SlideShare uma empresa Scribd logo

Real liferecoverypaper

O
oracle documents

oracle foreign key primary key constraints performance tuning MTS IOT 9i block size backup rman corrupted column drop rename recovery controlfile backup clone architecture database archives export dump dmp duplicate rows extents segments fragmentation hot cold blobs migration tablespace locally managed redo undo new features rollback ora-1555 shrink free space user password link TNS tnsnames.ora listener java shutdown sequence

1 de 7
Baixar para ler offline
Real-Life Recovery: Perspective, Preparation and Performance Daniel W. Fink In an anonymous office building downtown, an Most Oracle documentation gives equal billing to Oracle database administrator checks the log files backup and recovery. The routine task of setting to verify that the backup processes ran properly up, monitoring and maintaining backup processes last night. Then he grabs a 2nd cup of coffee and consumes valuable resource time. Once the moves on to the day’s tasks, emergencies and process has been established, other issues, such as assorted events. Users, managers and developers security, tuning and troubleshooting move to the are concerned with data accuracy, proper security top of the DBA task list. Usually, a crisis is the and blinding performance, not in the mundane time that the recovery process is performed. That task of testing recovery. Little does he or the is also the worst possible time to find out that the company know that the past month’s backups are backup process is flawed, the SYSTEM tablespace useless. Since the recent operating system update, file cannot be read from the tape. the tape drive, the only tape drive on site, writes This situation is a result of the attitude that the without error, but cannot read a single bit that is DBA is responsible for performing database on the tape. backup. The actual responsibility is to restore A few miles away, 2 DBAs and a System or recover the database to the point in time Administrator are completing a 12-hour system and within the downtime window and database recovery. No one has slept in over determined by the business needs. 36 hours. Mistakes were made, but they were caught well before the right pinkie was poised Rather than the backup process dictating the over the <ENTER> key. When the final recovery options, the recovery requirements command was issued, the three felt suddenly should drive the backup process. A backup refreshed…success is a great stimulant. For the 3rd strategy is determined by the answer to a single time in as many months, they have successfully question, “What is the best method of backup and performed a recovery with no perceivable loss of archiving that meets all of the business needs of data. The Operations Manager walks in with a pot data loss, downtime and cost?” As with many of coffee and a piece of paper. “Pretty good, no decisions, the question appears to be simple, but data loss,” she says, “but you could have been is complex when defining ‘best method’, ‘business done 2 hours ago. I’ll grade it a B+. Let’s go for an needs’, data loss’, ‘downtime’ and ‘cost’. In an A next time! Go home, get some rest and we’ll see attempt to define these variables, the Cost v. Lost you tomorrow.” Revenue Model is used to assist in answering this question. These two tales illustrate several important points regarding Oracle Backup and Recovery. Most • Restore, Recover, Rebuild sites focus on backups and other issues before To restore is to return to a former state. In addressing recovery. Single points of failure are database terms, this means to return the database shortcuts to disaster, both business and career. file(s) to a previous point in time determined by The only measure of a successful backup plan is copying the file from backup to online media. The how completely recovery can be performed. The database or particular file may be missing time to practice a recovery is not when a transactions. Restoration is required before production system is down and the Order Entry database recovery can be performed after a media clerks are waiting. Personnel can be the single or other similar failures. If the database is not greatest weakness in recovering a database, but running in archivelog mode, this is probably the they can also be the single greatest strength. opened state of the database. Perspective
To recover is to return to a normal state. In perform a recovery and the amount of data database terms, this means to return the database allowed to be lost. These decisions are not set in to a point in time determined by the situation. It concrete; they will change over the lifetime of the may be a complete or incomplete recovery, database. depending upon the circumstances. Files are Training and Education. The responsibility for restored, and then archived redo logs are applied performing backup and recovery operations to bring the database to the desired state. Some should never fall on the shoulders of a person transactions may be lost, but they are usually few. who is not well trained and educated in the ways To rebuild is to recreate the state. In database of Oracle. Backup development and practice terms, this usually involves reusing the data and recovery can be done in a mentor-student process that populated the database in the most relationship, until the student is confident in the recent iteration. In some environments, tasks to attempt perform these unassisted. The particularly data warehouse or nonproduction, process is similar to learning to fly a plane, put in the raw data exists outside of the database. There the hours before attempting to go solo. There are may be no actual transactions since the last load several excellent books and white papers therefore nothing is lost. available regarding this discussion. One of the best is Rama Velpur’s Oracle Backup & Recovery • Base Knowledge and Training Handbook from Oracle Press. Transaction Architecture. The reason for a • Points of Failure database is to support transactions, whether they are entering a $.99 cable order or running a 3-day ‘Never have a single point of failure’ is the Oracle Regional Sales data warehouse query. The Backup & Recovery Maxim. The basic foundation understanding of how a transactions works, and is that a single failure should never prevent a what happens when it does not work, are the backup or recovery process from succeeding. If cornerstone to database knowledge. day-old archive logs are deleted after the cold backup, the backup tape is a single point of Recovery Structures and Processes. A DBA must failure. If the logfiles are unable to be restored, the be able to answer the question “What is the previous backup cannot be used to recover the difference between a rollback segment and redo database because the archived logs are log?” in 25 words or less. Know the recovery unavailable. structures, what they do and how to recover from the loss of each one. It is important to know the Identify the ‘show stoppers’ and have at least 2 performance implications of running a database options for bypassing. A single bad backup or in archivelog mode, both from a processing command should never be the cause of a failed standpoint and archivelog_destination cleanup. recovery. Taking an extra 2 hours to recover a lost Intimate knowledge of each recovery type is datafile from a 2-day-old backup is much easier critical to success. Minimum areas of than explaining why yesterday’s sales were lost understanding include the pros and cons of each because the archived redo log was lost. type, impact on business and downtime and Prevention of failures is a proactive approach to required steps, i.e. which files to restore, what recovery. Recovery from a dropped table is steps to perform during and after recovery, etc. possible, but implementing and enforcing Business Requirements. Each database is database security, access and maintenance different. Hours of operation, failure tolerance, procedures can prevent the situation. Using an data integrity rules, etc. A database is a dynamic appropriate RAID configuration can minimize the system, constantly changing within its impact of disk loss. There are expenses associated environment, which is also changing. The with prevention, but they may be minimal requirements in place 6 months ago may have compared with actual recovery costs. Even if changed drastically. Define your recovery goals proactive solutions are implemented, there will for each system and database. Decisions are still be areas of weakness. While certain RAID driven by the amount of time allowable to configurations will protect against the loss of a
single disk, they cannot protect against the delete parameter files and a dump of v$parameter add command. several layers of backup. • Failure Prone Components System Tablespace datafile(s) These datafiles may be the most important in the database for it is the Personnel The most failure prone component is blueprint. Without the data dictionary, Oracle is the person issuing the commands. Document the blind to all of the data that is residing in the steps required for each recovery type. When datafiles. documenting, assume little, if any practice. The recovery manual should address the areas that Data Tablespace datafile(s) Under the OFA pose the greatest chance of total loss of service. standard, data and indexes are separated into Use signposts like “Proceed with Caution”, “Stop distinct tablespaces. This allows backup and & Review”, etc. and decision trees. Update the recovery plans to be flexible. If the system and manual periodically, at least at every major data tablespace datafiles are recoverable, all other change. If you are using Oracle Support tablespaces can be built from scratch, if sufficient assistance, make certain that you are talking to documentation exists. For example, indexes can someone who has performed recoveries. be recreated, if the most current DDL scripts are available. For Oracle8, data tablespaces include Redo Logs (online, offline and archived) The loss those objects defined as index-only tables. of a single redo log can result in total recovery failure. This is one reason that Oracle Rollback Segment Tablespace datafile(s) Although recommends using mirrored redo log groups. these tablespaces are used by transactions to Using hardware level mirroring is not sufficient, provide transaction recovery and read you are protected from media failure, i.e. disk consistency, the loss of this tablespace is not loss, but you are not protected from the delete necessarily a ‘death sentence’. The key factor is command. Archived logs should exist in their the state of the database at the point of the natural state on at least one backup tape. Once backup. If it is consistent mode, i.e. no there, they may be compressed and kept online uncommitted transactions, there should be no for several days, and placed on several other rollback entries. As such, the segments can be backup tapes. This strategy offers good protection dropped and rebuilt without data loss. from loss and assists in recovery speed by having Index Tablespace datafile(s) As stated above, if the logs online. Although rare, the compression/ the most current DDL scripts exist, indexes can be uncompression cycle may result in corrupted files, recreated from existing data. There is a substantial so use with caution. If disk space allows, have at recovery performance penalty incurred as the least two uncompressed archive log copies on indexes are being rebuilt, but no data loss occurs. different tapes. Temporary Tablespace datafile(s) Once the Control Files If all control files are lost, Oracle database is shutdown, the temporary segments offers several methods for performing recovery. are ‘clean’. If the temporary tablespace(s) are lost, However, these tasks are risky and easily recreation is a fairly simple process. As with avoidable. Another Oracle maxim is to have 3 indexes, there is a recovery performance penalty, copies of your controlfile, because a corrupt but no data loss occurs. controlfile will always, well almost always, be copied over a good controlfile. If you have a 3rd Misc Files File maps, object recreation scripts, controlfile, the erroneous copy will still happen, backup scripts and other assorted files should be but only you will know…the 3rd copy is used to part of the backup process. Performing a media save the day and your job. recovery is greatly simplified if an up-to-date tablespace-file-device map is available. While Initialization Parameter Files These files are often these files are not required for recovery, they can overlooked. As with controlfiles, there loss can be shorten and simplify the recovery process. overcome, but at a substantial effort. Data is not lost, but downtime is increased. A copy of all Preparation – the Cost v. Lost Revenue(CLR) Model
