Docker SQL Containers, EKM, and Secure Credentials

Containers continue to make their way into enterprise use, all this article studies how a Fortune 500 financial services firm is applying SQL Server containers in an enterprise Extensible Key Management system for encryption, with secure consumption of encrypted credentials in some secrets store. Full disclosure, I am a principal at Windocks, a provider of an independent port of Docker’s source to Windows, which is a general purpose database cloning solution. The approach outlined here can be applied to both Windocks SQL Server containers and Microsoft’s SQL Server containers.

This looks at a 500 GB SQL Server TDE enabled database, served comprising a SQL Server database clone. Clones deliver full read/write operations within minutes, and use only 40 MB of storage. Clones excellent supporting development, QA, as well as reporting and BI, along with the approach outlined today runs on any public cloud or private infrastructure.
SQL Server TDE Enabled Database Clones

SQL Server cloned environments contain a single database or a lot of databases, many of which may be encrypted a few not. The cloned environment is made with appropriate user/group permissions and includes data masking and additional preparations throughout the image build. Only one full byte copy was made as a parent image, and that’s cloned and delivered within minutes. Database clones depend on Windows Virtual Drives, either locally or on SMB or NFS network attached file shares.

As soon as we restore an encrypted backup or mount a TDE enabled database with the idea to Windocks SQL Server containers or Docker SQL Server containers, we come across SQL Server error 15581, “create or restore the Master Encryption Key prior to performing this operation.” So that they can work with a TDE enabled database image, the containers are enabled together with the Master Encryption Key prior to when mounting the TDE enabled database.

Identical process may very well be supported by using Pure Storage or even Storage Arrays (SANs), by automating the delivery for a SAN snapshot. They can be a popular approach and doesn’t have an effect on workflow described below. We’ll explore how containers suggest to a new method to working with SANs in an exceedingly future article.
SQL Server Containers With TDE Encryption

Windocks SQL Server containers were created by cloning a lot installed SQL Server instance, and inherit parents instance Master database configuration including the Master Encryption Certificates. The most recent container necessitates Master Encryption Certificate be refreshed, to take care of the SQL error 15581 remarked above. We do this by using the following SQL script.

The crucial element to making this work is the script has to be run right before mounting the encrypted databases. Windocks supports domination of SQL script operations by applying file extensions. Scripts with .sqlsys extensions are run in advance of mounting the databases, while .sql scripts are pursuit databases are mounted. This permits the Master Encryption Certificate that should be regenerated prior to attempting accomodate the TDE enabled database.

The full process is accomplished which also has a dockerfile. Step 1 might be the >docker build is submitted mainly because of the client, additionally the container is provisioned (Step 2). Then, the TDE.sqlsys script is run (Step 3), and the cloned database environment is mounted (The pictures).

In practice, most operate with a clonable database image, and therefore the dockerfile captures these types of steps in two lines. The particular name, tdeclone_1_30, specifies the SQL Server version, and cloned databases that need be mounted. These clones works extremely well with any SQL Server application environment (Docker SQL containers and conventional instances).

Supporting Secure Credentials Inside a EKM System

Extensible Key Management is usual in financial service organizations that be based upon Vormetric and other encryption systems for enterprise-wide solutions. The systems involve the usage VM level credentials, and also advent of short-lived containers raises the question: “How will a team use credentials securely during container provisioning?”

For almost any involves an encrypted key store and environment variables. Windocks supports encrypted secrets which are decrypted for use from the Windocks service. Each secret’s stored and referenced by having an environment variable:


Having the EKM user credentials encrypted, they might be used securely in building containers. File extensions are widely used to recognize scripts that incorporate user credentials, if you plan .sqlsysrunas or .sqlrunas.

Conclusions and Next Steps:

Combining SQL Server containers with database cloning provides fast delivery of complete environments, for development, QA, reporting, and BI. A good environment accompanied by a Terabyte class database is delivered in roughly 45 seconds as well as being an ideal on-ramp for developer self-service in conjunction with a significant start toward modernizing full stack software development. The processes outlined in this post are an effective addition to every enterprise infrastructure it really is the logical starting place for modernization workflows involving SQL Server.

