Delivering Oracle(aaS) on a Converged Infrastructure

Transcription

1 Delivering Oracle(aaS) on a Converged Infrastructure Success is about people, it s never about technology March 29, 2016 Robert Murray, INL Oracle Business Systems Architect UT Oracle Users Group Conference Salt Lake City, UT

2 Anyone wanting a copy of this slide deck, please me at robert.murray@inl.gov

3 ENSURING THE NATION'S ENERGY SECURITY INL is the nation s leading center for nuclear energy research and development. INL is part of the U.S. Department of Energy s complex of national laboratories. The laboratory performs work in each of the strategic goal areas of DOE: energy, national security, science and environment. INL is the nation s lead laboratory for nuclear energy research, development, demonstration and deployment and we are engaged in the mission of ensuring the nation s energy security with safe, competitive and sustainable energy systems and unique national and homeland security capabilities. Please visit

4 Abstract Delivering Oracle(aaS) on a Converged Infrastructure This presentation discusses how the Oracle team at the INL is progressing in transforming database deployments into a self service portal using VMware technology. Background information, cloning, VMDKs, Clusters, datastores, vsphere with Operations Management, vrealize Automation, and more will be discussed including the benefits this transformation brings to the organization and my team.

5 Part 1 Background Information ORACLE BUSINESS SYSTEMS

6 How do we succeed? I lead the Oracle team at the INL and we are responsible for storing and delivering information. A recent INL workshop conducted by the Table Group identified four basic ideas that my team must embrace to be successful in our responsibilities. This presentation is about Agility the need for self-service Reliability keeping it simple, and Innovation looking outside the box Information is valuable, it is stolen and sold for nefarious purposes. My next presentation is about protecting information at all costs. Security

7 Pre 2013 Situation Tight budgets, inadequate support staff, and limited training My team was too busy keeping the wheels on the bus to drive the bus De-moralized staff laying low and collecting paychecks Cyber and auditors were on our backs about fixing an ever increasing number of vulnerabilities: database, middleware, application, certs Silos focusing on their problems, choosing not to engage with the Oracle team to discuss any impacts their decisions might have on us Work packages ignored the Oracle Business Systems The majority of our systems were running on legacy technology We were paying out huge sums of money on software maintenance that included a large number of de-supported products Vendors site visits attempting to sell us more bloatware, shelfware, and costly hardware not listening to our needs, trying end runs around us

8 Transformation Challenges Fully understand the current state of the Oracle Business Systems and the technologies OBS is built on Build an OBS Transformation Roadmap and have it adhere to IM s core values of: reliability, sustainability, agility, and security Have management support the transformation from the top down Receive cooperation and support from Customers and the other organizational units Re-build and train a motivated work force Distinguish OBS from non OBS scope and define appropriate separation of duties The OBS reputation impacts the mission of enabling science that matters To be given the opportunity to be successful in fixing our situation

9 Some Useful Tips Technology can ease or increase your current work load Change (transformation) is always costly in resource, time, and money Avoid the analysis/paralysis pitfall, take ownership, and take action Believe in the vision, sell the vision, stand tall, and bend in the wind Push back on outside sales teams and quickly shutdown end runs Cutting edge solutions are usually just as bad as remaining legacy Don t be afraid to say no (you will have to a lot) Recognize what is really needed to add value and what does it cost Leverage small wins, try to leap frog where possible and be careful not to leap too far Know the order of things and have a plan, make sure you can complete the mission, i.e. don t sell what you can t deliver

10 Tuckman Stages for the OBS Team (3 years)

11 Part 2 Technology Discussion ORACLE BUSINESS SYSTEMS

12 2015 Building a HA Cloud Infrastructure

13 Simple, Elegant, Magic

14 Database HA Cluster with DRS

15 Middleware HA Cluster with DRS

16 Live Migration VMs are encapsulated in a VMDK Hosts in the cluster are connected to the VnX via Fiber-Channel Host Bus Adapters The EMC VnX presents storage as LUNs to Vmware clusters Production and critical VMDKs are placed on shared clustered datastores When VMs are placed on cluster attached storage, they are free to migrate between all available hosts in the cluster (DRS) Live migration does not impact the operation of the VM This is useful under the following scenarios: host patching, hardware maintenance, hardware failure, and load balancing Non production VMDKs are placed on local RAID-5 datastores Local datastores do not support live migration

