Microsoft and PASS Summit are going on tour!
Microsoft and PASS Summit are going on tour! Join us for this two-day event Sep 15 - 16 in Dallas, TX, together with our partners Pure Storage. With keynotes, pre-cons, general sessions and more this event will cover all things SQL Server, Microsoft Fabric, Azure SQL and more. Connect with Microsoft and other community experts. Registertoday and take a peek into the agenda below: Pre-Con: Deep-Dive Workshop: Accelerating AI, Performance and Resilience with SQL Server 2025 SQL Server 2025 delivers powerful new capabilities for AI, developer productivity, and performance all ready to run at scale on modern infrastructure. In this 1/2 day deep dive workshop, you'll get a first look at what's new and how to put it to work immediately. Learn directly from Microsoft and Pure Storage experts how to harness SQL Server’s vector capabilities and walk through real-world demos covering semantic search, change event streaming, and using external tables to manage vector embeddings. You'll also see how new REST APIs securely expose SQL Server's internals for automation and observability including snapshots, performance monitoring, and backup management. The workshop wraps up with insights into core engine enhancements: optimized locking, faster backups using ZSTD compression all running on a modern Pure Storage foundation that brings scale and resilience to your data platform. Whether you're a DBA, developer, or architect, this session will equip you with practical strategies for harnessing Microsoft SQL Server 2025 and Pure Storage to accelerate your organization's AI and data goals. Day 2: Building an LLM Chatbot on Your Laptop - No Cloud Required! Want to build a chatbot that can answer questions using your own data? This session shows you how, and no cloud is required! In this session, you will learn how to build a Retrieval-Augmented Generation (RAG) chatbot using open-source tools combined with SQL Server for vector storage - all from your laptop. We will cover topics such as LLM fundamentals, embeddings, similarity search, and how to integrate LLMs with your own data. By the end of the session, you will have a working chatbot and practical knowledge of how AI can enhance your data platform and a new way to elevate your SQL Server skills with AI. Day 2: An Inside Look at Building SQL Server/Azure and Fabric Data Warehouse Have you ever wondered how Microsoft builds and releases its database engines (SQL Server, SQL Azure, Fabric Data Warehouse)? This talk goes through some of the behind-the-scenes details about how the engineering team works, how features come together, and how the engineers learn how to build the software you use to manage your data. Having the Regional Summit in Dallas gives us a unique opportunity to talk about our engineering office in Austin and how it contributed features and enhancements to recent releases. Come and learn about which SQL features are built right here in Texas! Day2: AI Ready Apps with SQL Database in Microsoft Fabric Explore how to build enterprise-grade Retrieval-Augmented Generation (RAG) systems by harnessing the power of SQL AI features, vector-based search, and Microsoft Fabric. This session delves into modern architectures that integrate structured data with large language model (LLM) capabilities to enable real-time, intelligent, and secure applications. And much more! Learn more: PASS Summit On Tour Dallas - PASS Data Community Summit Register today: PASS Summit On Tour
SQL Server 2025: introducing optimized Halloween protection
Executive summary Optimized Halloween protection, available in the public preview of SQL Server 2025 starting with the CTP 2.0 release, reduces tempdb space consumption and improves query performance by redesigning the way the database engine solves the Halloween problem. An example in the appendix shows CPU and elapsed time of a query reduced by about 50% while eliminating all tempdb space consumption. Update 2025-09-02 During public preview of SQL Server 2025, we identified a potential data integrity issue that might occur if optimized Halloween protection is enabled. While the probability of encountering this issue is low, we take data integrity seriously. Therefore, we temporarily removed optimized Halloween protection from SQL Server 2025, starting with the RC 0 release. The fix for this issue is in progress. In the coming months, we plan to make optimized Halloween protection available in Azure SQL Database and Azure SQL Managed Instance with the always-up-to-date update policy. Enabling optimized Halloween protection in a future SQL Server 2025 update is under consideration as well. The Halloween problem The Halloween problem, named so because it was discovered on Halloween in 1976, occurs when a data modification language (DML) statement changes data in such a way that the same statement unexpectedly processes the same row more than once. Traditionally, the SQL Server database engine protects DML statements from the Halloween problem by introducing a spool operator in the query plan, or by taking advantage of another blocking operator already present in the plan, such as a sort or a hash match. If a spool operator is used, it creates a temporary copy of the data to be modified before any modifications are made to the data in the table. While the protection spool avoids the Halloween problem, it comes with downsides: The spool requires extra resources: space in tempdb, disk I/O, memory, and CPU. Statement processing by the downstream query operators is blocked until the data is fully written into the spool. The spool adds query plan complexity that can cause the query optimizer to generate a less optimal plan. Optimized Halloween protection removes these downsides by making the spool operator unnecessary. How it works When accelerated database recovery (ADR) is enabled, each