OEM13c Class 1
OEM13c Class 1
a ble
f e r
ans
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu
s b an den
@ u S tu
te r hi s
o s e t
r t i nฺf o us
( m a se t
s t i c en
er lOracle Enterprise Manager
Fo
n
Marti Cloud Control 13c: Install &
Upgrade
Student Guide
D92195GC20
Edition 2.0 | May 2017 | D100216
This document contains proprietary information and is protected by copyright and other
Technical Contributors intellectual property laws. You may copy and print this document solely for your own use in an
Oracle training course. The document may not be modified or altered in any way. Except where
and Reviewers your use constitutes "fair use" under copyright law, you may not use, share, download, upload,
Sumesh Balakrishnan copy, print, display, perform, reproduce, publish, license, post, transmit, or distribute this
Unauthorized reproduction or distribution prohibitedฺ Copyright© 2017, Oracle and/or its affiliatesฺ
If this documentation is delivered to the United States Government or anyone using the
Graphic Editor documentation on behalf of the United States Government, the following notice is applicable:
Prakash Dharmalingam
a b le
U.S. GOVERNMENT RIGHTS
f e r
The U.S. Government’s rights to use, modify, reproduce, release, perform, display, or disclose
an s
these training materials are restricted by the terms of the applicable Oracle license agreement
Publishers and/or the applicable U.S. Government contract.
n - t r
Giri Venugopal
Trademark Notice
a no
Michael Sebastian Almeida
h a s its affiliates. Other names may be
) ideฺ
Oracle and Java are registered trademarks of Oracle and/or
Raghunath M. trademarks of their respective owners.
m
co t Gu
k ฺ
s b an den
@ u S tu
te r hi s
o s e t
r t i nฺf o us
( m a se t
s t er licen
F o
n
Marti
Contents
Unauthorized reproduction or distribution prohibitedฺ Copyright© 2017, Oracle and/or its affiliatesฺ
1 Introduction
Course Goals 1-2
Lesson Objectives 1-3
What Is Enterprise Manager Cloud Control 13c? 1-4
Why Do I Need Enterprise Manager Cloud Control 13c? 1-5
Cloud Control 13c: A Single Pane of Glass 1-6
a ble
Cloud Control 13c Major Themes 1-8
f e r
Finding Your Way Around Cloud Control 13c 1-9
ans
This Course in Context 1-10
n - t r
o
Oracle VM VirtualBox in the Classroom 1-11
s an
Summary 1-13
) ha eฺ
om Guid
Practice 1-1 Overview: Using Oracle VM VirtualBox 1-14
ฺ c
b a nk ent
Practice 1-2 Overview: Getting to Know the Cloud Control 13c Interface 1-15
Summary 2-32
m e t
The 1-SystemaUpgrade Process 4-5
( s
s t er lic12cenSoftware-Only with Plug-ins Upgrade Procedure 4-6
Cloud Control
5 Implementation Planning
Objectives 5-2
Enterprise Manager Implementation Lifecycle 5-3
The Implementation Plan 5-5
Cloud Control Infrastructure Growth 5-7
An Enterprise Manager Site 5-9
One Site Managing the Entire IT Enterprise 5-11
Multiple Sites Managing the IT Enterprise 5-12
Unauthorized reproduction or distribution prohibitedฺ Copyright© 2017, Oracle and/or its affiliatesฺ
M arti
F n
os t e
m
li
a rt i n ฺ
r ( cens e
s t
to
@
fo use
b
er this
a
ฺ c
us Stud
nk ent
)
s
om Guid
ha eฺ
an
o n - t r an
sf e r a b
le
1
Unauthorized reproduction or distribution prohibitedฺ Copyright© 2017, Oracle and/or its affiliatesฺ
Introduction
a ble
f e r
an s
n - t r
o
s an
) ha eฺ
ฺ c om Guid
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
Fos
n
Marti
Course Goals
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ S tu in installing Enterprise Manager Cloud
u experience
r
This course is designed to give you hands-on
teversions. s
hiYou are introduced to the general architecture of an
Control 13c and upgrading from earlier
o s e t
i
Enterprise Manager Cloud Control
r t nฺf 13co
s
uinstallation and the topologies within which it can be
deployed, as well as the
m a e t
considerations to be taken into account when planning a Cloud Control
r ( n s
implementation.te
o s l ice
i n F
r t
Ma
• Describe the key features of Oracle Enterprise Manager Cloud Control 13c
• Describe the classroom environment that is used for the practice activities
• Start, log in to, and stop a virtual machine on your student desktop
a ble
f e r
an s
n - t r
o
s an
) ha eฺ
ฺ c om Guid
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
F os
n
Marti
– Databases
– Middleware
– Hardware and engineered systems
• Private cloud and Oracle Cloud management
• Separation of duties through user roles and privileges
• Third-party product management via vendor plug-ins
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
Oracle Enterprise Manager Cloud Control r 13c is an
s application that is built on an extensible
hi your IT infrastructure to help you monitor and
tethroughout
framework that uses agents deployed o s e t
i nฺf oa core
manage that infrastructure. tUtilizing
r us framework for authentication and authorization, job
management, and metricsm a processing,t
e Cloud Control 13c’s product management functionality is
r ( n s
provided through
with changeso s
in
tthe l iceinfrastructure.
