Large-Scale Patch Automation for the Cloud-Generation DBAs

Large-Scale Patch Automation for the Cloud-Generation DBAs Pankaj Chandiramani Principal Product Manager, Oracle Sean Connolly Software Development Director, Oracle Steven Meredith EM Service Manager, Boeing Copyright 2015, Oracle and/or its affiliates. All rights reserved.

Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle s products remains at the sole discretion of Oracle. Copyright 2015, Oracle and/or its affiliates. All rights reserved. 3

Agenda 1 2 3 4 5 6 Key Challenges/Trends from IOUG survey Data Center Evolution Patch Automation via Enterprise Manager Customer Story : Boeing Use Cases / Demos Q&A Copyright 2015, Oracle and/or its affiliates. All rights reserved. 4

Top Challenges and Trends impacting DBA Source: 2015 IOUG Survey on Database Manageability Security, Governance and Compliance Technology Innovations like Cloud Managing growing number of database with same resources Common Challenge :Keeping databases up to date with patch levels. This has increased by 30% from previous study. Copyright 2015, Oracle and/or its affiliates. All rights reserved. 5

Data Center Evolution Silos Platform Consolidation Consolidation Complex Infrastructure Consolidation Engineered System ** On Premise Private Cloud Copyright Copyright 2015, 2015, Oracle Oracle and/or and/or its affiliates. its affiliates. All rights All rights reserved. reserved.

Overview: Patch Automation Solution Traditional Estate Automated Patching via Patch Plans Advice/recommend patches based on configuration Minimize Downtime, identify issues with pre requisite check Patch Templates and Compliance Standards EMCLI Support Multi-Tenant adds Plug/unplug Container DB Patching Continuous Drift and Configuration Auditing for PDB s Cloud adds Self Service maintenance Simple Subscription using Gold- Image Real time Patch Tracking which helps in real time compliance Engineered Systems adds Extending Patching beyond the Database software Patch the database grid Patch storage grid Patch InfiniBand network Patch recommendations for the Quarterly Full Stack Download Patch. Comprehensive dashboard of the maintenance status and needs. Copyright 2015, Oracle and/or its affiliates. All rights reserved. 7

Information Technology Project Name Company and Presenter Background BOEING Founded in 1916 Designs, assembles and support commercial jetliners, defense systems, satellites and launch vehicles Integrates large-scale systems; develop networking technology and network-centric solutions Data centers spread across the US and global workforce Steve Meredith Boeing EM Service Focal 20 years as an Oracle DBA, 27 years in IT EM service manager for the past 5 years Experience with EM 10g, 11g, and 12c Copyright 2015 Boeing. All rights reserved. Steven Meredith, 12/31/2015 10

Information Technology Project Name EM Management Environment Large number of managed targets and their versions: EM version 12.1.0.4 Managed targets for database, cluster, and middleware Deployment configuration for EM: Each installation 2 node RAC database with 3 OMS servers All communication thru F5 SLB s Using LTM and GTM configurations DR Design Active/Active configuration with fail-over Design calls for both nodes to run in the same server set on DR action During fail over Critical Prod runs on 2 OMS nodes NP runs on 1 Copyright 2015 Boeing. All rights reserved. Steven Meredith, 12/31/2015 11

Information Technology Project Name Patch Automation Patch automation for database consolidation environments Scope: Consolidation RAC database clusters PSU patching required quarterly for all consumers Customers span all business units within Boeing Challenges Patch schedule consolidation to maximize scalability Process design to meet patching requirements for clustered databases Operational discipline to maintain healthy and accurate target configurations Copyright 2015 Boeing. All rights reserved. Steven Meredith, 12/31/2015 12

Information Technology Project Name Patch Plan Screen Shot This plan patched 27 3-node cluster databases (81 instances) while leaving 9 cluster db s on the previous home Copyright 2015 Boeing. All rights reserved. Steven Meredith, 12/31/2015 13

Information Technology Project Name Patch Automation Benefits Significant Labor reduction but short of initial goal Some customers not able to support unified patch schedules Enhanced productivity for patching focals Decreased patch cycle times Improved validation Configuration changes consistently deployed and maintained within oracle homes COTS vendor support for emergent patching changes Consistent patching process Copyright 2015 Boeing. All rights reserved. Steven Meredith, 12/31/2015 14

Information Technology Project Name Patch Automation Key Tips/Take Away s Understand the features and limitations of the product Analyze your environment and determine how automation will fit Deployment patterns and standardization are key factors in scalability Also evaluate organizational discipline in maintaining EM target health and configuration Set realistic goals Consider phased implementation Have a backup patching plan Get continuous and strong management support Communicate successes, challenges and sometimes failures Copyright 2015 Boeing. All rights reserved. Steven Meredith, 12/31/2015 15

Information Technology Project Name Patch Automation within our Internal Cloud In-place patching selected for all hosts Limits server white space for product hosting Greatly reduces resource utilization on the virtualized infrastructure Allows increased scaling and consolidation for patch job creation Simplifies home selection for future automation Working on self-service patching thru a web interface Patch automation will occur at the host level Limit virtual hosts to single versions of database homes Utilize EMCLI to execute command line based patching Copyright 2015 Boeing. All rights reserved. Steven Meredith, 12/31/2015 16

