PureApp Hybrid Cloud - Mark Willemse ING Presentation 11th September 2014
Â
Oda as an enterprise solution at walgreens oow 2012 v7
1. Oracle Database Appliance
as an Enterprise Solution at Walgreens
Oracle Open World 2012
Session CON3776
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork* 1
2. Agenda
âą Background â Review Walgreensâ Experience with the Oracle Database
Appliance
â ODA Business Case
â Why Walgreens picked the ODA for a critical business application
âą Key understandings needed to manage ODA's as an enterprise solution
âą Blueprint for deploying the ODA as an enterprise solution
â Pre-deployment Steps
â Post-deployment Steps
âą ODA Best practices
âą ODA Reference Guide & Resources
âą Question & Answer
âą Slide Notes
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
3. Walgreens
âą Nation's largest drugstore chain with fiscal 2011 sales of $72 billion.
âą 7,929 drugstores in all 50 states, the District of Columbia and Puerto Rico
âą Fortune magazine World's Most Admired Companies (published March 4, 2011)
â Walgreens ranked No. 4 among food and drugstores and has been listed for the past
18 consecutive years.
â Walgreens ranked 32nd overall in revenue, 3rd among food and drugstores, on the
Fortune 500 list
âą Walgreens scope of pharmacy services includes retail, specialty, infusion,
medical facility and mail service, along with respiratory services.
â These services improve health outcomes and lower costs for payers including
employers, managed care organizations, health systems, pharmacy benefit managers
and the public sector.
âą In June, 2012, Walgreens acquired a 45 percent stake in Alliance Boots, a
European Pharmacy retailer, with an option to acquire the remaining 55% stake
in 3 years.
â Combined: 11,000 stores in 12 countries
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
4. Who We Are
âą Matt Gallagher
â Database Architect Lead
â 14 years at Walgreens
â 16 years of Oracle experience
â Linked In
âą Fuad Arshad
â Senior Database Architect
â 15+ years of Oracle experience
â 11 years at Walgreens
â Twitter @fuadar G+ +Fuad Arshad
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
5. Oracle Database Appliance
âą What Is it to the World
We will optimize our technology so you can maximize your business.
Copyright 2010 Walgreen Co. *Accountability*Communication*Quality*Teamwork*
6. Oracle Database Appliance
âą What we feel it is .
We will optimize our technology so you can maximize your business.
Copyright 2010 Walgreen Co. *Accountability*Communication*Quality*Teamwork*
7. ODA Business Case â Top Business Benefits
1. Engineered System - Hardware and software designed to fit together
2. Cost â Engineered system at commodity hardware prices
3. Deployment in Days, not Months
4. Expertise levels required to deploy HA solutions reduced
5. Standard known configuration
6. ODAâs come with an extensive administration and monitoring toolkit
7. Consolidation platform for instances requiring 12 cores or less
8. Patching & upgrade automation of all tiers as a Unit (vs. fall behind)
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
8. ODA Business Case â Top Business Benefits
9. Administration benefits / savings
10. Stability & availability from standard tested configurations
11. ODA has dedicated development & support teams
12. The Next Versions
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
9. Why Walgreens picked the ODA for supporting
a critical Application
âą Main Reason for choosing the ODA - Time to Deployment requirement of 2 weeks,
which included ordering and shipping the hardware
âą We needed a High Availability architecture deployed over 2 data centers
âą Typical Server setup steps & Teams not needed
â AIX (107); Solaris (103); Linux (103)
â ODA Setup steps â in the 20âs
â Teams not needed (storage, server, PMâs, less networking)
âą Major Tasks Avoided
- Equipment specing
- Building private interconnect networks
- IO virtualization setup
- Server and SAN setup, OS installs
- Clusterware and DB installs
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
10. Why Walgreens picked the ODA for supporting
a critical Application
âą IVR Metrics
â Mission critical application â Centralizing phone call routing for 8,000 stores, including
Rx refills
â DR Class A (RTO â near zero; RPO â near zero)
â Designed for 800 million phone calls per year â Peak (548K / hour; 9,100 / min.,
152/sec)
â Number of ODAâs deployed for IVR DB's - 14
âą ODA Deployment Example
â From data center floor to production in 3 days (Monday - DC install, Tuesday â network
cabling, Wednesday â install 4 ODAâs in parallel)
â Thursday - Lunchtime rebuild of a production server as a confidence test
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
11. After the picked ODAâs â More reasons
âą DBaaS (Database as a Platform) Strategic choice along with Exadata
â Pre-deploy DB infrastructure vs. wait for builds
âą Exadata non-production environments
âą The business, project managers and application teams are asking for ODAâs
â Frequently heard question â âCan we do this on an ODAâ?