statement in a transaction obtains a unique statement identifier, known as nest ID. As each row is modified by a DML statement, it is stamped with the nest ID of the statement. This is required to provide the ACID transaction semantics with ADR. During DML statement processing, when the storage engine reads the data, it skips any row that has the same nest ID as the current DML statement. This means that the query processor doesn't see the rows already processed by the statement, therefore avoiding the Halloween problem. How to use optimized Halloween protection To enable optimized Halloween protection for a database, the following prerequisites are required: ADR must be enabled on the database. The database must use compatibility level 170. The OPTIMIZED_HALLOWEEN_PROTECTION database-scoped configuration must be enabled. The OPTIMIZED_HALLOWEEN_PROTECTION database-scoped configuration is enabled by default. This means that when you enable ADR for a database using compatibility level 170, it will use optimized Halloween protection. You can ensure that a database uses optimized Halloween protection by executing the following statements: ALTER DATABASE [<database-name-placeholder>] SET ACCELERATED_DATABASE_RECOVERY = ON WITH ROLLBACK IMMEDIATE; ALTER DATABASE [<database-name-placeholder>] SET COMPATIBILITY_LEVEL = 170; ALTER DATABASE SCOPED CONFIGURATION SET OPTIMIZED_HALLOWEEN_PROTECTION = ON; You can also enable and disable optimized Halloween protection at the query level by using the ENABLE_OPTIMIZED_HALLOWEEN_PROTECTION and DISABLE_OPTIMIZED_HALLOWEEN_PROTECTION query hints, either directly in the query, or via Query Store hints. These hints work under any compatibility level and take precedence over the OPTIMIZED_HALLOWEEN_PROTECTION database-scoped configuration. When optimized Halloween protection is used for an operator in the query plan, the OptimizedHalloweenProtectionUsed property of the operator in the XML query plan is set to True. For more details, see optimized Halloween protection in documentation. Conclusion Optimized Halloween protection is another Intelligent Query Processing feature that improves query performance and reduces resource consumption when you upgrade to SQL Server 2025, without having to make any changes to your query workloads. We are looking forward to your feedback about this and other features during the public preview of SQL Server 2025 and beyond. You can leave comments on this blog post, email us at intelligentqp@microsoft.com, or leave feedback at https://aka.ms/sqlfeedback. Appendix The following script shows how optimized Halloween protection removes the protection spool in the query plan, and reduces tempdb usage, CPU time, and duration when enabled. /* Requires the WideWorldImporters sample database. SQL Server backup: https://github.com/Microsoft/sql-server-samples/releases/download/wide-world-importers-v1.0/WideWorldImporters-Full.bak Bacpac: https://github.com/Microsoft/sql-server-samples/releases/download/wide-world-importers-v1.0/WideWorldImporters-Standard.bacpac */ /* Ensure that optimized Halloween protection prerequisites are in place */ ALTER DATABASE WideWorldImporters SET ACCELERATED_DATABASE_RECOVERY = ON WITH ROLLBACK IMMEDIATE; ALTER DATABASE WideWorldImporters SET COMPATIBILITY_LEVEL = 170; ALTER DATABASE SCOPED CONFIGURATION SET OPTIMIZED_HALLOWEEN_PROTECTION = ON; GO /* Validate configuration */ SELECT d.compatibility_level, d.is_accelerated_database_recovery_on, dsc.name, dsc.value FROM sys.database_scoped_configurations AS dsc CROSS JOIN sys.databases AS d WHERE dsc.name = 'OPTIMIZED_HALLOWEEN_PROTECTION' AND d.name = DB_NAME(); GO /* Create the test table and add data */ DROP TABLE IF EXISTS dbo.OptimizedHPDemo; BEGIN TRANSACTION; SELECT * INTO dbo.OptimizedHPDemo FROM Sales.Invoices ALTER TABLE dbo.OptimizedHPDemo ADD CONSTRAINT PK_OptimizedHPDemo PRIMARY KEY CLUSTERED (InvoiceID) ON USERDATA; COMMIT; GO /* Ensure that Query Store is enabled and is capturing all queries */ ALTER DATABASE WideWorldImporters SET QUERY_STORE = ON (OPERATION_MODE = READ_WRITE, QUERY_CAPTURE_MODE = ALL); /* Empty Query Store to start with a clean slate */ ALTER DATABASE WideWorldImporters SET QUERY_STORE CLEAR; GO /* Disable optimized Halloween protection as the baseline */ ALTER DATABASE SCOPED CONFIGURATION SET OPTIMIZED_HALLOWEEN_PROTECTION = OFF; GO /* Insert data selecting from the same table. This requires Halloween protection so that the same row cannot be selected and inserted repeatedly. */ BEGIN TRANSACTION; INSERT INTO dbo.OptimizedHPDemo ( InvoiceID, CustomerID, BillToCustomerID, OrderID, DeliveryMethodID, ContactPersonID, AccountsPersonID, SalespersonPersonID, PackedByPersonID, InvoiceDate, CustomerPurchaseOrderNumber, IsCreditNote, CreditNoteReason, Comments, DeliveryInstructions, InternalComments, TotalDryItems, TotalChillerItems, DeliveryRun, RunPosition, ReturnedDeliveryData, ConfirmedDeliveryTime, ConfirmedReceivedBy, LastEditedBy, LastEditedWhen ) SELECT InvoiceID + 1000000 AS InvoiceID, CustomerID, BillToCustomerID, OrderID, DeliveryMethodID, ContactPersonID, AccountsPersonID, SalespersonPersonID, PackedByPersonID, InvoiceDate, CustomerPurchaseOrderNumber, IsCreditNote, CreditNoteReason, Comments, DeliveryInstructions, InternalComments, TotalDryItems, TotalChillerItems, DeliveryRun, RunPosition, ReturnedDeliveryData, ConfirmedDeliveryTime, ConfirmedReceivedBy, LastEditedBy, LastEditedWhen FROM dbo.OptimizedHPDemo; ROLLBACK; GO /* Enable optimized Halloween protection. Execute the following statement in its own batch. */ ALTER DATABASE SCOPED CONFIGURATION SET OPTIMIZED_HALLOWEEN_PROTECTION = ON; GO /* Execute the same query again */ BEGIN TRANSACTION; INSERT INTO dbo.OptimizedHPDemo ( InvoiceID, CustomerID, BillToCustomerID, OrderID, DeliveryMethodID, ContactPersonID, AccountsPersonID, SalespersonPersonID, PackedByPersonID, InvoiceDate, CustomerPurchaseOrderNumber, IsCreditNote, CreditNoteReason, Comments, DeliveryInstructions, InternalComments, TotalDryItems, TotalChillerItems, DeliveryRun, RunPosition, ReturnedDeliveryData, ConfirmedDeliveryTime, ConfirmedReceivedBy, LastEditedBy, LastEditedWhen ) SELECT InvoiceID + 1000000 AS InvoiceID, CustomerID, BillToCustomerID, OrderID, DeliveryMethodID, ContactPersonID, AccountsPersonID, SalespersonPersonID, PackedByPersonID, InvoiceDate, CustomerPurchaseOrderNumber, IsCreditNote, CreditNoteReason, Comments, DeliveryInstructions, InternalComments, TotalDryItems, TotalChillerItems, DeliveryRun, RunPosition, ReturnedDeliveryData, ConfirmedDeliveryTime, ConfirmedReceivedBy, LastEditedBy, LastEditedWhen FROM dbo.OptimizedHPDemo; ROLLBACK; GO /* Examine query runtime statistics and plans for the two executions of the same query. */ SELECT q.query_id, q.query_hash, qt.query_sql_text, p.plan_id, rs.count_executions, rs.avg_tempdb_space_used * 8 / 1024. AS tempdb_space_mb, FORMAT(rs.avg_cpu_time / 1000., 'N0') AS avg_cpu_time_ms, FORMAT(rs.avg_duration / 1000., 'N0') AS avg_duration_ms, TRY_CAST(p.query_plan AS xml) AS xml_query_plan FROM sys.query_store_runtime_stats AS rs INNER JOIN sys.query_store_plan AS p ON rs.plan_id = p.plan_id INNER JOIN sys.query_store_query AS q ON p.query_id = q.query_id INNER JOIN sys.query_store_query_text AS qt ON q.query_text_id = qt.query_text_id WHERE q.query_hash = 0xC6ADB023512BBCCC; /* For the second execution with optimized Halloween protection: 1. tempdb space usage is zero 2. CPU time and duration are reduced by about 50% 3. The Clustered Index Insert operator in the query plan has the OptimizedHalloweenProtection property set to True */Announcing SQL Server 2025 Release Candidate 0 (RC0)
We are excited to announce the availability of SQL Server 2025 Release Candidate 0 (RC0), building on the momentum of the first public preview released on May 15, 2025. This release marks a significant step forward in database innovation, introducing new development features and critical enhancements to performance, security, and analytics. Focus on Preview Features: Opt-In Innovation With RC0, SQL Server 2025 introduces a new way to experiment and adopt cutting-edge capabilities through the PREVIEW_FEATURES database scoped configuration. This opt-in mechanism empowers developers and database administrators to explore new features in a controlled, flexible manner. To learn more, please review the release notes for detailed guidance on activating and leveraging these preview features. What’s New in RC0? AI Enhancements Vector Search and Index: Easily create vector indexes and execute vector searches using the PREVIEW_FEATURES configuration. Better intra-query parallelism with hyperthreading. Enabled usage of vectors on MacOS via Rosetta 2 translation layer. Text Chunking: The AI_GENERATE_CHUNKS feature enables efficient text chunking, available via PREVIEW_FEATURES. ONNX Model Integration: CREATE EXTERNAL MODEL now supports local ONNX models hosted directly in SQL Server, enabled through PREVIEW_FEATURES. Improved Metadata: The sys.vector_indexes view now follow established naming convention and inherits columns from sys.indexes. Linux Support Broaden Your Linux Choices with Ubuntu 24.04 Support SQL Server 2025 RC0 now runs on Ubuntu 24.04 LTS, giving you more flexibility to standardize on the latest long‑term support Linux distribution. Starting in SQL Server 2025 (17.x) Preview, TLS 1.3 is enabled by default. Database Engine Improvements Time-bound extended event sessions stop automatically after the specified time elapses. Cardinality Estimation (CE) Feedback for Expressions—cache persistence: Learns from repeated query patterns to pick better row estimates and plans. With persistence, that learning will survive restarts and failovers for steadier performance and less retuning. Analytics PolyBase now supports managed identity communications to Microsoft Azure Blob Storage and Microsoft Azure Data Lake Storage. Language and Query Features JARO_WINKLER_DISTANCE returns float (previously real). JARO_WINKLER_SIMILARITY returns int (previously real). REGEXP_REPLACE and REGEXP_SUBSTR now support large object (LOB) types (varchar(max) and nvarchar(max)). REGEXP_LIKE is now SARGable, allowing index usage for faster query execution. Availability and Security SQL Server Agent, Linked Servers, defaults to encryption mandatory, using the latest security standards—TDS 8.0 and TLS 1.3. Configure TLS 1.3 encryption for Always On availability groups, failover cluster instances (FCI), replication, and log shipping with TDS 8.0 support. Replication defaults to OLEDB version 19 for inter-instance communication and enforces TLS 1.3 with Encrypt=Strict by default. Fabric mirroring Resource governance can now be used for Fabric Mirroring to isolate and manage resource consumption. Dynamic maxtrans configuration option to optimize Fabric mirroring performance Getting Started SQL Server 2025 RC0 offers a unique opportunity to explore the latest features via the PREVIEW_FEATURES configuration. These opt-in innovations are designed to foster experimentation and rapid adoption of upcoming capabilities. We encourage all users to review the release notes and take advantage of these powerful new tools. Accelerating SQL Server 2025 momentum: Announcing the first release candidate Thank you for being a part of the SQL Server community. Your feedback continues to shape the future of our platform. Download SQL Server 2025 RC0 today and unlock the next era of database excellence!SQL Server 2025 Preview: Now Supporting Ubuntu 24.04 and TLS 1.3
