Click to give Water and Food

Saturday, June 7, 2014

EM12c Release 4: Database as a Service Enhancements


Oracle Enterprise Manager 12.1.0.4 (or simply put EM12c R4) is the latest update to the product. As previous versions, this release provides tons of enhancements and bug fixes, attributing to improved stability and quality. One of the areas that is most exciting and has seen tremendous growth in the last few years is that of Database as a Service. EM12c R4 provides a significant update to Database as a Service. The key themes are:
  1. Comprehensive Database Service Catalog (includes single instance, RAC, and Data Guard)
  2. Additional Storage Options for Snap Clone (includes support for Database feature CloneDB)
  3. Improved Rapid Start Kits
  4. Extensible Metering and Chargeback
  5. Miscellaneous Enhancements

    1. Comprehensive Database Service Catalog
    Before we get deep into implementation of a service catalog, lets first understand what it is and what benefits it provides. Per ITIL, a service catalog is an exhaustive list of IT services that an organization provides or offers to its employees or customers. Service catalogs have been widely popular in the space of cloud computing, primarily as the medium to provide standardized and pre-approved service definitions. There is already some good collateral out there that talks about Oracle database service catalogs. The two whitepapers i recommend reading are:
    EM12c comes with an out-of-the-box service catalog and self service portal since release 1. For the customers, it provides the following benefits:
    • Present a collection of standardized database service definitions,
    • Define standardized pools of hardware and software for provisioning,
    • Role based access to cater to different class of users,
    • Automated procedures to provision the predefined database definitions,
    • Setup chargeback plans based on service tiers and database configuration sizes, etc
    Starting Release 4, the scope of services offered via the service catalog has been expanded to include databases with varying levels of availability - Single Instance (SI) or Real Application Clusters (RAC) databases with multiple data guard based standby databases. Some salient points of the data guard integration:
    • Standby pools can now be defined across different datacenters or within the same datacenter as the primary (this helps in modelling the concept of near and far DR sites)
    • The standby databases can be single instance, RAC, or RAC One Node databases
    • Multiple standby databases can be provisioned, where the maximum limit is determined by the version of database software
    • The standby databases can be in either mount or read only (requires active data guard option) mode
    • All database versions 10g to 12c supported (as certified with EM 12c)
    • All 3 protection modes can be used - Maximum availability, performance, security
    • Log apply can be set to sync or async along with the required apply lag
    The different service levels or service tiers are popularly represented using metals - Platinum, Gold, Silver, Bronze, and so on. The Oracle MAA whitepaper (referenced above) calls out the various service tiers as defined by Oracle's best practices, but customers can choose any logical combinations from the table below:
     Primary Standby [1 or more] EM 12cR4
     SI - 
     SI SI
     RAC-
     RACSI
     RACRAC
     RON-
     RONRON
    where RON = RAC One Node is supported via custom post-scripts in the service template
    sample service catalog would look like the image below. Here we have defined 4 service levels, which have been deployed across 2 data centers, and have 3 standardized sizes. Again, it is important to note that this is just an example to get the creative juices flowing. I imagine each customer would come up with their own catalog based on the application requirements, their RTO/RPO goals, and the product licenses they own. In the screenwatch titled 'Build Service Catalog using EM12c DBaaS', I walk through the complete steps required to setup this sample service catalog in EM12c.

    2. Additional Storage Options for Snap Clone
    In my previous blog posts, i have described the snap clone feature in detail. Essentially, it provides a storage agnostic, self service, rapid, and space efficient approach to solving your data cloning problems. The net benefit is that you get incredible amounts of storage savings (on average 90%) all while cloning databases in a matter of minutes. Space and Time, two things enterprises would love to save on. This feature has been designed with the goal of providing data cloning capabilities while protecting your existing investments in server, storage, and software. With this in mind, we have pursued with the dual solution approach of Hardware and Software. In the hardware approach, we connect directly to your storage appliances and perform all low level actions required to rapidly clone your databases. While in the software approach, we use an intermediate software layer to talk to any storage vendor or any storage configuration to perform the same low level actions. Thus delivering the benefits of database thin cloning, without requiring you to drastically changing the infrastructure or IT's operating style.
    In release 4, we expand the scope of options supported by snap clone with the addition of database CloneDB. While CloneDB is not a new feature, it was first introduced in 11.2.0.2 patchset, it has over the years become more stable and mature. CloneDB leverages a combination of Direct NFS (or dNFS) feature of the database, RMAN image copies, sparse files, and copy-on-write technology to create thin clones of databases from existing backups in a matter of minutes. It essentially has all the traits that we want to present to our customers via the snap clone feature. For more information on cloneDB, i highly recommend reading the following sources:
    The advantages of the new CloneDB integration with EM12c Snap Clone are:
    • Space and time savings 
    • Ease of setup - no additional software is required other than the Oracle database binary
    • Works on all platforms
    • Reduce the dependence on storage administrators
    • Cloning process fully orchestrated by EM12c, and delivered to developers/DBAs/QA Testers via the self service portal
    • Uses dNFS to delivers better performance, availability, and scalability over kernel NFS
    • Complete lifecycle of the clones managed by EM12c - performance, configuration, etc