âą Current number of appliances â 30 + and growing (Sept., 2012)
â Plus Exadata
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
12. ODA Time to Deploy Comparison (in days)
We will optimize our technology so you can maximize your business.
Copyright 2010 Walgreen Co. *Accountability*Communication*Quality*Teamwork*
13. Key Understandings needed to manage ODAâs
as an Enterprise Solution
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
14. Key Understandings â ODAâs as an Enterprise Solution
1. Develop a formal solution architecture
2. Understand the ODA limitations
3. Security Lockdown
4. Set a goal
5. Technical project tracking
6. ODA monitoring
7. ODA Administration
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
15. Key Understandings â ODAâs as an Enterprise Solution
8. Managing resources to control licensing & resources
9. Prepare to handle potential failures in advance
10. Break any bad habits
11. Understanding patching is a key challenge
12. An ODA is not a black box
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
16. Key Understandings â Evolution of the Oracle Appliance
Kit (OAK)
1. OAK 2.1.0.1-2.1.0.2
â Base Release
â Oakcli
2. OAK 2.1.0.31
â Performance enhancements â BIOS fix that improved CPU performance
â ASR integration
â Allowed oakcli deploy âconf to pass deployment files.
3. Oak 2.2 â
â Upgraded the Kernel to the UEK and fixed the Cluster Health Monitor and ASR functionality
â 11.2.0.3 support introduced
â Odachk for healthchecks
â Cluster Health Monitor(CHM)is fixed
4. OAK 2.3 - A major leap forward
â Multiple DB homes now supported (11.2.0.2.7 & 11.2.0.3.2 onwards)