In a perfect world, the CIO would hand the DBA tests, document and perform the occasional and SA a blank check for backup hardware/ recovery. software and provide an unlimited operations For hardware and software, acquisition and budget. In the real world, there is a balance operation costs can be quantified or estimated. between the costs associated with backup and the The operation costs are defined within the scope benefits of recovery. Although the business needs of time. The actual time is not important, but it drive the Cost-Benefit Analysis, it is the must be consistent. Hardware operation costs for responsibility of the technical staff to educate the a year are not comparable to backup operation users and support the decision-making process. It costs for 6 months. is not the responsibility of the technical staff to make the decision. For personnel, the actual or opportunity cost is determined. For most production environments, The basic concept is to compare the cost of backup personnel cost is actual, i.e. the sum of salary and and recovery with lost revenue. This is balanced benefits or hourly charges. For development so that the frequency of backup v. the frequency environments, the cost may be classified as of recovery is appropriately weighted. In a opportunity, i.e. the hourly rate that the client is production environment, a downed Order Entry being charged. system can be quantified. In a development environment, the quantification is related more to Although they are not assigned at this point, the lost Developer/User time. intangible costs should be discussed. These costs include impact on project timelines, goodwill with The model should be generated for 3 scenarios – users, management and technical personnel. If a worst, best and anticipated. The anticipated case project is approaching a critical junction, the cost should be somewhere between worst and best. of downtime may escalate dramatically. Users Best case should not be a fantasy, assume some may tire of experiencing excessive downtime; level of recovery requirements. Managers may tire of user complaints; Developers There are five basic steps to the CLR Model may tire of reloading the past month’s data; process: Administrators may tire of 36-hour days. The short-term impact may be less money spent on the 1) Educate the decision makers systems, but the long-term impact may be Discuss issues in clear, nontechnical terms that are frustration, high turnover and added costs. clear to everyone. The first step is to lay the 3) Assign costs to each backup strategy foundation by educating the decision-makers in basic knowledge of backup and recovery. There are three types of backup strategy: hot, cold Although an Accounting Manager does not need with archiving and cold without archiving. A cost to understand the intimate details of archive for each scenario is calculated in two areas: fixed logging, they do need to understand that and variable. transaction recovery is not possible without Fixed costs are the one-time costs for each step it...and what the business implications are of during the operational period. Software needs to adopting this strategy. be purchased or written once. Disk space required 2) Assign costs to each resource. for Archived Logs or backup datafiles is another one-time investment. These costs are incurred This phase is primarily devoted to assigning regardless of the frequency of backups, assuming actual or opportunity costs to each resource. The the frequency is greater than 0. resources are hardware, software and peopleware. The backup process will consume Variable costs are incurred each time the backup disk space and/or tapes, CPU cycles and memory process occurs. Logfiles must be monitored, tapes on the host platform. Backup software must be must be written and stored and scripts must be purchased or written. Administrators of various maintained. experience levels must monitor backups, perform At this point, the first business decision is made. The anticipated frequency of the database
backups is determined. This decision is very remember that these decisions are among the preliminary, it is not set in stone. The less frequent most important that may be made in your career. the backup, the more costly the recovery, but a final decision is premature. It is important to use 5) Support the business user(s) in the preliminary decision as a baseline. Once the making an educated decision. recovery costs are determined, the type of backup Once all of the costs are determined, the process can be revisited. of finding an acceptable balance is begun. Unless Another alternative is to complete this phase of the company can afford hot-standby, fault- the model for each type and frequency of backup. tolerant, fail-over systems, compromises must be While time consuming, it may be simpler and made. Simply put, it is time to make an educated, quicker when busy schedules and diverse documented decision that is supported by the audiences are involved. business. The decisions that are made during this step may result in lost data, missed sales, 4) Assign costs to each recovery overtime and tough explanations to management. scenario If it is determined that the decision requires additional resource, such as disk drives or a tape The most common types of recoveries are object, library, they can be purchased before they are file and disk, each with a distinct strategy. Cost needed. Recovery planning is part of the system determination is common among all of the design phase. strategies, and is slightly different from determining backup cost. Although it may not be easy explaining to management to invest $100,000 in a system that is The first area of recovery cost is practice cost. The rarely used, it is better than explaining why major fixed expense is for a practice platform. An $1,000,000 in sales were lost yesterday because the ideal situation is to have a ‘sandbox’ for System Order Entry system is not archiving transactions. and Database administrators to test upgrades and recoveries. In many situations, an older Performance development platform may be adequate. Added to the cost is the variable personnel cost for each Oracle database recovery is one area where the practice. line between success and failure is clear. If the database is recovered according to the defined The second area of cost is restoration. This business requirements, the recovery was includes the time to detect and correct/bypass the successful, if not, the recovery was a failure. cause of failure. Then the backup media is Trying to successfully recovery is not acceptable. retrieved and objects or files are restored. If In the words of Yoda, “Do or Do Not. There is no archiving is being used, only the affected object or Try.” file needs restoration, which can significantly reduce the restoration time. The only valid method for testing a backup process is to perform a test recovery. This test A final, but optional, area is the cost of recovery. If should be repeated on a regularly scheduled basis archiving is being used, Oracle recovery processes and after any major change, such as a new tape can be used. This is usually the quickest method device or system upgrade. The time to find out of recovery. Other methods are transaction that the tape drive is not functioning properly or reentry and data reload, which are both time and that a new database file is not being backedup is personnel resource intensive. For a small decision during a practice run, not a live recovery support system, it may be more efficient to situation. Practice runs will also expose gaps in recreate the database from tested scripts and procedures, documentation, training and, most reload the previous period’s data. importantly, confidence. The best method for estimating recovery time is to actually practice each step. An alternative method is to use estimations for each step. Regardless, an • Practice, Practice, Practice qualified guess is better than nothing, but
Practice recoveries are the only method for 2. Determine scope and cause of failure. The gaining confidence in the process and exposing type of failure will have serious impact on the weaknesses. Being able to quote chapter and verse types of recovery to be considered. If the from recovery theory is not a substitute for failure will be repeated shortly after the drawing upon actual experience, especially at 4:00 recovery is performed, the recovery is wasted. in the morning after a 20-hour day. At that time, If a table has been dropped, performing a you may be one keystroke away from success or complete recovery will return the database to failure. It is also the time when your mental the point AFTER the table was dropped. faculties are at their most vulnerable. 3. Correct/Bypass failure. When a disk fails, the Mistakes during a practice recovery cause no datafiles should be restored to another disk or harm. In fact, they are a tremendous learning the disk should be replaced. If the failure is experience. If you do not have the time and not corrected or bypassed, a recovery may be training to perform a recovery 100% right the first wasted. time, there may be no next time…at least not at 4. Identify Plan of Attack. Once the failure is the current company. understood and corrected, the recovery options are defined and a plan is determined. Practice will expose the ‘bridge burning’ steps. If a datafile for an index-only tablespace has These points are critical decisions where returning been damaged, it may be more efficient to to a previous step is difficult or impossible, unless drop the tablespace and rebuild the affected certain precautions are taken. Copying a backup indexes. Depending upon the plan, the next datafile in place of an existing datafile is such a step may not be required. step. These steps must be documented and well understood. It may be appropriate to backup a 5. Restore affected data. After failure correction, ‘bad’ datafile prior to restoration. This allows for a the process of restoration can begin. A tape or retreat should it be needed. Treat these situations other backup media is retrieved and the as ‘show stoppers’. affected data and log files are restored to the system. If redo log files are not being Oracle8 introduced the Recovery Manager tool, archived, the complete database must be which joins a number of 3rd party products. If the restored. business uses a tool, it needs to be part of the 6. Perform recovery. The actual recovery practice. You must also plan for the possibility strategy that was determined in the plan is that the tool is unavailable, always practice performed. In the above example, this may manual forms of recovery. Tool availability is not involve dropping the tablespace, recreating it a substitute for basic foundational knowledge. and then rebuilding the indexes and Practicing recovery is not a minor expense, but it recreating constraints. Depending upon the pales in comparison to losing a substantial backup plan, there may be substantial amount of data for a production environment. It resource requirements, especially if the data requires professional dedication to the business. must be reloaded or transactions reentered. If As recoveries are practiced, knowledge and skill time allows, a full cold backup should be are developed and confidence is increased. In performed after recovery but before the turn, this may assist in redeploying the backup database is opened for general use. and recovery strategy. 7. Postmortem. Debrief, document and determine improvements. Determine if the • Executing the Plan failure situation could be prevented. Losing 1. Stop panicking. It is imperative to get into the data and incurring downtime due to a proper frame of mind. Taking an extra 15 preventable failure is rarely acceptable in a minutes do calmly discuss the possible business critical system, unless the business alternatives may make the difference in a requirements have accounted for and failed recovery attempt and an additional 15 accepted this possibility. hours of downtime. • Conclusion
Among the myriad of DBA tasks and responsibilities, the most important to the business is the ability to properly recover from a failure. There are many factors that determine the type and scope of recovery, primarily the balance between what the business can afford to spend and what it can afford to lose. These decisions are not the responsibility of the DBA or SA; rather, they are to be made by key members of the user community. The technical staff functions as a support organization by educating the users and assisting in the decision-making process using a Cost v. Lost Revenue Model. Once the business has determined the backup and recovery needs, the technical staff becomes responsible for insuring that these operations are properly executed. As a technical administrator, you are the greatest strength and greatest weakness for the recovery process. Training and practice are the paths to success. The recovery process is too critical to depend on less than 100% effort and ability. • Biographical Information Daniel Fink has worked with relational databases for 11 years, the last 6 as a production database administrator for Oracle systems. He specializes in production system management, configuration, tuning, backup and, of course, recovery. He has also developed and taught Oracle training classes for clients nationwide.