Information highlights how containers are usually now being adapted to pay enterprise needs, for example the secure like encrypted secrets, and sequential therapy of container build operations. Windocks is the general purpose SQL Server cloning tool with support specifically with Windocks containers, or Microsoft’s official Docker SQL containers and conventional instances.

Windows because of the numbers: Windows 10 posts strongest share gains since mid-2016

Windows 10 added more user be part of January vs any month since mid-2016, consistent with web analytics vendors Net Applications, the manufacturer said the previous week.

Data published Feb. 1 as a result of California-based Net Applications indicated that Windows 10 had accumulated 1.4 percentage points of user share – the amount of all notebook computer owners who ran the main system – during January, ending the month powering 34.3% inside the world’s PCs and 39.1% of most those systems building a flavor of Microsoft’s OS. (The moment number is larger than the first because Windows included 88.8% of all operating systems, not 100%.)

Windows 10’s increase was its largest since August 2016, that the November 2017 drop of 2.7 points is ignored. Aforementioned was a part of an across-the-board revamp of Net Applications’ data, formulated to purge the amount of bogus traffic originating from criminals’ “bots,” consequently was not evidence of a sudden rush to Windows 10.

Meanwhile, Windows 7, the still-stalwart OS on the enterprise, ditched seven-tenths on the percentage time in January to publish a user share of 42.4% of the most PCs, like 48.3% for these running Windows.

The movements of Windows 7 and Windows 10 are of paramount importance to Microsoft at this moment, as the company titans stop supporting hmo’s in January 2020. Within next two yrs, Microsoft will push, nudge, prod, exhort, even threaten, users to receive them to dump Windows 7 and move to Windows 10. How well the firm accomplishes that task will affect both its paycheck and reputation.

Using the 12-month averages of Windows 7’s and Windows 10’s user share changes, Computerworld revised its cross-over forecast. That cross-over – when Windows 10’s share ly Windows PCs exceeds Windows 7’s – provides early as August, 1 month before the previous estimate. Around the 12-month trend, Windows 10’s share that month will reach 41.3%, while Windows 7’s will slip to 41.2%.

Inside of this linear projection, Windows 7 will boast a customer share in excess of 32% in January 2020. At this time, Windows 10 should power approximately 59% of all of the Windows laptop and desktop PCs.

However, it is very unlikely that the particular real growth of Windows 10’s share and the diminished pool of Windows 7 users will track this model: Platforms aren’t adopted or discarded in this straightway fashion. Instead, the migration rate often accelerates being the end-of-life date in the older OS approaches.

Regardless, Net Applications’ data illustrates the trouble that Windows 7’s stubbornness represents. That the forecast is set in any way around accurate, millions of machines is definitely running Windows 7 come January 14, 2020, your day Microsoft serves up the previous security update for the OS. In turn, that could create enormous opportunities for hackers competent to exploit vulnerabilities designed to never be patched.

This latest forecast claimed that Windows 7’s remainder-at-retirement could well be larger than XP’s at its official demise in April 2014. Then, Windows XP accounted for about 29% in all copies of Windows worldwide, or several percentage points below what the current estimate for Windows 7.

Elsewhere in Net Applications’ January data, the visitor share for Apple’s macOS climbed by nine-tenths from the percentage point, an improvement on a scale not seen since April 2016 (again, aside from the November 2017 bot scrubbing). The boost put macOS from an even 10% with the global laptop computer operating system user share, a milestone for Apple and then the 34-year-old Macintosh.

Another storage system, Ireland’s StatCounter, painted a new picture.

In step with StatCounter, Windows 10’s usage share – a measurement of activity in contrast to of users – exceeded Windows 7’s for January, edging away the older computer system for the first time. StatCounter recorded Windows 10’s usage share at 42.8%, Windows 7’s at 41.9%.