â Expansion of the oakcli command set
â Odachk enhancements
â Database patching is rolling upgradable
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
17. Blueprint for deploying the ODA
as an Enterprise Solution
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
18. Pre-deployment steps
1. Develop the solution architecture
2. Data Center Install request
3. Assign rack location (4u) with Power
4. Security zoning / Firewall architecture
5. Create the Deployment template
â Cabling & IP specs
6. IP assignment request
7. Cabling request
8. Firewall request
9. DNS request
10. VPN request for remote access
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
19. Pre-deployment steps
1. Develop the solution architecture
2. Data Center Install request
3. Assign rack location (4u) with Power
4. Security zoning / Firewall architecture
5. Create the Deployment template
â Cabling & IP specs
6. IP assignment request
7. Cabling request
8. Firewall request
9. DNS request
10. VPN request for remote access
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
20. Pre-deployment steps (Cont.)
11. Order the ODA
12. Rack the appliances
13. Cable the servers
14. Create the Install configurator files using the offline configurator tool
15. Decide What type of template you want to use for Database creation
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
21. The Deploy Poster
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
22. The Deploy Poster
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
23. Deployment
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
24. Post-deployment steps
1. Instances are setup using templates â they may need some tweaking
2. Build additional instances (dbca or oakcli)
3. Change the default passwords (root, oracle)
4. Configure mail
5. Configure and test ASR (Automatic Service Requests) â Phone Home
6. Install YaST rpmâs (needed for server administration via OEM)
7. Install OEM (single monitoring stack) 12c agent and configure OEM
8. Setup backups
9. Modify adrci settings (base & homes)
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
25. Post-deployment steps
10. Setup proc watcher (as a RAC resource but don't run it unless needed)
11. Label appliances and servers & record the data center rack locations
12. Inventory CSIâs / serial numbers
13. Register CSIâs in MOS and grant access to team members
14. Install 11.2 clients & jdbc versions required for scan listener support
15. Setup instance caging & other resource control mechanisms
16. File system backups vs. images
17. Save your images for faster restores
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
26. Post-deployment steps
18. Complete the RAC setup
19. Security lockdown
20. Implement and test the remaining elements of the Solution Architecture
â This includes the data recovery and DR facilities
21. Utility deployment
22. Database migration
23. Post-upgrade
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
27. ODA Best Practices
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
28. ODA Best Practices
1. Submit Requests for packages / bug fixes to the ODA support team (SR)
2. Technical project management matters
3. Create a versions tracker
4. Retain system images (ISOâs)
5. Order a sandbox ODA if you can afford it
â Order spare disk drives if you can afford it
6. Develop a method for remote installs
7. Inventory CSIâs / serial numbers
8. Label the servers
9. Test everything (failover, recovery, âŠ)
10. Define and implement non-technical operations best practices
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
29. ODA Best Practices (cont.)
11. Take an architecture driven vs. an incident driven approach to HA
12. Develop and implement a formal Data Recovery plan
13. Cache as much data in memory as possible (to drive Logical IO from Physical)
14. Specialize skill sets, at least to an extent
â Similar to the Database Machine Administrator concept
15. Think twice (or more) before making customizations
â Including one off patching
16. Consider using a new image vs. the image the ODA comes with if the version is
two or more generations back
17. Manage resources on the appliance
18. Training and process documentation
19. Pay attention to capacity monitoring and planning