Recomendados

Database Maintenance Optimization Brad Mc Gehee
Database Maintenance Optimization Brad Mc GeheeDatabase Maintenance Optimization Brad Mc Gehee
Database Maintenance Optimization Brad Mc GeheePratik joshi
 
The buyers' guide to virtual + physical data protection
The buyers' guide to virtual + physical data protectionThe buyers' guide to virtual + physical data protection
The buyers' guide to virtual + physical data protectionKingfin Enterprises Limited
 
Using IBM data reduction solutions to manage more data with less infrastructure
Using IBM data reduction solutions to manage more data with less infrastructureUsing IBM data reduction solutions to manage more data with less infrastructure
Using IBM data reduction solutions to manage more data with less infrastructureIBM India Smarter Computing
 
Ringing the Changes for Change Management
Ringing the Changes for Change ManagementRinging the Changes for Change Management
Ringing the Changes for Change ManagementEmbarcadero Technologies
 
Oracle OCP Backup Exam
Oracle OCP Backup ExamOracle OCP Backup Exam
Oracle OCP Backup ExamInprise Group
 
The economics of backup 5 ways disk backup can help your business
The economics of backup 5 ways disk backup can help your businessThe economics of backup 5 ways disk backup can help your business
The economics of backup 5 ways disk backup can help your businessServium
 
Maximizing Business Continuity Success
Maximizing Business Continuity SuccessMaximizing Business Continuity Success
Maximizing Business Continuity SuccessSymantec
 
Aureus disaster planning
Aureus disaster planningAureus disaster planning
Aureus disaster planningAureusIT
 

Recomendados

Database Maintenance Optimization Brad Mc Gehee
Database Maintenance Optimization Brad Mc GeheeDatabase Maintenance Optimization Brad Mc Gehee
Database Maintenance Optimization Brad Mc GeheePratik joshi
 
The buyers' guide to virtual + physical data protection
The buyers' guide to virtual + physical data protectionThe buyers' guide to virtual + physical data protection
The buyers' guide to virtual + physical data protectionKingfin Enterprises Limited
 
Using IBM data reduction solutions to manage more data with less infrastructure
Using IBM data reduction solutions to manage more data with less infrastructureUsing IBM data reduction solutions to manage more data with less infrastructure
Using IBM data reduction solutions to manage more data with less infrastructureIBM India Smarter Computing
 
Ringing the Changes for Change Management
Ringing the Changes for Change ManagementRinging the Changes for Change Management
Ringing the Changes for Change ManagementEmbarcadero Technologies
 
Oracle OCP Backup Exam
Oracle OCP Backup ExamOracle OCP Backup Exam
Oracle OCP Backup ExamInprise Group
 
The economics of backup 5 ways disk backup can help your business
The economics of backup 5 ways disk backup can help your businessThe economics of backup 5 ways disk backup can help your business
The economics of backup 5 ways disk backup can help your businessServium
 
Maximizing Business Continuity Success
Maximizing Business Continuity SuccessMaximizing Business Continuity Success
Maximizing Business Continuity SuccessSymantec
 
Aureus disaster planning
Aureus disaster planningAureus disaster planning
Aureus disaster planningAureusIT
 
Whatistnsnames
WhatistnsnamesWhatistnsnames
Whatistnsnamesoracle documents
 
Regal new profile
Regal new profileRegal new profile
Regal new profileSunita Peter
 
Sql scripting sorcerypresentation
Sql scripting sorcerypresentationSql scripting sorcerypresentation
Sql scripting sorcerypresentationoracle documents
 
Whatisadatabaselink
WhatisadatabaselinkWhatisadatabaselink
Whatisadatabaselinkoracle documents
 
Pandra Sawalat aur unkay Jawabat
Pandra Sawalat aur unkay JawabatPandra Sawalat aur unkay Jawabat
Pandra Sawalat aur unkay Jawabatfarhanulhaq
 
Dua-e-Khalil aur Naveed-e-Maseeha (By Allama Soharwardy)
Dua-e-Khalil aur Naveed-e-Maseeha (By Allama Soharwardy)Dua-e-Khalil aur Naveed-e-Maseeha (By Allama Soharwardy)
Dua-e-Khalil aur Naveed-e-Maseeha (By Allama Soharwardy)farhanulhaq
 
Elm-e-Ladunni (By Allama Soharwardy)
Elm-e-Ladunni (By Allama Soharwardy)Elm-e-Ladunni (By Allama Soharwardy)
Elm-e-Ladunni (By Allama Soharwardy)farhanulhaq
 
