Creating a SQL Clone Agent and a First Image

Posted on August 6, 2020 by way0utwest

In a previous post, I set up the SQL Clone server. This is really a metadata store and web front end, but it does no real work. The Agent service, which is installed on each SQL Server instance that will work with clones, does the work.

This post looks at installing the agent and then creating the first image and clone of a database.

Downloading the Agent

To get a SQL Clone agent, you need to have access to the SQL Clone Management server. This is a web application, with a URL that defaults to the name of the machine where you installed the server and port 14145. You do not have to be logged into this machine, but rather, logged into a machine with SQL Server that you need an agent on.

For me, I installed this on Aristotle, so I go to:

http://aristotle:14145/dashboard/

The Getting Started screen appears, which we saw in the last post. I want to click the “Download agent”.

2020-07-30 16_29_56-SQL Clone

This downloads a file, but before I run this, I need a service. On the Agent installation doc page, you see some architecture. While I am using the same machine, for many PoCs, I’d likely have installed the server on a central machine, such as the SRV-SQLCLONE machine in the image below.

2020-07-30 16_45_51-Artboard 12.png (5334×3334)

In many POCs, my laptop, or some shared development SQL  Server instance, is represented by SRV-HC1-SQL1 above. This is where I connect to as a developer and deploy clones. Or maybe I need an agent on my local workstation, WKS-DEV-01.

In any case, I need a service to run the agent. While I could use my local account, I don’t recommend this. I really want a separate account. Get in this habit. Learn to use Group Managed Service Accounts or deal with separate domain service accounts.

For me, I use SQLCloneAgent on each machine that runs as an agent, so I’ll create that account.

2020-07-30 16_48_28-New User

This does need some special Windows permissions. The install will allow it to be a service, but this does need to be an admin to use the Virtual Disk Service. Let’s ensure this is working.

2020-07-30 16_50_56-SQLCloneAgent Properties

This account also needs read/write access to the share, so I’ll alter the share with permissions to allow read and write.

2020-07-30 16_51_46-

This does need SQL Server permissions. This agent will create and drop databases regularly on the local SQL Server instance, and so it needs to be able to do that and manage those items. While you may be able to get away with CREATE DATABASE permissions, the documentation notes this account needs sysadmin privileges.

It might seem that create/alter any database is sufficient, but that’s not the case. The agent checks this access, so grant this.

With the account created and the permissions on the share, let’s install the agent.

Installation

This is a standard Windows install process. There is a procedure for a silent install, but I’ll do this interactively. Double clicking the downloaded EXE runs the install.

2020-07-30 16_57_32-Redgate SQL Clone Agent

When this completes, I get the config process.

2020-07-30 16_57_48-SQL Clone Agent Setup

Clicking Continue asks for my service account.

2020-07-30 16_58_07-SQL Clone Agent Setup

In a moment, if I’ve typed the credentials correctly, I see this.

2020-07-30 16_59_06-SQL Clone Agent Setup

In Services, I see this running. Note, the Clone Management services happens to be here, but this isn’t required. This could be on another machine.

2020-07-30 17_00_20-Services

In the settings of the SQL Clone application, I can see my agent listed. In fact, as you add new agents, their version and status is listed.

2020-07-30 17_01_00-SQL Clone

This is working, so let’s proceed.

Creating a Cloned Database

Once I have an agent, the Getting Started flow has a new option: Create an image.

2020-07-30 17_03_08-SQL Clone

I click this and I need to pick a source. I’ll pick an existing database on this instance, so I select “SQL Server”.

2020-07-30 17_03_14-SQL Clone

This gives me two dialogs. I enter a SQL Server name, and SQL Clone will check that my agent has sysadmin access. Once it does this, I can select a database on this instance.

2020-07-30 17_07_10-SQL Clone

I click Continue to set up modifications. The main purpose of SQL Clone is to allow you to use full size production databases in development, by saving space and masking out PII data. This is a test, and I’m picking a dev database to make an image, so I’ll leave this alone and move on.

2020-07-30 17_08_38-SQL Clone

I need to select a location for my image. In this case, I’ll enter the share I created in the first post.

2020-07-30 17_09_54-SQL Clone

Now I need to enter the name for this image and check that I have what I wanted to be entered.

