Database Machine Administration v/s Database Administration: Similarities and Differences IOUG Exadata Virtual Conference Vivek Puri Manager Database Administration & Engineered Systems The Sherwin-Williams Company
Agenda Introduc)on Architectures - Tradi)onal & Engineered Systems Administra)on with Tradi)onal Architecture Value Proposi)on Administra)on with Engineered Systems Roles - Database Machine Administrator Container Database Administrator Applica)on (LoB) Database Administrator Summary of DBA Roles Engineered Systems Administrator Roles & Responsibili)es
Disclaimer The opinions expressed and recommenda)ons made in this presenta)on are solely mine, and not of my employer.
The Sherwin-Williams Company Founded in 1866, Cleveland, Ohio by Henry Sherwin & Edward Williams Largest USA Paint Company Top 3 in the Worldwide Selling in 115 countries 47,000+employees 4,500+ Stores/Branches Globally Manufacturer & Marketer of Top Coa)ngs Brands 150th Anniversary this year
About myself Extensive experience with Oracle Databases and E-Business Suite & related technologies Member of Oracle EBS ATG & Exalogic Customer Advisory Board Member of OAUG Customer Support Council Master s degree in Computer Science 20 years experience working on Oracle technologies Worked as Lead DBA, Architect, EBS System Administrator, IT Manager Vivek Puri Manager Database Administra)on & Engineered Systems Email vivek.puri@sherwin.com
Architectures Tradi>onal & Engineered Systems Tradi>onal Architectures Disparate: Servers, Storage, Networking VM, OS, Database Components sources & connected Mul)ple layers of administra)on and management Mul)ple patch sets, integra)on and several applica)on valida)on Build your own, admin your own, maintain your own Engineered Systems Integrated system: Servers, Storage, Networking VM, OS, Database Single factory-assembled, Pre- Integrated System Single pane of glass administra)on and management Singe patch set, Single applica)on valida)on Pre-built, Pre-tuned, Op)mized for Oracle SW workload
System and Database Administra>on with Tradi>onal Architectures Mul)ple levels of administra)on System Administrator Servers, Firmware, OS Network Administrator Storage Network Administrator Storage Administrator Database Administrator(s) Container Database Administrator Applica)on (Line of Business) Database Administrator Applica)on DB Container DB Clusterware Network SAN SAN Network OS & Virtualiza)on HW & Firmware DB Admin Network Admin SAN Admin Sys Admin
Evolving Role of DBA Systems DBA Development DBA Opera)ons DBA Performance DBA Applica)on DBA Database Machine Admin (DMA)
Challenges with Tradi>onal Approach Lack of holis)c approach in managing all the layers Cross -team collabora)on is not very effec)ve in resolving issues Lack of ownership of the en)re stack Support requirements are not fully understood across all support groups Percep)on Appliance (Blackbox) Who gets root? Oracle Engineered Systems are provisioned quickly & made available for use but should be managed differently than tradi)onal compu)ng plaiorms Proper management of these systems require skills in Linux, storage, networking, databases, and middleware technologies Maximizing the benefits of these plaiorms requires close coordina)on with applica)on development teams
Value Proposi>on Goal Opera)onal Excellence, Maximize Value, Lower TCO Maximize value and lower total cost of ownership by clearly defining the processes to manage the Engineered System. Avoid organiza)onal, contractual, or job role boundaries from tradi)onal systems Clearly defining support roles and responsibili)es will avoid conflicts With Exadata and Database 12c Mul)-Tenant the tradi)onal job boundaries are less appropriate Key roles: Database Machine Administrator Container Database Administrator Applica)on (LoB) Database Administrator Database Machine and Database Administrator roles must work in concert to deliver Database Services
Administra>on with Engineered Systems - A New Approach Mul)ple levels of administra)on System Administrator Servers, Firmware, OS IP Network Administrator Storage Network Administrator Storage Database Administrator(s) Container Database Administrator Applica)on (Line of Business) Database Administrator Engineered Systems Database Machine Administrator Container Database Administrator Op)onal (based on): Consolida)on Density Number of CDBs Applica)on (Line of Business) Database Administrator / Pluggable Database Administrator
Database Machine Administra>on Possible Role Delega>ons Role Environment Size Environment Responsibility DBMA Small Few small Exadatas Few DBs / CDBs CDBA Medium 10+ Exadatas 10s of CDBs DBMA also takes on CDBA and App DBA/ PDBA roles DBMA also takes on CDBA role App DBA/ PDBA (no OS access) App DBA/ PDBA Large 10+ Exadatas 10s-100s of CDBs DBMA (root, grid access) CDBA (oracle access) PDBA (no OS access) Your environment / role delega)ons may differ.
