Automating Deployment Management with 10g
|
|
|
- Peter Manning
- 5 years ago
- Views:
Transcription
1
2 Session id: Automating Deployment Management with 10g Hasan Rizvi Vice President Oracle Corporation
3 Agenda 1. Challenges, Problems, Definitions 2. Introduction to Enterprise Manager 10g 3. Deployment Management Solutions
4 Agenda 1. Challenges, Problems, Definitions 2. Introduction to Enterprise Manager 10g 3. Deployment Management Solutions
5 Data Center Economics Networking Facilities 9% 6% Mgmt 2% Helpdesk/NOC 8% System Admin 20% Software 24% Hardware 21% Operators 10% Management Solutions Target Source: Gartner, Forrester, Oracle analysis
6 Where is the time spent? Software Maintenance 6% Install 6% Create & Configure 12 % Ongoing System Management 55% Load Data 6% 25% of the time is spent on deployment management Source: IOUG 2001 DBA Survey
7 Deployment Management Realities Complex infrastructure Too many manual operations Limited resources
8 Result In High Labor Costs & Lower Quality of Service Patch handling costing businesses in excess of $2 billion annually Aberdeen Group Study $14,400 per server for a leading service provider 20-30% of application downtime can be traced to configuration problems caused by human error Various Studies
9 Agenda 1. Challenges, Problems, Definitions 2. Introduction to Enterprise Manager 10g 3. Deployment Management Solutions
10 Enterprise Manager 10 g Automating the Data Center Up to 10x lower cost to manage Highest Quality of Service Key Application Deployment Automation Foundation Complete Integrated Scaleable Low Cost
11 Complete Across the Oracle Eco-System End Users Application Service Level Management Oracle Collab Suite Oracle AS Oracle ebus Suite Integrated Suite Management Web Services Portal J2EE Integration OracleAS OHS OC4J Web Cache Wireless SSO Component Level Management Oracle DB Management for Oracle Eco-System
12 Integrated One Tool Lowers Learning Curve, Improves Quality of Service Host and Hardware Database OracleAS Network and Load Balancer Administration Monitoring Provisioning Security Enterprise Manager Applications Storage
13 Scaleable Automated management of sets of systems Task Automation Policy Management Hardware/Software Inventory Configuration Group Management Central Repository Topology Performance SDK
14 Managing Groups Manage Groups of Systems as a Single Unit Applications Sets of Systems Logical modeling of sets of systems Applications, Clusters Leveraged by all services Jobs, Policies, Managed from a single-view Monitoring and automated operations Membership-based inheritance
15 Task Automation Automate Operations Across Large Sets of Systems Job System EM 10g Designed for large number of targets Multiple job types OS command, SQL, Pre-packaged jobs Backup, startup/shutdown, patch, clone, Ad hoc job creation Custom scripts
16 Policy-Based Standardization Drives Consistency and Automation Policy Policy Management Types Rule definitions Violation detection Corrective action Performance policies Security policies Configuration policies
17 Easy to Deploy Low Operational Cost HTTP/S Manage from Anywhere HTML Console HTTP/S Mobile Device HTTP/S Firewall Portals HTTP/S Open Repository
18 Out-of-Box Ready Realize Immediate Value Grid Control Management of all the Oracle Grid components Centrally manage entire enterprise Out-of-box management for all Oracle products Product Controls Fully functional standalone management Out-of-box with each product
19 Agenda 1. Challenges, Problems, Definitions 2. Introduction to Enterprise Manager 10g 3. Deployment Management Solutions
20 Deployment Life-Cycle Oracle Inventory Software Configurations Hardware Configurations Discover Enterprise Manager Analyze View/Search Compare/Diff Change Tracking Reference Configurations Install/Clone Configure Provision LiveLi nk Oracle.com Product Updates Patch Patches Secure Product Configuration
21 Deployment Life-Cycle Oracle Inventory Software Configurations Hardware Configurations Discover Enterprise Manager Analyze View/Search Compare/Diff Change Tracking Reference Configurations Install/Clone Configure Provision LiveLi nk Oracle.com Product Updates Patch Patches Secure Product Configuration
22 Installation Improvements 10g Platform - DB, AS, OCS, EM Automated Elimination of manual steps Pre-requisite checks HW, OS configs, OS Patches, incl. Platform specific Improved performance Smaller, faster, less resource intensive Integrated modules Installation, configuration, patch, upgrade Robust Recoverable, Re-startable
23 Installation Improvements 10g Platform - DB, AS, OCS, EM Improved install types Silent Aligned with deployment use cases Integrated suite components Optimized for embedded installation Flexible Separation of installation actions from configuration actions More configuration flexibility
24 Fast, Lightweight Database Install 3 CDs 40 Min 1 CD Number of CDs 20 Min Install Time Oracle10g Oracle9i
25 Fast, Lightweight Client Install 200 MB 10 Min 70 MB Disk Footprint 1 Min Install Time Oracle10i Oracle9i