ea plug-in
managed products,
This allows for independent plug-in updates to keep pace
as well as the installation of new plug-ins to extend the
n F
rti functionality and capability of Cloud Control 13c.
available
a
M
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
Trials and Tribulations of a Modern IT
te r Administrator
h i s
o s e t
Unlike the early days of computing
r t i
view the entire IT infrastructure
nฺinf awhen
o u
single
san IT administrator could stand in a machine room and
glance, modern IT administrators find themselves
m a e t
r ( ceevery
confronted with challenges
t e ns working hour:
•
F os
Geographically li
distributed data centers, including co-locations
• rtin
A mixture of hardware brands and architectures
a
M • A mixture of operating systems and versions
• Bespoke applications, off-the-shelf applications, customized applications, cloud applications
and services, and associated integrations
• Meeting service-level agreements with both internal and external parties
• Complying with internal and external regulations
• Managing latest technologies while maintaining legacy systems
• Applying appropriate monitoring to new systems and services
• Reporting back to end users, business owners, and other interested parties
• Providing a highly available monitoring and management tool that allows delegated
management
management management
s a
h a
) ideฺ
m
co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
k ฺ
s b an den
@ uAll Stu
One Management Tool to Oversee Them
t e r h is
s
fo 13c uhas t
ethe capabilities to intelligently manage traditional and
Enterprise Manager Cloud Control
i n ฺ s
cloud-based services, thus a rtmitigating
tothe need to use multiple management and monitoring tools for
what were previously m e
ns environments.
r ( twocdisparate
t e e
li for management of the Oracle stack, including engineered systems, with
•
F os solution
Complete
a ble
f e r
ans
n - t r
o
s an
) ha eฺ
ฺ c om Guid
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
F os
n
Marti
Monitoring
Management
Lifecycle Application
Management Management
Cloud Database
Management Management
Heterogeneous
(Non-Oracle)
Middleware
Management
a ble
Management
f e r
Application Application
an s
Quality Performance
n - t r
Management Management
a no
h a s
m ) ideฺ
k ฺ co t Gu
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tubuilt around 11 major themes. Some of the
Oracle Enterprise Manager Cloud Control r 13c hassbeen
e follows:
tas hi
key aspects of each theme are listed
o s e t
• r t i nฺf o uPlug-in-based
Framework and Infrastructure:
s management of targets, named credentials,
a t
self-update, and
r se
(mjobsensystem
e
•
ost Monitoring:
Enterprise
F lic Status monitoring, and incident detection and notification
• tinApplication Management: Built-in monitoring and management of Oracle applications
a r
M • Database Management: Provisioning and upgrade, data masking and subsetting
• Middleware Management: Discovery, monitoring, provisioning, and diagnostics
• Hardware and Virtualization Management: Monitoring of Oracle SUN hardware, monitoring
and management of Oracle VM, Linux, UNIX, and Windows
• Heterogeneous (Non-Oracle) Management: Plug-ins and connectors for monitoring and
managing non-Oracle applications and products
• Cloud Management: OVM server and server pool management, chargeback, reporting on
usage and trends, and capacity planning and consolidation scenario analysis
• Lifecycle Management: Provisioning, configuration, patching, and compliance management
• Application Performance Management: User experience management, business
transaction management, and Java monitoring and diagnostics
• Application Quality Management: Application replay and real application testing
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
Four Main Menus
te r h i s
o s e t
The main menu bar is displayed
t i ฺfon every
nneed u sEnterprise Manager Cloud Control 13c page, and four of
the menus within it are all
a r
you t o
to successfully navigate the Cloud Control 13c console:
• Enterprise: m
( menu
r This e
nsallows you to navigate around the core framework of Cloud Control
13c,o t
such e c e
s as thelisummary of your managed IT infrastructure, monitoring and incident
i n F
management, the job system, reporting, configuration and compliance management,
rt
Ma• provisioning, patching, and private cloud management.
