SQL Server – Database Engine and SSISDB Architecture Advice

clusteringhigh-availabilitysql serversql-server-2017ssis

I'm seeking some architecture advice involving the database engine and Integration Services components of SQL Server 2017. We have an existing SQL Server environment which is due for an upgrade and has historically been used in a less than ideal way. With an upgrade to a new SQL Server environment now on the horizon, as a systems administrator I want to use this opportunity to rethink the existing architecture to provide a more robust flexible environment going forward.

The Current Environment

A SQL Server 2012 Enterprise instance running on a 2-node Windows Failover Cluster. The database engine is clustered and DTS packages are stored in a clustered volume and these packages are executed as jobs via the SQL Server Agent. They do not use the explicit Integration Services component

The Problem

Staff who administer the data warehouse and create/manage the DTS packages have traditionally insisted on working directly on the clustered server nodes via RDP. This creates access issues with the systems admins who are responsible for the servers themselves. The data staff also require a variety of software tools which has led to persistent disk space issues over time. Additionally, many of these software tools are not cluster-aware and are only installed on one node, effectively leaving us with a crippled cluster right from the start. The result is that any time there is a planned or unplanned failover, there is pressure to get the original primary node back online asap because most jobs are failing because they rely on local software which is not cluster-aware.

A Proposed Solution

Install the database engine alone on its own cluster with no RDP access allowed by any staff. They will receive just the SQL Server clustered instance endpoint URL. Install the Integration Services component on a separate server and propose they begin using the SSISDB catalog to store their packages instead of the file system. My understanding is that there are many advantages to using the SSISDB.

Questions

This only shifts the RDP access issue to another server. Because the data staff collaborate in real-time on packages and rely on all the same software tools, they argue they must have direct access to the server in order to provide a shared identical environment. My belief is that there must be a more modern design approach where they can use their development tools on their local workstations and connect to SSIS using the SSMS, where the jobs will be published and scheduled/executed. Any software that packages rely on (ftp, ssh, perl, python, etc) would be installed and managed by server admins on the SSIS. Since packages would be stored in the SSISDB, there would no longer be a need for the shared storage which has traditionally housed the package files and this should remove the need for any direct RDP access. Is my belief logical or is there still some argument for data developers to have direct server access?
Now the SSISDB becomes a single point of failure since the packages are no longer part of the failover cluster as they traditionally have been. How would I build high availability into this component? I've read about SSIS Scale Out features but that seems more about balancing load rather than fault tolerance. I've begun reading about AlwaysOn availability groups, could that be a solution?

Any and all design advice is much appreciated. Thanks.

Best Answer

This is a culture change as much as it a process change, so having management support you will be important, and ultimately shield you from some level of technical resistance and aid in broadcasting how this strategic shift will improve the lives of everyone.

Before we get into the specific case of the SSIS Catalog, let’s look at an overview of your options to better arm you with the knowledge to communicate why developers should change their system:

File system
- Individual Package are stored on any folder, any location.
- No security, files can be modified by any user or process without prior knowledge and no process natively exists to prevent this from occurring.
- Not part of the regular backup schedule. System snapshots are not a viable backup and do not prevent accidentally modifications that can cause irreparable damage.
- Must manually organize packages and no ability to group packages outside physical location and/or documentation
- Forced to use Configuration Files to parameterize values
SSIS Package Store
- Packages by default are stored specific folder “C:\Program Files\Microsoft SQL Server\<SQL Version Compiled>\DTS\Packages”. Can be moved.
- Limited security; can be modified by elevated permissions
- Not part of any backup strategy outside system snapshots (again, NOT A VALID BACKUP SOLUTION)
- Can organize packages under Folders
- Cannot use roles to restrict access to packages from the SSIS Package Store
SQL Server (msdb)
- Packages are stored in msdb and can be exported to a file-share.
- Security is tied to access to msdb.
- System msdb is part of a valid backup solution.
- Cannot be added to an AlwaysOn solution
- Folders can be used to categorize
- Can use Roles to manage permissions in 2016+ that avoid using sysadmin. Integration Services Roles (SSIS Service) - MS Docs
SSISDB Catalog
- Packaged are stored exclusively inside SSISDB that is encrypted with a certificate
- Security is further strengthened by separate permissions and roles (see above link).
- SSISDB is part of a valid backup solution
- SQL Server 2016+ has added support for AlwaysOn! SQL Server 2016 HA Series Part 2 – SSIS and Availability Groups – Blogs Microsoft
- Mature management hierarchy that includes Parameters, Environments Variables.
- Offers Full integration with Visual Studio
- SQL Agent Jobs no longer directly use configuration file references or actual passwords (hope no one is doing this anyways) from being scripted out from SSMS.

Ultimately, you can decide what path will work for your organization. SSIS Catalog is one of several methods, so getting your management to support you in this endeavor will go a long way to making changes. After describing an example scheme for deployment, the rest of this post will highlights some Visual Studio Management and SSIS Catalog Tips.