      3. Improved Rapid Start Kits
      DBaaS deployments tend to be complex and its setup requires a series of steps. These steps are typically performed across different users and different UIs. The Rapid Start Kit provides a single command solution to setup Database as a Service (DBaaS) and Pluggable Database as a Service (PDBaaS). One command creates all the Cloud artifacts like Roles, Administrators, Credentials, Database Profiles, PaaS Infrastructure Zone, Database Pools and Service Templates. Once the Rapid Start Kit has been successfully executed, requests can be made to provision databases and PDBs from the self service portal. Rapid start kit can create complex topologies involving multiple zones, pools and service templates. It also supports standby databases and use of RMAN image backups. 
      The Rapid Start Kit in reality is a simple emcli script which takes a bunch of xml files as input and executes the complete automation in a matter of seconds. On a full rack Exadata, it took only 40 seconds to setup PDBaaS end-to-end. This kit works for both Oracle's engineered systems like Exadata, SuperCluster, etc and also on commodity hardware. One can draw parallel to the Exadata One Command script, which again takes a bunch of inputs from the administrators and then runs a simple script that configures everything from network to provisioning the DB software.
      Steps to use the kit: 
      • The kit can be found under the SSA plug-in directory on the OMS:EM_BASE/oracle/MW/plugins/oracle.sysman.ssa.oms.plugin_12.1.0.8.0/dbaas/setup 
      • It can be run from this default location or from any server which has emcli client installed
      • For most scenarios, you would use the script dbaas/setup/database_cloud_setup.py 
      • For Exadata, special integration is provided to reduce the number of inputs even further. The script to use for this scenario would be dbaas/setup/exadata_cloud_setup.py
      • The database_cloud_setup.py script takes two inputs:
        • Cloud boundary xml: This file defines the cloud topology in terms of the zones and pools along with host names, oracle home locations or container database names that would be used as infrastructure for provisioning database services. This file is optional in case of Exadata, as the boundary is well know via the Exadata system target available in EM.
        • Input xml: This file captures inputs for users, roles, profiles, service templates, etc. Essentially, all inputs required to define the DB services and other settings of the self service portal.
      • Once all the xml files have been prepared, invoke the script as follows for PDBaaS:
        emcli @database_cloud_setup.py -pdbaas 
              -cloud_boundary=/tmp/my_boundary.xml 
              -cloud_input=/tmp/pdb_inputs.xml
               The script will prompt for passwords a few times for key users like sysman, cloud admin, SSA admin, etc. Once complete, you can simply log into EM as the self service user and request for databases from the portal.
      More information available in the Rapid Start Kit chapter in Cloud Administration Guide

      4. Extensible Metering and Chargeback
       Last but not the least, Metering and Chargeback in release 4 has been made extensible in all possible regards. The new extensibility features allow customer, partners, system integrators, etc to :
      • Extend chargeback to any target type managed in EM
      • Promote any metric in EM as a chargeback entity
      • Extend list of charge items via metric or configuration extensions
      • Model abstract entities like no. of backup requests, job executions, support requests, etc
       A slew of emcli verbs have also been added that allows administrators to create, edit, delete, import/export charge plans, and assign cost centers all via the command line.
      More information available in the Chargeback API chapter in Cloud Administration Guide.