26 Simplified Configuration Database Configuration Assistant (DBCA) Reduced database creation time using preconfigured, ready-to-use database 90% reduction of initialization parameters 30 Basic parameters Automatically setup common tasks e.g. backups, alert notification
27 Out-of-box Configuration Policies
28 Zero-Downtime RAC Patching Patches certified as Rolling-Upgradeable Only shutdown one instance at a time to apply patch Application available through the patch application process
29 Simplified Upgrade Database Upgrade Assistant (DBUA) Pre upgrade checks (e.g. parameter settings) Post upgrade status checks Time estimator Re-startable Guide administrators in using best practices
30 AS Install Time Reduction J2EE/WC P & W BI/Forms Infra
31 Application Server Installation Other Improvements Install Metadata Repository Into Existing DB RAC-enabled Infrastructure Distributed Identity Management Install Port customization Metadata Repository Customization Forms & Reports without Infrastructure Quick Install & Upgrade Guides Configuration DCHP, FQDN Support Virtual Host Support On/Off Network Cluster aware Multiple App Servers on 1 Host in Different Clusters Secure Infrastructure Access for Install Re-runnable Configuration Tools Point-in-Time Restart Common Log Upgrade & Migration Automated Upgrade Assistant Rolling Upgrade Automated Backup for Upgrade Automated User Identity Migration
32 OCS Install Improvements Integrated single suite install Elimination of manual config steps Faster Automated upgrade Single-box install (DVD media)
33 EM Install Improvements Separate installation type Automated Management server Silent agent deployment Out-of-box ready No separate configuration required
34 Deployment Life-Cycle Oracle Inventory Software Configurations Hardware Configurations Discover Enterprise Manager Analyze View/Search Compare/Diff Change Tracking Reference Configurations Install/Clone Configure Provision LiveLi nk Oracle.com Product Updates Patch Patches Secure Product Configuration
35 Deployment Life-Cycle Oracle Inventory Software Configurations Hardware Configurations Discover Enterprise Manager Analyze View/Search Compare/Diff Change Tracking Reference Configurations Install/Clone Configure n Provisio LiveLi nk Oracle.com Product Updates Patch Patches Secure Product Configuration
36 Deployment Life-Cycle Oracle Inventory Software Configurations Hardware Configurations Discover Enterprise Manager Analyze View/Search Compare/Diff Change Tracking Reference Configurations Install/Clone Configure n Provisio LiveLi nk Oracle.com Product Updates Patch Patches Secure Product Configuration
37 Configuration Analysis - Search How many ias instances need to have a given patch applied? Is my O/S at the right patch level? Search across enterprise Complete inventory of all Oracle software Versions Patch levels Configuration details for all Oracle products Related software and hardware configuration details
38 Configuration Analysis Change History When things stop working, the first thing we do is try to figure out what has changed CalISO DBA
39 Configuration Analysis - Comparing Define and enforce reference configs Compare systems
40 Configuration Analysis Feature Usage Automatically track features enabled and used in a system Information can be used to determine applicable patches, support needs, diagnostics etc.
41 Deployment Life-Cycle Oracle Inventory Software Configurations Hardware Configurations Discover Enterprise Manager Analyze View/Search Compare/Diff Change Tracking Reference Configurations Install/Clone Configure n Provisio LiveLi nk Oracle.com Product Updates Patch Patches Secure Product Configuration
42 Deployment Life-Cycle Oracle Inventory Software Configurations Hardware Configurations Discover Enterprise Manager Analyze View/Search Compare/Diff Change Tracking Reference Configurations Install/Clone Configure Provision LiveLi nk Oracle.com Product Updates Patch Patches Secure Product Configuration
43 Deployment Life-Cycle Oracle Inventory Software Configurations Hardware Configurations Discover Enterprise Manager Analyze View/Search Compare/Diff Change Tracking Reference Configurations Install/Clone Configure Provision LiveLi nk Oracle.com Product Updates Patch Patches Secure Product Configuration
44 Provisioning Capacity-on-Demand Automated addition/reallocation of servers Grid Deployments Key operations Software cloning Software patching Cluster configuration management Security
45 Software Cloning Our administrators spend about 25% of their time on installs and cloning -Verizon Information Services DBA Reduce manual labor in software life-cycle From hours to minutes Automate mass provisioning of reference systems Intelligent Cloning makes context-specific adjustments DB: home, host name, listener ias: IP address, host name, web listener 1 Select Software (and Instances) to Clone 2 Clone to Selected Targets 3 Update Inventory