Slides web conférence ih 8 juin (pour version online)
Slides web conférence ih 8 juin (pour version online)Slides web conférence ih 8 juin (pour version online)
Slides web conférence ih 8 juin (pour version online)Interaction Healthcare
 
La nutrition à l'ère du digital : comment le serious game, les objets connect...
La nutrition à l'ère du digital : comment le serious game, les objets connect...La nutrition à l'ère du digital : comment le serious game, les objets connect...
La nutrition à l'ère du digital : comment le serious game, les objets connect...Interaction Healthcare
 
လယ္ယာလုပ္ငန္းအႏၱရာယ္ကင္းေရး
လယ္ယာလုပ္ငန္းအႏၱရာယ္ကင္းေရးလယ္ယာလုပ္ငန္းအႏၱရာယ္ကင္းေရး
လယ္ယာလုပ္ငန္းအႏၱရာယ္ကင္းေရးthinthinaung2005
 
Setting up for emergency life saving in myanmar
Setting up for emergency life saving in myanmarSetting up for emergency life saving in myanmar
Setting up for emergency life saving in myanmarthinthinaung2005
 
Anti corruption mission possible - u minn thu (final 30 apr2013)
Anti corruption mission possible - u minn thu (final 30 apr2013)Anti corruption mission possible - u minn thu (final 30 apr2013)
Anti corruption mission possible - u minn thu (final 30 apr2013)thinthinaung2005
 
Mtp food safety slides_final
Mtp food safety slides_finalMtp food safety slides_final
Mtp food safety slides_finalthinthinaung2005
 
Presentation foia dr tt win
Presentation foia dr tt winPresentation foia dr tt win
Presentation foia dr tt winthinthinaung2005
 
Ko win mg training slide 24122012
Ko win mg training slide 24122012Ko win mg training slide 24122012
Ko win mg training slide 24122012thinthinaung2005
 
Migration policy for domestic workers tmw rev a
Migration policy for domestic workers tmw rev aMigration policy for domestic workers tmw rev a
Migration policy for domestic workers tmw rev athinthinaung2005
 
ပညာသင္ၾကားရျခင္း၏ အဓိကရည္ရြယ္ခ်က္
ပညာသင္ၾကားရျခင္း၏ အဓိကရည္ရြယ္ခ်က္ပညာသင္ၾကားရျခင္း၏ အဓိကရည္ရြယ္ခ်က္
ပညာသင္ၾကားရျခင္း၏ အဓိကရည္ရြယ္ခ်က္thinthinaung2005
 
Safe food for local and global consumption saint
Safe food for local and global consumption saintSafe food for local and global consumption saint
Safe food for local and global consumption saintthinthinaung2005
 
Ko tza how to apply industrial safety standard in myanmar 241212
Ko tza how to apply industrial safety standard in myanmar 241212Ko tza how to apply industrial safety standard in myanmar 241212
Ko tza how to apply industrial safety standard in myanmar 241212thinthinaung2005
 
Implementation of construction project with detailed contract documents r1
Implementation of construction project with detailed contract documents r1Implementation of construction project with detailed contract documents r1
Implementation of construction project with detailed contract documents r1thinthinaung2005
 
Oracle ocp backup exam
Oracle ocp backup examOracle ocp backup exam
Oracle ocp backup examsriram raj
 
When the Back-Ups Fail: Recovery and Reinvention of Digital Collections
When the Back-Ups Fail: Recovery and Reinvention of Digital CollectionsWhen the Back-Ups Fail: Recovery and Reinvention of Digital Collections
When the Back-Ups Fail: Recovery and Reinvention of Digital CollectionsVisual Resources Association
 

Mais conteúdo relacionado

Destaque

Sql scripting sorcerypresentation
Sql scripting sorcerypresentationSql scripting sorcerypresentation
Sql scripting sorcerypresentationoracle documents
 
Pandra Sawalat aur unkay Jawabat
Pandra Sawalat aur unkay JawabatPandra Sawalat aur unkay Jawabat
Pandra Sawalat aur unkay Jawabatfarhanulhaq
 
Dua-e-Khalil aur Naveed-e-Maseeha (By Allama Soharwardy)
Dua-e-Khalil aur Naveed-e-Maseeha (By Allama Soharwardy)Dua-e-Khalil aur Naveed-e-Maseeha (By Allama Soharwardy)
Dua-e-Khalil aur Naveed-e-Maseeha (By Allama Soharwardy)farhanulhaq
 
Elm-e-Ladunni (By Allama Soharwardy)
Elm-e-Ladunni (By Allama Soharwardy)Elm-e-Ladunni (By Allama Soharwardy)
Elm-e-Ladunni (By Allama Soharwardy)farhanulhaq
 
Slides web conférence ih 8 juin (pour version online)
Slides web conférence ih 8 juin (pour version online)Slides web conférence ih 8 juin (pour version online)
Slides web conférence ih 8 juin (pour version online)Interaction Healthcare
 
La nutrition à l'ère du digital : comment le serious game, les objets connect...
La nutrition à l'ère du digital : comment le serious game, les objets connect...La nutrition à l'ère du digital : comment le serious game, les objets connect...
La nutrition à l'ère du digital : comment le serious game, les objets connect...Interaction Healthcare
 
လယ္ယာလုပ္ငန္းအႏၱရာယ္ကင္းေရး
လယ္ယာလုပ္ငန္းအႏၱရာယ္ကင္းေရးလယ္ယာလုပ္ငန္းအႏၱရာယ္ကင္းေရး
လယ္ယာလုပ္ငန္းအႏၱရာယ္ကင္းေရးthinthinaung2005
 
Setting up for emergency life saving in myanmar
Setting up for emergency life saving in myanmarSetting up for emergency life saving in myanmar
Setting up for emergency life saving in myanmarthinthinaung2005
 
Anti corruption mission possible - u minn thu (final 30 apr2013)
Anti corruption mission possible - u minn thu (final 30 apr2013)Anti corruption mission possible - u minn thu (final 30 apr2013)
Anti corruption mission possible - u minn thu (final 30 apr2013)thinthinaung2005
 
Mtp food safety slides_final
Mtp food safety slides_finalMtp food safety slides_final
Mtp food safety slides_finalthinthinaung2005
 
Presentation foia dr tt win
Presentation foia dr tt winPresentation foia dr tt win
Presentation foia dr tt winthinthinaung2005
 
Ko win mg training slide 24122012
Ko win mg training slide 24122012Ko win mg training slide 24122012
Ko win mg training slide 24122012thinthinaung2005
 
Migration policy for domestic workers tmw rev a
Migration policy for domestic workers tmw rev aMigration policy for domestic workers tmw rev a
Migration policy for domestic workers tmw rev athinthinaung2005
 
ပညာသင္ၾကားရျခင္း၏ အဓိကရည္ရြယ္ခ်က္
ပညာသင္ၾကားရျခင္း၏ အဓိကရည္ရြယ္ခ်က္ပညာသင္ၾကားရျခင္း၏ အဓိကရည္ရြယ္ခ်က္
ပညာသင္ၾကားရျခင္း၏ အဓိကရည္ရြယ္ခ်က္thinthinaung2005
 
Safe food for local and global consumption saint
Safe food for local and global consumption saintSafe food for local and global consumption saint
Safe food for local and global consumption saintthinthinaung2005
 
Ko tza how to apply industrial safety standard in myanmar 241212
Ko tza how to apply industrial safety standard in myanmar 241212Ko tza how to apply industrial safety standard in myanmar 241212
Ko tza how to apply industrial safety standard in myanmar 241212thinthinaung2005
 
Implementation of construction project with detailed contract documents r1
Implementation of construction project with detailed contract documents r1Implementation of construction project with detailed contract documents r1
Implementation of construction project with detailed contract documents r1thinthinaung2005
 

Destaque (20)

Whatistnsnames
WhatistnsnamesWhatistnsnames
Whatistnsnames
 
Regal new profile
Regal new profileRegal new profile
Regal new profile
 
Sql scripting sorcerypresentation
Sql scripting sorcerypresentationSql scripting sorcerypresentation
Sql scripting sorcerypresentation
 