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
30. ODA Reference Guide
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
31. MOS Documents
Category MOS Doc Document
Deploy 1373617.1 ODA end user deployment including
configurators
1409835.1 ODA deployment including restarting steps &
cleanup (start over) process
1448278.1 ODA deploy step-by-step deploy guide
(Version 2.1)
1469093.1 ODA deploy step-by-step deploy guide
(Version 2.2)
Post-Deployment 1353507.1 Enable outbound sendmail
1415573.1 ODA support for new features (multiple
Homes & 3rd party agent support)
1422563.1 Configure additional networks post
deployment
1435019.1 ODA: How to setup ACFS post deployment
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
32. MOS Documents
Category MOS Doc Document
Post- 1436335.1 ODA post deployment configurations index
Deployment including additional networks & ACFS
1461798.1 Download Linux rpms directly to an ODA
1461818.1 Using a separate Linux machine as an RPM
repository
Start 888888.1 2.x supported versions and Known issues
1392174.1 Engineered Systems welcome center including
opening SR's for engineered systems
1417713.2 ODA Information Center
1463638.1 ODA FAQ
Recovery 1373599.1 ODA bare metal restore procedure
Security 1450387.1 Responses to common ODA security scan
findings (not released yet)
1461102.1 & Security Technical Implementation Guide
1456609.1 (STIG) script
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
33. Resources
âą MOS Community (Engineered Systems)
âą Blogs
â https://blogs.oracle.com/eSTEP/
âą http://www.oracle.com/technetwork/server-storage/engineered-
systems/database-appliance/overview/index.html
âą Tips for Hardening an Oracle Linux Server
â http://www.oracle.com/technetwork/articles/servers-storage-admin/tips-harden-oracle-
linux-1695888.html
â http://www.oracle.com/technetwork/articles/servers-storage-admin/secure-linux-env-
1841089.html
âą UEK benefits podcast
â https://blogs.oracle.com/OTNGarage/
âą Dan Morganâs Library
â http://www.morganslibrary.org/reference/oda.html
âą Arup Nanda Linux & Exadata series
â http://bit.ly/k4mKQS & http://bit.ly/lljFl0
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
34. Resources
âą Oracle Linux articles
â http://www.oracle.com/technetwork/articles/linux/index.htm
âą Oracle Technology Network (backup, migration, Data Guard, expanding storage,
setup resources, demos, documentation âŠ)
â Documentation - Getting Started Guide, Owners manual, Service manual, ASR
manual, Setup Poster
â http://www.oracle.com/technetwork/server-storage/engineered-systems/database-
appliance/overview/index.html
âą www.youtube.com
â Too many ODA videos to list
âą Database as a Service (DBaaS)
â http://www.oracle.com/technetwork/topics/entarch/oes-refarch-dbaas-508111.pdf
âą Coming soon
â Official release of the one button Data Guard deployment script
â More âOne Buttonâ deployments to follow
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
35. Resources
âą Misc. Resources
â http://blog.oracle-ninja.com/2011/09/inside-the-oracle-database-appliance-part-1/
â http://blog.oracle-ninja.com/2011/12/inside-the-oracle-database-appliance-
%E2%80%93-part-2/
â https://blogs.oracle.com/eSTEP/entry/oda_announcing_oda_external_storage
â http://docs.oracle.com/cd/E22693_01/index.html
â https://blogs.oracle.com/ODA/
â http://www.oracle.com/us/products/database/database-appliance/overview/index.html
â www.oracle.com/databaseappliance
â http://www.pythian.com/news/26701/oracle-database-appliance-faq/
â http://www.pythian.com/news/34715/migrating-your-10g-database-to-oda-with-minimal-
downtime/
â http://www.pythian.com/news/33245/insiders-guide-to-oda-performance/
â http://www.slideshare.net/gwenshap/shapira-oda-perfwebinarv2
â http://www.pythian.com/news/27201/oracle-database-appliance-storage-performance-
part-1/
â https://blogs.oracle.com/dragonfly/entry/making_easy_easier (RAC in 2 hours)
â https://blogs.oracle.com/dragonfly/ (Overall ODA ease of deployment
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
36. Resources
âą Misc. Resources (Cont.)
â http://www.oracle.com/us/products/database/oracle-database-appliance-faq-
495423.pdf
â http://www.oracle.com/us/technologies/linux/uek-r2-features-and-benefits-1555063.pdf