We are excited to introduce two key enhancements in the SQL Server 2025 Release Candidate 0 (RC0) for Linux: Ubuntu 24.04 and the addition of Transport Layer Security (TLS) 1.3 support. These updates enable developers, database administrators, and IT professionals to leverage the latest open-source technologies and security protocols, strengthening their data platforms. Ubuntu 24.04 Support in SQL Server 2025 RC0 SQL Server 2025 Preview now supports Ubuntu 24.04. This enables seamless deployment in Dev/Test environments using the Enterprise Evaluation Edition, which is valid for 180 days. Note: Production workloads on Ubuntu 24.04 are not yet supported; for production, use SQL Server 2022 on Ubuntu 22.04 or RHEL 9. How to Deploy SQL Server 2025 RC0 on Ubuntu 24.04 Getting started is easy! You can follow our Quickstart: Install SQL Server and create a database on Ubuntu to walks through everything—from prepping your system to installing and configuring SQL Server on Ubuntu. In this demo, I'll show you how to deploy SQL Server 2025 RC0 on Ubuntu 24.04 running inside WSL2. I've already set up Ubuntu 24.04 on WSL2 and Docker Desktop to manage containers. With just two commands, I was able to launch SQL Server 2025 RC0 in a container. I then connected to it using SQL Server Management Studio (SSMS), where you can see the version information displayed, confirming a successful deployment. lsb_release -a docker pull mcr.microsoft.com/mssql/server:2025-RC0-ubuntu-24.04 docker run -e "ACCEPT_EULA=Y" -e "MSSQL_SA_PASSWORD=<password>" \ -e "MSSQL_AGENT_ENABLED=true" \ -p 14333:1433 --name sql2025preview --hostname sql2025preview \ -d mcr.microsoft.com/mssql/server:2025-RC0-ubuntu-24.04 Here is the snippet of SQL Server ERRORLOG This shows the initial startup messages and confirms the SQL Server version running inside the container. TLS 1.3 Support in SQL Server 2025 RC0 Starting in SQL Server 2025 Preview (RC0), TLS 1.3 is enabled by default. To enable and validate TLS 1.3 for your SQL Server instance, follow the Learn guide: Encrypt Connections to SQL Server on Linux - SQL Server | Microsoft Learn Conclusion The addition of Ubuntu 24.04 and TLS 1.3 support in SQL Server 2025 Preview marks a significant step forward in providing modern, secure, and flexible data platform options. We encourage you to try out these new capabilities and share your feedback as we continue to improve SQL Server for the Linux ecosystem. We recommend you use any of the following options that suits you the best. 1) Send us an email with your feedback to sqlpreviewpackage@microsoft.com. 2) Another option would be to submit your comments directly on Azure Ideas (Use the SQL Server on Linux Group on the left side of the page) 3) Alternatively, you can open issues related to the preview packages Issues · microsoft/mssql-docker (github.com) on GitHub. We hope you give SQL Server 2025 preview on Ubuntu 24.04 a try and let us know what you think!SQL Server on Linux Now Supports cgroup v2
Hello, Linux + SQL Server Fans! If you’re running SQL Server on Linux, here’s some great news - cgroup v2 is now supported in SQL Server 2025 preview and SQL Server 2022 CU 20. This enhancement brings more precise and reliable resource management, especially for containerized deployments in environments like Docker, Kubernetes, and OpenShift. Why cgroup v2 Matters In Linux, control groups (cgroups) are a kernel feature that allows you to allocate, prioritize, and limit system resources such as CPU and memory. With cgroup v2, these capabilities are more unified and robust, offering better enforcement and visibility compared to the older version. To know more please visit: Control Group v2 — The Linux Kernel documentation. How to Check Your cgroup Version Run this command: stat -fc %T /sys/fs/cgroup/ If it returns cgroup2fs, you're using cgroup v2. If it returns cgroup, you're on cgroup v1. How to switch to cgroup v2: The simplest path is choosing a distribution that supports cgroup v2 out of the box. To switch manually: Add to GRUB config: systemd.unified_cgroup_hierarchy=1 Run: sudo update-grub SQL Server and Cgroupv2: Before this update, users running SQL Server containers on Kubernetes clusters (e.g., Azure Kubernetes Service version 1.25 and above) reported that SQL Server did not respect memory limits set via container specs. This led to issues like Out of Memory (OOM) errors, even when limits were properly configured. Here is an example: - For a standard D4ds_v5 machine that has 4 CPUs and 16 GB of RAM as shown in below screenshot If you check the SQL Server errorlog before SQL Server 2022 CU 20: You would observe that SQL Server can see 80% (12792 MB) of the overall memory (16 GB) available on the worker node of the Kubernetes cluster, even though you have configured the 3 Gi memory limit. You ask why just 80% then learn more about the memory.memorylimit, which by default is configured to 80% of the physical memory, to prevent out of memory (OOM) errors. For details please refer: Configure SQL Server Settings on Linux - SQL Server | Microsoft Learn. Below is the errorlog snippet and the container configuration: “Microsoft SQL Server 2022 (RTM-CU19) (KB5054531) - 16.0.4195.2 (X64) Apr 18 2025 13:42:14 Copyright (C) 2022 Microsoft Corporation Developer Edition (64-bit) on Linux (Ubuntu 22.04.5 LTS) <X64> .... .... Detected 12792 MB of RAM, 12313 MB of available memory, 12313 MB of available page file. This is an informational message; no user action is required” - This was despite the container being configured with a 3Gi memory limit: kubectl get pod mssql-0 -n cgrouptest -o jsonpath="{.status.qosClass}`n{.spec.containers[*].resources.limits.memory}" Guaranteed 3Gi Even though users limited the memory for SQL Server containers to 3 GB, SQL Server was still able to see the entire physical memory on the host and tried using that ending up in OOM crashes. But, With the release of SQL Server 2025 preview and SQL Server 2022 CU 20, the memory limits are now correctly enforced. Here's what the error log looks like with cgroup v2 support: “Microsoft SQL Server 2022 (RTM-CU20) (KB5059390) - 16.0.4205.1 (X64) Jun 13 2025 13:38:45 Copyright (C) 2022 Microsoft Corporation Developer Edition (64-bit) on Linux (Ubuntu 22.04.5 LTS) <X64> .. .. Detected 2458 MB of RAM, 1932 MB of available memory, 1932 MB of available page file. This is an informational message; no user action is required” The limits are same as previous case with memory limited to 3 GB as shown below, SQL Server ends up with 80% of 3 GB as the limit that is 2458 MB as printed in the errorlog. Below is the container configuration with a 3Gi memory limit: kubectl get pod mssql-latest-0 -n cgrouptest -o jsonpath="{.status.qosClass}`n{.spec.containers[*].resources.limits.memory}" Guaranteed 3Gi Learn More SQL Server on Linux Overview SQL Server 2025 Release Notes Deploy a SQL Server Linux container to kubernetes Deploy SQL Server on OpenShift or Kubernetes Understanding Cgroup v2on Kubernetes Understanding Cgroups on RHEL Wrapping Up With the introduction of cgroup v2 support in SQL Server 2025 and SQL Server 2022 CU 20, Linux-based deployments gain a powerful tool for smarter resource management. Whether you're running SQL Server in containers or on bare metal, cgroup v2’s unified hierarchy, simplified configuration, and real-time pressure metrics offer a more predictable and efficient way to enforce Quality of Service. From isolating workloads in Kubernetes to dynamically tuning performance under contention, this enhancement empowers DBAs and platform engineers to deliver consistent service levels across diverse environments. As SQL Server continues to evolve on Linux, embracing cgroup v2 is a strategic step toward building resilient, high-performance data platforms. Thanks, Engineering: Andrew Carter (Lead), Nicolas Blais-Miko Product Manager: Attinder Pal Singh and Amit Khandelwal
Managed Identity support for Azure Key Vault in SQL Server running on Linux
We are happy to announce that, you can now use Managed Identity to authenticate to Azure Key Vault from SQL Server running on Azure VM (Linux) available from SQL Server 2022 CU18 onwards. This blog will walk you through the process of using a user-assigned managed identity to access Azure Key Vault and configure Transparent Data Encryption(TDE) for a SQL database. Managed Identity: Microsoft Entra ID, formerly Azure Active Directory, provides an automatically managed identity to authenticate to any Azure service that supports Microsoft Entra authentication, such as Azure Key Vault, without exposing credentials in the code. Refer Managed identities for Azure resources - Managed identities for Azure resources | Microsoft Learn for more details. VM Setup and Prerequisites: Before diving into the setup, it's essential to ensure that your Azure Linux VM has SQL Server installed and that the VM has identities assigned with the necessary key vault permissions. Set up SQL Server running on Azure Linux VM. Refer SQL Server on RHEL VM in Azure: RHEL: Install SQL Server on Linux - SQL Server | Microsoft Learn, SQL Server on SLES VM in Azure: SUSE: Install SQL Server on Linux - SQL Server | Microsoft Learn, SQL Server on Ubuntu VM in Azure: Ubuntu: Install SQL Server on Linux - SQL Server | Microsoft Learn for more details. Create user-assigned Managed Identity. Refer https://learn.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-portal for more details. Go to Azure Linux VM resource in the Azure portal and click on Identity tab under security blade. Go to the User assigned tab in the right side panel and click on Add. Select the user-assigned managed identity and click on Add. Create a Key Vault and Keys. Refer Integrate Key Vault with SQL Server on Windows VMs in Azure (Resource Manager) - SQL Server on Azure VMs | Microsoft Learn for more details. Assign Key Vault Crypto Service Encryption User role to the user-assigned managed identity to perform wrap and unwrap operations. Go to the key vault resource that you created, and select the Access control (IAM)setting. Select Add> Add role assignment. Search for Key Vault Crypto Service Encryption User and select the role. Select Next. In the Members tab, select Managed identity option and click on Select members option, and then search for the user-assigned managed identity that you created in Step 3. Select the managed identity and then click on Select button. Setting the primary identity on Azure Linux VM To set the managed identity as the primary identity for Azure Linux VM, you can use the mssql-conf tool packaged with SQL Server. Here are the steps: Use the mssql-conf tool to manually set the primary identity. Run the following commands: sudo /opt/mssql/bin/mssql-conf set network.aadmsiclientid <client id of the managed identity> sudo /opt/mssql/bin/mssql-conf set network.aadprimarytenant <tenant id> 3. Restart the SQL Server: sudo systemctl restart mssql-server Enable TDE using EKM and managed identity: Refer Managed Identity Support for Extensible Key Management (EKM) with Azure Key Vault (AKV) - SQL Server on Azure VMs | Microsoft Learn for configuration steps for Azure Windows VM. These steps remain same for SQL Server running on an Azure Linux VM. 1.Enable EKM in SQL Server running on the Azure VM. 2.Create credential and encrypt the database. When using the CREATE CREDENTIAL command in this context, you only need to provide the 'Managed Identity' in the IDENTITY argument. Unlike earlier scenarios, you do not need to include a SECRET argument. This simplifies the process and enhances security by not requiring a secret to be passed. Conclusion: Using managed identity to access Azure Key Vault in SQL Server running on an Azure Linux VM boosts security, streamlines key management, and supports compliance. With data protection being paramount, Azure Key Vault’s integration along with managed identity offers a robust solution. Stay tuned for more insights on SQL Server on Linux! Official Documentation: Managed Identity Support for Extensible Key Management (EKM) with Azure Key Vault (AKV) - SQL Server on Azure VMs | Microsoft Learn Extensible Key Management using Azure Key Vault - SQL Server Setup Steps for Extensible Key Management Using the Azure Key Vault Azure Key Vault Integration for SQL Server on Azure VMs
