy], @rolename = 'sysadmin'

USE msdb;

EXEC msdb.dbo.sp_add_proxy @proxy_name=N'TlogCopyFromS3Credential',@credential_name=N'TlogCopy', @enabled=1;

EXEC msdb.dbo.sp_grant_proxy_to_subsystem @proxy_name=N'TlogCopyFromS3Credential', @subsystem_id=3;

EXEC dbo.sp_add_job

@job_name = N'CopyTlogsFromS3'

,@enabled = 1

,@description = N'CopyTlogsFromS3';

EXEC msdb..sp_add_jobserver

@job_name = 'CopyTlogsFromS3'

,@server_name = '(local)'

EXEC sp_add_jobstep

@job_name = N'CopyTlogsFromS3'

,@step_name = N'Copy tlogs from S3'

,@subsystem = N'CMDEXEC'

,@proxy_name = N'TlogCopyFromS3Credential'

,@command = N'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\powershell\Setup.ps1"';

Change references to <DomainName> to be your domain or local server name, and save the script
Execute the job
Open the job and navigate to the job step. In the Command window, change the name of the Powershell script from Setup.ps1 to CopyS3TRNToLocal.ps1
Execute the job
Verify the contents of the C:\Backups\logs folder – you should now see the file(s) from your S3 bucket

Troubleshooting credentials

If you see errors for the job that resemble this:

InitializeDefaultsCmdletGet-S3Object : No credentials specified or obtained from persisted/shell defaults.

then recheck the AccessKey and SecretKey values that you ran in the Setup.ps1 script. If you find errors in either of those keys, you’ll need to rerun the Setup.ps1 file (change the name of the file to be executed in the SQL Agent job, and re-run the job). If you don’t find any errors in the AccessKey or SecretKey values, you might have luck with creating the AWS profile for the proxy account manually (my results with this approach have been mixed). Since profiles are specific to a Windows user, we can use runas /user:SQLAgentCmdProxy powershell_ise.exe to launch the Powershell ISE, and then execute the code from Setup.ps1.

You can verify that the Powershell environment uses the SQL proxy account by temporarily adding $env:USERNAME to the script.

S3 Maintenance

When you setup log shipping on the Primary or Secondary, you can specify the retention period, but S3 file maintenance needs to be a bit more hands on. The following script handles purging local and S3 files with the extension “trn” that are more than 30 days old, based on UTC file name.

Set-StrictMode -Version Latest
import-module "C:\Program Files (x86)\AWS Tools\PowerShell\AWSPowerShell\AWSPowerShell.psd1"
Initialize-AWSDefaults -ProfileName default -Region us-east-1

$S3BucketName = "test-bucket"
$S3Objects = Get-S3Object -bucketname $S3BucketName
$FilesOfInterest = $S3objects | Select Key, LastModified
$TRNFolder = "C:\Backups\LogShipping"

$Now = get-date
$TRNPurgeDate = $Now.AddDays(-30)

# We must jump through some hoops because the timestamp in S3 will not match UTC date/time value embedded in the trn file. 
# The date/time portion of the file name must be converted to a datetime value, so that we can compare it to $TRNPurgeDate

foreach ($S3File in $FilesOfInterest ) {
    
    if ($S3File.Key -match "trn") {
    
        $Trn = $S3File.Key
        $Underscore = $Trn.IndexOf("_") + 1
        $Period = $Trn.IndexOf(".")
        $fmt = 'yyyyMMddHHmmss'
        $DateTimeString = $Trn.Substring($Underscore, $Period - $Underscore)
        $DateTimeStringDateTime = [DateTime]::ParseExact($DateTimeString,$Fmt, [Globalization.CultureInfo]::InvariantCulture)
    
        if ($DateTimeStringDateTime -lt $TRNPurgeDate) {
            $S3File.Key
            Remove-S3Object -BucketName $S3BucketName -Key $S3File.Key -Force #-WhatIf
        }
    }
}

Set-Location $TRNFolder 

Get-ChildItem | foreach {
    if ($_.Extension -match "trn" -and $_.LastWriteTime -lt $TRNPurgeDate) {
        Write-Host "Deleting tlog $_"
        Remove-Item $_ #-WhatIf
    }
}