â http://www.oracle.com/partners/en/knowledge-zone/server-storage/database-
appliance-494792.html
â http://www.oracle.com/partners/en/most-popular-resources/na-databaseappliance-
fridaysessions-1522340.html
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
37. Additional Thanks to our ODA Strategic
Customer Program support team
âą Ian Cookson â ODA Technical Manager â Keeping the SCP on track
âą Duane Smith â ODA Technical Guru
âą Raji Sabbagh â Our enthusiastic âget startedâ installation master
âą Charlotte Momich â ODA marketing
âą Jay Maddox â Sales & âMake it happenâ
âą Ravi Sharma - Security
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
38. Questions?
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
39. Slide Notes
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
40. ODA Business Case â Top Business Benefits
1. Engineered System - Hardware and software designed to fit together
â Resources that fit within 4u (2 servers, 12 cores per server, 24 core total, 96G memory
per server)
â Deploys the standard Oracle setup utilities (dbca, asmca)
â Automated deployment & patching all components
â While you can build a commodity hardware solution, you canât build your own
engineered system
â Balanced components to eliminate bottlenecks
â LIO performance is equivalent to Exadata LIO performance
(http://fritshoogland.wordpress.com benchmarks)
â Single supplier / escalation point
â Singles point of management (oakcli, ILOM and OEM)
2. Cost â Engineered system at commodity hardware prices
â Engineered Systems at commodity hardware costs with embedded management
facilities
3. Deployment in Days, not Months
â Eliminates unpredictable, time wasting setup issues
â Meet the needs of the business #1 benefit
â Drives project flexibility for inevitable changes
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
41. ODA Business Case â Top Business Benefits
4. Expertise levels required to deploy HA solutions reduced
â Interconnect (dedicated switches, MTU, jumbo frame, portfast spanning)
â RAC assessment
â RAC check findings
â RAC starter kit requirements
â Server, storage and network setup
â Starter Kits, FAQâs, manuals, assessments, âŠâŠ
5. Standard known configuration
â Foundation for your own standard setup
â Platform for Oracle automation (ex: One button Data Guard)
â Instant RAC clusters or RAC One deployments
â MAA facilities including 1 button Data Guard with many MAA resources
6. ODAâs come with an extensive administration and monitoring toolkit
â OS Watcher, Cluster Health Monitor, oakcli (Oracle Appliance Manager), ilom, asr (with
automatically updated rules), odachk (version of RAC check), cluster health monitor,
logwatch (log alerting script), secure backup, vncserver
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
42. ODA Business Case â Top Business Benefits
7. Consolidation platform for instances requiring 12 cores or less
â Largest instance of 12 cores or less
â RAC One enables HA
8. Patching & upgrade automation of all tiers as a Unit (vs. fall behind)
â Patch components are tested together
â Server, OS, ilom and BIOS
â Clusterware
â DB
9. Administration benefits / savings
â San, server, network (RAC interconnect), database setup time and on-going support
time and cost savings
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
43. ODA Business Case â Top Business Benefits
10. Stability & availability from standard tested configurations
â ODAâs include the Oracle unbreakable Linux kernel (the resources section includes a
video link on the benefits of the UEK)
â Disk is triple mirrored, highly resilient (data disk failures donât stop the system)
11. ODA has dedicated development & support teams
12. The Next Versions
â Bigger and faster is expected
â App server support in 2013
â ODAâs will keep their place within the Engineered Systems lineup
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
44. Key Understandings â ODAâs as an Enterprise Solution
1. Develop a formal solution architecture
â Formalize requirements:
â RTO (recovery time objective), RPO (recovery point objective)
â HA requirements based on business impact
â Backup / Recovery plan
â Data recovery plan
â Application specific requirements
â Capacity estimates (CPU, memory, storage, IOPS) and growth
â Instance architecture (single instance, RAC One, RAC)
2. Understand the ODA limitations
â IOPS: - 4000=200/disk at 5ms.; 6000=300/disk at 10ms.; 8000=400/disk at 20ms.
â Storage volumes (3.2T usable)
â N, N+1 capacity
â Server Patches are not rolling (Grid & Database patches are)
â Account uid / guid can't be changed at this time
â Resource levels - Largest instance is 12 cores
â Number of network interfaces available (Only 1 â 10g network, but should be enough
for most deployments)
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
45. Key Understandings â ODAâs as an Enterprise Solution
3. Security Lockdown
â Use your standard company server security procedures
â Security Scans (Qualys)
â Many of the security enhancements are implemented in the STIG (DOD â Security
Technical Implementation Guide) script. Keep it updated, but remember it is still a work
in process.