46 Cloning Database Clone an Entire Database Including software Data+Schema Cloning Schema and data (subset) cloning Version and platform independent Add/Remove nodes from RAC clusters
47 Cloning Application Server Three simple steps to high availability and load balancing Intelligent HOME cloning Makes local changes and inventory updates Includes J2EE applications Middle Tier Cloned Middle Tier Reassociation with OID infrastructure Updates both middle-tier and infrastructure Cluster join Configure new node for J2EE clustering or Join an infrastructure farm Infrastructure
48 Base Image Selection Available Base Images
49 Destination
50 View new Clones
51 Automated Patch Management Slammer virus exploited known security flaw to which patch was available 6 months prior to attack Real-time discovery of new patches Security patch rapid deployment dramatically reduces vulnerabilities Automatic staging and application From hours to minutes Rolling RAC upgrade 2 Determine Applicability 3 Apply Patch 1 Patch Published 4 Update Inventory
52 Automated Patching
53 Through 2005, 90 percent of cyberattacks will continue to exploit known security flaws for which a patch is available or a preventive measure is known. - Gartner, May 2002
54 Security Enforcement Key problems Tracking advisories Tracking vulnerabilities Applying fixes Keeping fixes in place across thousands of servers and software installations in the enterprise
55 Automated Security Policies Critical Patch Advisor Security alerts Installation hardening Software Instances Users
56 Critical Patch Advisor Automatic tracking of critical bug advisories Daily inspection of all installations and flagging of violators In-context launch of patch wizard to deploy and apply appropriate patches
57 Installation Hardening Host 1. Detect open ports 2. Detect insecure services Application Server 1. HTTPD has minimal privileges 2. Use HTTP/S 3. Apache logging should be on 4. Demo applications disabled 5. Disable default banner page 6. Disable access to unused directories 7. Disable directory indexing 8. Forbid access to certain packages 9. Disable packages not used by DAD owner 10. Remove unused DAD configurations 11. Redirect _pages directory 12. Password complexity enabled 13. Use HTTP/S Database Services 1. Enable listener logging 2. Password-protect listeners 3. Disable direct listener administration 4. Disallow remote OS roles and authentication 5. Disallow use of remote password file 6. Restrict access to external procedure service Database User Privileges 1. Disable install and demo accounts 2. Disallow default user/password 3. PUBLIC has execute System privilege 4. PUBLIC has execute Object privilege 5. PUBLIC has execute UTL_* privilege 6. PUBLIC has execute DBMS_RANDOM 7. Password complexity 8. Restrict number of failed login attempts 9. Authentication protocol fallback 10. Connect and Resource grants
58 Capacity-on-Demand Production Application 1 Load increase identified -- additional resources required 2 Systems chosen for deployment from available hardware 3 New servers added to application Image/Clone AS Image/Clone DB Secure software Associate AS with Infrastructure Add AS to cluster Add DB server to RAC cluster Configure DB server to get AS requests Configure SLB to include new AS New Hardware RAC DB Application Servers
59 Deployment Management Productivity Typical Tasks Clone Database: 4x Improvement Clone ias: 12x Improvement Apply Patch: 10x Improvement Validate Policy Compliance: 12x Improvement Provision new servers: 8x Improvement Avg, DBA Time per System (hrs/yr) x No. of Systems Managed Pre-10g Environment 10g Environment
60 Deployment Life-Cycle Oracle Inventory Software Configurations Hardware Configurations Discover Enterprise Manager Analyze View/Search Compare/Diff Change Tracking Reference Configurations Install/Clone Configure Provision LiveLi nk Oracle.com Product Updates Patch Patches Secure Product Configuration
61 EM 10g Early Adopter Customers
62 Enterprise Manager 10 g Automating the Data Center Up to 10x lower cost to manage Highest Quality of Service Key Solution Deployment Automation Foundation Complete Integrated Scaleable Low Cost
63 More Details End-to-End Performance Management TUE - Session :00am Moscone Room 135 Guru Chat Systems Management Products TUE - Jay Rossiter 4:30pm South Exhibit Hall Guru Lounge Managing Oracle Application Server WED - Session :30am Moscone Room 134 How to Deploy, Monitor and Manage Middle-Tier Applications WED - Session :00pm Moscone 134 Configuring, Deploying and Managing the Oracle Collaboration Suite WED - Session :30pm Moscone Room 270 Monitor Custom Applications Across the Grid THUR - Session Hoosh Afsar of Fannie Mae 1:00pm Moscone Room 202 Enterprise Manager: Scalable Oracle Database Management THUR - Session :00pm Moscone Room 103 Install and Configure Enterprise Manager in Six Easy Steps THUR - Session :15pm Moscone Room 103 Securing Your Enterprise with Oracle Enterprise Manager THUR - Session :15pm Moscone Room 103
64 Q U E S T I O N S A N S W E R S
65