Whatisadatabaselink
WhatisadatabaselinkWhatisadatabaselink
Whatisadatabaselink
 
Pandra Sawalat aur unkay Jawabat
Pandra Sawalat aur unkay JawabatPandra Sawalat aur unkay Jawabat
Pandra Sawalat aur unkay Jawabat
 
Dua-e-Khalil aur Naveed-e-Maseeha (By Allama Soharwardy)
Dua-e-Khalil aur Naveed-e-Maseeha (By Allama Soharwardy)Dua-e-Khalil aur Naveed-e-Maseeha (By Allama Soharwardy)
Dua-e-Khalil aur Naveed-e-Maseeha (By Allama Soharwardy)
 
Elm-e-Ladunni (By Allama Soharwardy)
Elm-e-Ladunni (By Allama Soharwardy)Elm-e-Ladunni (By Allama Soharwardy)
Elm-e-Ladunni (By Allama Soharwardy)
 
Slides web conférence ih 8 juin (pour version online)
Slides web conférence ih 8 juin (pour version online)Slides web conférence ih 8 juin (pour version online)
Slides web conférence ih 8 juin (pour version online)
 
La nutrition à l'ère du digital : comment le serious game, les objets connect...
La nutrition à l'ère du digital : comment le serious game, les objets connect...La nutrition à l'ère du digital : comment le serious game, les objets connect...
La nutrition à l'ère du digital : comment le serious game, les objets connect...
 
လယ္ယာလုပ္ငန္းအႏၱရာယ္ကင္းေရး
လယ္ယာလုပ္ငန္းအႏၱရာယ္ကင္းေရးလယ္ယာလုပ္ငန္းအႏၱရာယ္ကင္းေရး
လယ္ယာလုပ္ငန္းအႏၱရာယ္ကင္းေရး
 
Setting up for emergency life saving in myanmar
Setting up for emergency life saving in myanmarSetting up for emergency life saving in myanmar
Setting up for emergency life saving in myanmar
 
Anti corruption mission possible - u minn thu (final 30 apr2013)
Anti corruption mission possible - u minn thu (final 30 apr2013)Anti corruption mission possible - u minn thu (final 30 apr2013)
Anti corruption mission possible - u minn thu (final 30 apr2013)
 
Mtp food safety slides_final
Mtp food safety slides_finalMtp food safety slides_final
Mtp food safety slides_final
 
Presentation foia dr tt win
Presentation foia dr tt winPresentation foia dr tt win
Presentation foia dr tt win
 
Ko win mg training slide 24122012
Ko win mg training slide 24122012Ko win mg training slide 24122012
Ko win mg training slide 24122012
 
Migration policy for domestic workers tmw rev a
Migration policy for domestic workers tmw rev aMigration policy for domestic workers tmw rev a
Migration policy for domestic workers tmw rev a
 
ပညာသင္ၾကားရျခင္း၏ အဓိကရည္ရြယ္ခ်က္
ပညာသင္ၾကားရျခင္း၏ အဓိကရည္ရြယ္ခ်က္ပညာသင္ၾကားရျခင္း၏ အဓိကရည္ရြယ္ခ်က္
ပညာသင္ၾကားရျခင္း၏ အဓိကရည္ရြယ္ခ်က္
 
Safe food for local and global consumption saint
Safe food for local and global consumption saintSafe food for local and global consumption saint
Safe food for local and global consumption saint
 
Ko tza how to apply industrial safety standard in myanmar 241212
Ko tza how to apply industrial safety standard in myanmar 241212Ko tza how to apply industrial safety standard in myanmar 241212
Ko tza how to apply industrial safety standard in myanmar 241212
 
Implementation of construction project with detailed contract documents r1
Implementation of construction project with detailed contract documents r1Implementation of construction project with detailed contract documents r1
Implementation of construction project with detailed contract documents r1
 

Semelhante a Real liferecoverypaper

Oracle ocp backup exam
Oracle ocp backup examOracle ocp backup exam
Oracle ocp backup examsriram raj
 
When the Back-Ups Fail: Recovery and Reinvention of Digital Collections
When the Back-Ups Fail: Recovery and Reinvention of Digital CollectionsWhen the Back-Ups Fail: Recovery and Reinvention of Digital Collections
When the Back-Ups Fail: Recovery and Reinvention of Digital CollectionsVisual Resources Association
 
How to survive a disaster with RMAN
How to survive a disaster with RMANHow to survive a disaster with RMAN
How to survive a disaster with RMANGustavo Rene Antunez
 
Nevera Dul Moment
Nevera Dul MomentNevera Dul Moment
Nevera Dul Momentkurtvm
 
MySQL Enterprise Backup
MySQL Enterprise BackupMySQL Enterprise Backup
MySQL Enterprise BackupMark Swarbrick
 
You Oracle Technical Interview
You Oracle Technical InterviewYou Oracle Technical Interview
You Oracle Technical InterviewHossam El-Faxe
 
Migration to Oracle 12c Made Easy Using Replication Technology
Migration to Oracle 12c Made Easy Using Replication TechnologyMigration to Oracle 12c Made Easy Using Replication Technology
Migration to Oracle 12c Made Easy Using Replication TechnologyDonna Guazzaloca-Zehl
 
Mary Firme Content Marketing for Demand Creation
Mary Firme Content Marketing for Demand Creation Mary Firme Content Marketing for Demand Creation
Mary Firme Content Marketing for Demand Creation Mary Firme
 
database backup and recovery
database backup and recoverydatabase backup and recovery
database backup and recoverysdrhr
 
Data warehousing change in a challenging environment
Data warehousing change in a challenging environmentData warehousing change in a challenging environment
Data warehousing change in a challenging environmentDavid Walker
 
Dueling duplications RMAN vs Delphix
Dueling duplications RMAN vs DelphixDueling duplications RMAN vs Delphix
Dueling duplications RMAN vs DelphixKyle Hailey
 
1 ISACA JOURNAL VOLUME 1, 2012FeatureThe ability to r.docx
1 ISACA JOURNAL VOLUME 1, 2012FeatureThe ability to r.docx1 ISACA JOURNAL VOLUME 1, 2012FeatureThe ability to r.docx
1 ISACA JOURNAL VOLUME 1, 2012FeatureThe ability to r.docxhoney725342
 
10 Problems with your RMAN backup script - whitepaper
10 Problems with your RMAN backup script - whitepaper10 Problems with your RMAN backup script - whitepaper
10 Problems with your RMAN backup script - whitepaperYury Velikanov
 
Not having a good backup
Not having a good backupNot having a good backup
Not having a good backupRita Crawford
 
Rman backup and recovery 11g new features
Rman backup and recovery 11g new featuresRman backup and recovery 11g new features
Rman backup and recovery 11g new featuresNabi Abdul
 
8 i rman_love_it
8 i rman_love_it8 i rman_love_it
8 i rman_love_itAnil Pandey
 

Semelhante a Real liferecoverypaper (20)

Oracle ocp backup exam
Oracle ocp backup examOracle ocp backup exam
Oracle ocp backup exam
 
When the Back-Ups Fail: Recovery and Reinvention of Digital Collections
When the Back-Ups Fail: Recovery and Reinvention of Digital CollectionsWhen the Back-Ups Fail: Recovery and Reinvention of Digital Collections
When the Back-Ups Fail: Recovery and Reinvention of Digital Collections
 
How to survive a disaster with RMAN
How to survive a disaster with RMANHow to survive a disaster with RMAN
How to survive a disaster with RMAN
 
Oracle 11g administration ii
Oracle 11g administration iiOracle 11g administration ii
Oracle 11g administration ii
 
Nevera Dul Moment
Nevera Dul MomentNevera Dul Moment
Nevera Dul Moment
 
MySQL Enterprise Backup
MySQL Enterprise BackupMySQL Enterprise Backup
MySQL Enterprise Backup
 
35 dbatune3
35 dbatune335 dbatune3
35 dbatune3
 
IBM PROTECTIER: FROM BACKUP TO RECOVERY
IBM PROTECTIER: FROM BACKUP TO RECOVERYIBM PROTECTIER: FROM BACKUP TO RECOVERY
IBM PROTECTIER: FROM BACKUP TO RECOVERY
 
You Oracle Technical Interview
You Oracle Technical InterviewYou Oracle Technical Interview
You Oracle Technical Interview
 
Migration to Oracle 12c Made Easy Using Replication Technology
Migration to Oracle 12c Made Easy Using Replication TechnologyMigration to Oracle 12c Made Easy Using Replication Technology
Migration to Oracle 12c Made Easy Using Replication Technology
 
Maximizing Business Continuity and Minimizing Recovery Time Objectives in Win...
Maximizing Business Continuity and Minimizing Recovery Time Objectives in Win...Maximizing Business Continuity and Minimizing Recovery Time Objectives in Win...
Maximizing Business Continuity and Minimizing Recovery Time Objectives in Win...
 
