A New Word: the Kinder Surprise

the kinder surprise – . the point in your early adolescence when you realize that your parents are muddling through their lives the same as you; that many respectable adults are not less lost than you and your friends, no less petty and obsessive and insecure, which makes you wonder if there are no real adults, because such a thing never actually existed, except in bedtime stories.

I am not an adolescent, but I realized this early in my career, while working with some other technologists that I expected to know a lot more than I did and be more aware of things they should do to either advance their careers or improve their skills.

Over the last ten years, more and more I find that most people aren’t really strong, self-confident adults in all aspects of their lives. They might be at home, or at work, or on a sports field, or while playing an instrument, but in some of those areas they are insecure.

Or lost, or obsessive, or anything else.

I’ve tried hard to be honest with my kids as they were growing up, letting them know I’m fallible and unsure sometimes. At the same time, I try to help them develop confidence and show when I have that.

And explain that confidence isn’t’ arrogance. Being confident doesn’t mean I’m sure I’m right about something, but rather I know the pros/cons and what this means in my life. What effects my decisions have and I choose to make them, knowing there is both an upside and downside.

Few people have figured out most of their life. Many might have figured out little and aren’t really that much different from a teenager.

From the Dictionary of Obscure Sorrows

Posted in Blog | Tagged , | Leave a comment

The Dangers of Dependencies

Many of us working with databases know the problems of a single point of failure. We build HA/DR technologies into a lot of systems precisely because many of us know if the database goes down, a lot of stuff goes down. Broken software is easier to fix and rollback, but a broken database can be a much bigger problem.

We also know an overloaded server doesn’t handle a workload well, hence our quest for well-written SQL code, but we often lose that battle with developers.

In any case, as we move to a world where AI technology is used by many organizations, who often have a contract with a vendor to provide services, there is a potential issue. Imagine that you’ve setup workflows, maybe agentic loads and you depend on a company, say Anthropic, to provide those services. What if your organization gets banned?

That happened to a company (reported on Reddit). A user got a note from Anthropic, but his entire organization got banned. That’s quite a dependency where a user in your company could cause an issue. In some sense, that’s like someone in your company sending an email that gets your organization’s email blacklisted or has Google/Microsoft/etc. cutting off access. Imagine the disruption there?

Some of these companies providing AI services aren’t that large, and aren’t suited for the enterprise. Some of you are using vendors that might be contracting with these AI firms. Imagine your monitoring, DevOps, etc. service suddenly not working because they lost access to their AI services?

I’d like to assume this doesn’t happen with the very large cloud vendors, but who knows. I’d like to think that not only enterprises, but even smaller companies don’t lose access because of the actions of one person. Or if they do, there’s any way way to get a response from customer service. However, I also know that Google, Amazon, and Microsoft have made it harder to get an answer from a real person.

I didn’t talk about this recently when presenting on local AI models, but I think the future might be companies having more control over their AI tech, running them the same way we run servers in the cloud, in IaaS, with more effort required, but more controllable by the organization.

Steve Jones

Listen to the podcast at Libsyn, Spotify, or iTunes.

Note, podcasts are only available for a limited time online.

Posted in Editorial | Tagged | Leave a comment

A Cloud Dependency Failure from Amazon

I went to sleep while reading a Kindle book on my phone. I know because my hand dropped and the phone knocked me in the forehead. I set it on the nightstand and went to sleep again.

I woke up and was planning on reading for a few minutes before starting my Monday. When I opened the Kindle app, it asked me to log in. When I did, Amazon said my account was locked and I needed to check an email. I did, and found one from Amazon.co.uk questioning a purchase I made and asking for me to very an order number and the last 2 digits of a card to charge.

I wasn’t sure what to do, but since my wife was complaining about her Audible account, I knew I needed to do something.

I didn’t like the email for multiple security reasons, including not giving me a way to verify the email online. Checking Amazon’s help page said I should have a link in the email to a form. Even when I called the Amazon help line, they said I should have a link when I logged in to do so. I didn’t on either the .com or .co.uk sites, but Amazon Customer Service eventually unlocked my account.

I wrote about Dependencies in today’s editorial, inspired by this story and the Reddit story linked in there about losing access to Claude. That’s scrary, especially in this new automated world where AI agents might be examining activity and undertake this type of action to prevent other issues. It’s an overreaching type of judgment that starts to expose the dangers of a highly interconnected world.

I get Amazon might want to ensure my purchase was legitimate and perhaps prevent future orders, but also locking my content away (books, movies, audio, etc.) because of a shopping issue seems extreme.

It’s certainly my issue, and I’m not sure how I untangle things for the future, but it does make me think about limiting dependencies a bit more in the future. Or at least understanding the dangers of too much on one service.

Whether that’s the books I read or the services my company gets from any one vendor.

Posted in Blog | Tagged , , , | Leave a comment

Who is Using CAGs?

While talking to a customer a few weeks ago, they mentioned that they used Contained Availability Groups (CAG) everywhere. They also said they were amazing and wondered why everyone wasn’t using them in other environments. Of course, I questioned the “everywhere”, which turned out to be more of a default for new systems than a standard across all systems. That’s likely true of most things since it’s rare we get to update/patch/set something across an environment of any size and ensure every system is the same.

Still, setting a CAG as a default makes some sense for enterprises. This ensures that in an HA situation I have my logins, jobs, etc. already on a secondary node. That’s been one of the challenges of using lightly linked systems that only sync up database level information. Log shipping, Replication, Availability Groups can all work to keep a secondary ready to take over, but they all miss information that is stored in master or msdb.

That’s the stuff we have to sync manually. It can be done, but it’s work. We’ve had numerous articles at SQL Server Central on syncing logins and other objects outside of your database.

Today I wonder how many of you are using CAGs in your environment? As the default for new systems? Moving all ones to this setup?

Or do you even know about them? They are relatively new, since SQL Server 2022, and I have to admit I’ve heard relatively little about them in the community or from customers. Many people use Availability Groups, but not many seem to use Contained Availability Groups.

Maybe another question is would you want to use them? There are a few things you have to consider and they can be slightly tricky, but they do some reduce some of the work when you have failovers. Of course, like any other technology, you need to test that your failovers work and you understand  the ins and outs of how they work, just in case that switch isn’t as smooth as you expect.

It should be, but sometimes things break. If they do, you want to ensure you, or someone on your staff, knows how to fix them.

Steve Jones

Listen to the podcast at Libsyn, Spotify, or iTunes.

Note, podcasts are only available for a limited time online.

Posted in Editorial | Tagged , , | Leave a comment