A word on naming. I know some people will name these with dates, which I used to do. However, for the most part you will have 2-3 images for any database in rotation.

2020-07-30 17_11_14-SQL Clone

When I click create, this starts running. I can see some progress on the dashboard. In this case, this is a 10MB database, so it runs quickly. When the creation is done, the dashboard updates with the activity item in the upper right, and I can see the image at the bottom.

2020-07-30 17_11_50-SQL Clone

I can see my image in the share. This is a VHD in a folder, and I don’t want to mess with this. I can see the size, however, which is my data size.

2020-07-30 19_34_07-simpletalk_current_00000001_see

This is an image, but I don’t have a database, so let’s quickly deploy a clone. On the left menu of SQL Clone, let’s click Create Clone. This gives me a place to select an image (of which I only have one now).

2020-07-30 19_34_45-SQL Clone

I can  modify this during deployment, but let’s skip that.

2020-07-30 19_35_17-SQL Clone

Next I need to pick an instance to deploy this clone on. I’ll pick my local instance.

 

Once I do that, I give this a name. This is the database name I see in SSMS.

2020-07-30 19_36_04-SQL Clone

I create this, and I see it in SQL Clone:

2020-07-30 19_36_50-SQL Clone

and SSMS:

2020-07-30 19_37_00-SQLQuery4.sql - ARISTOTLE_SQL2017.master (ARISTOTLE_Steve (55))_ - Microsoft SQL

Summary

That’s a quick look at getting an agent installed and testing it’s working with an image and clone. I can now work with the SimpleTalk_Test database as I would any other. Once I’ve tried something, I can get rid of it and recreate it easily, or create copies if I want to test multiple things.

SQL Clone is a valuable tool that changes the way you work with databases, allowing developers and automated systems to work from a known base for their code changes. With frequent recreations of updated images after deployments, you can always be sure that your developers have a consistent foundation.

Try SQL Clone today if you are looking for a way to consistently and easily deploy databases for your developers.

Posted in Blog | Tagged , , | 1 Comment

Security for 2FA

Posted on August 6, 2020 by way0utwest

I got a new mobile device recently and despite the restore from backup, I still had to perform quite a few setup chores. Reconnecting various apps to services by logging in was time consuming, but simple. A password manager was useful here, since I have different passwords everywhere. I set that application up first and then proceeded from there.

The only trouble I really had was with Outlook and mail. I have an IMAP provider for one account and Outlook doesn’t make it easy to figure out where to change the settings for this. The second issue was with my corporate mail, which is secured with a 2FA connection through Duo.

This is a technology that doesn’t use text, but has an application on devices and pushes a notification to them. I get a push when I log onto corporate assets from my PC, and I have to approve a login from my mobile. This prevents sum of the sim hijacking that can occur, where someone might have access to my SMS messages. It also prevents a lazy guy with Google Messages from getting a code on the same device rather than walking to the other room to get my phone an ensure I have it.

I had to get help from our admins with the new device, despite having the old device connected and able to approve the connection. I had thought this would work, but there was some issue with Duo. On one hand, maybe this is good that it isn’t simple and I can’t quickly approve a new device, in that it prevents someone from stealing my identity on a cloned device. On the other, in an organization of any size, where mobiles might change constantly, this feels like a time sink.

This might not be an attack vector to be worried about, but I think it’s better to be safer here than we might need. I do think that good security is worth some hassle. I don’t really complain about having to periodically re-authenicate, the requirement for strong passwords, and I love having 2FA enabled on many services. I hope we continue to find more and stronger methods of protecting individual and corporate data, along with more respect for the rights of humans whose data is being captured and used by most organizations. I also hope that we continue to improve the security options in SQL Server, including adding 2FA.

Steve Jones

Listen to the podcast at Libsyn, Stitcher or iTunes.

Posted in Editorial | Tagged | Comments Off on Security for 2FA

Daily Coping 6 Aug 2020

Posted on August 6, 2020 by way0utwest

I started to add a daily coping tip to the SQLServerCentral newsletter and to the Community Circle, which is helping me deal with the issues in the world. I’m adding my responses for each day here.

Today’s tip is to try a new recipe or food.

I realize that not everyone likes to cook. I know some of you don’t even love food like I do. However, we all eat, and food can bring joy to your life, whether that’s ordering something different from a restaurant or preparing something new.