Mary Firme Content Marketing for Demand Creation
Mary Firme Content Marketing for Demand Creation Mary Firme Content Marketing for Demand Creation
Mary Firme Content Marketing for Demand Creation
 
database backup and recovery
database backup and recoverydatabase backup and recovery
database backup and recovery
 
Data warehousing change in a challenging environment
Data warehousing change in a challenging environmentData warehousing change in a challenging environment
Data warehousing change in a challenging environment
 
Dueling duplications RMAN vs Delphix
Dueling duplications RMAN vs DelphixDueling duplications RMAN vs Delphix
Dueling duplications RMAN vs Delphix
 
1 ISACA JOURNAL VOLUME 1, 2012FeatureThe ability to r.docx
1 ISACA JOURNAL VOLUME 1, 2012FeatureThe ability to r.docx1 ISACA JOURNAL VOLUME 1, 2012FeatureThe ability to r.docx
1 ISACA JOURNAL VOLUME 1, 2012FeatureThe ability to r.docx
 
10 Problems with your RMAN backup script - whitepaper
10 Problems with your RMAN backup script - whitepaper10 Problems with your RMAN backup script - whitepaper
10 Problems with your RMAN backup script - whitepaper
 
Not having a good backup
Not having a good backupNot having a good backup
Not having a good backup
 
Rman backup and recovery 11g new features
Rman backup and recovery 11g new featuresRman backup and recovery 11g new features
Rman backup and recovery 11g new features
 
8 i rman_love_it
8 i rman_love_it8 i rman_love_it
8 i rman_love_it
 

Mais de oracle documents

Applyinga blockcentricapproachtotuning
Applyinga blockcentricapproachtotuningApplyinga blockcentricapproachtotuning
Applyinga blockcentricapproachtotuningoracle documents
 
Undo internalspresentation
Undo internalspresentationUndo internalspresentation
Undo internalspresentationoracle documents
 
Sql scripting sorcerypaper
Sql scripting sorcerypaperSql scripting sorcerypaper
Sql scripting sorcerypaperoracle documents
 
Real liferecoverypresentation
Real liferecoverypresentationReal liferecoverypresentation
Real liferecoverypresentationoracle documents
 

Mais de oracle documents (20)

Applyinga blockcentricapproachtotuning
Applyinga blockcentricapproachtotuningApplyinga blockcentricapproachtotuning
Applyinga blockcentricapproachtotuning
 
Windowsosauthent
WindowsosauthentWindowsosauthent
Windowsosauthent
 
Varraysandnestedtables
VarraysandnestedtablesVarraysandnestedtables
Varraysandnestedtables
 
Usertracing
UsertracingUsertracing
Usertracing
 
Userpasswrd
UserpasswrdUserpasswrd
Userpasswrd
 
Userlimit
UserlimitUserlimit
Userlimit
 
Undo internalspresentation
Undo internalspresentationUndo internalspresentation
Undo internalspresentation
 
Undo internals paper
Undo internals paperUndo internals paper
Undo internals paper
 
Tablespacelmt
TablespacelmtTablespacelmt
Tablespacelmt
 
Tablerename
TablerenameTablerename
Tablerename
 
Sql scripting sorcerypaper
Sql scripting sorcerypaperSql scripting sorcerypaper
Sql scripting sorcerypaper
 
Sql for dbaspresentation
Sql for dbaspresentationSql for dbaspresentation
Sql for dbaspresentation
 
Sequencereset
SequenceresetSequencereset
Sequencereset
 
Rollbacksizes
RollbacksizesRollbacksizes
Rollbacksizes
 
Rollbackshrinks
RollbackshrinksRollbackshrinks
Rollbackshrinks
 
Rollbacklmt
RollbacklmtRollbacklmt
Rollbacklmt
 
Rollbackblocking
RollbackblockingRollbackblocking
Rollbackblocking
 
Rollback1555s
Rollback1555sRollback1555s
Rollback1555s
 
Redosize
RedosizeRedosize
Redosize
 
Real liferecoverypresentation
Real liferecoverypresentationReal liferecoverypresentation
Real liferecoverypresentation
 

