Oracle Enterprise Manager 10g: Making the Grid a Reality Jay Rossiter Vice President, System Management Products Oracle Corporation Session id: 40029.
Post on 22-Dec-2015
217 Views
Preview:
Transcript
Oracle Enterprise Manager 10g:Making the Grid a Reality
Jay Rossiter
Vice President, System Management Products
Oracle Corporation
Session id: 40029
Complete
Integrated
Scaleable
Low Cost
Enterprise Manager 10G
2x-10x lower cost to manageIncreased availability, reliability & performance
Automating the Data Center
Complete Management of the Oracle Grid
End Users
Integrated Management of Oracle Products
Oracle Collab Suite
3
Oracle eBus Suite
Oracle
Oracle9iASOC4J
Exhaustive individualcomponent
management:Admin
MonitoringProvisioning
1
Integrated SuiteManagement
Web Services Top Link
Integration
Portal
Web Cache
SSOWireless
Oracle9iASJ2EE
2
Management forOracle Eco-System
4
OtherApplications
Host and Hardware
Integrated
Database
Oracle9iAS
Storage
Network and Load Balancer
Applications
AdministrationMonitoring
ProvisioningSecurity
EnterpriseManager
Group Management
Hardware/Software Inventory
Configuration Performance
TopologyCentral
Repository
SDK
Policy Manager Task Automation
Scaleable
Automated management of sets of systems
Managing Groups
Managed from a single-view– Monitoring and automated
operations
Logical modeling of sets of systems
– Applications, Clusters, other sets
– Leveraged by all services – Jobs, Policies, …
Membership-based inheritance
Applications
Sets of Systems
Task Automation
Execute simple or complex tasks across 100’s of systems
Easy to use and scalable Pre-packaged jobs
– Backup, startup/shutdown, patch, clone…
Generic job types– SQL, OS command
Ad hoc job creation – Custom scripts
Cooperative job sharing Job Library
EM 4.x
Job System
Easy to Deploy
Fir
ewal
l
Mobile Device
HTML Console
Portals
HTTP/S
HTTP/S
HTTP/S
HTTP/S
Open Repository
Manage from Anywhere
Out-of-box Ready
Grid Control– Management of all the
Oracle Grid components– Centrally manage entire
enterprise– Out-of-box management for
all Oracle products
Product Controls– Fully functional standalone
management– Out-of-box with each
product
Grid Management
Application Service Level Management– End-to-end performance, availability & diagnostics
Standardization– Policy-based best practices
– Security Assurance
Automated Provisioning and Administration– Software, storage, application provisioning
– Change management and configuration
TokyoSales Office
ParisSales Office
New YorkSales Office
Any
Application
User
Monitor key business
transactions Availability Performance
Click-to-SQL Drilldowns
Click-to-EJB and J2EE Activity
External network Internal network Application Content App Server Database
End to End
Tracing
Web Application
All
Your
Users
All
Your
URLs
All
the
Time
Application Service Level ManagementEnd-to-End Performance, Availability & Diagnostics
System Component ManagementRich monitoring and diagnostics
Availability Real time monitoring and thresholds Event notifications Historical Data Analysis and Trending Performance diagnostics Cluster monitoring
Oracle
Database
10G
Oracle
Collaboration
Suite 10G
Oracle
EBusiness
Suite 11i
Oracle
Application
Server 10G
Application Service Level Management
End-user performance– All interactions– Javascript attached to
cookie– Response time is
captured in web server log
– Log data is loaded into the repository
