Oracle Enterprise Manager 10g: Making the Grid a Reality

1
Oracle Enterprise Manager 10gMaking the Grid a
Reality
Session id 40029

• Jay Rossiter
• Vice President,
  System Management Products
• Oracle Corporation

2
Agenda

• Enterprise Manager 10G Introduction
• Grid Management
• Proof Points

3
Agenda

• Enterprise Manager 10G Introduction
• Grid Management
• Proof Points

4
Enterprise Manager 10G
Automating the Data Center

• 2x-10x lower cost to manage
• Increased availability, reliability performance

Complete Integrated Scaleable Low Cost
5
Complete Management of the Oracle Grid
1
End Users
Exhaustive individual component
management Admin Monitoring Provisioning
Oracle Collab Suite
Oracle eBus Suite
Oracle9iAS
Oracle9iAS OC4J
Integration
J2EE
Web Services
Top Link
Web Cache
Integrated Suite Management
2
SSO
Wireless
Portal
Integrated Management of Oracle Products
3
Oracle
Management for Oracle Eco-System
4
Other Applications
6
Integrated
Database
Host and Hardware
Oracle9iAS
Administration Monitoring Provisioning Security
Network and Load Balancer
Applications
Enterprise Manager
Storage
7
Scaleable
Automated management of sets of systems
SDK
Policy Manager
Task Automation
Group Management
Hardware/Software Inventory
Topology
Central Repository
Performance
Configuration
8
Managing Groups

• Managed from a single-view
• Monitoring and automated operations
• Logical modeling of sets of systems
• Applications, Clusters, other sets
• Leveraged by all services Jobs, Policies,
• Membership-based inheritance

Applications
Sets of Systems
9
Task Automation

• Execute simple or complex tasks across 100s of
  systems
• Easy to use and scalable
• Pre-packaged jobs
• Backup, startup/shutdown, patch, clone
• Generic job types
• SQL, OS command
• Ad hoc job creation
• Custom scripts
• Cooperative job sharing
• Job Library

Job System
EM 4.x
10
Easy to Deploy
HTTP/S
Manage from Anywhere
HTTP/S
Firewall
HTTP/S
Open Repository
HTTP/S
11
Out-of-box Ready

• Grid Control
• Management of all the Oracle Grid components
• Centrally manage entire enterprise
• Out-of-box management for all Oracle products
• Product Controls
• Fully functional standalone management
• Out-of-box with each product

12
Agenda

• Enterprise Manager 10G Introduction
• Grid Management
• Proof Points

13
Grid Management

• Application Service Level Management
• End-to-end performance, availability
  diagnostics
• Standardization
• Policy-based best practices
• Security Assurance
• Automated Provisioning and Administration
• Software, storage, application provisioning
• Change management and configuration

14
Application Service Level ManagementEnd-to-End
Performance, Availability Diagnostics
New York Sales Office

• Monitor key business transactions
• Availability
• Performance

Web Application
Paris Sales Office
Tokyo Sales Office
Any Application User
15
System Component ManagementRich monitoring and
diagnostics

• Availability
• Real time monitoring and thresholds
• Event notifications
• Historical Data Analysis and Trending
• Performance diagnostics
• Cluster monitoring

16
Application Service Level Management

• End-user performance
• All interactions
• Javascript attached to cookie
• Response time is captured in web server log
• Log data is loaded into the repository
• Require Oracle AS Webcache in the middle-tier

• Business Transaction performance and availability
• Record transaction
• Deploy to beacons across the network
• Transaction replayed
• Metrics recorded in repository
• Works for any web application

• End-2-End tracing
• Component level time tracking
• Click to EJB
• Click to SQL

17
Monitoring

• Application Service Level Management
• End-user experience
• Trace and pinpoint
• Deep diagnostics
• Sets of systems
• Classic system monitoring
• Availability
• Critical performance rollups

Applications
Sets of Systems
18
Standardization
Policy Based Best Practices

• Policy Management
• Rule definitions
• Violation detection
• Corrective action
• Security policies
• Software installation hardening
• Excess services/ports
• Excess user privileges
• Configuration policies
• Best practices
• Base images
• Performance polices
• Thresholds

Policy
19
Automated Security Checks

• All Oracle Software
• Security alerts
• Critical patches
• Host
• Detect open ports
• Detect insecure services
• Application Server
• HTTPD has minimal privileges
• Use HTTP/S
• Apache logging should be on
• Demo applications disabled
• Disable default banner page
• Disable access to unused directories
• Disable directory indexing
• Forbid access to certain packages
• Disable packages not used by DAD owner
• Remove unused DAD configurations
• Redirect _pages directory
• Password complexity enabled

• Database Services
• Enable listener logging
• Password-protect listeners
• Disable direct listener administration
• Disallow remote OS roles and authentication
• Disallow use of remote password file
• Restrict access to external procedure service
• Database User Privileges
• Disable install and demo accounts
• Disallow default user/password
• PUBLIC has execute System privilege
• PUBLIC has execute Object privilege
• PUBLIC has execute UTL_FILE privilege
• PUBLIC has execute UTL_SMTP privilege
• PUBLIC has execute UTL_HTTP privilege
• PUBLIC has execute UTL_TCP privilege
• PUBLIC has execute DBMS_RANDOM
• Password complexity
• Restrict number of failed login attempts

20
Automated Best Practices for Database

1. Not Using Locally Managed Tablespaces   
2. SYSTEM TS Contains Non-System Data Seg
3. Users with Permanent TS as Temporary TS
4. Insufficient Recovery Area Size
5. Force Logging Disabled  
6. Not Using Spfile    
7. Rollback in SYSTEM Tablespace    
8. Not Using Undo Space Management   
9. Non-uniform Default Extent Size

1. Insufficient Number of Control Files
2. Insufficient Redo Log Size
3. Insufficient Number of Redo Logs
4. Use of Unlimited Autoextension
5. Use of Non-Standard Init. Parameters
6. Recovery Area Location Not Set    
7. Autobackup of Control File is not Enabled
8. SYSTEM TS Used as User Default TS
9. Segment with Extent Growth Policy Violation
10. Tablespace Containing Mixed Segment Types

21
Certified Software Images

• Certified Systems
• Test/Dev system
• Production system

Base Image Library
22
Automated Provisioning
Enterprise Manager

Install/Clone
Configure
Patch
Secure
23
Configuration Analysis
How many DB instances need to have a given patch
applied? Is my O/S at the right patch level?