An example scheme could be the following:

All new efforts will use [Visual Studio] 2017 or 2015 for backwards compatibility and SQL Server Data Tools - (Download SQL Server Data Tools (SSDT) - docs.microsoft.com). o note in VS 2019 they added this as a marketplace component)
projects will be saved in the code management folder (GitHub folder) so efforts are versioned or they will use the SSIS Catalog on a DEV environment, though ideally use the GitHub Repository.
Package components are installed on each node for Dev/Cert environments first. The Enterprise DBA assists in gathering these downloads in a single file-share for ease of access/ transportation to target clustered servers and ensures they are on each target server.

BONUS SECTION:

Visual Studio Management Tips:

Your Package depends on both the Deployment Version (must match Integration Services of SQL Server instance)

And the 32-bit/64-bit configuration depending on the components used.
1. In order to use the Parameters, you must either user a package “parameter” (not variables) or Project Parameter. You an use these to environmentally control what connections are used.

You can connect and deploy to your target location (it doesn’t HAVE to use the SSISDB)

SSISDB Catalog Management Tips:

1) You can Restore Versions with a click of a button to undo negative changes or even revert forwards!

2) You can manage project parameters, validate, control versions from SSMS. No VS required.

Configure the Environment Parameters from here:

Passwords, unlike in the SQL Server Agent jobs, are securely protected inside the SSISDB database.

Example:

EXEC @ReturnCode = msdb.dbo.sp_add_jobstep @job_id=@jobId, @step_name=N'<name of step>', 
        @step_id=1, 
        @cmdexec_success_code=0, 
        @on_success_action=3, 
        @on_success_step_id=0, 
        @on_fail_action=2, 
        @on_fail_step_id=0, 
        @retry_attempts=0, 
        @retry_interval=0, 
        @os_run_priority=0, @subsystem=N'SSIS', 
        @command=N'/ISSERVER "\"\SSISDB\Replication\SSISDB_Replication\SSISDB_Replication.dtsx\"" /SERVER <ServerName> /ENVREFERENCE 3 /Par "\"$ServerOption::LOGGING_LEVEL(Int16)\"";1 /Par "\"$ServerOption::SYNCHRONIZED(Boolean)\"";True /CALLERINFO SQLAGENT /REPORTING E', 
        @database_name=N'master', 
        @flags=0

3) Each SQL Server Agent Job then uses these parameters after you select the environments set.

Pick the Package Source SSIS Catalog.

Set the environment for your variables.

In most cases, the parameters will automatically be set.

4) Check what actually went wrong inside SSMS without resorting to RDPing into your server.

5) See performance between runs that uses real statistics!

Am I missing anything? Feel free to make this a community answer.

Related Solutions

Sql-server – Connect to SQL Server 2012 Database from 2008 Agent Job containing 2008 SSIS Package

Yes, most likely. This is a short answer, but it sounds like you are really just asking - Can a job on SQL Server 2008 calling an SSIS package built on 2008 connect to a database in SQL Server 2012 and do some work within that database?

SSIS can connect to many OLEDB/ODBC compliant connections. You could, for instance use an SSIS 2008 (or 2005 or 2012) Package to read data from one Oracle database, do some transformations and the write the results of that to another Oracle database, never talking to SQL except the SSIS engine.

So an SSIS package in 2008 should be able to work with a connection to 2012. Some caveats like - if you are using a deprecated command structure in an execute SQL task - it will fail.. Or test it and verify first. But this should work, if you are just asking if - from within the SSIS package can I talk to SQL Server 2012.

Sql-server – Relating ExecutionInstanceGUID to the SSISDB

Too much for a comment, but trying something. From the msdn page of that system table catalog.executions I get:

execution_id - bigint - The unique identifier (ID) for the instance of execution.

From this article - SSIS 2012 – View Connection Manager Information for Past Executions - I understand that:

SSIS 2012 provides a new system variable, ServerExecutionID, for your use inside packages, so if you do any custom logging/notifications it is a good variable to include as it will be a direct pointer to the catalog views that we’ll use to find connection string information. ... Catalog.executions contains one row per execution. This is where we’ll filter by execution_id.

With a sample query of:

DECLARE @execution_id BIGINT = 41753; -- Your execution_id/ServerExecutionID goes here.
SELECT e.package_name,
        e.start_time,
        e.end_time,
        e.status,
        emc.package_path,
        CAST(emc.property_value AS VARCHAR(1000)) AS connection_string
   FROM catalog.executions e
   JOIN catalog.event_messages em
     ON e.execution_id = em.operation_id
   JOIN catalog.event_message_context AS emc WITH (FORCESEEK)
     ON em.event_message_id = emc.event_message_id
    AND emc.property_name = 'ConnectionString'
    AND emc.context_type = 80 -- Connection Managers
  WHERE e.execution_id = @execution_id;

What I don't see is your ExecutionInstanceGUID in this table. What I see, though, is this ancient Connect item where there's the following story:

SSIS RunningPackage.InstanceID != System::ExecutionInstanceGUID though they should be equal.

So my conclusion is that ExecutionInstanceGUID is not related to execution_id, but some InstanceId column, in case you might have one in the SSISDB.

Best Answer

Related Solutions

Sql-server – Connect to SQL Server 2012 Database from 2008 Agent Job containing 2008 SSIS Package

Sql-server – Relating ExecutionInstanceGUID to the SSISDB

Related Question