Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Best Practices from Oracle Cloud Delivered On-Premises with Oracle Enterprise Manager
Shailesh Dwivedi Director, Product Management, Oracle Enterprise Manager Nara Gogineni Sr. Director, Oracle Cloud Operations
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Safe Harbor Statement
The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Program Agenda
Oracle Cloud Overview
EM use in Oracle Cloud
Best Practices for Private Cloud
1
2
3
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Total Cloud Control
Optimized, Efficient Agile, Automated | |
Expanded Cloud Stack Management
Scalable, Secure
Superior Enterprise-Grade Management
Complete Cloud Lifecycle Management
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Oracle Cloud
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Oracle Cloud
• Comprehensive suite of Cloud services
• Continuously evolving service catalog
• Rapidly growing user base
• Built on industry standards
– SQL, Java, HTML5, Web, REST API
• Service-Oriented Architecture
– on-premise integration
• Based on Oracle Stack
Massively Scalable Public Cloud
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Oracle Cloud
10,000 + Hosts
100,000 + Service Instances
1.5 Million+ Targets
1.5 TB+ EM Repository
1000s of automation jobs per day
10,000s of page views per sec
By the Numbers
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Oracle Cloud: Platform as a Service
Common Infrastructure Services
Database
Java
Developer
Mobile
Documents
Social Network BI
Big Data
Integration
BPM
I/T Analytics
App Store
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Oracle Cloud: Global Data Centers*
*Data center strategy
subject to change
• 19 State of the Art ‘Tier IV Class’ Facilities
• Baseline 99.999% Availability of Power/Cooling
• 24X7 Active Monitoring and Support
• Carrier Neutral – Best in Class Peering
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Support
•User Experience •SLAs
•Metering
•Reporting
•Monitoring
•Availability
•Patching
•Compliance
•Infrastructure
•Provisioning
•Elasticity
•Security
•Isolating customer issues
•Diagnostics
Requirements for Oracle IT Strategic Initiative, Multiple Stakeholders
Platform Operations Business
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Business
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
• Oracle cloud uses custom Cloud Portal and Provisioning Engine
• Enterprise Manager Cloud Control – Nerve Center of Oracle Cloud
– EM Repository is single source of truth
– Integrates with Cloud Systems
– Integration methods used • EMCLI
• REST APIs
• MOS APIs
• LDAP Calls
Enterprise Manager
Oracle Cloud Systems
Customer Onboarding
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Customer Dashboard
• Service Console
• Current Availability
• Dashboard of monthly/yearly status report
• Service availability based on component status
• Metering and Reporting
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Cloud Capacity Report and Trending • Capacity Reports
– Inventory and Utilization of cloud compute power and ZFS storage
– Network, I/O, Firewall throughput via Metric thresholds
– Inventory of Pre-provisioned Instances
– Service provision time
• Trending
– Space Usage growth – 3 Month
– Service Growth – % growth quarter over quarter
– VMs allocated last 3 months
– Growth in Number of users
– Compute Nodes available
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 13 17
Business Reports
Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 13 18
Platform
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Service Onboarding – Pre-Provisioning VMs Hydrated
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
MyCompany MyCompany
Service On Boarding – Provisioning “Personality” Assignment to Service
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
/mycompany
/mycompany
/mycompany
MyCompany MyCompany
Service On Boarding – Enabling Service HTTP Routing Configuration Once Service is Live
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Compute Cloud for PaaS Services
Elastic Compute with block storage & High Availability
Based on Nimbula Virtualization
Network Isolation; Elastic IP Addresses
Service Manager does provisioning orchestration for PaaS services (DB, Java, Integration etc)
Cluster 1 Cluster 2
Infrastructure controller
Virtualization Layer
REST API
Elastic Compute
Compute
Workloads
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Service Provisioning Workflow Automation
Automated flows in Enterprise Manager Using REST APIs and EMCLI
Service Registration
•Automated Discovery
•Register Service components
•Define System Topology
Define Systems and Groups
•SaaS, PaaS Systems
•Patch Groups
•Infrastructure Groups
Access Management
•Authentication through IDM
•Accounts for tenant administrators
•External Roles
Schedule Jobs
•Log rotation
•Log archival
•Certificate Renewal
•Incidents Archival
Enable Service Monitoring
•Monitoring Template
•Compliance Template
•ATS
•Business Transaction flows
•Business metrics
•RUI Integration
Tenant Administrator
https://cloud.oracle.com
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Disaster Protection using EM SiteGuard
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Operations
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Primary Goals
• Highly available, Responsive and Stable service delivery
System
Service
User Experience
• Security and Compliance
• Adaptive, Responsive and Agile Service Operation functions
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Management of Cloud Service System Availability
• Hardware IB switches, PDUs, compute nodes, storage cells,
ASR
• Software Availability, Performance, Load, Capacity, Security
Application, Firewall, Middleware, Database, ASM, OS, OVM
• Configuration Configuration drifts, Healthchecks, Patch
Recommendations
• Performance SQL, Exadata Cell, Service
• Diagnostics Incidents, JVMD, RUEI
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
• Availability based on defined business transactions
• Performance and Usage metric trends
• Service and System Incidents