â Keep un-necessary users off the system
4. Set a goal
â Our goal was âmake the ODAâs the best system platform within Walgreensâ
â Standard Configuration that is consistently and completely implemented - Automate as
necessary
â Continual improvement is like compound interest (Einstein: âThe most powerful force in
the Universe is Compound Interestâ)
5. Technical project tracking
â Issue tracking
â Setup Process tracking (Many systems failures occur because what is known to be
needed to done is lost sight of)
â Deployment tracking
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
46. Key Understandings â ODAâs as an Enterprise Solution
6. ODA monitoring
â ASR phone home setup
â ODA administration integration with OEM 12c
â Ops Center support for ODA's
â ODA native monitoring & Diagnostics (allows DBAs to monitor the complete stack)
7. ODA Administration
â Integrated Lights Out Management (ILOM) â new skill to become familiar with
â Learn Oakcli â The Appliance Manager â This is one of the key âsecret saucesâ of the
ODA
8. Managing resources to control licensing & resources
â Avoid underutilized systems
â Instance caging
â Capacity planning
9. Prepare to handle potential failures in advance
â Go through the key failure scenarios in advance
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
47. Key Understandings â ODAâs as an Enterprise Solution
10. Break any bad habits
â Patch! â Itâs an appliance, not a server
â Break Bad habits part 2 - Don't break the setup (ex: RAC best practices - don't set
TNS_ADMIN variable)
11. Understanding patching is a key challenge
â Request new patches -> SR -> ODA support group -> ODA development group
â Always refer to the latest reference architecture information & read the documentation,
especially the Patch documents
12. An ODA is not a black box. You need to understand the inner workings of:
â Patching, ILOM, ASR
â Basic server administration
â Server security
â How RAC works
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
48. Pre-deployment steps
1. Develop the solution architecture
2. Data Center Install request
3. Assign rack location (4u) with Power
4. Security zoning / Firewall architecture
5. Create the Deployment template
â Cabling & IP specs - 1g vs. 10g (10g requires SFA adapters)
â 2 basic Models (10g public / 1G Backup; 1 g public / 10g backup) â Not Both
6. IP assignment request
7. Cabling request
8. Firewall request
9. DNS request
10. VPN request for remote access
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
49. Pre-deployment steps (Cont.)
11. Order the ODA
â ODA quote
12. Rack the appliances
13. Cable the servers
14. Create the Install configurator files using the offline configurator tool
â MOS 1373617.1
15. Install the ODA (Setup poster tasks)
â A conserve (remote KVM connection) appliance can eliminate the need to go on-site
for the installs
â Data Center connection terminal (âKVM on a cartâ)
â Connect directly from your laptop (USB to RS232 to Serial Port connectors)
â Connect to the ILOM on each node and configure the ILOM IPâs
â Connect to the ILOM through your browser, run the remote terminal and run the first
net script to get the ODA on the network
â Display the version to determine if patching will be needed
â Run the deployment scripts
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
50. Post-deployment steps
1. Instances are setup using templates â they may need some tweaking
â Init.ora settings
â Only 1 control file is created
â Redo logs are not mirrored
2. Build additional instances (dbca or oakcli)
3. Change the default passwords (root, oracle)
â Both ODA servers and both ILOMâs
â Create additional Unix accounts as needed
4. Configure mail
â Install âsendmail âcfâ rpm
5. Configure and test ASR (Automatic Service Requests) â Phone Home
6. Install YaST rpmâs (needed for server administration via OEM)
â Being added by Oracle into the base package. Beware that they need to be uninstalled
b/4 patching until then.
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
51. Post-deployment steps
7. Install OEM (single monitoring stack) 12c agent and configure OEM
8. Setup backups
â Our solution: Data Guard master server for backups & backup appliances
â ASM disk header backups may be needed
â Set the Rman configuration settings
9. Modify adrci settings (base & homes)
10. Setup proc watcher (as a RAC resource but don't run it unless needed)
11. Label appliances and servers & record the data center rack locations
12. Inventory CSIâs / serial numbers
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
52. Post-deployment steps
13. Register CSIâs in MOS and grant access to team members
â CSI administration
14. Install 11.2 clients & jdbc versions required for scan listener support
15. Setup instance caging & other resource control mechanisms
16. File system backups vs. images
â Bare Metal Restore will wipe out any additional software or directories, including OCR
backups. Tnsnames files, third party agents or software, OEM agents, controlfile trace
backups, exports, additional installed packages
17. Save your images for faster restores
18. Complete the RAC setup
â RAC services
â RAC tuning â right handed indexes, etc.
