SQL Server Autoupdates

Randy Holloway talks about SQL Server updating. Recently, I had the pleasure of talking to one of the Program Managers for SQL Server “Yukon” at Microsoft (unfortunately I don't remember his name). Since I had his ear for a few minutes, I queried him (pun intended) on all sorts of information regarding the next release. (I can talk about this next part since it's related to public knowledge anyways). I asked him some questions about having the CLR inside the database, and was pleased overall with his responses. A few questions later, I asked him about patching and updates, and he said basically what this article said. This naturally led me to my next question:

“Well, you've got the Framework baked into the SQL engine, right? Why don't you use the .NET Application Updating  capabilities to grab new versions of assemblies off of a public server hosted by Microsoft? It wouldn't be so difficult to make it download non-Framework DLLs too...”

The look he gave me after I said that made me feel like I was either really smart or really stupid. Too bad I'll have to wait another year to figure out which one ;).

Which leads me to a question for you guys: has anyone tried using the Updater Building Blocks to update something other than a WinForms app? What about server controls or middle tier libraries for websites? LOL I kinda feel like the lady on SNL's “Coffee Talk”. 'OK, your topic is component update architectures in managed code. Discuss.' Anyways, I'd love to hear you guys go back and forth with your ideas and experiences.

UPDATE: You could also have a separate updates system similar to Software Update Services that would accomplish the same task, only using .NET AutoUpdating.

9 Comments

  • Robert did you read my recent post on this issue with Yukon or SQL update ?

    No way that i am going to plug my server database to the Net to received some MS updates !

    My SQL server is behind 2 firewalls oinly visible from very few machines, and I will not taking any risks to expose my data to make Microsoft happy.

    The updates I do are only by CD and that's all.

    I am sure that a lot of DBAs work in the same pattern than me.

  • BTW, I have the same network setup that you do. Great minds think alike ;).

  • I have no negative thoughts there but I have a lot of experience on databases and securities.



    And I just say that regardind the number of recent flaws MS has in their update system, I will not trust Microsoft blindly to patch my systems without any control.

    I don't know for you, but I have sensitive educational material in the database, and a lot of my colleagues are on the same path there.

    I am not negative but I don't think an automatic update is possible.

    If you are ok to trust MS, you're free, but I stand on my thoughts about this.

  • That's why you can use Software Update Services to give you the control you desire while still having autodeploy capabilities. You focused on my comment about your negativity, yet you missed the whole point of my response. With SUS, one server grab's MS's patches, and notifies you to approve them. Your network machines don't need internet connectivity, only connectivity to that server. If you approve the patch, your Automatic Updates Service redirect automatically grabs and installs it from YOUR SERVER, not from MS.



    My proposal is a similar technology using existing .NET Framework capabilities.



    BTW, and I mean this with all seriousness, it's always a pleasure talking aboubt this stuff with you. That's not sarcasm. You always bring interesting ideas to the table, and make me think harder about my responses.

  • I just maintain what I said before, what is the point of having Microsoft claiming that security is essential in our networks and suddenly give them full access to our systems in a name of some pretentious safety.

    like many of my colleagues i don@t trust the internet connection and especially when the idea is coming from big brother :->

  • Full access to our systems? I'm really confused here. How is your computer asking another computer for an update getting full access to the system?

  • If the computer world exist without hackers or marketing people, I would trust the update, but unfortunatly we are living in a real world.

    I understood the use of this Software update system you mention, but I don't let my live server open to the wan.

    My firewall is setup only as a one way, and I am not going to open the line in both directions just for some updates I can download from my desktop PC burn on a CD and install myself at my convenience.

  • How does your desktop PC connect to the internet? Is it on the same network?

  • No Robert my Desktop PC is on a totally separate network, nothing to do with the SQL box.

Comments have been disabled for this content.