Targets: This menu gives you quick access to overviews of common types of managed
elements such as hosts, databases, and middleware, as well as Cloud Control 13c artifacts
such as groups, systems, and services. You can also view a filterable list of all your managed
IT infrastructure.
• Setup: This menu is where you will spend much of your time administering Cloud Control
13c itself, including setting up users and privileges, connecting to My Oracle Support, using
the self-update capabilities of Cloud Control 13c, and managing the components of Cloud
Control 13c.
• Logged-in User: This menu (named for the currently logged-in user) is where users can set
their preferences, such as their home page and accessibility settings, as well as view any
notifications directed at them. This is also where the Log Out option is available.
• Oracle Enterprise Manager Cloud Control 13c: Install and Upgrade Workshop
• Using Oracle Enterprise Manager Cloud Control 13c
Unauthorized reproduction or distribution prohibitedฺ Copyright© 2017, Oracle and/or its affiliatesฺ
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@
The courses listed here were available,ror
u S tu at the time that this course was
being developed,
te t hi s
released. o s e
r t i nฺf o us
( m a se t
s t er licen
F o
rti n
M a
em13c
To perform a fresh
Unauthorized reproduction or distribution prohibitedฺ Copyright© 2017, Oracle and/or its affiliatesฺ
installation of EMCC13c
host01
A generic managed host
em12c
a ble
To perform a 1-System upgrade
from EMCC12c R5 to EMCC13c
f e r
an s
Oracle Linux n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
Self-Contained Multihost Environment
te r h i s
o s e t
Your student machine is running
machines (VMs) have been r t i nฺf Oracle
prepared o u
for
VirtualBox
s
you, and
on top of Oracle Linux. As illustrated, three virtual
these are used as required to work through the
m a e t
practice activities: r (
t e c e ns
• os
em13c.example.com
F li
• rtin
em12c.example.com
a
M • host01.example.com
The virtual machines that are running on your machine can communicate with one another, but only
the base operating system can access the network outside the classroom PC.
Logging In to Your Machine
Log in to your classroom PC as the vncuser user. After you are logged in, the simplest way to
control your guest virtual machines is by using the Oracle VM VirtualBox Manager GUI console.
Starting Your Guests
Your Activity Guide tells you which VMs are required to be running for each practice exercise. Use
the VirtualBox Manager GUI console to start and stop the appropriate VMs.
Control Console. Alternatively, use the browser in the base operating system. Either way,
enter a URL that refers to the VM host name, such as
https://em13c.example.com:7802/em.
a ble
f e r
ans
n - t r
o
s an
) ha eฺ
ฺ c om Guid
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
Fos
n
Marti
a ble
f e r
an s
n - t r
o
s an
) ha eฺ
ฺ c om Guid
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
F os
n
Marti
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ S tu environment that is installed on the
uVM VirtualBox
r
This practice familiarizes you with the Oracle s
hi practices in the course.