â Failover testing
â Run the ODA check (odachk)
â Cluster health monitor checks
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
53. Post-deployment steps
19. Security lockdown
â Follow Oracleâs best practices:
â Tips for Hardening an Oracle Linux Server
â http://www.oracle.com/technetwork/articles/servers-storage-admin/tips-harden-oracle-
linux-1695888.html
â http://www.oracle.com/technetwork/articles/servers-storage-admin/secure-linux-env-
1841089.html
â CISP requirements
â PCI requirements
â Dept. of Defense security reviews
â Script to make "su to oracle and root only" - STIG script
â STIG script ML 1461102.1 - prevent direct access to oracle & root
â Disable for patching which requires direct access to root
â Sudo for access to specific functions only (Oracle publishes an Exadata paper on the
subject)
â Keep people off the server if they donât have solid requirements for access
â Run a security scan (Qualys)
â Enable auditing
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
54. Post-deployment steps
19. Security lockdown (cont.)
â User management (ex: deploy standard password files) or OEM 12c
â Find open ports
â Firewall design - security zoning
â July 2012 2.3 release had additional lockdowns
â Oracleâs approach to locking down an ODA
â Looked at common vulnerabilities and classified them
â Only installed 700 of the possible 3000 Linux rpmâs
â Used government standards
â Oracle is now looking at additional financial services lockdowns (Theyâre at the 1st
pass of this now)
â Oracle ran their own security Qualys scans as part of their lockdown
â ODA development team is working closely with the Oracle Linux team to build
security into the ODA
â Some changes are being installed into the ODA images. A script will handle the
rest (STIG script has a version number)
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
55. Post-deployment steps
20. Implement and test the remaining elements of the Solution Architecture
â This includes the data recovery and DR facilities
21. Utility deployment
â Cleanup logfiles
â Mine the system logs
â Solution for backing up files that would be erased during a bare metal restore
22. Database migration
â Oracle has published an ODA migration whitepaper
23. Post-upgrade
â Relink the Oracle OEM agent
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
56. ODA Best Practices
1. Submit Requests for packages / bug fixes to the ODA support team (SR)
2. Technical project management matters
â Create an issues tracker
â Create a deployment checklist covering all servers and deployment steps
â Create standard processes and documentation (deployment)
â Automate where it makes sense
3. Create a versions tracker
â Once you start deploying more than a small number of ODAâs
4. Retain system images (ISOâs)
5. Order a sandbox ODA if you can afford it
â Order spare disk drives if you can afford it
6. Develop a method for remote installs
â ODAâs come with VNC server installed
â Conserves (KVM consoles) are a good option
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
57. ODA Best Practices
7. Inventory CSIâs / serial numbers
8. Label the servers
9. Test everything (failover, recovery, âŠ)
10. Define and implement non-technical operations best practices
11. Take an architecture driven vs. an incident driven approach to HA
â Be prepared for what could go wrong vs. reacting to what did go wrong
12. Develop and implement a formal Data Recovery plan
13. Cache as much data in memory as possible (to drive Logical IO from Physical)
â Also remember the result cache
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*
58. ODA Best Practices (cont.)
14. Specialize skill sets, at least to an extent
â Similar to the Database Machine Administrator concept
15. Think twice (or more) before making customizations
â Including one off patching
â You have to replicate customizations
â Customizations may cause patching issues or may break current or future automation
16. Consider using a new image vs. the image the ODA comes with if the version is
two or more generations back
â But be careful. There are issues with BMRâs, for example not patching the ILOMâs.
This can be resolved by applying the latest patch with the âinfrastructureâ option.
17. Manage resources on the appliance
â Memory (96G per server, or 8G per cores)
â Implement instance caging if needed
18. Training and process documentation
19. Pay attention to capacity monitoring and planning
We will optimize our technology so you can maximize your business.
*Accountability*Communication*Quality*Teamwork*