Cloud DBA: How cloud changes database administrator's role
Cloud databases change the duties and responsibilities of database administrators. Here's how the job of a cloud DBA differs from what an on-premises one does.
Cloud-based systems have become the IT infrastructure of choice for many organizations, in all industries and of all sizes. Users can now choose from a seemingly endless array of cloud platforms, services and applications, including all manner of cloud databases. That's changing the nature of database deployments: the "Flexera 2023 State of the Cloud Report" found that data warehouses and relational databases were the two most popular PaaS technologies, respectively, used by 56% and 48% of responding organizations.
The role of the database administrator (DBA) is also changing as a result. Database administration teams often face a steep learning curve when they begin to transition from on-premises systems to cloud platforms. For a DBA who's new to the cloud, the complexity of the transition depends partly on the type of cloud service that's chosen. There's a big difference between deploying and administering databases in an IaaS environment and a database as a service (DBaaS) one.
IaaS is the cloud architecture that's the closest to on-premises systems. Think of it as servers and storage in the cloud: IaaS vendors provide compute and data storage platforms as well as handle maintenance and support of them. The vendors might also bundle operating systems with the platforms. But users continue to be responsible for installing and managing their software stack, including databases.
DBaaS significantly raises the service provider's control over the cloud environment. In addition to the hardware and operating system, DBaaS vendors assume ownership of the database software and other software components. Because of that, DBaaS has a greater impact on database administration. Accordingly, this article focuses mostly on how DBaaS deployments affect the job of a cloud DBA.
What's different for DBAs in the cloud
A mistake that some IT and data management teams make is assuming that DBaaS vendors provide the vast majority of database administration functions -- or all of them, even. Migrating to a DBaaS environment in the cloud doesn't reduce the amount of time a DBA spends administering the back-end system to zero. But it does decrease the routine administrative work that's required.
DBAs who shift from managing on-premises database systems to cloud-based ones need to be trained on the new architectures. Typically, they also must take on some new duties and responsibilities in place of existing ones that they no longer need to do. Here's an overview of some of the changes that DBAs can expect when they begin administering DBaaS environments:
- System provisioning. Initial system design and resource allocation responsibilities are commonly shared with other IT staffers in on-premises environments. But in the cloud, a DBA often assumes full responsibility for working with the vendor to provision the database system and allocate compute, memory and storage resources to workloads.
- Disaster recovery. Another shared responsibility on premises, it typically falls on a cloud DBA to ensure that geo-replicated backups and geo-redundant database system clusters are set up and configured as needed. That requires the DBA to learn the chosen DBaaS vendor's disaster recovery architecture.
- Backup and recovery. In on-premises systems, a DBA is responsible for data backup, recovery and retention processes. That becomes a shared responsibility with the DBaaS vendor in the cloud. The vendor handles configuration and execution tasks, while the DBA is responsible for adjusting the backup routines and schedule to meet application needs.
- System patching and maintenance. The DBaaS vendor defines maintenance windows, although a DBA can adjust dates and times for regular maintenance as needed. For critical security and system availability updates, the vendor often sets strict deadlines that require them to be done by a specific date and then applies the patches itself, instead of the DBA doing that.
- Capacity planning. A DBA continues to work with application developers and end users to forecast system usage and resource requirements. But instead of working with the IT team to expand systems when needed, the DBA is responsible for adjusting the cloud service tiers with the DBaaS vendor to accommodate required capacity growth.
How to succeed as a cloud DBA
Now, let's look more closely at some of the key issues that cloud database administrators need to contend with, the new or modified responsibilities they entail and how to address them successfully.
1. Cost management
First, a topic that continues to generate a lot of discussion and organizational concern: cloud cost management. During the genesis of cloud systems, much of the marketing hype focused on using them to reduce IT costs. As organizations began to implement applications in the cloud, though, they quickly realized that while it provided many advantages compared to on-premises systems, cost savings wasn't always one of them.
That makes evaluating initial and ongoing costs for both IaaS and DBaaS systems a critical task for a cloud DBA. You don't purchase cloud environments -- you essentially rent them, and the rental fees are based on resource utilization, which can vary dramatically over time, often in unexpected ways.
During the provisioning of a database system, the DBA should use the vendor-provided cost calculator to check what-if scenarios involving different pricing options, regions, instance classes, disk configurations and other parameters. Every time you make a change, the cost calculator will show an estimate of what your monthly cost will be. Testing different configurations will help you to customize your cloud database environment to better meet both your resource needs and budget.
After you implement the database, one of your top priorities is to monitor usage and resource consumption, ideally on a daily basis. If you don't, you might end up with an unwelcome budgetary surprise -- or shock. A very common problem that organizations face is a cloud system exceeding initial cost estimates. This is usually caused by unpredicted workload increases or changes to an application; the resulting increases in resource utilization might force DBAs to adjust the configuration parameters and performance levels selected when a cloud database was first provisioned.