e subsequent
tall
student machine that you will useofor s e t
r t i nฺf o us
( m a se t
s t er licen
F o
rti n
M a
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ tuEnterprise Manager Cloud Control 13c
uaroundSthe
te r
This practice familiarizes you with navigating
hi s
console. o s e t
r t i nฺf o us
( m a se t
s t er licen
F o
rti n
M a
M arti
F n
os t e
m
li
a rt i n ฺ
r ( cens e
s t
to
@
fo use
b
er this
a
ฺ c
us Stud
nk ent
)
s
om Guid
ha eฺ
an
o n - t r an
sf e r a b
le
2
Unauthorized reproduction or distribution prohibitedฺ Copyright© 2017, Oracle and/or its affiliatesฺ
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
Fos
n
Marti
Objectives
• Use the Add-Host wizard to start managing hosts and their targets
• Describe implementation topologies at a high level
• Install Cloud Control in a simple single-server topology
a ble
f e r
an s
n - t r
o
s an
) ha eฺ
ฺ c om Guid
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
F os
n
Marti
Managed Managed
Hosts Targets
Cloud Control
Console
Oracle Management
Service
Software
Library
a ble
EM CLI f e r
JVMD an s
Business
Engine n - t r
Intelligence
Publisher a no
Oracle Management Repository
h a s
m ) ideฺ
k ฺ co t Gu
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
u S u components as illustrated in this slide:
tmain
The Cloud Control ecosystem consists of r@ the following
s
o s e
t(OMS)
e t hi
• Oracle Management Service
t i n ฺf s
u(OMR)
• a
Oracle Management r t
Repository o
• r (mthateform
Managedehosts n seyour IT infrastructure
• F ost targetslithat
Managed
c
form your IT platforms, applications, and other non-host infrastructure
rt i n
Ma• Oracle Management Agents (simply called agents) running on managed hosts with target-
specific plug-ins
• Software Library (on a shared storage location for highly available topologies) for storing
patches, provisioning profiles, gold images, and so on
• Enterprise Manager Cloud Control Console, the web-based interface for Cloud Control
• Business Intelligence Publisher (BIP) for reporting
• Java Virtual Machine Diagnostics (JVMD) Engine for processing information gathered by
JVM agents (not illustrated)
with the agents, the OMS runs the Cloud Control Console webpages that are used by
administrators and users to view reports, and monitor and manage the computing
environment that is visible to Cloud Control via the agents and their plug-ins.
a ble
f e r
ans
n - t r
o
s an
) ha eฺ
ฺ c om Guid
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
Fos
n
Marti
Oracle Management
WebLogic Server Administrator
Agents
OMS
a ble
f e r
an s
Oracle Management Repository n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
As the illustration in the slide shows, ther@
u S
OMS is actually
tu composed of J2EE applications deployed
te t hi s
on Oracle WebLogic Server: o s e
• r
The Console applicationt i nฺfserves
o uups all the Cloud Control webpages.
a t
m nseServices (PBS) application is where agents upload their metrics.
• The Platformr (Background
• o s t e
OCMRepeater l ice Configuration Manager) is the link between Cloud Control and My
(Oracle
i n F
t Oracle Support for consolidating the configuration data that is collected from agents.
arOMS communicates with the agents deployed throughout the enterprise, receiving uploaded
MThe
metric data from them and storing it in the Oracle Management Repository for future reference. The
OMS also applies built-in and user-defined rules against received metrics to determine whether a
condition exists that needs to be raised as an alert. There is also communication from the OMS to
the agents, of instructions to execute against their monitored targets, as a result of either a job within
the OMS or the actions of an administrator. Cloud Control administrators and users interact with the
OMS via the Cloud Control Console webpages.
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ tu
uOracleSdatabase
The OMR is installed in an Enterprise Edition
t e r h i s as a group of approximately 4,000
schema objects belonging to the SYSMAN
f o s user e t that is stored in three tablespaces:
t ฺ s
in to u and MGMT_AD4J_TS. These schema objects contain
MGMT_ECM_DEPOT_TS, MGMT_TABLESPACE,
information about Cloud a r
Control e users and administrators, the targets and applications that are
r ( m n s
monitored and managed
o
artifacts. The s
OMR l icbyeCloud
te is created during
Control, and groups, systems, incidents, and other Cloud Control
installation in a database that you create before running the
n F
rti and, for scalability requirements, it can be installed in a Real Application Clusters (RAC)
installer,
a
M
database.
Regularly check the certification information on My Oracle Support for the most recent update about
which database versions are certified for use as repositories.