• Daily, weekly, monthly consolidation
Oracle Confidential – Internal
Management of Cloud Service Service Availability
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
• Non-intrusive Monitoring
• Automated reports aggregated for each Cloud Service
• Real user performance and usage data
• Session Replay
• Secure
Oracle Confidential – Internal
Management of Cloud Service User Experience
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
24x7 Service Management for Oracle Cloud Eyes on Dashboard
• Real Time Service Dashboards showing availability and KPI
• Status Summary across SaaS, PaaS , and other Infrastructure Systems
• Drill-down capability to identify root cause quickly
Oracle Confidential – Internal
Servers
Middleware/ Database
Fusion Apps
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
• Enforce Security policies and Compliance Framework rules
• Extend EM Compliance Framework
Critical/Recommended patches
Certificate age
Password Compliance
Failed Logins
• Configuration Compliance
Drifts from gold images
• Audit
Logins, Jobs, Admin Tasks
Monitor access on application files/directories
Oracle Confidential – Internal
Security and Compliance
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
• Oracle Identity Management Integration
External authentication and authorization
Automated External Roles
Identity Groups
• Centralized Password Management
Named Credentials
Privilege Delegation
Automated Deployment Procedures
Oracle Confidential – Internal
Security and Compliance Access Management
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
• Patch recommendations guided by MOS
• Automated download and design of Patch Plans
• Conflict analysis
• Automated deployment of Patch Plan on target Groups
• Manage quiet periods
• Integrated Blackouts
Oracle Confidential – Internal
Rapid Deployment Upgrade, Patch, Configuration
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Support
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Oracle Cloud Customer Support Process Leverages MOS Integration & Auto-SR
Oracle Confidential – Internal
My Oracle Support
EM Service Console Oracle Cloud
Services
Tenant
Oracle Support Analysts Service
Management & Monitoring
EM Management Repository
Incident Correlation
Event Compression
Auto SR on Service
Outage
View/Create Service Request
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Notify Operations Team
Notify Customer
Create Service Outage SR
Service Component State Change
Detected
Tenant Administration
System
My Oracle
Support
EM Notification Module
EM Incident Manager
EM
Inci
de
nt
Cre
ate
d
2 mins
Event Detected
EM Portal
Cloud Support – Incident Management
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Cloud Support System Dashboard
• Eyes on the dashboard
• Auto SR
• Managing Incident queues
• Handshake on Incidents
• Mobile Notification
• Engineered Systems - Lights out Monitoring (ASR)
Auto SR
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Cloud Support Service Dashboard
• Enabled Service Console
• Search Cloud Services using Business parameters
• Isolate Customer Issue
• Review Service Health, Incidents, Alerts
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Log Viewer
• View thousands of logs across multiple domains/hosts
• Search for error string across all logs of a service
• Real time
• No host logins required
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Cloud Support - Diagnosis and Remediation Automated Corrective Action
• Diagnose Root Cause using Support Workbench
• Standard Operating Procedures
• Run Fix-It Job to remediate Incident
• Impact Analysis using Topology views
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Best Practices for Private
Cloud
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Oracle Cloud Tech Stack
Same Stack Available for Private Cloud
Exalogic Private Cloud
Virtual Network (Ethernet)
Elastic Compute & Storage
IaaS API (Openstack compatible)
PaaS Service Manager & API
PaaS Services
Virtual Network (Infiniband)
Elastic Compute & Storage
IaaS API (Openstack compatible)
PaaS Service Manager & API
PaaS Services
PaaS API & Dev Ops Tools PaaS API & Dev Ops Tools
Public Cloud
Private Cloud
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Consolidation: DBaaS Architectures EM12c Supports Database Versions 10gR2 to 12c
Virtual Machines
Share servers
Dedicated Schema(s)
Share servers, OS
and database
Increasing Consolidation
Dedicated DBs
Share servers and
OS
Pluggable DBs
Share servers, OS
and database
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Key Takeaways Things to Think About On Your Cloud Journey
• Start with a solid hardened platform. That is your foundation
• Identify Tenancy model early on for offerings
– Single v/s Multi-tenant, resource sharing, restricting resources by tenants
– Runaway queries, runaway threads
• Define a pool of warm resources and maintain a free list
– Servers, VMs, DB, AppServers etc. to reduce provisioning time
• Security is paramount
– Defines roles, privileges, ACLs, data encryption (including at rest), revocation, application trust, Geo requirements
– Safeguards for malicious attacks
• Define SLAs and failover/recovery mechanism and factor that in to architecture from get go
• Define Ops/Support roles, process, ACLs early on including DevOps
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |
Key Takeaways Things to Think About On Your Cloud Journey • Management cannot be an afterthought
– Be prepared to face massive consequences if you don’t plan ahead
• Use a single app-to-disk management tool providing a single pane of glass
• Lifecycle Automation is Cloud Provider’s responsibility
• Leverage IaaS and PaaS automation of EM
• Automation for Management
– Agent deployment, Compliance Standards, Discovery, SLA definition, Admin Group, Access controls integrated as a part of service provisioning
– Define and gather all the relevant metrics and dashboards
– Roles and access control
• It is not just about technology, people and process matters
• Automation wins the day
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. |