Set-StrictMode -Version Latest

import-module "C:\Program Files (x86)\AWS Tools\PowerShell\AWSPowerShell\AWSPowerShell.psd1"

Initialize-AWSDefaults -ProfileName default -Region us-east-1

$S3BucketName = "test-bucket"

$S3Objects = Get-S3Object -bucketname $S3BucketName

$FilesOfInterest = $S3objects | Select Key, LastModified

$TRNFolder = "C:\Backups\LogShipping"

$Now = get-date

$TRNPurgeDate = $Now.AddDays(-30)

# We must jump through some hoops because the timestamp in S3 will not match UTC date/time value embedded in the trn file.

# The date/time portion of the file name must be converted to a datetime value, so that we can compare it to $TRNPurgeDate

foreach ($S3File in $FilesOfInterest ) {

if ($S3File.Key -match "trn") {

$Trn = $S3File.Key

$Underscore = $Trn.IndexOf("_") + 1

$Period = $Trn.IndexOf(".")

$fmt = 'yyyyMMddHHmmss'

$DateTimeString = $Trn.Substring($Underscore, $Period - $Underscore)

$DateTimeStringDateTime = [DateTime]::ParseExact($DateTimeString,$Fmt, [Globalization.CultureInfo]::InvariantCulture)

if ($DateTimeStringDateTime -lt $TRNPurgeDate) {

$S3File.Key

Remove-S3Object -BucketName $S3BucketName -Key $S3File.Key -Force #-WhatIf

}

Set-Location $TRNFolder

Get-ChildItem | foreach {

if ($_.Extension -match "trn" -and $_.LastWriteTime -lt $TRNPurgeDate) {

Write-Host "Deleting tlog $_"

Remove-Item $_ #-WhatIf

}

Save the script, and create a SQL Agent job to execute it. You’ll also have to reference the proxy account as in the prior SQL Agent job.

Don’t forget

If you use log shipping between AWS VMs as outlined in this post, you will need to disable/delete the SQL Agent copy jobs on the Primary and Secondary servers.

Disaster Recovery

All log shipping described here occurs within the AWS cloud. An alternative would be to ship transaction logs to a separate storage service (that does not use S3), or a completely separate cloud. At the time of this writing, this blog post by David Bermingham clearly describes many of the issues and resources associated with HA/DR in AWS.

“Hope is not a strategy”

HA/DR strategies require careful planning and thorough testing. In order to save money, some AWS users may be tempted to create a Secondary instance with small memory and CPU requirements, hoping to be able to resize the Secondary when failover is required. For patching, the ‘”resize it when we need it” approach might work, but for Disaster Recovery it can be fatal. Be forewarned that Amazon does not guarantee the ability to start an instance of a specific size, in a specific availability zone/region, unless the instance is reserved. If the us-east region has just gone down, everyone with Disaster Recovery instances in other AWS regions will attempt to launch them. As a result, it is likely that some of those who are desperately trying to resize and then launch their unreserved Disaster Recovery instances in the new region will receive the dreaded “InsufficientInstanceCapacity” error message from AWS. Even in my limited testing for this blog post, I encountered this error after resizing a t1-micro instance to r2.xlarge, and attempting to start the instance (this error persisted for at least 30 minutes, but the web is full of stories of people waiting multiple hours). You could try to launch a different size EC2 instance, but there is no guarantee you will have success (more details on InstanceCapacity can be found here).

The bottom line is that if you run a DR instance that is not reserved, at the precise moment you require more capacity it may be unavailable. That’s not the type of hassle you want when you’re in the middle of recovering from a disaster.

I am indebted to Mike Fal (b) for reviewing this post.

Ned Otter Blog

SQL Server DBA and Musician

Category Archives: SQL Server

In-Memory OLTP relationship status: “it’s complicated”

Row version lifecycle for In-Memory OLTP

Backup and Recovery for SQL Server databases that contain durable memory-optimized data

SQL Server log shipping within the AWS Cloud