StatCounter ballyhooed the cross-over moment. “This is regarded as a breakthrough for Microsoft,” said Aodhan Cullen, is found in CEO, inside statement. But Cullen also noted that Windows 7 “retained loyalty especially amongst business users,” implying that although 10 is now offering the upper hand, there’s large numbers of machines that still face an OS upgrade before 2020.

Microsoft to Destroy Windows 10 S as Separate OS Version

Microsoft launched Windows 10 S with much fanfare the year before, targeting the education sector with features which are supposed to make this particular SKU healthier and faster rrn comparison to the full type of the OS.

However, Microsoft did allow Windows 10 S customers to upgrade to Windows 10 Pro absolutely free on its own devices, and then in exchange for a small fee on third-party models.

Windows 10 S, however, won’t be offered as a good separate type of Windows 10, influenced by a recent report, rather be integrated wealth Windows 10 SKU and activated automagically on devices in which supposed to run it.

It means that pretty much every sort of Windows 10 will secure the S Mode, as compared with Windows 10 Pro mainly because it was your outcome until now considering that release of the OS.
“Users love Windows 10 S”

Thurrott writes that users running Windows 10 Home and Education will be allowed to upgrade from the S Mode to the full version of the operating-system free of charge. To the contrary, customers with Windows 10 Pro and S Mode enabled will have to pay $49 for switch to the full OS.

Microsoft will likewise sell the S Mode in the direction of partners, and so the same report adds that Windows 10 Pro S would be offered in the Core, Value, Entry, and Small Tablet SKUs. This indicates Core+ and Workstations won?¡¥t know how to have the S Mode enabled on devices.

Windows 10 S is installed automagically on Microsoft?¡¥s personally own Surface Laptop, that could be upgraded to Windows 10 Pro with very little extra cost.

Based upon stats cited with the aforementioned source, Microsoft claims more than 60 percent of users that purchase third-party devices run by Windows 10 S continue this version, despite being just apps for the Microsoft Store.

Windows 10 vs Windows 7: Has Microsoft’s newest OS just reached a turning point?

Some two and half years after its first release, Windows 10 has finally overtaken Windows 7 in worldwide usage.

That’s in line with web analytics firm StatCounter, which puts Windows 10’s share of Windows PCs at 42.78 percent, right before Windows 7’s 41.86 percent.

Windows 10, this was first released in July 2015, has climbed from 32.84 percent in January 2017, while Windows 7 declined from 47.46 percent at that time.

In terms of user numbers, Microsoft in November said 600 million Windows 10 devices ended up active in the previous 28 days, 100 million a lot more nine months earlier. However, that figure includes tablets, phones, and Xbox consoles.

As folks that track Windows marketshare closely know, you will find several sources that serves these figures but they always differ a consequence of different methodologies and various sources of web traffic.

The other oft-quoted analytics firm, NetMarketShare, reports Windows 7 on an eight percent lead over Windows 10, the gap has closed from Twenty percent a year ago.

As ZDNet’s Ed Bott has previously explained, NetMarketShare aims to measure daily unique users within its network, while StatCounter measures total traffic. NetMarketShare also weights the info by country, whereas StatCounter doesn’t.

Meanwhile, government entities analytics portal says 21.3 percent of 2.59 billion visitors in the past one year used Windows 10, in comparison to 19.8 percent Windows 7 devices. It’s an even split between US and international visitors.

As StatCounter notes, you’ll discover geographical variations in when Windows 10 overtook Windows 7. In America and the UK, Windows 10 took charge in January 2017 and June 2016, respectively.

In Europe the crossover happened in March 2107, while Windows 7 is still equipped with a 15 % and Thirty percent lead over Windows 10 in Asia and India, respectively.

Another figure Microsoft likes you is how many Windows 10 users are running up to date version, the Windows 10 Fall Creators Update.

As reported by AdDuplex, as of January, 74 percent of Windows 10 users are on the latest version, in addition to 17 percent around the Creators Update.