Real liferecoverypaper

  • 1. Real-Life Recovery: Perspective, Preparation and Performance Daniel W. Fink In an anonymous office building downtown, an Most Oracle documentation gives equal billing to Oracle database administrator checks the log files backup and recovery. The routine task of setting to verify that the backup processes ran properly up, monitoring and maintaining backup processes last night. Then he grabs a 2nd cup of coffee and consumes valuable resource time. Once the moves on to the day’s tasks, emergencies and process has been established, other issues, such as assorted events. Users, managers and developers security, tuning and troubleshooting move to the are concerned with data accuracy, proper security top of the DBA task list. Usually, a crisis is the and blinding performance, not in the mundane time that the recovery process is performed. That task of testing recovery. Little does he or the is also the worst possible time to find out that the company know that the past month’s backups are backup process is flawed, the SYSTEM tablespace useless. Since the recent operating system update, file cannot be read from the tape. the tape drive, the only tape drive on site, writes This situation is a result of the attitude that the without error, but cannot read a single bit that is DBA is responsible for performing database on the tape. backup. The actual responsibility is to restore A few miles away, 2 DBAs and a System or recover the database to the point in time Administrator are completing a 12-hour system and within the downtime window and database recovery. No one has slept in over determined by the business needs. 36 hours. Mistakes were made, but they were caught well before the right pinkie was poised Rather than the backup process dictating the over the <ENTER> key. When the final recovery options, the recovery requirements command was issued, the three felt suddenly should drive the backup process. A backup refreshed…success is a great stimulant. For the 3rd strategy is determined by the answer to a single time in as many months, they have successfully question, “What is the best method of backup and performed a recovery with no perceivable loss of archiving that meets all of the business needs of data. The Operations Manager walks in with a pot data loss, downtime and cost?” As with many of coffee and a piece of paper. “Pretty good, no decisions, the question appears to be simple, but data loss,” she says, “but you could have been is complex when defining ‘best method’, ‘business done 2 hours ago. I’ll grade it a B+. Let’s go for an needs’, data loss’, ‘downtime’ and ‘cost’. In an A next time! Go home, get some rest and we’ll see attempt to define these variables, the Cost v. Lost you tomorrow.” Revenue Model is used to assist in answering this question. These two tales illustrate several important points regarding Oracle Backup and Recovery. Most • Restore, Recover, Rebuild sites focus on backups and other issues before To restore is to return to a former state. In addressing recovery. Single points of failure are database terms, this means to return the database shortcuts to disaster, both business and career. file(s) to a previous point in time determined by The only measure of a successful backup plan is copying the file from backup to online media. The how completely recovery can be performed. The database or particular file may be missing time to practice a recovery is not when a transactions. Restoration is required before production system is down and the Order Entry database recovery can be performed after a media clerks are waiting. Personnel can be the single or other similar failures. If the database is not greatest weakness in recovering a database, but running in archivelog mode, this is probably the they can also be the single greatest strength. opened state of the database. Perspective
  • 2. To recover is to return to a normal state. In perform a recovery and the amount of data database terms, this means to return the database allowed to be lost. These decisions are not set in to a point in time determined by the situation. It concrete; they will change over the lifetime of the may be a complete or incomplete recovery, database. depending upon the circumstances. Files are Training and Education. The responsibility for restored, and then archived redo logs are applied performing backup and recovery operations to bring the database to the desired state. Some should never fall on the shoulders of a person transactions may be lost, but they are usually few. who is not well trained and educated in the ways To rebuild is to recreate the state. In database of Oracle. Backup development and practice terms, this usually involves reusing the data and recovery can be done in a mentor-student process that populated the database in the most relationship, until the student is confident in the recent iteration. In some environments, tasks to attempt perform these unassisted. The particularly data warehouse or nonproduction, process is similar to learning to fly a plane, put in the raw data exists outside of the database. There the hours before attempting to go solo. There are may be no actual transactions since the last load several excellent books and white papers therefore nothing is lost. available regarding this discussion. One of the best is Rama Velpur’s Oracle Backup & Recovery • Base Knowledge and Training Handbook from Oracle Press. Transaction Architecture. The reason for a • Points of Failure database is to support transactions, whether they are entering a $.99 cable order or running a 3-day ‘Never have a single point of failure’ is the Oracle Regional Sales data warehouse query. The Backup & Recovery Maxim. The basic foundation understanding of how a transactions works, and is that a single failure should never prevent a what happens when it does not work, are the backup or recovery process from succeeding. If cornerstone to database knowledge. day-old archive logs are deleted after the cold backup, the backup tape is a single point of Recovery Structures and Processes. A DBA must failure. If the logfiles are unable to be restored, the be able to answer the question “What is the previous backup cannot be used to recover the difference between a rollback segment and redo database because the archived logs are log?” in 25 words or less. Know the recovery unavailable. structures, what they do and how to recover from the loss of each one. It is important to know the Identify the ‘show stoppers’ and have at least 2 performance implications of running a database options for bypassing. A single bad backup or in archivelog mode, both from a processing command should never be the cause of a failed standpoint and archivelog_destination cleanup. recovery. Taking an extra 2 hours to recover a lost Intimate knowledge of each recovery type is datafile from a 2-day-old backup is much easier critical to success. Minimum areas of than explaining why yesterday’s sales were lost understanding include the pros and cons of each because the archived redo log was lost. type, impact on business and downtime and Prevention of failures is a proactive approach to required steps, i.e. which files to restore, what recovery. Recovery from a dropped table is steps to perform during and after recovery, etc. possible, but implementing and enforcing Business Requirements. Each database is database security, access and maintenance different. Hours of operation, failure tolerance, procedures can prevent the situation. Using an data integrity rules, etc. A database is a dynamic appropriate RAID configuration can minimize the system, constantly changing within its impact of disk loss. There are expenses associated environment, which is also changing. The with prevention, but they may be minimal requirements in place 6 months ago may have compared with actual recovery costs. Even if changed drastically. Define your recovery goals proactive solutions are implemented, there will for each system and database. Decisions are still be areas of weakness. While certain RAID driven by the amount of time allowable to configurations will protect against the loss of a
  • 3. single disk, they cannot protect against the delete parameter files and a dump of v$parameter add command. several layers of backup. • Failure Prone Components System Tablespace datafile(s) These datafiles may be the most important in the database for it is the Personnel The most failure prone component is blueprint. Without the data dictionary, Oracle is the person issuing the commands. Document the blind to all of the data that is residing in the steps required for each recovery type. When datafiles. documenting, assume little, if any practice. The recovery manual should address the areas that Data Tablespace datafile(s) Under the OFA pose the greatest chance of total loss of service. standard, data and indexes are separated into Use signposts like “Proceed with Caution”, “Stop distinct tablespaces. This allows backup and & Review”, etc. and decision trees. Update the recovery plans to be flexible. If the system and manual periodically, at least at every major data tablespace datafiles are recoverable, all other change. If you are using Oracle Support tablespaces can be built from scratch, if sufficient assistance, make certain that you are talking to documentation exists. For example, indexes can someone who has performed recoveries. be recreated, if the most current DDL scripts are available. For Oracle8, data tablespaces include Redo Logs (online, offline and archived) The loss those objects defined as index-only tables. of a single redo log can result in total recovery failure. This is one reason that Oracle Rollback Segment Tablespace datafile(s) Although recommends using mirrored redo log groups. these tablespaces are used by transactions to Using hardware level mirroring is not sufficient, provide transaction recovery and read you are protected from media failure, i.e. disk consistency, the loss of this tablespace is not loss, but you are not protected from the delete necessarily a ‘death sentence’. The key factor is command. Archived logs should exist in their the state of the database at the point of the natural state on at least one backup tape. Once backup. If it is consistent mode, i.e. no there, they may be compressed and kept online uncommitted transactions, there should be no for several days, and placed on several other rollback entries. As such, the segments can be backup tapes. This strategy offers good protection dropped and rebuilt without data loss. from loss and assists in recovery speed by having Index Tablespace datafile(s) As stated above, if the logs online. Although rare, the compression/ the most current DDL scripts exist, indexes can be uncompression cycle may result in corrupted files, recreated from existing data. There is a substantial so use with caution. If disk space allows, have at recovery performance penalty incurred as the least two uncompressed archive log copies on indexes are being rebuilt, but no data loss occurs. different tapes. Temporary Tablespace datafile(s) Once the Control Files If all control files are lost, Oracle database is shutdown, the temporary segments offers several methods for performing recovery. are ‘clean’. If the temporary tablespace(s) are lost, However, these tasks are risky and easily recreation is a fairly simple process. As with avoidable. Another Oracle maxim is to have 3 indexes, there is a recovery performance penalty, copies of your controlfile, because a corrupt but no data loss occurs. controlfile will always, well almost always, be copied over a good controlfile. If you have a 3rd Misc Files File maps, object recreation scripts, controlfile, the erroneous copy will still happen, backup scripts and other assorted files should be but only you will know…the 3rd copy is used to part of the backup process. Performing a media save the day and your job. recovery is greatly simplified if an up-to-date tablespace-file-device map is available. While Initialization Parameter Files These files are often these files are not required for recovery, they can overlooked. As with controlfiles, there loss can be shorten and simplify the recovery process. overcome, but at a substantial effort. Data is not lost, but downtime is increased. A copy of all Preparation – the Cost v. Lost Revenue(CLR) Model
