Presentation is loading. Please wait.

Presentation is loading. Please wait.

Configuration Set values for parameters Central connection manager configuration Advanced property override functionality Security.

Similar presentations


Presentation on theme: "Configuration Set values for parameters Central connection manager configuration Advanced property override functionality Security."— Presentation transcript:

1

2

3

4

5

6

7

8

9

10

11

12

13 Configuration Set values for parameters Central connection manager configuration Advanced property override functionality Security Encryption of projects and parameter values Row-level security to control access to packages Management Interactive package execution and SQL Agent integration Dashboard and built in reports for troubleshooting

14

15 SQL Server Instance SSIS Server SSIS Catalog DeployManageSecurityValidateExecute IS Objects Security Operation logs State Execution Process Execution Control Components PowerShellSSMSDeployment WizardApplication OM: Manage OM: ProjectOM: ManageOM: Project Runtime

16 SSISDB Provides a set of stored procedures and views for managing, configuring, executing and monitoring SSIS packages deployed to the SSIS Catalog The Catalog schema is designed for customer use, and is a supported API Contains views, stored procedures, and functions The Internal schema is neither public nor supported Contains base tables and lower-level objects All projects and sensitive values are encrypted Protected by a pair of certificate and symmetric key Utilizes the built-in SQL Server encryption infrastructure http://blogs.msdn.com/b/mattm/archive/2012/03/23/ssis- catalog-backup-and-restore.aspx http://blogs.msdn.com/b/mattm/archive/2012/03/23/ssis- catalog-backup-and-restore.aspx Important: Backup the database master key! Whatever you do using SSMS can be scripted either using T-SQL or PowerShell

17 Tables Views SSISDB Stored Procedures SQLCLR Assembly ISServerExec.exe Microsoft.SqlServer.IntegrationServices.Server. Shared.dll Functions 42 store procedures 25 views 3 functions 1 trigger 1 SQL CLR assembly Public objects: Internal Catalog Triggers

18 Client SQL Server instance Entry point: T-SQL sp Invoked CLR sp Return success/fail Throw if errors occur External Process ISServerExec Client SQL Server instance Invoked CLR SP Return success/fail Throw if errors occur Create process by impersonating caller of the stored proc Either Asynchronous or Synchronous T-SQL sp (entry point) T-SQL sp invokes managed sp T-SQL sp (entry point) T-SQL sp invokes managed sp Managed sp creates external process by impersonating caller of sp Client SQL Server instance T-SQL sp Return success/fail Throw if errors occur T-SQL sp CASE ACASE BCASE C Entry point: T-SQL sp

19 Service Master Key Database Master key Project Certificate Project Certificate Environment Certificate Execution Certificate Project Symmetric key Environment Symmetric key Execution Symmetric key Project Parameter values Environment values Execution Parameter values Supported 'TRIPLE_DES_3KEY', 'AES_128', 'AES_192', 'AES_256' T-SQL functions: EncryptByKey; DecryptByKey Note: We do not support sensitive data with length > 8000 SET @key_name = 'MS_Enckey_Proj_'+CONVERT(varchar,@project_id) SET @certificate_name = 'MS_Cert_Proj_'+CONVERT(varchar,@project_id) OPEN SYMMETRIC KEY key_name DECRYPTION BY CERTIFICATE certificate_name SELECT parameter_name, DECRYPTBYKEY([sensitive_parameter_value]) FROM internal.[object_parameter_values] WHERE [project_id] = @project_id CLOSE SYMMETRIC KEY key_name

20

21

22

23 Groups of packages (anywhere)Projects Sales HR HR DW project SAP migration project Configurations x\y\MyTask\Server = “TestServer” x y Parameters HR DW project ServerName is StringBatchNumber is Int32

24 CLR Cryptography Service Master Key Database Master key Project Certificate Project Certificate Project Symmetric key key internal. catalog_encryption_keys TripleDESCryptoServiceProvider AesCryptoServiceProvider(192) AesCryptoServiceProvider(128) AesCryptoServiceProvider(256) Project binary

25

26

27

28

29

30

31 SSISDB ISServerExec.exe – External host for SSIS package operations (deploy, validate and execute) ISServer Assembly UNSAFE Assembly granted to ##MS_SQLEnableSystemAssemblyLoadingUser## Created from Microsoft.SqlServer.IntegrationServices.Server.dll SQLCLR stored procedures used for Deploy, validate, and execute require impersonation when starting external process IPC communication with ISServerExec ISServerExec Processes