– Require Oracle AS Webcache in the middle-tier
Business Transaction performance and availability
– Record transaction– Deploy to beacons
across the network– Transaction replayed– Metrics recorded in
repository– Works for any web
application
End-2-End tracing– Component level time
tracking– Click to EJB– Click to SQL
Standardization
Policy Management– Rule definitions– Violation detection– Corrective action
Security policies– Software installation
hardening– Excess services/ports– Excess user privileges
Configuration policies– Best practices– Base images
Performance polices– Thresholds
Policy Based Best Practices
Policy
Automated Security Checks
All Oracle Software1. Security alerts2. Critical patches
Host1. Detect open ports2. Detect insecure services
Application Server1. HTTPD has minimal privileges2. Use HTTP/S3. Apache logging should be on4. Demo applications disabled5. Disable default banner page6. Disable access to unused directories7. Disable directory indexing8. Forbid access to certain packages9. Disable packages not used by DAD owner10. Remove unused DAD configurations11. Redirect _pages directory12. Password complexity enabled13. Use HTTP/S
Database Services1. Enable listener logging2. Password-protect listeners3. Disable direct listener administration4. Disallow remote OS roles and authentication5. Disallow use of remote password file6. Restrict access to external procedure service
Database User Privileges1. Disable install and demo accounts2. Disallow default user/password3. PUBLIC has execute System privilege4. PUBLIC has execute Object privilege5. PUBLIC has execute UTL_FILE privilege6. PUBLIC has execute UTL_SMTP privilege7. PUBLIC has execute UTL_HTTP privilege8. PUBLIC has execute UTL_TCP privilege9. PUBLIC has execute DBMS_RANDOM10. Password complexity11. Restrict number of failed login attempts12. Authentication protocol fallback13. Connect and Resource grants
Automated Best Practices for Database
1. Insufficient Number of Control Files
2. Insufficient Redo Log Size
3. Insufficient Number of Redo Logs
4. Use of Unlimited Autoextension
5. Use of Non-Standard Init. Parameters
6. Recovery Area Location Not Set
7. Autobackup of Control File is not Enabled
8. SYSTEM TS Used as User Default TS
9. Segment with Extent Growth Policy Violation
10.Tablespace Containing Mixed Segment Types
11. Not Using Locally Managed Tablespaces
12. SYSTEM TS Contains Non-System Data Seg
13. Users with Permanent TS as Temporary TS
14. Insufficient Recovery Area Size
15. Force Logging Disabled
16. Not Using Spfile
17. Rollback in SYSTEM Tablespace
18. Not Using Undo Space Management
19. Non-uniform Default Extent Size
Certified Software Images
Base Image Library
“Certified” Systems• Test/Dev system• Production system
Agent
Agent
Agent
View/Search
Compare/Diff
Change Tracking
ReferenceConfigurations
Analyze
Install/Clone
Configure
Patch
Secure
LiveLink
Oracle.com
Product Updates
Patches
ProductConfiguration
OracleInventory
SoftwareConfigurations
HardwareConfigurations
Discover
Automated Provisioning
EnterpriseManager
Provision
Over 20% of downtime attributable to human configuration errors
Configuration Analysis
Complete inventory of all Oracle software
– Versions– Patch levels
Configuration details for all Oracle products
Related software and hardware configuration details
“How many DB instances need to have a given patch applied? – Is my O/S at the right patch level?”