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
The database that is used to house the rOMR @ tube used for any other applications, including
ushouldSnot
te t hi s
an RMAN catalog, for the following o sreasons:
e
• r
Cloud Control’s usaget i nofฺftheodatabase
us should not have to compete with any other usage.
a t
• Using the OMR
r (mdatabase
e n sefor other applications may restrict your ability to upgrade and patch
e
ost schemalicand database as required.
the OMR
F
• tin
a r Cloud Control comes with a restricted-use, single-instance database license that can be used
M for the OMR only.
Information about the restricted-use license is detailed in the documentation set in Oracle Enterprise
Manager Licensing Information.
RAC databases are recommended for hosting the OMR due to their high availability capabilities.
The OMR can be preconfigured in an Oracle database by using predefined database templates. In
this case, a software-only installation of the database software is performed first, and then the
Database Configuration Assistant (DBCA) is used to create the OMR database from one of the
predefined templates.
Oracle
Management HTTP/
Agent HTTPS
E-Business
Suite Plug-ins Plug-ins
a ble
f e r
Application Oracle
Management an s
Servers Listeners Databases
Repository n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
The Oracle Management Agent is a Java r application
s that runs on a host, gathering metric data about
teplug-insthtoi discover, monitor, and manage targets that are
the host environment as well as using
ฺ o s e
f gatherusconfiguration
r t i
running on that host. The plug-ins n o information from their targets, monitor their
a
availability and performance,
m nand t
emanage those targets as directed by the OMS.
r ( s
te liorcesystem for which there is a plug-in. The list of targets includes entities
A target is anyssoftware
o
i n F Database, Oracle Database Listener, Oracle Application Server and Oracle
such as Oracle
ar t
WebLogic Server, E-Business Suite, SOA, Exadata, and Exalogic. Using the Oracle Enterprise
MManager Extensibility Framework, plug-ins can be developed by third party software vendors to
monitor and manage their products, and even by individual organizations to monitor and manage in-
house built applications. Only one agent is required on a host to be able to monitor and manage all
the targets running on that host.
Each agent plug-in is specific to a particular target type and offers special management capabilities
that are customized to suit that target type. To discover, monitor, and manage any given target, the
agent must have the appropriate plug-in installed. Plug-ins only need to be installed on agents where
they are required to monitor and manage their target type.
An agent plug-in (also referred to as a target plug-in) contains two types of components:
• A target discovery component
• A management component that is specific to a target that was discovered
The discovery content is deployed on a host:
• When the agent is pushed to or installed on that host, for the default plug-ins
• When a new plug-in is deployed to the agent
a ble
The management content for each target type is pushed to the agent when the administrator
f e r
promotes a discovered target to a managed target.
a n s
The agent communicates, via clear HTTP or secured HTTPS traffic, with theoOracle n -t r
Management Service to upload metric data collected by it and its plug-ins n to receive
a and
instructions from the OMS. s
ha eฺ
) id binary
Agents are installed in their own ORACLE_HOME as an instance
ฺ c om ofGaushared
ORACLE_HOME, although typically there is a one-to-one
b a nk mapping
e n t of an agent instance to
agent binaries (unless you are using a shared s
@ tud agent binaries location).
u NFS-mounted
S
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
F os
a rtin
M
7788 / 7802
HTTP / HTTPS
HTTP / HTTPS
3872 / 3872
a ble
f e r
Oracle
an s
Management
n - t r
* Port numbers are examples only.
Repository
a no
h a s
m ) ideฺ
k ฺ co t Gu
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ tu
uControlScomponents
The communication flow between the Cloud
t e r h i s is illustrated in the slide by using
directional arrows to indicate the o
ฺ f s ofethet communication. All the ports shown are example
initiator
values that can be changedtduring
r o us either by the installer as it searches for available
in tinstallation,
ports or explicitly by you.
( a
m Youncans e also change ports after installation.
r
• teuploads
The agent
o s l icedata to the OMS via HTTP on a port in the range 4889–4898 or via
i n F on port 1159 or a port in the range 4899–4908.
HTTPS
rt
Ma• The OMS communicates with the agent via HTTP or HTTPS, depending on whether the
agent is unsecured or secured, respectively, on port 3872 or a port in the range 1830–1849.