17 VM Cloning

18 Review of Technologies Considered Oracle Virtual Compute Appliance, ZFS Appliance Oracle VM Infrastructure Oracle Real Application Cluster (RAC), Grid, ASM Oracle Data Guard Multitenant 12c Databases Deployed Converged Hardware: HP, EMC, and Cisco Vmware VM Infrastructure Vmware HA Cluster with DRS on Shared Datastores EMC Data Domain and Isilon Single Instance 12c DB This solution uses proven, less complicated, and more robust technology. The INL has staff experienced in these technologies and training adds to what we already know or fills in gaps. It s also way less expensive. DRS Distributed Resource Scheduler

19 Part 3 As a Service ORACLE BUSINESS SYSTEMS

20 2016 Defining the Cloud Self-service (aas) portals for IM s internal use and IM customers Rapid provisioning capability through virtualization, standard builds, and structured deployment processes Golden Images Agile, resilient, and sustainable environment that integrates a continuous process improvement lifecycle into the build process Optimum resource utilization with minimal management Automation Public Cloud has a specific function; e.g. Travel Accounting and Recruiting Private Cloud also has its specific function; e.g. systems where data is sensitive like Payroll and Human Capital Management Bottom line is, what can you safely expose and what must you do your best to secure

21 2016 Building Golden Images (using a PeopleSoft example) VM Oracle Linux Server PSoft SAND DB VM No O/S VM Oracle Linux VM Hardened O/S VM Oracle DB Software VM Application Database Created PSoft DEVL DB Concept and Process VM Oracle MW Software VM Web/App Installed 1. Reduce labor through reuse and recycling 2. Develop and enforce standards 3. Better builds through continuous process improvement 4. Add/remove functionality as needed 5. Apply upgrades, patches, fix vulnerabilities 6. Deploy one or more fully operational PeopleSoft databases < 1 hr PSoft TEST DB PSoft PROD DB

22 2016 Oracle Linux UEK(PaaS)

23 2016 Oracle DB(PaaS)

24 2016 Oracle FMW(PaaS)

25 2016 Oracle APEX(PaaS)

26 2016 Oracle Forms(PaaS) This platform runs applets within the browser -- this technology is deprecated and is offered to temporarily support legacy application frameworks waiting to be upgraded to APEX, ADF, Google Web Toolkit, or other modern PaaS. Working on javaws launch via 443.

27 2016 Oracle Reports(PaaS) This platform runs applets within the browser -- this technology is deprecated and is offered to temporarily support legacy application frameworks waiting to be upgraded to APEX, OBIEE, or other modern PaaS.

28 2016/17 vrealize Automation Kick off a Vmware clone of an operating Golden Image Manually run post-clone scripts (some examples) Change IP Address and Hostname of new VM Configure authentication service for new VM with Active Directory Register with Oracle Linux for patching, and run YUM update Change Data Domain mount point Change RMAN crontab start time based on OVM schedule Apply applicable PeopleSoft domain changes to database Apply PeopleSoft Data Masking script (optional) Restart PeopleSoft Web/App tier and purge cache To automate the manual process, we need to do the following: Upgrade from 5.5 to 6.x Deploy vsphere with Operations Management Convert from manual scripts to vrealize Automation

29 2016/17 OBS Offerings

30 Cloud Benefits for OBS Team Standard builds Golden Images Workflow automation of most M&O activities Easily create disposable test beds for the following : Patching and upgrades Vulnerability management Data masking and tablespace encryption O/S hardening and firewall rules User acceptance testing Role based identity governance Simulated disaster and recovery scenarios Staffing Increased labor efficiencies (building workflows) Decrease in M&O hours means more time for documentation, training, and strategic planning

31 Questions?