      5. Miscellaneous Enhancements
      There are other miscellaneous, yet important, enhancements that are worth a mention. These mostly have been asked by customers like you. These are:
      • Custom naming of DB Services
        • Self service users can provide custom names for DB SID, DB service, schemas, and tablespaces
        • Every custom name is validated for uniqueness in EM
      • 'Create like' of Service Templates
        • Now creating variants of a service template is only a click away. This would be vital when you publish service templates to represent different database sizes or service levels.
      • Profile viewer
        • View the details of a profile like datafile, control files, snapshot ids, export/import files, etc prior to its selection in the service template
      • Cleanup automation - for failed and successful requests
        • Single emcli command to cleanup all remnant artifacts of a failed request
        • Cleanup can be performed on a per request bases or by the entire pool
        • As an extension, you can also delete successful requests
      • Improved delete user workflow
        • Allows administrators to reassign cloud resources to another user or delete all of them
      • Support for multiple tablespaces for schema as a service
        • In addition to multiple schemas, user can also specify multiple tablespaces per request
      I hope this was a good introduction to the new Database as a Service enhancements in EM12c R4. I encourage you to explore many of these new and existing features and give us feedback.
      Good luck!
      References:
      -- Adeesh Fulay (@adeeshf)

      Thursday, June 5, 2014

      Two of my EM Articles in top OTN list

      Thanks to all my Readers. Ttwo of my OTN articles on using Enterprise Manager 12c for RMAN Backups and Data Guard Standbys are in the top 10 OTN list:

      https://blogs.oracle.com/archbeat/entry/top_10_architect_community_articles
      Regards,

      Porus.

      Wednesday, June 4, 2014

      List of Great New Features in EM12c Release 4

      Friends,

      This is a list of the many great new features in EM12c Release 4, from the official Oracle technical documentation. Check out the BI Publisher Integration, and the new Cloud Management features, such as being able to create Data Guard Standby databases via self-service:

      ·        Framework and Infrastructure
      ·        Services Management
      ·        Enterprise Monitoring and Incident Management Features
      ·        Fusion Application Management Features
      ·        Database Management Features
      ·        Middleware Management Features
      ·        Exadata Features
      ·        Cloud Management Features
      ·        Lifecycle Management

      Regards,

      Porus.