• The OMS communicates with the OMR via JDBC on port 1521.
• Cloud Control Console users access the Cloud Control webpages via HTTPS on a port in the
range 7799–7809 or via HTTP on a port in the range 7788–7798.
Knowing the ports used in your Cloud Control installation is important, especially if you are
managing hosts behind firewalls or where other network restrictions apply, because communication
will need to be allowed on these ports and in the directions shown.
a ble
f e r
Silent installation: Agent clone
an s
• emcli submit_add_host
• AgentPull
between hosts
n - t r
• emcli get_agent_image and agentDeploy
a no
• emcli get_agent_image and RPM install
h a s
m ) ideฺ
k ฺ co t Gu
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
A managed host is a host where an EMragent @ u is up S tu
and running. It is recognized in the EM Console
teon a host,
t s
hi other targets can be discovered on it (such as
as a host target. When an agent exists
o s e
databases, listeners, and so ion).
r t nฺf o us
An unmanaged host(is m a thatsdoes
one e t not yet have an agent running on it.
t r cenhost into a managed host, the OMS connects to the host via a secure
eunmanaged
oconnection lbyi using the authentication credentials supplied by you. The agent image
To transform an
shell (SSH) F s
a
can rbetinsent in a compressed form that is then uncompressed and installed into directories that you
Mnominate when initiating the Add-Host job, or it can be sent as a Gold Image built from an existing
agent on the same platform as the unmanaged host. The agent can be deployed by using the
console pages to hosts that are:
• Discovered automatically by Cloud Control but are still unmanaged hosts
• Known to the administrator as hosts on the network but not yet known to Cloud Control
You can also clone an agent from one host to one or more other hosts of the same operating
system. Both the cloning and Gold Agent Image methods copy not just the software but the
configuration of the agent, including any patches. This is typically done to define a standard agent
configuration and deploy it to multiple hosts. Gold Agent Images offer the advantage of managing the
life cycle of the subscribed agents beyond the initial installation. They allow you to focus on ensuring
that the original agent’s configuration, patches, and plug-ins are up-to-date, leaving you comfortable
in the knowledge that you can easily reflect those changes in other agents.
a ble
f e r
ans
n - t r
o
s an
) ha eฺ
ฺ c om Guid
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
Fos
n
Marti
OMS
Unauthorized reproduction or distribution prohibitedฺ Copyright© 2017, Oracle and/or its affiliatesฺ
1
Add host
13c Agent
2
Create Gold
Image
3 a ble
Add hosts f e r
an s
13c Gold
Agent Image
13c Agents
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
A Golden Best Practice
te r h i s
o s e t
Although you could use the Add-Host
advantage of Cloud Control r t i nฺf Gold
13c’s o
wizard
u s to manually deploy all of your 13c agents, taking
Agent Image functionality provides benefits beyond the point
m a e t
of installation itself.
t e
By
rtherebyc e ns your
( subscribing agents to a Gold Agent Image, keeping your agents updated
F o s
is vastly simplified, li helping to ensure currency and compliance across your Enterprise
Manager n site.
rt i
a a Gold Agent Image to install your agents to 13c is a multistep process:
MUsing
• Install at least one 13c agent by using the manual Add-Host wizard.
• Create a Gold Agent Image by using the newly installed agent as the source.
• Mark the Gold Agent Image as the current version.
• Add hosts by using the current version of the Gold Agent Image.
Every host you add by using the Gold Agent Image becomes a subscriber to that image, and from
that point onwards you can create new versions of the Gold Agent Image and use them to update
subscribers.
• Host discovery
– Automatic
IP Scan
Unauthorized reproduction or distribution prohibitedฺ Copyright© 2017, Oracle and/or its affiliatesฺ
– Manual
— Installing an agent to convert to a managed host
• Target discovery
– After an agent is installed
– Automatic
— Discovered automatically
— Promoted manually to a managed target
a ble
– On-demand f e r
an s
— Added manually
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
Hosts in your system can be discoveredr@
u S
by a special
tu
agent (usually the Central Agent, which is
s
hi scanning the entire network based on the IP
tetaskedtwith
installed with the primary OMS) that o s is
e
address ranges that you specify.
r t i nฺf Theoresult
us of this IP scan is a list of unmanaged hosts, services
running on them, andm a t
the ports ineuse. To convert any of these hosts to managed hosts, you must
deploy agents to t e r (
them. After
c e nansagent is deployed to the host, the components that are running on
the host can
F s discovered
obe li and reported as potential targets. These components can then be
a rtin to managed target status, thus enabling them to be managed and monitored by Cloud
promoted
MControl.