32 SSISDB Logging Events Writes back to SSISDB events that are produced during package execution ISServerExec SSIS Events SqlConnection Named Pipes Named Pipe Server IPC between ISServerExec and Stored Procedures CLR stored procedure sends command to ISServerExec Examples Get me all the per-instance performance counters Stop Operation Create execution dump ISServerExec Performs the operation Sends back information via named pipes

33 SSISDB EXEC [SSISDB].[catalog].[create_execution]… EXEC [SSISDB].[catalog].[set_execution_parameter_value] @execution_id, … EXEC [SSISDB].[catalog].[start_execution] @execution_id ISServerExec Named Pipe Server SSIS Events catalog.executables catalog.executable_statistics Updated when the OnPostExecute event for each component if fired

34 OM/Engine ISServerExec Named Pipe IDTSEvents ISServerExec.exe Events Listener ADO.Net SqlServr.exe Tables Components Views Reports TVFs SSISDB Log Provider IDTSLogging CreateProcessAsUser API

35

36

37 Built-In Reports ValidatePre ExecuteProcessInput Post Execute SELECT package_name, task_name, subcomponent_name, SUM(DATEDIFF(ms,start_time,end_time)) as active_time, DATEDIFF(ms,min(start_time),max(end_time)) as total_time FROM catalog.execution_component_phases WHERE execution_id = 1841 GROUP BY package_name, task_name, subcomponent_name, execution_path ORDER BY package_name, task_name, subcomponent_name, execution_path Component Timing & Row Counts

38

39

40

41

42 WITH DiagnosticExTable (EventMessageID, EventName, MessageSourceName, XmlData) AS ( SELECT event_message_id,event_name,message_source_name,cast( message as xml) FROM catalog.event_messages m WHERE m.operation_id = 16 AND m.event_name = 'DiagnosticEx' ) SELECT EventMessageID,Eventname,MessageSourceName, parameter.value('declare namespace DTS=''www.microsoft.com/SqlServer/Dts''; (@DTS:ObjectName)[1]','nvarchar(260)') as ParameterName,parameter.value( 'declare namespace DTS=''www.microsoft.com/SqlServer/Dts''; (DTS:Property/text())[1]', 'nvarchar(256)') as ParameterValue FROM DiagnosticExTable CROSS APPLY XmlData.nodes('declare namespace DTS=''ww.microsoft.com/SqlServer/Dts''; (/DTS:ParameterValues/DTS:PackageParameter)') as PackageParameter(parameter)

43 SSISDB SELECT * FROM catalog.dm_execution_performance_counters ( ) ISServerExec SSIS Events Named Pipe Server What are the values for the Perf Counters? Perf Details Results

44 ISServerExec EXEC catalog.create_execution_dump @execution_id = 88 SSISDB SSIS Events Named Pipe Server Create execution Dump DumpFile Pause running package Dump Resume running package

45 Data Tap Files -- Create the data tap on a data flow path in the package exec catalog.create_execution … exec catalog.add_data_tap @execution_id, '\Package\DFT Load Dim Vendor', 'Paths[SRC DimDCVendor.OLE DB Source Output]', 'DCVendorOutput.csv' exec catalog.start_execution @execution_id …

46

47

48

49

50 Windows Azure

51 http://microsoft.com/msdn www.microsoft.com/learning http://channel9.msdn.com/Events/TechEd http://microsoft.com/technet

52

53

54

55

56 SSISDBSSISDB (1) Named pipe client ISServerExec.exe (2) Named pipe server (3) pipe (5) Stop execution Create dump Query perf data Perf data (4) Listen to the command (6) Perform action (4) Listen to the command (6) Perform action You can use pipelist.exe to check the named pipe used

57 Created (1) Pending (5) Running (2) Stopping (8) Canceled (3) Success (7) Completed (9) Failed (4) Unexpected Termination / Crash (6) catalog.start_execution catalog.create_execution catalog.stop_operation ISServerExec Unexpected Crash

58 SSISDB

59

60

61

62

63 Securable Permissions ReadModifyExecuteManage Permission Create NewRead ObjectsModify Objects Execute Objects Manage Objects Permission Folder ⦁⦁ ⦁⦁⦁⦁⦁⦁ Project ⦁⦁⦁⦁ Environment ⦁⦁ ⦁ Operation / Execution ⦁⦁ ⦁ Troubleshooting Permissions Check explicit (raw) permission entries from view [catalog].[explicit_object_permission] Effective (valid) permission is a computation result from explicit permission items: [catalog].[effective_object_permissions] The server does not check permissions if a user is sysadmin/ ssis_admin

64


Download ppt "Configuration Set values for parameters Central connection manager configuration Advanced property override functionality Security."

Similar presentations


Ads by Google