delivering oracle(aas) on a converged infrastructure · 2016-03-29 · delivering oracle(aas) on a...
TRANSCRIPT
ww
w.in
l.g
ov
Delivering Oracle(aaS) on a Converged Infrastructure
Success is about people, it’s never about technology
March 29, 2016
Robert Murray, INL Oracle Business Systems Architect
UT Oracle Users Group Conference
Salt Lake City, UT
Anyone wanting a copy of this slide deck, please email me at [email protected]
ENSURING THE NATION'S ENERGY SECURITY
• INL is the nation’s leading center for nuclear energy research and development. INL is part of the U.S. Department of Energy’s complex of national laboratories.
• The laboratory performs work in each of the strategic goal areas of DOE: energy, national security, science and environment.
• INL is the nation’s lead laboratory for nuclear energy research, development, demonstration and deployment and we are engaged in the mission of ensuring the nation’s energy security with safe, competitive and sustainable energy systems and unique national and homeland security capabilities.
• Please visit https://www.inl.gov/about-inl/general-information
Abstract
Delivering Oracle(aaS) on a Converged Infrastructure
This presentation discusses how the Oracle team at the INL is progressing in transforming database deployments into a self service portal using VMware technology.
Background information, cloning, VMDKs, Clusters, datastores, vSphere with Operations Management, vRealize Automation, and more will be discussed including the benefits this transformation brings to the organization and my team.
Part 1 – Background Information
ORACLE BUSINESS SYSTEMS
How do we succeed?
I lead the Oracle team at the INL and we are responsible for storing and delivering information.
A recent INL workshop conducted by the Table Group identified four basic ideas that my team must embrace to be successful in our responsibilities.
This presentation is about …
• Agility – the need for self-service
• Reliability – keeping “it” simple, and
• Innovation – looking “outside the box”
Information is valuable, it is stolen and sold for nefarious purposes. My next presentation is about protecting information at all costs.
• Security
Pre 2013 Situation
• Tight budgets, inadequate support staff, and limited training
• My team was too busy keeping the “wheels on the bus” to drive the bus
• De-moralized staff laying low and collecting paychecks
• Cyber and auditors were on our backs about fixing an ever increasing number of vulnerabilities: database, middleware, application, certs
• Silos focusing on their problems, choosing not to engage with the Oracle team to discuss any impacts their decisions might have on us
• Work packages ignored the Oracle Business Systems
• The majority of our systems were running on legacy technology
• We were paying out huge sums of money on software maintenance that included a large number of de-supported products
• Vendors site visits attempting to sell us more bloatware, shelfware, and costly hardware –not listening to our needs, trying end runs around us
Transformation Challenges
• Fully understand the current state of the Oracle Business Systems and the technologies OBS is built on
• Build an OBS Transformation Roadmap and have it adhere to IM’s core values of: reliability, sustainability, agility, and security
• Have management support the transformation from the top down
• Receive cooperation and support from Customers and the other organizational units
• Re-build and train a motivated work force
• Distinguish OBS from non OBS scope and define appropriate separation of duties
• The OBS reputation impacts the mission of enabling science that matters
• To be given the opportunity to be successful in fixing our situation
Some Useful Tips
• Technology can ease or increase your current work load
• Change (transformation) is always costly in resource, time, and money
• Avoid the analysis/paralysis pitfall, take ownership, and take action
• Believe in the vision, sell the vision, stand tall, and bend in the wind
• Push back on outside sales teams and quickly shutdown end runs
• Cutting edge solutions are usually just as bad as remaining legacy
• Don’t be afraid to say no (you will have to a lot)
• Recognize what is really needed to add value and what does it cost
• Leverage small wins, try to “leap frog” where possible and be careful not to leap too far
• Know the order of things and have a plan, make sure you can complete the mission, i.e. don’t sell what you can’t deliver
Tuckman Stages for the OBS Team (3 years)
Part 2 – Technology Discussion
ORACLE BUSINESS SYSTEMS
2015 – Building a HA Cloud Infrastructure
Simple, Elegant, Magic
http://www.vmware.com/files/pdf/VMware-Distributed-Resource-Scheduler-DRS-DS-EN.pdf
Database HA Cluster with DRS
Middleware HA Cluster with DRS
Live Migration
• VMs are encapsulated in a VMDK
• Hosts in the cluster are connected to the VnX via Fiber-Channel Host Bus Adapters
• The EMC VnX presents storage as LUNs to Vmware clusters
• Production and critical VMDKs are placed on shared clustered datastores
• When VMs are placed on cluster attached storage, they are free to migrate between all available hosts in the cluster (DRS)
• Live migration does not impact the operation of the VM
• This is useful under the following scenarios: host patching, hardware maintenance, hardware failure, and load balancing
• Non production VMDKs are placed on local RAID-5 datastores
• Local datastores do not support live migration
VM Cloning
Review of Technologies
Considered
• Oracle Virtual Compute Appliance, ZFS Appliance
• Oracle VM Infrastructure
• Oracle Real Application Cluster (RAC), Grid, ASM
• Oracle Data Guard
• Multitenant 12c Databases
Deployed
• Converged Hardware: HP, EMC, and Cisco
• Vmware VM Infrastructure
• Vmware HA Cluster with DRS on Shared Datastores
• EMC Data Domain and Isilon
• Single Instance 12c DB
This solution uses proven, less complicated, and more robust technology. The INL has staff experienced in these technologies and training adds to what we already know or fills in gaps. It’s also way less expensive.