      Oracle Delivers Latest Release of Oracle Enterprise Manager 12c


      Richer Service Catalog for Database and Middleware as a Service; Enhanced Database and Middleware Management Help Drive Enterprise-Scale Private Cloud Adoption
      News Summary
      IT organizations are adopting private clouds as a stepping-stone to business-driven, self-service IT. Successful implementations hinge on the ability to efficiently deploy and manage cloud services at enterprise scale. Having a complete cloud management solution integrated with an enterprise-class technology stack is a fundamental requirement for IT. Oracle Enterprise Manager 12c Release 4 meets that requirement by helping businesses become more agile and responsive, while reducing cost, complexity, and risk.
      News Facts
      • Oracle Enterprise Manager 12c Release 4, available today, lets organizations rapidly adopt Oracle-based, enterprise-scale private clouds.
      • New capabilities provide advanced technology stack management, secure database administration, and enterprise service governance, enabling Oracle customers and partners to maximize database and application performance and drive innovation using self-service IT platforms.
      • The enhancements have been driven by customers and the growing Oracle Enterprise Manager Ecosystem, comprised of more than 750 Oracle PartnerNetwork (OPN) Specialized partners. Oracle and its partners and customers have built over 140 plug-ins and connectors for Oracle Enterprise Manager.
      • Watch the video highlights.
      Automation for Broader Cloud Services
      • Oracle Enterprise Manager 12c Release 4 allows for a rapid enterprise-wide adoption of database, middleware and infrastructure services in the private cloud, driven by an enhanced API-enabled service catalog.
      • The release features “push button” style provisioning of complete environments such as SOA and Oracle Active Data Guard, and fast data cloning that enables rapid deployment and testing of enterprise applications.
      • Out-of-the-box capabilities to detect data and configuration vulnerabilities provide enhanced cloud service governance along with greater operational control through a flexible and extensible showback mechanism.
      Enhanced Database Management
      • A new performance warehouse enables predictive database diagnostics and trend analysis and helps identify database problems before they occur.
      • New enterprise data-governance capabilities enhance security by helping systematically discover and protect sensitive data.
      • Step-by-step orchestration of upgrades with the ability to rollback changes enables faster adoption of Oracle Database 12c.
      Expanded Fusion Middleware Management
      • A new consolidated view of Oracle Fusion Middleware 12c deployments with a guided management capability lets administrators apply best management practices to diverse middleware environments and identify performance issues quickly.
      • A Java VM Diagnostics as a Service feature allows governed access to diagnostics data for IT workers across multiple disciplines for accelerated DevOps resolutions of defects and performance optimization.
      • New automated provisioning for SOA lets middleware administrators perform mass SOA provisioning with ease.
      Superior Enterprise-Grade Management
      • Private roles and preferred credentials have been added to Oracle Enterprise Manager to provide additional fine-grained security for organizations with complex access control requirements.
      • A new security console provides a single point of control for managing the security of Oracle Enterprise Manager environments.
      • Support for the latest industry standard SNMP v3 protocol, including encryption, enables more secure heterogeneous management.
      • “Smart monitoring” adapts to observed environmental changes and adds self-management capabilities to help Oracle Enterprise Manager run at peak performance, while demanding less IT supervision.
      Supporting Quotes
      • “Lawrence Livermore National Laboratory has a strong tradition of technology breakthroughs and leadership. As a member of Oracle’s Customer Advisory Board for Oracle Enterprise Manager, we have consistently provided feedback and guidance in the areas of enterprise-scale cloud, self-diagnosability, and secure administration for the product,” said Tim Frazier, CIO, NIF and Photon Sciences, Lawrence Livermore National Laboratory. “We intend to take advantage of the Release 4 features that support enterprise-scale availability and fine-grained security capabilities for private cloud deployments.”
      • “IDC's most recent CloudTrack survey shows that most enterprises plan to adopt hybrid cloud architectures over the next three years,” said Mary Johnston Turner, Research Vice President, Enterprise System Management Software, IDC. “These organizations plan to deploy a wide range of workloads into cloud environments including mission critical database and middleware services that require high levels of fault tolerance and disaster recovery. Such capabilities were traditionally custom configured for each application but cloud offers the possibility to incorporate such properties within the service definition, enabling organizations to adopt cloud without compromise. With the latest release of Oracle Enterprise Manager 12c, Oracle is providing customers with an out-of-the-box experience for delivering highly-resilient cloud services for databases and applications.”
      • “Since its inception, Oracle has been leading the way in innovative, scalable and high performance solutions for the enterprise. With this release of Oracle Enterprise Manager, we are extending this leadership by providing enterprise-scale capabilities for planning, delivering, and managing private clouds. We call this ‘zero-to-cloud – accelerated.’ These enhancements help our customers to expedite their adoption of cloud computing and prepares them for the next generation of self-service IT,” said Prakash Ramamurthy, senior vice president of Systems and Cloud Management at Oracle.
      Supporting Resources