Hosts can also be manually discovered by simply specifying a host name/IP address and installing
agents on them.
Oracle
Management
Agent
E-Business
Suite
a ble
Guided
f e r
Application
Listeners Databases Discovery
an s
Servers
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ uit needsStotulook for targets that it can manage. As a
After an agent has been installed on a host, r is by using the Cloud Control Console Add
e thisthprocess
tguide
Cloud Control administrator, you o
ฺ s
can
f discovery eallows you to nominate a family of target types to search
Non-Host Target wizard. Guided i n u s
a rtlisteners,toand the agents where you want the search to be executed.
nse the appropriate plug-in is pushed from the OMS. If required,
for, such as databasesm and
e r ( arecediscovered,
When any new ttargets
the targetFiso s
recorded inlithe OMR, and monitoring commences.
You
a tin also configure auto discovery to run at regular intervals and get agents to search for known
rcan
Mtarget types unattended, allowing you to review the results at a later stage and promote the
discovered targets to become managed targets.
s b an den
@ S tu directory structure, Enterprise Manager
uin the traditional
Rather than distribute the installation media
e r
tgeneration i s
hinstaller
Cloud Control 13c employs the next
f o s e t delivery method of a self extractor, meaning
ฺ s
a rtin to u
that you need to download only a handful of files before commencing installation.
m nseManager Cloud Control 13c has been redesigned to have a cleaner
The user interface of(Enterprise
r
visual appearance
s e e
t that islicfriendlier to mobile and tablet devices.
F o
a
two
tin Homes
Previously,
rOracle the OMS home directory was a child directory of the middleware home, but in 13c, the
have been merged into one.
M
BI Publisher is now configured as well as installed alongside the OMS whenever you install,
upgrade, or HA expand your OMS nodes. This means that you need to only set up BIP security to
enable end users to use BIP reports. Furthermore, in HA topologies, you have the option of running
the OMS, BIP, or both on each HA node.
In Enterprise Manager Cloud Control 12c, the Java Virtual Machine Diagnostics (JVMD) Engine had
to be manually deployed to the OMS nodes. In Cloud Control 13c, the JVMD Engine is deployed to
every OMS alongside the default Fusion Middleware Plug-in. However, JVMD agents still need to be
manually deployed to the targets.
The OMS now requires at least 10 GB RAM and 24 GB storage to accommodate BIP and the JVMD
engine.
Cloud Control can be implemented in a variety of topologies to suit all enterprise sizes and
availability requirements, as shown in the following examples:
Unauthorized reproduction or distribution prohibitedฺ Copyright© 2017, Oracle and/or its affiliatesฺ
a ble
f e r
Single Server Active/Passive Multiple OMS Fronted
an s
by Load Balancer with
n - t r
a no RAC OMR
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
One Size Does Not Fit All
te r h i s
o s e t
Consideration should be given ฺtof severalscriteria when deciding how and where to deploy Enterprise
Manager Cloud Control 12c.
a rtin to u
r (m ense
Single-Server Deployment
e
ost topology
This is theFsimplest
lic in which all components are installed on the same server.
a rtin
Advantages:
M
• Simple installation
• Ease of maintenance
Disadvantages:
• It can scale only within the limitations of the server resources.
• The server becomes a single point of failure.