  • 4. In a perfect world, the CIO would hand the DBA tests, document and perform the occasional and SA a blank check for backup hardware/ recovery. software and provide an unlimited operations For hardware and software, acquisition and budget. In the real world, there is a balance operation costs can be quantified or estimated. between the costs associated with backup and the The operation costs are defined within the scope benefits of recovery. Although the business needs of time. The actual time is not important, but it drive the Cost-Benefit Analysis, it is the must be consistent. Hardware operation costs for responsibility of the technical staff to educate the a year are not comparable to backup operation users and support the decision-making process. It costs for 6 months. is not the responsibility of the technical staff to make the decision. For personnel, the actual or opportunity cost is determined. For most production environments, The basic concept is to compare the cost of backup personnel cost is actual, i.e. the sum of salary and and recovery with lost revenue. This is balanced benefits or hourly charges. For development so that the frequency of backup v. the frequency environments, the cost may be classified as of recovery is appropriately weighted. In a opportunity, i.e. the hourly rate that the client is production environment, a downed Order Entry being charged. system can be quantified. In a development environment, the quantification is related more to Although they are not assigned at this point, the lost Developer/User time. intangible costs should be discussed. These costs include impact on project timelines, goodwill with The model should be generated for 3 scenarios – users, management and technical personnel. If a worst, best and anticipated. The anticipated case project is approaching a critical junction, the cost should be somewhere between worst and best. of downtime may escalate dramatically. Users Best case should not be a fantasy, assume some may tire of experiencing excessive downtime; level of recovery requirements. Managers may tire of user complaints; Developers There are five basic steps to the CLR Model may tire of reloading the past month’s data; process: Administrators may tire of 36-hour days. The short-term impact may be less money spent on the 1) Educate the decision makers systems, but the long-term impact may be Discuss issues in clear, nontechnical terms that are frustration, high turnover and added costs. clear to everyone. The first step is to lay the 3) Assign costs to each backup strategy foundation by educating the decision-makers in basic knowledge of backup and recovery. There are three types of backup strategy: hot, cold Although an Accounting Manager does not need with archiving and cold without archiving. A cost to understand the intimate details of archive for each scenario is calculated in two areas: fixed logging, they do need to understand that and variable. transaction recovery is not possible without Fixed costs are the one-time costs for each step it...and what the business implications are of during the operational period. Software needs to adopting this strategy. be purchased or written once. Disk space required 2) Assign costs to each resource. for Archived Logs or backup datafiles is another one-time investment. These costs are incurred This phase is primarily devoted to assigning regardless of the frequency of backups, assuming actual or opportunity costs to each resource. The the frequency is greater than 0. resources are hardware, software and peopleware. The backup process will consume Variable costs are incurred each time the backup disk space and/or tapes, CPU cycles and memory process occurs. Logfiles must be monitored, tapes on the host platform. Backup software must be must be written and stored and scripts must be purchased or written. Administrators of various maintained. experience levels must monitor backups, perform At this point, the first business decision is made. The anticipated frequency of the database
  • 5. backups is determined. This decision is very remember that these decisions are among the preliminary, it is not set in stone. The less frequent most important that may be made in your career. the backup, the more costly the recovery, but a final decision is premature. It is important to use 5) Support the business user(s) in the preliminary decision as a baseline. Once the making an educated decision. recovery costs are determined, the type of backup Once all of the costs are determined, the process can be revisited. of finding an acceptable balance is begun. Unless Another alternative is to complete this phase of the company can afford hot-standby, fault- the model for each type and frequency of backup. tolerant, fail-over systems, compromises must be While time consuming, it may be simpler and made. Simply put, it is time to make an educated, quicker when busy schedules and diverse documented decision that is supported by the audiences are involved. business. The decisions that are made during this step may result in lost data, missed sales, 4) Assign costs to each recovery overtime and tough explanations to management. scenario If it is determined that the decision requires additional resource, such as disk drives or a tape The most common types of recoveries are object, library, they can be purchased before they are file and disk, each with a distinct strategy. Cost needed. Recovery planning is part of the system determination is common among all of the design phase. strategies, and is slightly different from determining backup cost. Although it may not be easy explaining to management to invest $100,000 in a system that is The first area of recovery cost is practice cost. The rarely used, it is better than explaining why major fixed expense is for a practice platform. An $1,000,000 in sales were lost yesterday because the ideal situation is to have a ‘sandbox’ for System Order Entry system is not archiving transactions. and Database administrators to test upgrades and recoveries. In many situations, an older Performance development platform may be adequate. Added to the cost is the variable personnel cost for each Oracle database recovery is one area where the practice. line between success and failure is clear. If the database is recovered according to the defined The second area of cost is restoration. This business requirements, the recovery was includes the time to detect and correct/bypass the successful, if not, the recovery was a failure. cause of failure. Then the backup media is Trying to successfully recovery is not acceptable. retrieved and objects or files are restored. If In the words of Yoda, “Do or Do Not. There is no archiving is being used, only the affected object or Try.” file needs restoration, which can significantly reduce the restoration time. The only valid method for testing a backup process is to perform a test recovery. This test A final, but optional, area is the cost of recovery. If should be repeated on a regularly scheduled basis archiving is being used, Oracle recovery processes and after any major change, such as a new tape can be used. This is usually the quickest method device or system upgrade. The time to find out of recovery. Other methods are transaction that the tape drive is not functioning properly or reentry and data reload, which are both time and that a new database file is not being backedup is personnel resource intensive. For a small decision during a practice run, not a live recovery support system, it may be more efficient to situation. Practice runs will also expose gaps in recreate the database from tested scripts and procedures, documentation, training and, most reload the previous period’s data. importantly, confidence. The best method for estimating recovery time is to actually practice each step. An alternative method is to use estimations for each step. Regardless, an • Practice, Practice, Practice qualified guess is better than nothing, but
  • 6. Practice recoveries are the only method for 2. Determine scope and cause of failure. The gaining confidence in the process and exposing type of failure will have serious impact on the weaknesses. Being able to quote chapter and verse types of recovery to be considered. If the from recovery theory is not a substitute for failure will be repeated shortly after the drawing upon actual experience, especially at 4:00 recovery is performed, the recovery is wasted. in the morning after a 20-hour day. At that time, If a table has been dropped, performing a you may be one keystroke away from success or complete recovery will return the database to failure. It is also the time when your mental the point AFTER the table was dropped. faculties are at their most vulnerable. 3. Correct/Bypass failure. When a disk fails, the Mistakes during a practice recovery cause no datafiles should be restored to another disk or harm. In fact, they are a tremendous learning the disk should be replaced. If the failure is experience. If you do not have the time and not corrected or bypassed, a recovery may be training to perform a recovery 100% right the first wasted. time, there may be no next time…at least not at 4. Identify Plan of Attack. Once the failure is the current company. understood and corrected, the recovery options are defined and a plan is determined. Practice will expose the ‘bridge burning’ steps. If a datafile for an index-only tablespace has These points are critical decisions where returning been damaged, it may be more efficient to to a previous step is difficult or impossible, unless drop the tablespace and rebuild the affected certain precautions are taken. Copying a backup indexes. Depending upon the plan, the next datafile in place of an existing datafile is such a step may not be required. step. These steps must be documented and well understood. It may be appropriate to backup a 5. Restore affected data. After failure correction, ‘bad’ datafile prior to restoration. This allows for a the process of restoration can begin. A tape or retreat should it be needed. Treat these situations other backup media is retrieved and the as ‘show stoppers’. affected data and log files are restored to the system. If redo log files are not being Oracle8 introduced the Recovery Manager tool, archived, the complete database must be which joins a number of 3rd party products. If the restored. business uses a tool, it needs to be part of the 6. Perform recovery. The actual recovery practice. You must also plan for the possibility strategy that was determined in the plan is that the tool is unavailable, always practice performed. In the above example, this may manual forms of recovery. Tool availability is not involve dropping the tablespace, recreating it a substitute for basic foundational knowledge. and then rebuilding the indexes and Practicing recovery is not a minor expense, but it recreating constraints. Depending upon the pales in comparison to losing a substantial backup plan, there may be substantial amount of data for a production environment. It resource requirements, especially if the data requires professional dedication to the business. must be reloaded or transactions reentered. If As recoveries are practiced, knowledge and skill time allows, a full cold backup should be are developed and confidence is increased. In performed after recovery but before the turn, this may assist in redeploying the backup database is opened for general use. and recovery strategy. 7. Postmortem. Debrief, document and determine improvements. Determine if the • Executing the Plan failure situation could be prevented. Losing 1. Stop panicking. It is imperative to get into the data and incurring downtime due to a proper frame of mind. Taking an extra 15 preventable failure is rarely acceptable in a minutes do calmly discuss the possible business critical system, unless the business alternatives may make the difference in a requirements have accounted for and failed recovery attempt and an additional 15 accepted this possibility. hours of downtime. • Conclusion
  • 7. Among the myriad of DBA tasks and responsibilities, the most important to the business is the ability to properly recover from a failure. There are many factors that determine the type and scope of recovery, primarily the balance between what the business can afford to spend and what it can afford to lose. These decisions are not the responsibility of the DBA or SA; rather, they are to be made by key members of the user community. The technical staff functions as a support organization by educating the users and assisting in the decision-making process using a Cost v. Lost Revenue Model. Once the business has determined the backup and recovery needs, the technical staff becomes responsible for insuring that these operations are properly executed. As a technical administrator, you are the greatest strength and greatest weakness for the recovery process. Training and practice are the paths to success. The recovery process is too critical to depend on less than 100% effort and ability. • Biographical Information Daniel Fink has worked with relational databases for 11 years, the last 6 as a production database administrator for Oracle systems. He specializes in production system management, configuration, tuning, backup and, of course, recovery. He has also developed and taught Oracle training classes for clients nationwide.