      Notifications for Expiring DBSNMP Passwords

      Most user accounts these days have a password profile on them that automatically expires the password after a set number of days.   Depending on your company’s security requirements, this may be as little as 30 days or as long as 365 days, although typically it falls between 60-90 days. For a normal user, this can cause a small interruption in your day as you have to go get your password reset by an admin. When this happens to privileged accounts, such as the DBSNMP account that is responsible for monitoring database availability, it can cause bigger problems.
      In Oracle Enterprise Manager 12c you may notice the error message “ORA-28002: the password will expire within 5 days” when you connect to a target, or worse you may get “ORA-28001: the password has expired". If you wait too long, your monitoring will fail because the password is locked out. Wouldn’t it be nice if we could get an alert 10 days before our DBSNMP password expired? Thanks to Oracle Enterprise Manager 12c Metric Extensions (ME), you can! See theOracle Enterprise Manager Cloud Control Administrator’s Guide for more information on Metric Extensions.
      To create a metric extension, select Enterprise / Monitoring / Metric Extensions, and then click on Create.
      On the General Properties screen select either Cluster Database or Database Instance, depending on which target you need to monitor.  If you have both RAC and Single instance you may need to create one for each. In this example we will create a Cluster Database metric.  Enter a Name for the ME and a Display Name. Then select SQL for the Adapter.  Adjust the Collection Schedule as desired, for this example we will collect this metric every 1 day. Notice for metric collected every day, we can determine the exact time we want to collect.
      On the Adapter page, enter the query that you wish to execute.  In this example we will use the query below that specifically checks for the DBSNMP user that is expiring within 10 days. Of course, you can adjust this query to alert for any user that can cause an outage such as an application account or service account such as RMAN.
      select username, account_status, trunc(expiry_date-sysdate) days_to_expire
      from dba_users
      where username = 'DBSNMP'
      and expiry_date is not null;
      The next step is to create the columns to store the data returned from the query.  Click Add and add a column for each of the fields in the same order that data is returned.  The table below will help you complete the column additions.
      Name
      Display Name
      Column Type
      Value Type
      Metric Category
      Unit
      Username
      User Name
      Key
      String
      Security
      AccountStatus
      Account Status
      Data
      String
      Security
      DaysToExpire
      Days Until Expiration
      Data
      Number
      Security
      Days
      When creating the DaysToExpire column, you can add a default threshold here for Warning and Critical (say < 10 and 5). 
      When all columns have been added, click Next.
      On the Credentials page, you can choose to use the default monitoring credentials or specify new credentials.  We will use the default credentials established for our target (dbsnmp).
      The next step is to test your Metric Extension.  Click on Add to select a target for testing, then click Select. Now click the button Run Test to execute the test against the selected target(s). We can see in the example below that the Metric Extension has executed and returned a value of 68 days to expire. Click Next to proceed.
      Review the metric extension in the final screen and click Finish.
      The metric will be created in Editable status.  Select the metric, click Actions and select Deployable Draft. You can do this once more to move to Published. Finally, we want to apply this metric to a target. When managing many targets, it’s best to add your metric to a template, for details on adding a Metric Extension to a template see the Administrator’sGuide. For this example, we will deploy this to a target directly. Select Actions / Deploy to Targets. Click Add and select the target you wish to deploy to and click Submit
      Once deployment is complete, we can go to the target and view the Metric & Collection Settings to see the new metric and its thresholds.  
      After some time, you will find the metric has collected and the days to expiration for DBSNMP user can be seen in theAll Metrics view.   For metrics collected once per day, you may have to wait up to 24 hours to see the metric and current severity. In the example below, the current severity is Clear (green check) as it is not scheduled to expire within 10 days.
      To test the notification, we can edit the thresholds for the new metric so they trigger an alert.  Our password expires in 139 days, so we’ll change our Warning to 140 and leave Critical at 5, in our example we also changed the collection time to every 5 minutes.  At the next collection, you’ll find that the current severity changes to a Warning and any related Incident Rules would be triggered to create an Incident or Notification as desired.
      Now that you get a notification that your DBSNMP passwords is about to expire, you can use OEM Command Line Interface (EM CLI) verb update_db_password to change it at both the database target and the OEM target in one step.  The caveat is you must know the existing password to use the update_db_password command.  To learn more about EM CLI, see the Oracle Enterprise Manager Command Line Interface Guide.  Below is an example of changing the password with the update_db_password verb. 
      $ ./emcli update_db_password -target_name=emrep -target_type=oracle_database -user_name=dbsnmp -change_at_target=yes -change_all_references=yes
      Enter value for old_password :Enter value for new_password :Enter value for retype_new_password :Successfully submitted a job to change the password in Enterprise Manager and on the target database: "emrep"Execute "emcli get_jobs -job_id=FA66C1C4D663297FE0437656F20ACC84" to check the status of the job.Search for job name "CHANGE_PWD_JOB_FA66C1C4D662297FE0437656F20ACC84" on the Jobs home page to check job execution details.
      The subsequent job created will typically run quickly enough that a blackout is not needed, however if you submit a script with many targets to change, your job may run slower so adding a blackout to the script is recommended.
      $ ./emcli get_jobs -job_id=FA66C1C4D663297FE0437656F20ACC84
      Name Type Job ID Execution ID Scheduled Completed TZ Offset Status Status ID Owner Target Type Target Name
      CHANGE_PWD_JOB_FA66C1C4D662297FE0437656F20ACC84 ChangePassword FA66C1C4D663297FE0437656F20ACC84 FA66C1C4D665297FE0437656F20ACC84 2014-05-28 09:39:12 2014-05-28 09:39:18 GMT-07:00 Succeeded 5 SYSMAN oracle_database emrep
      After implementing the above Metric Extension and using the EM CLI update_db_password verb, you will be able to stay on top of your DBSNMP password changes without experiencing an unplanned monitoring outage.  

      Disclaimer

      Opinions expressed in this blog are entirely the opinions of the writers of this blog, and do not reflect the position of Oracle corporation. No responsiblity will be taken for any resulting effects if any of the instructions or notes in the blog are followed. It is at the reader's own risk and liability.

      Blog Archive