Essential group still holding Windows 7 are Microsoft’s enterprise customers, which Microsoft hopes it would likely encourage to upgrade for Windows 10’s superior security that it really is argued on numerous occasions could possibly have protected businesses from last year’s WannaCry and NotPetya cyberattacks.

With its latest pitch, it said from June to November 2017, Windows 7 devices were 3.4x more likely to encounter ransomware than Windows 10 devices.

Nonetheless, StatCounter CEO Aodhan Cullen described Windows 10 surpassing Windows 7 as an effective “breakthrough for Microsoft”.

“Windows 10 was published at the end of July 2015 and Microsoft would be pleased to have put its Windows 8 experience behind it,” he wrote.

“However, Windows 7 retains loyalty, especially among business users. Microsoft could well be hoping may possibly replace it a lot faster than XP, launched instruction online August 2001, which only fell below 5 % usage worldwide in June of 2017.”

Microsoft SQL Operations Studio eases SQL Server admin tasks

SQL Operations Studio simplifies routine administration of SQL Server and Azure SQL databases, making database development and management easier for users who aren’t full-time DBAs.

Microsoft SQL Operations Studio is mostly a free database development and management tool for working with SQL Server…

and Azure SQL databases. Despite the fact that tool remains to be in preview mode as these writing, it already offers a robust environment — but one that’s meant to be used by what Microsoft calls nonprofessional database administrators

SQL Ops Studio, like the tool is informally known, supports many of the same features even though the more sophisticated SQL Server Management Studio (SSMS). However, Microsoft designed it to simplify nearly all the basic tasks performed by database administrators (DBAs), making routine database operations easier for developers as well as other stand-in DBAs who might not be as comfortable with SQL Server as full-time admins are.

Initially made available in November 2017, Microsoft SQL Operations Studio can connect to SQL Server instances running on Windows and Linux computers or within Docker containers. The tool, which runs on Windows, macOS and Linux clients, could also be used to manage Azure SQL Database and Azure SQL Data Warehouse implementations on Microsoft’s cloud platform.

Microsoft forked SQL Operations Studio from Visual Studio Code, a cross-platform source code editor that serves currently being a lightweight counterpart to Visual Studio, a bit like the database tool does to SSMS. Built around a microservices architecture for increased extensibility, SQL Ops Studio provides a user-friendly environment with extensive support for customizable keyboard shortcuts.

SQL Operations Studio’s user interface

Users can access most features using the left management panes or directly through shortcut keys. They should then perform more detailed operations while in the main window, which displays multiple tabs specific to individual database operations.

Just like, the screenshot image below shows Microsoft SQL Operations Studio of your Servers pane displayed on the left side inside the user interface and two tabs open contained in the main window. The displayed tab is going to be management dashboard relating to the SQL Server instance; the second one, visible only mainly because of the tab itself, is a T-SQL query editor, like the query tabs in SSMS.

The user interface includes five management panes that users access coming from a left menu bar.

Servers: A hierarchical tree for accessing server and database objects, similar to Object Explorer in SSMS.
Task History: A history of recent activity, which includes database backups or restores.
Explorer: Mapped folders and opened tabs, just like the dashboard and query tabs through the image.
Search: Tools for searching or replacing text in open editor tabs.
Source Control: An interface to a Git version control system, if SQL Ops Studio is connected to one.

The left menu bar also includes a Settings option to access the features needed to configure the environment, modify shortcut keys, select themes and execute other tasks. Through the bottom menu bar, users can access several additional features, including an integrated terminal that supports command-line tools, including Bash and PowerShell, plus sqlcmd, bcp and ssh.

Managing and querying in SQL Ops Studio

SQL Operations Studio provides a wide range of options for viewing information about servers as well as the databases on them, or perhaps managing connections and components. Just like, from the Servers pane, users can undo or delete connections, refresh the object tree or individual nodes, script table definitions, and directly update table data.

The Servers pane also enables users to launch server or database dashboard tabs that provide additional options for viewing information and carrying out administrative tasks. Upon the server dashboard, for example, users can restore and search databases or launch database dashboards. Along the latter, they can back up databases, search tables, generate table creation scripts or edit a table’s data.

