Книга: Mastering VMware® Infrastructure3

Working with Microsoft SQL Server Databases 

Working with Microsoft SQL Server Databases 

In light of the existing widespread deployment of Microsoft SQL Server 2000 and Microsoft SQL Server 2005, it is most common to find SQL Server as the back-end database for VirtualCenter. This is not to say that Oracle does not perform as well or that there is any downside to using Oracle. Microsoft SQL Server just happens to be implemented more commonly than Oracle and therefore is a more common back-end for VirtualCenter. 

Using SQL Server 2005 Express Edition 

With the introduction of VirtualCenter 2.5, SQL Server 2005 Express Edition is now the minimum database available as a back-end to VirtualCenter. In fact, SQL Server 2005 Express Edition has replaced the MSDE option for demo or trial installations.

Microsoft SQL Server 2005 Express Edition, like MSDE, has physical limitations that include:

? 1 CPU maximum

? 1GB of maximum of addressable RAM

? 4GB database maximum

Large virtual enterprises will quickly outgrow these SQL Server 2005 Express edition limitations. Therefore, you might assume that any virtual infrastructures using SQL Server 2005 Express Edition are smaller deployments with little projections, if any, for growth. VMware suggests the use of SQL Server 2005 Express Edition only for VI3 deployments with 5 or fewer hosts and 50 or fewer virtual machines. 

Connecting VirtualCenter to a Microsoft SQL Server database, like the Oracle implementation, requires some specific configuration steps. The SQL Server computer must be configured in Mixed Mode authentication, as shown in Figure 5.5. This setting allows authentication to be performed by either Windows or SQL Server (see the sidebar “Windows Authentication vs. SQL Server Authentication”). Once you configure the SQL Server to allow the appropriate authentication, you must create a new database for VirtualCenter. Finally, you must create a SQL Server user account that has full access to the database you created for VirtualCenter. You can easily set the appropriate permissions for the account by making the account a member of the db_owner database role, as shown in Figure 5.6.


Figure 5.5 Using SQL Server 2000 or SQL Server 2005 requires that the database server allow Windows and SQL Server Authentication. 

Take these steps prior to creating the ODBC connection to the SQL Server database. Using SQL Server 2005 requires not only that the account have dbo (db_owner) privileges, but that the account created actually own the database. In addition, the account used by VirtualCenter to access the SQL Server 2005 database must have membership in the db_owner database role in the msdb for the duration of the installation process. Figure 5.7 shows the creation of a new SQL Server 2005 database with the default owner changed to a custom SQL Server user account. 


Figure 5.6 The user account VirtualCenter uses to access the back-end SQL 2000 Server database requires database owner privileges to build the table structure and populate the tables with data. 


Figure 5.7 SQL Server 2005 databases used by VirtualCenter must be owned by the account Virtual-Center uses to connect to the database.

 SQL Server 2005 Permissions 

Not only will most database administrators cringe at the thought of over extending privileges to a SQL Server computer, it is not good practice to do so. As a best and strong security practice, it is best to minimize the permissions of each account that access the SQL Server computer. Therefore, in the case of the VirtualCenter 2.5 installation procedure, you will need to grant a SQL Server user account the db_owner membership on the MSDB database. However, once the installation is complete this role membership can be removed, and should be removed. Normal day-to-day operation of and access to the VirtualCenter database does not require this permission. It is a temporary requirement needed for the installation of VirtualCenter 2.5. 

If you have an existing SQL Server 2005 database that needs to be used as the back-end for VirtualCenter, you can use the sp_changedbowner stored procedure command to change the database ownership accordingly. For example, EXEC sp_changedbowner @loginame='vcdbuser', @map=' true' would change the database owner to a user account named vcdbuser.

Windows Authentication vs. SQL Server Authentication 

Microsoft SQL Server, both the 2000 and 2005 versions, supports two methods of authentication: Windows and SQL Server. While a default installation of SQL Server will allow only the Windows authentication method, this setting can be changed and in some cases, as with VirtualCenter, must be changed. Figure 5.8 shows a SQL Server 2005 server configured to allow Windows and SQL Server authentication, or what is often called Mixed Mode authentication.

Windows Authentication, as the name implies, involves authentication at the operating system level. The Windows operating system checks the username and password for a user attempting to use SQL Server. The SQL Server then only looks at the user's identity, including group memberships, to determine the level of access allowed to the SQL Server.

SQL Server authentication removes the Windows aspect of the authentication leaving the SQL Server to check the requesting user's username and password. SQL Server authentication is most commonly used when connecting non-Windows clients to a SQL Server database.

SQL Server 2000 and SQL Server 2005 can be configured to allow Windows-only authentication or to allow Windows and SQL Authentication (Mixed Mode), but there is no way to enforce a SQL Server authentication-only mode. 

The configuration necessary to allow VirtualCenter to communicate with SQL Server is not an uncommon one and should result in little resistance from seasoned database administrators. In some cases, however, company policy may prevent the use of SQL Server authentication on specific SQL Servers or perhaps entirely. In this case, administrators might have to install and configure a new SQL Server computer or SQL instance to host the VirtualCenter database. If your company policy does not allow SQL Authentication to be used anywhere on the network, you will have to install SQL Server on the same computer as VirtualCenter. Figure 5.8 illustrates the scenarios in which VirtualCenter and SQL Server can communicate.


Figure 5.8 Authentication from VirtualCenter to SQL Server must use SQL Authentication for a SQL Server user account; however, if VirtualCenter and SQL Server are on the same computer, a Windows user account can be used for authentication.

VirtualCenter Authentication to SQL Server 

VirtualCenter will only support the Windows Authentication method to a SQL Server if VirtualCenter and SQL Server are installed on the same computer. 

Once your database is setup you can create the ODBC connection to be used during the VirtualCenter Server installation wizard. If using SQL Server 2000, the ODBC connection can be created with the SQL Server driver. However, using SQL Server 2005 requires use of the SQL Native Client. Figure 5.9 shows both options available in the Create New Data Source wizard.


Figure 5.9 ODBC connections to SQL Server 2005 require the SQL Native Client driver.

If you do not find the SQL Native Client option during the creation of the ODBC Connection string you can download it from Microsoft's Web site or install it off of a SQL Server 2005 installation CD-Rom.

On the server where VirtualCenter will be installed perform the following steps to create an ODBC connection to a SQL Server 2005 database:

1. Open the Data Sources (ODBC) applet from the Administrative Tools menu.

2. Select the System DSN tab.

3. Click the Add button.

4. Select the SQL Native Client from the list of available drivers and click the Finish button. If the SQL Native Client is not in the list it can be downloaded from Microsoft's Web site.

5. The Create New Data Source to SQL Server dialog box will open. In the Name text box, type the name you want to use to reference the ODBC connection. This is the name you will give to VirtualCenter to establish the database connection.

6. In the Server drop down list, select the SQL Server 2005 computer where the database has been created.

7. Click the Next button.

8. Select the With SQL Server authentication using a login ID and password entered by the user radio button.

9. Enter the username and password for the SQL Server authenticated user account that has the appropriate permissions to the VirtualCenter database and the MSDB database. 

10. Click the Next button.

11. If the default database is listed as Master select the Change the default database to: check box and then select the name of the VirtualCenter database as the default. The appropriate database might be selected if the SQL Server user account was configured with the VirtualCenter database as the default.

12. Click the Next button.

13. Click the Finish button.

14. Click the Test Data Source button to test the ODBC connection.

15. Click the OK button twice.

Оглавление книги


Генерация: 1.078. Запросов К БД/Cache: 3 / 1
поделиться
Вверх Вниз