Smarter Parallelism: Degree of parallelism feedback in SQL Server 2025
🚀 Introduction With SQL Server 2025, we have made Degree of parallelism (DOP) feedback an on by default feature. Originally introduced in SQL Server 2022, DOP feedback is now a core part of the platform’s self-tuning capabilities, helping workloads scale more efficiently without manual tuning. The feature works with database compatibility 160 or higher. ⚙️ What Is DOP feedback? DOP feedback is part of the Intelligent Query Processing (IQP) family of features. It dynamically adjusts the number of threads (DOP) used by a query based on runtime performance metrics like CPU time and elapsed time. If a query that has generated a parallel plan consistently underperforms due to excessive parallelism, the DOP feedback feature will reduce the DOP for future executions without requiring recompilation. Currently, DOP feedback will only recommend reductions to the degree of parallelism setting on a per query plan basis. The Query Store must be enabled for every database where DOP feedback is used, and be in a "read write" state. This feedback loop is: Persistent: Stored in Query Store. Persistence is not currently available for Query Store on readable secondaries. This is subject to change in the near future, and we'll provide an update to it's status after that occurs. Adaptive: Adjusts a query’s DOP, monitors those adjustments, and reverts any changes to a previous DOP if performance regresses. This part of the system relies on Query Store being enabled as it relies on the runtime statistics captured within the Query Store. Scoped: Controlled via the DOP_FEEDBACK database-scoped configuration or at the individual query level with the use of the DISABLE_DOP_FEEDBACK query hint. 🧪 How It Works Initial Execution: SQL Server compiles and executes a query with a default or manually set DOP. Monitoring: Runtime stats are collected and compared across executions. Adjustment: If inefficiencies are detected, DOP is lowered (minimum of 2). Validation: If performance improves and is stable, the new DOP is persisted. If not, the DOP recommendation will be reverted to the previously known good DOP setting, which is typically the original setting that the feature used as a baseline. At the end of the validation period any feedback that has been persisted, regardless of its state (i.e. stabilized, reverted, no recommendation, etc.) can be viewed by querying the sys.query_store_plan_feedback system catalog view: SELECT qspf.feature_desc, qsq.query_id, qsp.plan_id, qspf.plan_feedback_id, qsqt.query_sql_text, qsp.query_plan, qspf.state_desc, qspf.feedback_data, qspf.create_time, qspf.last_updated_time FROM sys.query_store_query AS qsq INNER JOIN sys.query_store_plan AS qsp ON qsp.query_id = qsq.query_id INNER JOIN sys.query_store_query_text AS qsqt ON qsqt.query_text_id = qsq.query_text_id INNER JOIN sys.query_store_plan_feedback AS qspf ON qspf.plan_id = qsp.plan_id WHERE qspf.feature_id = 3; 🆕 What’s New in SQL Server 2025? Enabled by Default: No need to toggle the database scoped configuration on, DOP feedback is active out of the box. Improved Stability: Enhanced validation logic ensures fewer regressions. Better Integration: Works seamlessly with other IQP features like Memory Grant feedback , Cardinality Estimation feedback, and Parameter Sensitive Plan (PSP) optimization. 📊 Visualizing the Feedback Loop 🧩 How can I see if DOP feedback is something that would be beneficial for me? Without setting up an Extended Event session for deeper analysis, looking over some of the data in the Query Store can be useful in determining if DOP feedback would find interesting enough queries for it to engage. At a minimum, if your SQL Server instance is operating with parallelism enabled and has: o a MAXDOP value of 0 (not generally recommended) or a MAXDOP value greater than 2 o you observe multiple queries have execution runtimes of 10 seconds or more along with a degree of parallelism of 4 or greater o and have an execution count 15 or more according to the output from the query below SELECT TOP 20 qsq.query_id, qsrs.plan_id, [replica_type] = CASE WHEN replica_group_id = '1' THEN 'PRIMARY' WHEN replica_group_id = '2' THEN 'SECONDARY' WHEN replica_group_id = '3' THEN 'GEO SECONDARY' WHEN replica_group_id = '4' THEN 'GEO HA SECONDARY' ELSE TRY_CONVERT(NVARCHAR (200), qsrs.replica_group_id) END, AVG(qsrs.avg_dop) as dop, SUM(qsrs.count_executions) as execution_count, AVG(qsrs.avg_duration)/1000000.0 as duration_in_seconds, MIN(qsrs.min_duration)/1000000.0 as min_duration_in_seconds FROM sys.query_store_runtime_stats qsrs INNER JOIN sys.query_store_plan qsp ON qsp.plan_id = qsrs.plan_id INNER JOIN sys.query_store_query qsq ON qsq.query_id = qsp.query_id GROUP BY qsrs.plan_id, qsq.query_id, qsrs.replica_group_id ORDER BY dop desc, execution_count desc; 🧠 Behind the Scenes: How Feedback Is Evaluated DOP feedback uses a rolling window of recent executions (typically 15) to evaluate: Average CPU time Standard deviation of CPU time Adjusted elapsed time* Stability of performance across executions If the adjusted DOP consistently improves efficiency without regressing performance, it is persisted. Otherwise, the system reverts to the last known good configuration (also knows as the default dop to the system). As an example, if the dop for a query started out with a value of 8, and DOP feedback determined that a DOP of 4 was an optimal number; if over the period of the rolling window and while the query is in the validation phase, if the query performance varied more than expected, DOP feedback will undo it's change of 4 and set the query back to having a DOP of 8. 