Users build and run queries on individual query tabs in Microsoft SQL Operations Studio, similar to in SSMS. Also like in SSMS, a user can automatically generate a SELECT statement that retrieves the highest 1,000 rows originating from a SQL Server database table or view.

If your query is run, SQL Operations Studio displays three panes in an exceedingly stack. The T-SQL statement runs out of your top pane, the query results are shown around the middle pane and system messages to the query are displayed during the bottom pane.

From the results pane, users can click a button to save the returned data to some CSV, XLSX or JavaScript Object Notation (JSON) file. The query results is additionally viewed in various instances of charts, which can be copied within the clipboard or saved towards PNG file.

Widgets add visual insight on systems

Additionally, users can create an insight widget dependant upon the T-SQL query and a selected chart type. Insight widgets are charts and graphs that display information about aspects of your server or its databases, typically using ability to drill into more detailed data. The widgets are auto-generated JSON snippets that may possibly be added into SQL Ops Studio’s configuration file, and then to a new dashboard.

Microsoft also provides several prebuilt insight widgets. E . g ., the server dashboard includes the Database Size widget, with a bar chart that shows the usage of a particular server’s data storage capacity.

Microsoft SQL Operations Studio also includes features for working with T-SQL code. Such as, if a user right-clicks the name from the table in a T-SQL statement and selects Peek Definition, the tool will display a pop-up window that shows the table’s definition. Should the user instead selects the Have a look at Definition option, the definition will open in any separate tab.

Another useful feature is definitely the T-SQL code snippet library, which users can access from any line for the top query pane. To retrieve a code snippet, a user need only start typing sql, followed by a statement type. Here is an example, if the user types sqladd, the sqladdcolumn option pops up. If the user then clicks that option, SQL Ops Studio will add an ALTER TABLE statement with the editing tab, complete with placeholder code for defining a new column.

Because Microsoft SQL Operations Studio is free, users who don’t need every one of the functionality in SSMS have little burning by trying it out. Also, given that SQL Server 2017 can run on Linux and in Docker containers, it’s now possible to host and manage a SQL Server instance entirely within a non-Windows environment — a significant milestone in your evolution of both SQL Server and Microsoft.

Baby Steps: Windows 10 Closer to be World’s Top Desktop Operating System

New data shows that Windows 10 advances towards its goal of becoming the world’s number one desktop operating system, but at first glance, it does it rather slowly.

NetMarketShare numbers for that month of January show that Windows 10 got closer to Windows 7 in terms of global market share, assuming the same trend is maintained, there’s a decent chance a switch of places happens at the second half of your year.

Specifically, Windows 10 improved from 32.93% market share in December 2017 to 34.29% in January 2018, while Windows 7 dropped from 43.08% to 42.39%. The gap between the two has thus been reduced basically 8.1%, down from no less than 10.15% while in the last month of 2017.
“Other Windows versions”

The other desktop operating systems are way behind leaders Windows 7 and Windows 10, with Windows 8.1 through the third place thanks to its market share of 5.56%, down from 5.71% in December.

The good news is that Windows XP is additionally declining at a much faster pace than before, possibly thanks onto the Meltdown and Spectre fiasco, as its share dropped from 5.18% in December to 4.05% the last month.

The top non-Windows desktop operating system within the January 2018 charts is macOS 10.13 using a share of 4.01%, while Linux is now at 1.38%.

Overall, Windows continues to become the preferred choice about the desktop with a total share of 87.79%, followed by macOS with 9.95% and Linux with 1.93%.

The somewhat worrying news for Microsoft is that while Windows loses ground, Apple’s macOS keeps growing. Apple’s desktop operating system improved 0.93% the last month, while Windows dropped 0.72%. Linux fell 0.19% the last month.

At this point, Microsoft is working for the next Windows 10 update codenamed Redstone 4 and projected to launch within your spring. Windows insiders might be the first to receive it, followed from the production ring in April.