My wife got me to watch Chef, which was quite enjoyable for me. When we finished, she said she’d never had a Cuban sandwich. I was surprised, thought not as surprised as her. I’ve had them numerous times when I’ve visited places with lots of Cuban food, like Miami.

I would have made her one, but before I could, we were out one day and decided to look for Cuban food. We found a place and she tried one. I did, too Winking smile

In any case, I also ordered some other items. I got some Maduros and a Palermo. I hadn’t tried those before, though I have had plantains in some recipes. I enjoyed these much more, and I’ll be looking for some recipes to try at home to expand my cooking.

Posted in Blog | Tagged , , | Comments Off on Daily Coping 6 Aug 2020

Without PASS, Our Community is Worse Off

Posted on August 6, 2020 by way0utwest

This year the PASS Summit is virtual. I’m speaking, as a donation, and Monica Rathbun has written some thoughts on the event. I’m hoping that attendance is high enough to enable to organization to survive beyond 2020.

You can help by registering for the event. There are lots of great sessions, and some wonderful pre-cons.  I want to do a pre-con, but I’m struggling to pick one. I need to decide soon, and 2 pre-cons alone is about what the entire conference costs. I’m going to get some training at a good cost, but also support the organization and pre-con speakers.

PASS Brings Us Together

I have a bit of a like/dislike relationship with PASS. It’s not much stronger than that, but I have struggled to support them at times, for various reasons.

However, as I talked about the organization with a friend, we both agreed that PASS, however flawed they are, makes our community better. From user groups to SQL Saturdays to the Summit, they have fostered an environment that brings us together.

Certainly volunteers make user groups and virtual groups go. Organizers keep things on track and speakers make the events worth attending. SQL Saturdays are almost completely driven by people in the community. Even the great networking experiences at the Summit are largely driven by speakers and volunteers that openly great people, put on events like Game Night, the Photowalk, and SQL Karaoke.

It’s us that makes things special. It’s not the PASS staff or the Board of Directors or a conference.

It’s us. Each of us, engaging with each other.

At the same time, I think that without PASS providing the central place we congregate, that marketing can focus on (mostly community marketing), and giving some financial or other resource support, I’m not sure how well things would go.

I think we’re worse off if PASS fails. In some sense, I hate writing that sentence.

Is the Summit Worth It?

Training typically costs $400-700 a day, depending on who you go to. Online training might be worth less, or feel that way, but a lot of full classes cost this much. If that’s the case, then the $999 bundle, which includes 2 pre-cons is worth the cost. Heck, 2 pre-cons are $800, and it’s only $200 more for the Summit included.

To support PASS, get other sessions, and keep alive an amazing event that has likely helped you in your career, and by proxy, your employer, I think it’s worth it.

Forget about Microsoft and Amazon doing their large conferences for free. They lose money anyway on those events, spending hundreds of thousands, or millions, on Ignite, ReInvent, or something else for marketing. The DevOps Enterprise Summit, the Pass Summit, and others can’t survive without some revenue. Apples and oranges trying to compare these.

I think the cost for the Summit is fair. Maybe it should be $100 more or less, but I wouldn’t quibble about that. If you’ve enjoyed the Summits, if you’ve learned, support PASS if you can. I think the two pre-cons are a good value, and I would emphasize that to your boss.

Two full days of intense training from experts, then 3 more days available for a year. That’s not a bad deal to sell to the boss.

Once in a Lifetime

This pandemic is a once is a lifetime event. I hope.

To me, this is like the hurricane that nearly destroyed PASS in its early years. Kevin Kline makes a case that we should step up because of the nature of these difficult events. I tend to agree, though clearly PASS has struggled through some difficult times.

I don’t know if I would continue to support this as a virtual event in the future. I have to see how this year goes. I don’t know if the way that the PASS organization is structured or handles finances makes sense. I’ll give them a pass this year and come December we can review and debate this.

I don’t remotely think PASS handles communication, transparency, and governance well. My view is the culture and BoD has failed miserably here for over a decade.

I’ll still support them this November and give them a chance to improve.

Now is the time, in my opinion, to support PASS. We can push for change in December, but for now, I think the world is better with PASS in it, and we, as members, should support the organization.

Posted in Blog | Tagged , | 7 Comments