Configuration Analysis
Tracking changes Comparing and
validating configurations Searching across
enterprise Understanding product
and feature usage
“When things stop working, the first thing we do is try to figure out what has changed”
CalISO DBA
Automated Patch Management
Real-time discovery of new patches Security patch rapid deployment dramatically reduces
vulnerabilities Automatic staging and application
– From hours to minutes Rolling RAC upgrade
Update
Inventory
Determine
Applicability2
Apply Patch3
4Patch Published1
Slammer virus exploited known security flaw to which patch was available 6 months prior to attack
Automated Software Cloning Operations
Reduce manual labor in software life-cycle– From hours to minutes
Automate mass provisioning of reference systems
Update
Inventory
Clone to
Selected Targets
2
3
Select Software (and Instances) to Clone
1
“Our DBAs spend about 25% of their time on database installs and cloning”
-Verizon Information Services DBA
Capacity-on-Demand
Load increase identified --
additional resources required
1
Systems chosen for deployment from
available hardware
2
New Hardware RAC DB
Production Application
Application Servers
New servers added to application
3
Image/Clone ASImage/Clone DBAssociate AS with InfrastructureAdd AS to clusterAdd DB server to RAC clusterConfigure DB server to get AS requestsConfigure SLB to include new AS
Automated Administration
Simplify complex tasks Automate tasks across
systems Single-button cluster
operations
Automated OperationsAll Target Types• System and application
availability• Set up of target-specific
metrics/thresholds• Configuration data collection• Performance data collection• Comprehensive monitoring• Alerts• Email and Paging notifications• Blackouts• User-defined jobs• System and application
response time measurements• Policy violation reporting• Clone Oracle Home• Patch search/download
ASM• Disk group admin (rebalance)• Startup/Shutdown• Disk group usage/status• I/O performance• Add/Remove disks
DB• General health assessment• Bad SQL identification• Top SQL identification• SQL recommendations• Tuning advisories• Performance trending• Backup• Restore• Security vulnerability ID• Create/remove
Physical/Logical Standby• Standby health assessment• Standby switchover/failover
RAC• Cluster cache coherency
monitoring• Failover events• Discovery of RAC topology• Startup/shutdown• Relocate services• Failover jobs
iAS• Config changes across cluster
(OC4J, Apache)• Create/Manage cluster• Deploy app to cluster• Reconfigure a farm• Add/Remove node from cluster• Clone (mid-tiers)• Patch
OCS• IMAP, SMTP End-2-end service
monitoring• Files End-2-end service
monitoring• Files document analysis: count,
size, format• Files user analysis: number,
quota consumed
Host/Host Clusters• Top processes identification
Automated Group OperationsAll Target Types• Config. change tracking• Configuration inventory• Diff configurations• Search configurations• Behavior inheritance (Jobs)• Create/manage groups• OS command jobs• SQL Script jobs• Aggregate Metrics• Alert Rollups• Set blackouts• Set monitoring levels• Set target properties• Set thresholds• Installation hardening• Security alerts and patches• Discovery
Host/Host Clusters• Add/Remove node from OS
cluster
ASM• Disk group admin (rebalance)• Startup/Shutdown• Disk group usage/status• I/O performance• Add/Remove disks
DB• Analyze• Backup• Export• Startup/Shutdown• Configuration Advise• Clone, Patch
RAC• Spfile changes across
instances• Start/Stop/Relocate services• Startup/Shutdown• Cluster cache coherency• Monitoring rollups• Add/Remove Instance
iAS• Config changes across cluster
(OC4J, Apache)• Create/Manage cluster• Deploy app to cluster• Reconfigure a farm• Add/Remove node from cluster• Clone (mid-tiers)• Patch
OCS• Custom grouping• Home pages for EMAIL and IM
WebApp• End-2-End availability• End-2-End monitoring• End-2-End tracing
EM• Agent deployment
What’s New in EM 10G
Area EM 9i EM 10G
Oracle Database
Oracle9iAS
Oracle Collab Suite
Oracle eBus Suite
Operating System
Storage
Network
SLB (Nortel, F5)
Hardware (Dell, Compaq)
Admin and Monitoring
Application Performance Management
– Real performance for All Your Users, All Your Pages, All the Time
– Application Availability– Synthetic transactions– End-to-end tracing
Enterprise Configuration Management
– Rapid installation– Deployment– Provisioning– Upgrade– Automated patching
Key new EM10G functionality
EM 10G Early Adopter: Merck
Uses EM to manage 1200+ systems worldwide Key v4 features driving rapid rollout:
- Enterprise-wide - performance and availability reports
- Automation- event thresholds via baselines
- Configuration management- compare/diff host hardware and software
Enterprise Manager 10G
2x to 10x lower cost to manage Oracle
Complete– Managing all the components of the Oracle grid
Integrated– Administration, Monitoring, Provisioning and Security
Scaleable– Minimal incremental cost for managing sets of systems
Low cost to implement and maintain– Pre-tested, certified works out of box
top related