Database Machine Administrator Role Administers Exadata Database Machine Servers/ HW Firmware, VMs, OS Networking (Infiniband, Ethernet for access) Storage High Availability Exadata Sooware, RAC, Data Guard / Golden Gate, Grid Infrastructure, ASM Root and Oracle access to CDBs and single instance databases Responsible for Plaiorm Patching Administers Container Databases (CDBs) in small to medium DBs and consolida)on environments Monitor Plaiorm using Oracle Enterprise Manager Cloud Control Use groups in OEM to restrict what targets are visible to a team
Container Database Administrator Administers Container Databases (CDBs) in large DBs and consolida)on environments Can be combined with Applica)on (Line of Business) DBA for small to medium DBs and consolida)on environments Grid and Oracle access Access to Oracle Enterprise Manager Cloud Control Use groups in OEM to restrict what targets are visible to a given team
Applica>on (Line of Business) / PDB Database Administrator OLTP, Data Warehouse for different Lines of Business (LoB) Administers the applica)on database or the Pluggable Database (PDB) for the applica)ons they support No access to privileged database accounts, e.g. SYS or System Limited privileged account to gain access to compute nodes Example: access staging areas for data loading Access to Oracle Enterprise Manager Cloud Control Use groups in OEM to restrict what targets are visible to a given team No oracle access since DBA could gain access to all databases on that node
General Administra>on Principle of least privilege access - ensure sufficient segrega)on of du)es Only one group should have root access, oracle access, etc. For any role there should be at least two individuals with the skills and privilege for redundancy Security Administra)on Audit Vault should be handled by a different group as administrators should not audit themselves Database Vault allows restric)ng System DBAs from seeing the applica)on data Database Vault administrator should not be a part of any of the DBA groups managing Exadata to ensure separa)on for du)es
Summary of DBA Roles Ac>vity Components DBMA CDBA App(LoB) DBA Security Admin Installa)on and Configura)on DB Servers Storage Cells Storage Alloca)on Network (Infiniband/ IP) RAC Oracle DB ACS ACS ACS ACS ACS ACS ACS Sooware Upgrades and Patching OS Infiniband Storage Server Database RAC CDBA Hardware Upgrades and Replacements DB Servers Storage Servers Infiniband / IP Networks Other HW Support Support Support Support
Summary of DBA Roles Ac>vity Components DBMA CDBA App(LoB) DBA Security Admin Backup and Recovery OS RAC Database PDB Monitoring & Incident Mgmt. (Availability, Performance Capacity) DB Servers Storage Cells Network (Infiniband / IP) RAC Database Database Services Storage (ASM) Security DB Vault Audit Vault Iden)ty Management
Engineered System Administrator - A Step Further Applica)on Tier Plaiorm faces similar challenges Oracle Applica)on ecosystem is not managed in a holis)c manner Matrix organiza)on is not effec)ve in suppor)ng Engineered Systems Plaiorm Exalogic and Exaly)cs requires focused approach to drive value for business applica)on Engineered Systems introduce the opportunity to improve performance, stability, scalability, and )me to market of solu)ons for the business. In order to exploit these opportuni)es, a dedicated team, responsible for managing is required
Tradi>onal Compu>ng PlaMorm Management Tradi)onal Compu)ng Plaiorms Opera)onal Environment Infrastructure Network Linux/ Unix Storage Facili)es Web Eng. Database Admin. Platform Services Apps Team
Engineered Systems PlaMorm Management Engineered Systems Plaiorm Opera)onal Environment Infrastructure Network Linux/ Unix Storage Facili)es Web Eng. Engineered Systems Platform Services Database Admin. Apps Team
Engineered Systems Team - Roles and Responsibili7es Responsible for management of Oracle Engineered Systems for the enterprise Accountable for management of the plaiorm, lifecycle management, system health Lead architecture, implementa)on, and strategic roadmap of Engineered Systems Hardware lifecycle management Opera)onal Support: Event and Incident Management, Problem Management, Plaiorm Patching, Virtual machine management, Monitoring of the hardware and sooware stack Op)miza)on and capacity planning
Engineered Systems Administrator - Roles and Responsibili7es Manages Oracle Engineered Systems (Exadata, Exalogic & Exaly)cs) for the enterprise On the Exalogic plaiorm, install, manage, debug, and configure sooware stack through virtualiza)on On the Exadata plaiorm, install, configure, support, and maintain the HW and SW stack through, and including, the OS & Grid infrastructure Integrate Exalogic and Exadata hardware and sooware in an op)mized manner in order to support enterprise applica)ons Implement management and monitoring of the Engineered Systems infrastructure with Enterprise Manager and Ops Center Backup/recovery design, implementa)on, and management Collaborate with Oracle Plaiorm Services in support of patching, monitoring, and Event and Incident management Maintain security compliance & adhere to security best prac)ces Perform OS & Storage management & op)miza)on
RACI Engineered Systems Administrator Engineered SystemS Admin Database Admin Web Engineer Unix Admin Network Admin Storage Admin Security IT Executive Management Task Patching OS (DB & Compute Node) R C C I A OS (Guest VMs) R C C I A Exalogic Storage R C C C I A Exadata Storage Cells R C I I A Infiniband R C C C I A Management Network R C I A Database Homes C R I A Databases C R I A WebLogic / Java C R I A EBS Applications C R I A WebLogic Applications C R I A Monitoring Databases C R A WebLogic C R A ebs Apps C R A Fusion Middleware Apps C R A Exadata/Exalogic HW Components R C C C C A ZFS Storage R C C A ASM Storage R C A Guest Storage R C C A Compute Node Storage R C A Network R C A Platinum Support Gateway R C C C C A Configuration Management Exalogic Configuration Management R C C A Enterprise Cloud Control C R C A Cloud Control Management Packs - OS R C C A Cloud Control Management Packs - WebLogic R C A Cloud Control Management Packs - FMW C R A Cloud Control Management Packs - EBS C R A Operations Center R C C A Capacity Planning R C C A
Q & A
Thank You!