• Complete inventory of all Oracle software
• Versions
• Patch levels
• Configuration details for all Oracle products
• Related software and hardware configuration
  details

24
Configuration Analysis
When things stop working, the first thing we do
is try to figure out what has changed CalISO DBA

• Tracking changes
• Comparing and validating configurations
• Searching across enterprise
• Understanding product and feature usage

25
Automated Patch Management
Slammer virus exploited known security flaw to
which patch was available 6 months prior to attack

• Real-time discovery of new patches
• Security patch rapid deployment dramatically
  reduces vulnerabilities
• Automatic staging and application
• From hours to minutes
• Rolling RAC upgrade

Determine Applicability
2
4
Update Inventory
1
Patch Published
26
Automated Software Cloning Operations
Our DBAs spend about 25 of their time on
database installs and cloning -Verizon
Information Services DBA

• Reduce manual labor in software life-cycle
• From hours to minutes
• Automate mass provisioning of reference systems

3
Update Inventory
27
Capacity-on-Demand
Production Application
Application Servers
RAC DB
28
Automated Administration

• Simplify complex tasks
• Automate tasks across systems
• Single-button cluster operations

29
Automated Operations

• DB
• General health assessment
• Bad SQL identification
• Top SQL identification
• SQL recommendations
• Tuning advisories
• Performance trending
• Backup
• Restore
• Security vulnerability ID
• Create/remove Physical/Logical Standby
• Standby health assessment
• Standby switchover/failover
• RAC
• Cluster cache coherency monitoring
• Failover events
• Discovery of RAC topology

• All Target Types
• System and application availability
• Set up of target-specific metrics/thresholds
• Configuration data collection
• Performance data collection
• Comprehensive monitoring
• Alerts
• Email and Paging notifications
• Blackouts
• User-defined jobs
• System and application response time measurements
• Policy violation reporting
• Clone Oracle Home
• Patch search/download
• ASM
• Disk group admin (rebalance)
• Startup/Shutdown
• Disk group usage/status

• iAS
• Config changes across cluster (OC4J, Apache)
• Create/Manage cluster
• Deploy app to cluster
• Reconfigure a farm
• Add/Remove node from cluster
• Clone (mid-tiers)
• Patch
• OCS
• IMAP, SMTP End-2-end service monitoring
• Files End-2-end service monitoring
• Files document analysis count, size, format
• Files user analysis number, quota consumed
• Host/Host Clusters
• Top processes identification

30
Automated Group Operations

• All Target Types
• Config. change tracking
• Configuration inventory
• Diff configurations
• Search configurations
• Behavior inheritance (Jobs)
• Create/manage groups
• OS command jobs
• SQL Script jobs
• Aggregate Metrics
• Alert Rollups
• Set blackouts
• Set monitoring levels
• Set target properties
• Set thresholds
• Installation hardening
• Security alerts and patches
• Discovery

• ASM
• Disk group admin (rebalance)
• Startup/Shutdown
• Disk group usage/status
• I/O performance
• Add/Remove disks
• DB
• Analyze
• Backup
• Export
• Startup/Shutdown
• Configuration Advise
• Clone, Patch
• RAC
• Spfile changes across instances
• Start/Stop/Relocate services
• Startup/Shutdown

• iAS
• Config changes across cluster (OC4J, Apache)
• Create/Manage cluster
• Deploy app to cluster
• Reconfigure a farm
• Add/Remove node from cluster
• Clone (mid-tiers)
• Patch
• OCS
• Custom grouping
• Home pages for EMAIL and IM
• WebApp
• End-2-End availability
• End-2-End monitoring
• End-2-End tracing
• EM

31
Whats New in EM 10G
Key new EM10G functionality
Area EM 9i EM 10G
Oracle Database
Oracle9iAS
Oracle Collab Suite
Oracle eBus Suite
Operating System
Storage
Network
SLB (Nortel, F5)
Hardware (Dell, Compaq)
Admin and Monitoring

• Application Performance Management
• Real performance for All Your Users, All Your
  Pages, All the Time
• Application Availability
• Synthetic transactions
• End-to-end tracing
• Enterprise Configuration Management
• Rapid installation
• Deployment
• Provisioning
• Upgrade
• Automated patching

32
Agenda

• Enterprise Manager 10G Introduction
• Grid Management
• Proof Points

33
EM 10G Early Adopter Customers
34
EM 10G Early Adopter Merck

• Uses EM to manage 1200 systems worldwide
• Key v4 features driving rapid rollout
• Enterprise-wide
• performance and availability reports
• Automation
• event thresholds via baselines
• Configuration management
• compare/diff host hardware and software

35
Enterprise Manager 10G

• 2x to 10x lower cost to manage Oracle
• Complete
• Managing all the components of the Oracle grid
• Integrated
• Administration, Monitoring, Provisioning and
  Security
• Scaleable
• Minimal incremental cost for managing sets of
  systems
• Low cost to implement and maintain
• Pre-tested, certified works out of box

36