Summary : Patch Automation for Traditional Estate Simplified Patching process using Patch Plans Support for disconnected datacenters (No connectivity to My Oracle Support) Proactive patch recommendations for Oracle recommended patches (including CPU,PSU..) Perform pre-flight dependency and impact analysis Push Button Patching via Operators Copyright 2015, Oracle and/or its affiliates. All rights reserved. 17

Patch Automation for Multi-Tenant Databases Patch one - Patch all : A new paradigms for rapid patching and upgrades where Patching one CDB results in patching all of its many PDB s. Plug/Un-plug for patching the Oracle version Continuous Drift and Configuration Auditing for PDB s Copyright 2015, Oracle and/or its affiliates. All rights reserved. 19

Patch Automation for Multi-Tenant Databases Unplug/plug for patching the Oracle version The multitenant architecture supports plugging a PDB into a CDB whose Oracle Database software version differs from that of the CDB from which it was unplugged. Sales Retail Sales Container Database Pre-Patched Container Database Copyright 2015, Oracle and/or its affiliates. All rights reserved. 20

Patch Automation for DBaaS (Private Cloud) Self service maintenance for Database Cloud via Database Fleet Maintenance Primary maintenance mode for DBaaS deployed via EM Simple Subscription model that works using Gold-Image Real time patch tracking helps in maintaining a standardized cloud environment. Copyright 2015, Oracle and/or its affiliates. All rights reserved. 31

Database Fleet Maintenance Self service maintenance for Database Cloud Process 1. Admin manages images of both GI and DB Homes 2. Database Pools subscribe to DB and GI images 3. New images automatically get deployed to servers in the pool as new Oracle home 4. Self Service users or Admin can choose to migrate DBs over to the new home Benefits: Scale: Subscription based, automated deployment and at mass scale Reduced Downtime: Out of place patching and upgrade Isolation & Flexibility: Users to move to new software version on their terms End Users 11.2.0.3 DB Home 11.2.0.4 DB Home 11.2.0.3 GI Home 11.2.0.4 GI Home Admin Image Library Copyright 2015, Oracle and/or its affiliates. All rights reserved.

Engineered Systems Patch Management Patch Automation for the infrastructure stack Exadata Compute Nodes Storage Server Cells InfiniBand Network Switches Exalytics Compute Nodes Oracle Exalytics Base Image BIOS/ILOM firmware Oracle BI Operating System Exalogic Compute Nodes Exalogic Base Image Oracle Compute Control Plane Cloud Service Engines Sun Network QDR InfiniBand Gateway Switch (NM2-GW) Oracle ZFS Storage Sun Datacenter InfiniBand Switch 36 (NM2-36p) EM 12c EM 13.1 EM 13.1+ Copyright 2015, Oracle and/or its affiliates. All rights reserved.

Exadata System Patch Management Extending patching beyond the Database software Database Grid Database Servers Oracle GI / RDBMS Firmware / OS InfiniBand Network Switches Storage Grid Exadata Storage Servers Supports application of the complete system patch Quarterly Full Stack Patch Download (QFSPD) Copyright 2015, Oracle and/or its affiliates. All rights reserved.

Patch Automation for Engineered Systems Comprehensive overview of the maintenance status and needs. Proactive patch recommendations for the Quarterly Full Stack Download Patch (QFSDP) Supports auto patch download and ability to patch either in rolling and non rolling modes. Granular step level status tracking with real time updates, Log monitoring and aggregation, supporting quick filing of support issues with pre-packaged log dumps. Automation either at finer level on selective parts (2/7 storage server cells) or coarse level of the complete component (all storage servers cells) Copyright 2015, Oracle and/or its affiliates. All rights reserved. 43

Summary Traditional Estate Automate time-consuming and error prone Patching operation using Patch Plans. Advice/recommend patches based on configuration Minimize Downtime, identify issues with pre requisite check Sales Dev Sales Dev 1 Muti-tenant Patching one container database results in patching all of its many pluggable databases. Plug-Unplug Continuous Drift and Configuration Auditing for PDB s Patch Templates and Compliance Standards Clouds Engineered Systems Seamless single pane of glass management across clouds both on premise and public Consolidate and automate the complete lifecycle management on Exadata platform Self Service maintenance Simple Subscription using Gold-Image Exadata system patching including database servers Copyright 2015, Oracle and/or its affiliates. All rights reserved. 46

Session Description Over the last few years, Oracle Enterprise Manager has become the control center for database as a service. It leverages various underlying technologies including multitenant and storage snapshot to offer consolidation planning, rapid provisioning, monitoring, and cloud governance. The innovations in this area continue at a rapid pace with Oracle Enterprise Manager Database Consolidation Workbench, hybrid cloud migration, and continuous data refresh for DevOps. In this session, attendees learn about these innovations and hear successful case studies from other customers. Copyright 2015, Oracle and/or its affiliates. All rights reserved. 51