DRS – Distributed Resource Scheduler
Part 3 – As a Service
ORACLE BUSINESS SYSTEMS
2016 – Defining the Cloud
• Self-service (aaS) portals for IM’s internal use and IM customers
• Rapid provisioning capability through virtualization, standard builds, and structured deployment processes – Golden Images
• Agile, resilient, and sustainable environment that integrates a continuous process improvement lifecycle into the build process
• Optimum resource utilization with minimal management – Automation
• Public Cloud has a specific function; e.g. Travel Accounting and Recruiting
• Private Cloud also has its specific function; e.g. systems where data is sensitive like Payroll and Human Capital Management
• Bottom line is, what can you safely expose and what must you do your best to secure
2016 – Building Golden Images (using a PeopleSoft example)
VM
No O/S
VM
Oracle
Linux
VM
Hardened
O/S
VM
Oracle DB
Software
VM
Application
Database
Created
VM
Oracle Linux
Server
VM
Oracle MW
Software
VM
Web/App
Installed
PSoft
SAND
DB
PSoft
DEVL
DB
PSoft
TEST
DB
PSoft
PROD
DB
Concept and Process
1. Reduce labor through reuse and recycling
2. Develop and enforce standards
3. Better builds through continuous process improvement
4. Add/remove functionality as needed
5. Apply upgrades, patches, fix vulnerabilities
6. Deploy one or more fully operational PeopleSoft databases < 1 hr
2016 – Oracle Linux UEK(PaaS)
2016 – Oracle DB(PaaS)
2016 – Oracle FMW(PaaS)
2016 – Oracle APEX(PaaS)
2016 – Oracle Forms(PaaS) This platform runs applets within the browser -- this technology is deprecated and is offered to temporarily support legacy application frameworks waiting to be upgraded to APEX, ADF, Google Web Toolkit, or other modern PaaS. Working on javaWS launch via 443.
2016 – Oracle Reports(PaaS) This platform runs applets within the browser -- this technology is deprecated and is offered to temporarily support legacy application frameworks waiting to be upgraded to APEX, OBIEE, or other modern PaaS.
2016/17 – vRealize Automation
• Kick off a Vmware clone of an operating Golden Image
• Manually run post-clone scripts (some examples)
– Change IP Address and Hostname of new VM
– Configure authentication service for new VM with Active Directory
– Register with Oracle Linux for patching, and run YUM update
– Change Data Domain mount point
– Change RMAN crontab start time based on OVM schedule
– Apply applicable PeopleSoft domain changes to database
– Apply PeopleSoft Data Masking script (optional)
– Restart PeopleSoft Web/App tier and purge cache
• To automate the manual process, we need to do the following:
– Upgrade from 5.5 to 6.x
– Deploy vSphere with Operations Management
– Convert from manual scripts to vRealize Automation
2016/17 OBS Offerings
https://www.vmware.com/files/pdf/vcloud/VMware_vRealize_Automation.pdf
Cloud Benefits for OBS Team
• Standard builds – Golden Images
• Workflow automation of most M&O activities
• Easily create disposable test beds for the following :
– Patching and upgrades
– Vulnerability management
– Data masking and tablespace encryption
– O/S hardening and firewall rules
– User acceptance testing
– Role based identity governance
– Simulated disaster and recovery scenarios
• Staffing
– Increased labor efficiencies (building workflows)
– Decrease in M&O hours means more time for documentation, training, and strategic planning
Questions?