🧠 Note: The adjusted elapsed time intentionally excludes wait statistics that are not relevant to parallelism efficiency. This includes ignoring buffer latch, buffer I/O, and network I/O waits, which are external to parallel query execution. This ensures that feedback decisions are based solely on CPU and execution efficiency, not external factors like I/O or network latency. 🧭 Best Practices Enable Query Store: This is required for DOP feedback to function. Monitor DOP feedback extended events SQL Server provides a set of extended events to help you monitor and troubleshoot the DOP feedback lifecycle. Below is a sample script to create a session that captures key events, followed by a breakdown of what each event means. IF EXISTS (SELECT * FROM sys.server_event_sessions WHERE name = 'dop_xevents') DROP EVENT SESSION [dop_xevents] ON SERVER; GO CREATE EVENT SESSION [dop_xevents] ON SERVER ADD EVENT sqlserver.dop_feedback_analysis_stopped, ADD EVENT sqlserver.dop_feedback_eligible_query, ADD EVENT sqlserver.dop_feedback_provided, ADD EVENT sqlserver.dop_feedback_reassessment_failed, ADD EVENT sqlserver.dop_feedback_reverted, ADD EVENT sqlserver.dop_feedback_stabilized -- ADD EVENT sqlserver.dop_feedback_validation WITH ( MAX_MEMORY = 4096 KB, EVENT_RETENTION_MODE = ALLOW_SINGLE_EVENT_LOSS, MAX_DISPATCH_LATENCY = 30 SECONDS, MAX_EVENT_SIZE = 0 KB, MEMORY_PARTITION_MODE = NONE, TRACK_CAUSALITY = OFF, STARTUP_STATE = OFF ); ⚠️ Note: The extended event that has been commented out (dop_feedback_validation) is part of the debug channel. Enabling it may introduce additional overhead and should be used with caution in production environments. 📋 DOP Feedback Extended Events Reference Event Name Description dop_feedback_eligible_query Fired when a query plan becomes eligible for DOP feedback. Captures initial runtime stats like CPU time and adjusted elapsed time. dop_feedback_analysis_stopped Indicates that SQL Server has stopped analyzing a query for DOP feedback. Reasons include high variance in stats or the optimal DOP has already been achieved. dop_feedback_provided Fired when SQL Server provides a new DOP recommendation for a query. Includes baseline and feedback stats. dop_feedback_reassessment_failed Indicates that a previously persisted feedback DOP was reassessed and found to be invalid, restarting the feedback cycle. dop_feedback_reverted Fired when feedback is rolled back due to performance regression. Includes baseline and feedback stats. dop_feedback_stabilized Indicates that feedback has been validated and stabilized. After stabilization, additional adjustment to the feedback can be made when the system reassesses the feedback on a periodic basis. 🔍 Understanding the feedback_data JSON in DOP feedback In the "How it works" section of this article, we had provided a sample script that showed some of the data that can be persisted within the sys.query_store_plan_feedback catalog view. When DOP feedback stabilizes, SQL Server stores a JSON payload in the feedback_data column of that view, figuring out how to interpret that data can sometimes be challenging. From a structural perspective, the feedback_data field contains a JSON object with two main sections; LastGoodFeedback and BaselineStats. As an example { "LastGoodFeedback": { "dop": "2", "avg_cpu_time_ms": "12401", "avg_adj_elapsed_time_ms": "12056", "std_cpu_time_ms": "380", "std_adj_elapsed_time_ms": "342" }, "BaselineStats": { "dop": "4", "avg_cpu_time_ms": "17843", "avg_adj_elapsed_time_ms": "13468", "std_cpu_time_ms": "333", "std_adj_elapsed_time_ms": "328" } } Section Field Description LastGoodFeedback dop The DOP value that was validated and stabilized for future executions. avg_cpu_time_ms Average CPU time (in milliseconds) for executions using the feedback DOP. avg_adj_elapsed_time_ms Adjusted elapsed time (in milliseconds), excluding irrelevant waits. std_cpu_time_ms Standard deviation of CPU time across executions. std_adj_elapsed_time_ms Standard deviation of adjusted elapsed time. BaselineStats dop The original DOP used before feedback was applied. avg_cpu_time_ms Average CPU time for the baseline executions. avg_adj_elapsed_time_ms Adjusted elapsed time for the baseline executions. std_cpu_time_ms Standard deviation of CPU time for the baseline. std_adj_elapsed_time_ms Standard deviation of adjusted elapsed time for the baseline. One method that can be used to extract this data could be to utilize the JSON_VALUE function: SELECT qspf.plan_id, qs.query_id, qt.query_sql_text, qsp.query_plan_hash, qspf.feature_desc, -- LastGoodFeedback metrics JSON_VALUE(qspf.feedback_data, '$.LastGoodFeedback.dop') AS last_good_dop, JSON_VALUE(qspf.feedback_data, '$.LastGoodFeedback.avg_cpu_time_ms') AS last_good_avg_cpu_time_ms, JSON_VALUE(qspf.feedback_data, '$.LastGoodFeedback.avg_adj_elapsed_time_ms') AS last_good_avg_adj_elapsed_time_ms, JSON_VALUE(qspf.feedback_data, '$.LastGoodFeedback.std_cpu_time_ms') AS last_good_std_cpu_time_ms, JSON_VALUE(qspf.feedback_data, '$.LastGoodFeedback.std_adj_elapsed_time_ms') AS last_good_std_adj_elapsed_time_ms, -- BaselineStats metrics JSON_VALUE(qspf.feedback_data, '$.BaselineStats.dop') AS baseline_dop, JSON_VALUE(qspf.feedback_data, '$.BaselineStats.avg_cpu_time_ms') AS baseline_avg_cpu_time_ms, JSON_VALUE(qspf.feedback_data, '$.BaselineStats.avg_adj_elapsed_time_ms') AS baseline_avg_adj_elapsed_time_ms, JSON_VALUE(qspf.feedback_data, '$.BaselineStats.std_cpu_time_ms') AS baseline_std_cpu_time_ms, JSON_VALUE(qspf.feedback_data, '$.BaselineStats.std_adj_elapsed_time_ms') AS baseline_std_adj_elapsed_time_ms FROM sys.query_store_plan_feedback AS qspf JOIN sys.query_store_plan AS qsp ON qspf.plan_id = qsp.plan_id JOIN sys.query_store_query AS qs ON qsp.query_id = qs.query_id JOIN sys.query_store_query_text AS qt ON qs.query_text_id = qt.query_text_id WHERE qspf.feature_desc = 'DOP Feedback' AND ISJSON(qspf.feedback_data) = 1; 🧪 Why This Matters This JSON structure is critical for: Debugging regressions: You can compare baseline and feedback statistics to understand if a change in DOP helped or hurt a set of queries. Telemetry and tuning: Tools can be used to parse this JSON payload to surface insights in performance dashboards. Transparency: It provides folks that care about the database visibility into how SQL Server is adapting to their workload. 📚 Learn More Intelligent Query Processing: degree of parallelism feedback Degree of parallelism (DOP) feedback Intelligent query processing in SQL databases Microsoft SQL Server
