The Blast Radius of a database

This week's editorial is a guest post from Phil Factor.

Just occasionally, journalists whose eloquence greatly exceeds their understanding of technology write inflammatory articles about the impending obsolescence of the 'monolithic' relational database in favor of distributed, fault-tolerant database systems.

The idea of the database being an essentially vulnerable component resonates with our culture. Nobody argues when we blame the database, so it has become the classic call-center excuse, 'sorry but the database has gone down'. This feeds into the myth of its fragility, perpetuated by the hotheads of distributed architectures.

Certainly, a relational database is by necessity a single point of failure, if your business is unlikely to be able to function if it fails. In recent history, though, a complete failure of a system is very rarely due to a 'monolithic RDBMS'. It is much more likely, in the cold light of day, to be due to the network, system architecture or application design. Much has happened with the industry-strength RDBMSs in the past ten years to make them intrinsically resilient. Even if there is down-time, many software devices have been contrived to make partially-connected computing practicable. There is still a potential for failure, but judging from the publicly-reported incidents, the aging monolith of legend is no longer one of the usual suspects.

It is a bad idea for a single system failure to have a large impact on the business. In Software Engineering, there is the idea of resiliency and availability: limiting the 'blast radius' of any incident such an error, or fault. The whole idea of failover clustering is based on these principles. The major commercial RDBMS are designed for resilience in the light of their potential blast radius.

It would seem to be commonsense to deal with the risk of blast radius by increasing resilience. With the aircraft industry, where the pioneering work on resilient architectures was done, it is a simple decision. It is almost never a good idea to shut down a computer system entirely in-flight. It is always better for the computer systems to 'stagger on bleeding' to avoid a 'blast' happening.

Surprisingly perhaps, the same isn't always true in other sectors of industry. In commerce, trading and financial services, it isn't quite so clear-cut. In the case of a database, for example, some incidents require you to take the database offline to prevent the damage from cascading. If a fault exposes a vector for fraud, for example, you leave the database working at your peril. These are all issues that must be determined when the system is designed, but in those cases where swift action must be taken, then a resilient, monolithic architecture may be easier to 'orchestrate', in that it is easier to turn off the service in a coordinated way.

Like most good things in life, resilient systems require a great deal of conscious effort. For the application developer, it means a far more rigorous discipline in handling exceptions, and in the design of the systems that monitor and control the applications. There is no free lunch to be had by, say, adopting microservices or putting your databases in the cloud: you still have to consider the intricacies of service registries, software circuit breakers and bulkheads. Radical alternative designs need very smart architectural decisions.

Phil Factor

Join the debate, and respond to the editorial on the forums

On occasion you have to find means to get around an issue. John Morehouse shows why Robocopy can be a useful tool in testing circumstances.

Once in a while you might need to make common changes to a lot of SQL Server Agent Jobs.

You know what it’s like, you need to fail your AG over but is it safe to fail over? Even if your AG says it is, there are other thing to consider...

Achieving minimal logging with INSERT...SELECT can be a complicated business.

Gail Shaw keeps seeing this in all sorts of places. People getting an unexpected result when working with a subquery, typically an IN subquery, and assuming that they’ve found...

James Serra talks about where you should you clean your data when building a modern data warehouse in Azure.

Learn how to generate custom T-SQL SELECT statements in Biml by using the column method GetColumnList with its parameters.

One of the most profound challenges faced by technology companies today is talent. According to the latest Harvey Nash survey, 65% of CIOs believe that a shortage of tech skills is affecting their ability to respond to change.

Andy Leonard on finding the time to keep up with learning and avoiding time sinks.

Redgate are inviting senior data professionals to attend one of the upcoming SQL in the City Summit events taking place in May and June. If you’re interested in learning how your business can benefit from implementing Compliant Database DevOps this event is for you. Find out who’s presenting and register for a Summit near you today.

Ever since the GDPR was introduced, the subject of data breach notifications has worried a lot of people. How do you write one? What do you need to include? What will the ramifications be? Will it make your customers run for the hills? Will it get you fired?

To better understand influence attacks, the Berkman Klein Center for Internet & Society proposed an approach that models democracy itself as an information system and explains how democracies are vulnerable to certain forms of information attacks that autocracies naturally resist.

Politico has a long article making the case that the lead GDPR regulator, Ireland, has too cozy a relationship with Silicon Valley tech companies to effectively regulate their privacy practices.

Companies across the world are at different stages of experimenting with data and realizing what kinds of decisions can be made via deep analysis. Since these trials and realizations are happening at differing speeds, and often start from scratch within each organization, there are significant disparities in maturity between otherwise similar organizations.

"How do I restore a SQL Server backup to a previous version of SQL Server?" is a commonly-asked question. The answer, of course, is you don't - but if you must, there may be some solutions.

There is a lot of confusion when it comes to designing tables in SQL Server around whether to pluralize names or not. How do you choose whether to pluralize or not?

While architecting cloud native applications, you need to ensure that your system is highly available, performant, scalable, fault tolerant, and has the capability to recover from a disaster scenario. In this article, Samir Behara discusses the options available when designing the database architecture to achieve scalability.

An emerging discipline called DataOps is taking a page out of the DevOps playbook. The latter is all about accelerating the time to software delivery, and the former about accelerating data flow. And just as DevOps replaces the waterfall method of software delivery, DataOps replaces the waterfall approach of delivering data to the data consumer.

Kendra Little gets a bit closer to a meaningful definition of automation, as it applies to the software development process.

Processor-based licensing means selecting hardware carefully for good performance.

A comprehensive high-level run-down of in-memory systems.

When you build a VM for SQL Server in Amazon EC2, Azure VMs, or Google Compute Engine, it’s all too easy to overlook the CPU speeds that you’re getting.

Patrick leBlanc shows the magic of getting cross-report drillthrough working in Power BI.

In this article, you will learn about one of the most important properties of a relationship called Cardinality.

Over the last six months, Microsoft have been hard at work integrating PowerShell Core with Azure Functions 2.x.

Through this guide, you’ll learn how to capture a few SQL Server configurations and manipulate the data by using PowerShell.

The hackers collected usernames, hashed passwords and in some cases GitHub and Bitbucket access tokens used to access repositories on the popular Git platforms many developers use for version control.

The more Grant Fritchey reads about data breaches, the more he realizes: It’s You. It’s your fault.

Brent Ozar asks if you can tell if each of these SQL Server bugs is brand-new, or almost 20 years old.

Tuesday May 21 4-5 PM BST / 10-11 AM Central - Hear from the IT team at PASS, how they introduced compliant database DevOps to meet advancing data protection legislation worldwide.

Monday May 20 4-5 PM BST / 10-11AM Central - Discover how data privacy legislation is changing around the world since the introduction of the GDPR one year ago.

Wednesday May 8, 4PM-5PM BST / 10AM-11AM CDT - Discover how transitioning from shared database development to individual development environments is easier than ever thanks to database virtualisation and source control technology.