DBAs also need to carefully read their vendor's documentation on resource limits -- and what happens if systems exceed those specifications. Unlike on-premises platforms that can allow an application to continue to run when resources are overutilized, some cloud systems will automatically suspend your workloads. Helpfully, the leading cloud vendors all provide tools to monitor resource utilization. Most also enable DBAs to set up billing alerts that can warn of potential cost problems.
2. Data security
In the cloud, DBAs share the task of protecting DBaaS environments with their cloud provider. It typically handles data encryption and other basic security functions. But, under the shared responsibility model for cloud security, the DBA still needs to secure not only access to cloud databases, but also items such as database load files and report files. Although some of these files might be temporary, appropriate controls must be put in place to protect them and audit their usage.
In addition to common database security commands that are supported in both on-premises and DBaaS systems, each cloud vendor provides its own security tools, controls and features that DBAs will need to employ to fully protect database environments. You should dedicate sufficient time to thoroughly understand your chosen vendor's customized set of security mechanisms.
3. Database auditing
Auditing database usage is another important responsibility for cloud DBAs. Much like data security, monitoring adherence to regulatory compliance frameworks such as the Payment Card Industry Data Security Standard, HIPAA and GDPR is a shared responsibility with the cloud database provider. It typically provides both internal and third-party auditor compliance reports and attestations for various frameworks. But that's only a starting point, not an exact control-by-control listing that matches an organization's unique auditing needs.
Most of the top cloud vendors also offer tools to help DBAs configure identity and access management, secure and monitor their data and implement audit trails for databases that are governed by compliance frameworks. But responsibility for ensuring that the tools are configured and used effectively to help meet compliance objectives lies solely with the DBA.
4. High availability, backup and recovery
DBaaS vendors offer cloud service-level agreements (SLAs) that guarantee minimum levels of system uptime. One of the key benefits of cloud database platforms is the ease of deploying a highly available architecture. The cloud vendor uses data replication to synchronize redundant database environments that are geographically distant from each other, ensuring that an outage in one region won't affect system availability. It then does automatic failovers to the standby database instances when necessary.
But once again, it's up to the database administrator to understand and select the features that are required to provide the desired level of availability. The DBA might also still need to perform some high availability tasks, such as restoring corrupted or development and test databases. In addition, the DBA is usually responsible for monitoring the DBaaS vendor's compliance with its SLA.
Another aspect that a cloud DBA needs to understand is the DBaaS vendor's maintenance windows and the potential impact that maintenance operations can have on system availability. For example, some work done by the vendor might require that the system be taken offline, but the DBA might be able to modify maintenance times and defer outages to avoid application issues.
Similarly, while DBaaS vendors offer automated mechanisms to back up cloud database systems, DBAs often can temporarily disable backup jobs and modify standard data retention periods. In many cases, they're also responsible for initiating database restore requests to the vendor and making sure that restored data is valid.
5. Performance tuning and monitoring
CPU and memory utilization and disk I/O will always be the DBA's favorite performance indicators, regardless of the database product and platform. The cloud introduces new resources that need to be monitored, but leading DBaaS vendors provide advanced monitoring tools to help facilitate the performance tuning process. In fact, DBAs typically will find that cloud database monitoring tool sets eclipse their on-premises counterparts.
In addition, many DBaaS vendors offer automated advisors that generate performance tuning recommendations. DBAs should run them often, analyze the results and implement suitable changes. Overall, the focus for a cloud database administrator shifts more to improving application performance through optimized database queries and updates, while the vendor monitors the database itself.
6. Basic administration tasks
The same basic principles of good database administration apply to both cloud and on-premises platforms. But depending on the database environment, DBAs will be using different tools, utilities and commands to do job scheduling, parameter configuration, schema design and other administrative operations in the cloud.
Database administrators also shouldn't expect an exact one-to-one feature match between DBaaS platforms and on-premises databases. Using Microsoft SQL Server as an example, you'll find that several features in Microsoft's on-premises software either aren't supported or have limited support in the cloud version that AWS offers as part of its Amazon Relational Database Service.
This feature mismatch isn't just an AWS issue, either. There are also some differences between on-premises SQL Server and Azure SQL Database, Microsoft's own cloud database service. Even Azure SQL Managed Instance, a version of the cloud software that Microsoft developed to make it easier to migrate on-premises databases to the cloud, isn't 100% compatible with SQL Server.
The differences in features aren't a weakness of cloud database platforms. DBaaS vendors optimize their database offerings to take advantage of the benefits that the cloud provides, and many of the differences are because the cloud service provides a better alternative. Cloud DBAs just need to be aware of those differences and plan their database administration processes accordingly.
Chris Foot is a former senior strategist for managed services at RadixBay, an IT consulting and services provider. Before he retired in 2023, Chris was responsible for optimizing the managed services experience for RadixBay's clients. He also acted as a strategic advisor to them on the use of leading-edge cloud and on-premises data infrastructure technologies.