Security Update for SQL Server 2022 RTM GDR
The Security Update for SQL Server 2022 RTM GDR is now available for download at the Microsoft Download Center and Microsoft Update Catalog sites. This package cumulatively includes all previous security fixes for SQL Server 2022 RTM, plus it includes the new security fixes detailed in the KB Article. Security Bulletins: CVE-2025-49718 - Security Update Guide - Microsoft - Microsoft SQL Server Denial of Service Vulnerability Security Update of SQL Server 2022 RTM GDR KB Article: KB5058712 Microsoft Download Center: https://www.microsoft.com/download/details.aspx?id=108269 Microsoft Update Catalog: https://www.catalog.update.microsoft.com/Search.aspx?q=5058712 Latest Updates for Microsoft SQL Server: https://learn.microsoft.com/en-us/troubleshoot/sql/releases/download-and-install-latest-updatesWhat’s new in SQL Server 2025 CTP 2.1: Building momentum from public preview
During Microsoft Build, we announced the public preview of SQL Server 2025 (https://aka.ms/sqlserver2025), marking a significant advancement in our efforts to deliver an AI-ready enterprise database platform with superior security, performance, and availability. We are pleased to announce Community Technology Preview (CTP) 2.1. This update builds on the momentum from #MSBuild and brings new features and enhancements designed to help customers unlock more value from their data, simplify operations, and strengthen security. Efficient Vector Data & Indexing Addressed few limitations from the Vector data type and functions for streamlined usage. Improved Vector Index build performance significantly. Transmit vectors efficiently in binary format to reduce payload size and enhance AI workload performance using the updated TDS protocol and updated drivers Added sys.vector_indexes catalog view for querying vector indexes. Creating a vector index no longer locks the table with SCH-M lock, allowing full read-access during indexing. Embedding with Auto-Retry: The new enhancement introduces a built-in mechanism to automatically retry the embedding call if it fails due to temporary HTTP errors (like timeouts or service unavailability). Secure by default: SQL Server 2025 to modernize and secure internal communications across all components. In this release we extended TDS 8.0 and Transport Layer Security (TLS) 1.3 support for SQL Writer, PolyBase service and SQL CEIP our telemetry services. What’s new in SQL Server 2025 security Tempdb enhancements: Tempdb space resource governance now supports percent-based limits. Resource governance can now be defined using percentage-based thresholds of the maximum tempdb space, making it easier to scale policies across different hardware configurations. Immutable Storage for Azure Blob Backups Backups to Azure Blob Storage now support immutable storage, which prevents tampering or deletion for a defined retention period—ideal for compliance and audit scenarios. Max_message_size_kb Parameter Update The sys.sp_create_event_group_stream stored procedure now includes an updated Max_message_size_kb parameter, allowing better control over event stream message sizes. Automatic Plan Correction (APC) Behavioral Change SQL Server now automatically detects plan regressions and applies FORCE_LAST_GOOD_PLAN to correct them. The regression detection model previously enabled by Trace Flag 12618 is now on by default, making automatic tuning more proactive and effective without manual intervention. SQL Server Enabled by Azure Arc – Overview This release introduces native support for Azure Arc integration in SQL Server 2025 Preview. Azure Arc is a Microsoft service that allows you to manage on-premises, multi-cloud, and edge environments through the Azure control plane. Consolidation of reporting services: Beginning with SQL Server 2025, Microsoft will integrate all on-premises reporting services into Power BI Report Server (PBIRS). There will be no further releases of SQL Server Reporting Services (SSRS). PBIRS will serve as the default on-premises reporting solution for SQL Server. For more information, see Reporting Services consolidation FAQ Discontinued services: Purview access policies (DevOps policies and data owner policies) are discontinued in this version of SQL Server. As an alternative to the policy actions provided by Purview policies, please use Fixed server roles. Refer our documentation for details on the specific server roles to use. Get started SQL Server 2025 is a major upgrade that unites databases and AI across on-premises and cloud. It supports existing apps and T-SQL with minimal changes, enabling organizations to scale, integrate with modern data platforms, and unlock new insights—while building on SQL Server’s trusted foundation. Ready to try it out? Get started today: aka.ms/getsqlserver2025. Learn more Microsoft Build 2025: SQL Server 2025: The Database Developer Reimagined Docs: aka.ms/Build/sql2025docs Announcement blog: aka.ms/sqlserver2025 SQL Server 2025 deep dive SQL Server tech community blog SQL Server homepage: https://www.microsoft.com/en-us/sql-server MSSQL Extension for Visual Studio Code with GitHub Copilot: https://aka.ms/vscode-mssql-copilot