Multi-Server Deployment
The OMS and the OMR can be separated onto their own servers, and in turn, can both be installed
in multi-server topologies. Such topologies would be fronted by load balancers in active-passive or
active-active modes, and physically co-located or geographically distributed. The OMR can use the
Data Guard technology to replicate data between sites.
k co titled
Deployment planning is covered in greater detail in the ฺlesson
t G u“Implementation
Planning.”
s b an den
@ u S tu
te r hi s
o s e t
r t i nฺf o us
( m a se t
s t er licen
F o
rti n
M a
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
Prevention Is Better Than a Cure r@
u S tu
te t h i s
o s
Before installing any software, itฺfis importante
n otaking u s to read the release notes and installation guide to
become familiar with thea rtiprocess,
full t care to note and check compliance with prerequisites,
as well as performing m
r ( anycthat s e
post-installation
nmany steps that may be required. Anecdotal evidence from
Oracle Support s t e
suggestsli e Oracle Enterprise Manager Cloud Control installation attempts
ended n F o
unhappily because one or more prerequisites were not met.
a rt i
MPrerequisite Checks
The documentation lists comprehensive requirements for the system on which Cloud Control is to be
installed, including:
• Hardware and operating system requirements
• Operating system groups and users, and their setup
• Networking requirements
• Certified Oracle Database versions for the Management Repository
Preparing Your Oracle Database for the OMR
If you have not used an Oracle-provided DBCA template for your repository, the Cloud Control
distribution includes a command-line utility, EM Prerequisite Kit (emprereqkit), which you can run
against the database that you intend to use as a repository.
easier than examining logs after installation. Some administrators go one step further by
taking screenshots of each installer screen before moving to the next step. You will need to
make some decisions during the installation process:
• Host Name
To ensure that the OMS installation is best prepared to support active/passive
disaster recovery, provide an alias host name. The OMS and central agent
installations will be configured with this alias host name, thus enabling the OMS
software to run on a configured host at the primary or standby site. This input
a ble
parameter should not be the application virtual host name that is used with a load f e r
balancer─that configuration is achieved with a post-installation configuration ans
operation. n - t r
o
• Deployment Size s an
ha eฺ
In an Advanced installation, you nominate a deployment size to use for building the
)
ฺ c om Guid
repository. This indicates the number of targets, Management Agents, and concurrent
b a nk ent
user sessions that you plan to have. When using a repository that is built with an
@ us Stud
Enterprise Manager Cloud Control DBCA template, your selection should match the
template size. The installer provides three choices:
- s t er this
Small: To monitor up to 999 targets, with up to 99 Management Agents and
n ฺ fo use
up to 10 concurrent user sessions
i
- a rt to
Medium: To monitor about 1,000 to 9,999 targets, with about 100 to 999
m
r ( cens e
Management Agents and about 10 to 24 concurrent user sessions
t e li
-
Fos Large: To monitor 10,000 or more targets, with 1,000 or more Management
n
arti
Agents and about 25 to 50 concurrent user sessions
M• Central Agent Base Directory
Nominate a directory for the central agent that is outside the middleware home. This
allows the central agent to be patched and upgraded independently like any other
management agent.
• Software Library
Ideally, you designate the Software Library location to be a shared file system that
can be mounted on other hosts that will run additional OMSes. If a local file system is
chosen, it is recommended that it be outside of the middleware home. The installer
provides a default location during the installation process.
• BI Publisher
Choose whether BI Publisher will be enabled alongside this OMS, and a shared
location for HA topologies.
a ble
f e r
ans
n - t r
o
s an
) ha eฺ
ฺ c om Guid
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
Fos
n
Marti
bin em agent_13.2.0.0
modules sysman
OPatch bin
oracle_common
log
jdk
a ble
plug-ins
f e r
utils
an s
wlserver
n - t r
a no
* Only a selection of directories are shown here.
h a s
m ) ideฺ
k ฺ co t Gu
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u in S tu
Some of the installation directories are illustrated r hi s
teOMS middleware
the slide. The OMS Instance Base location
(gc_inst) is at the same level as the
f o s e t home and it contains all OMS configuration
ฺ s
details. In Advanced Installation
a rtin to umode, this location can be customized.
The installation log files
r (mareelocated
n se in:
e
ost
<oraInstLoc>/oraInventory/logs
F lic and <middleware_home>/cfgtoollogs/oui
a tin
Therconfiguration log files are in various locations:
M<OMS_home>/cfgtoollogs/cfgfw/CfmLogger_<timestamp>.log
<OMS_home>/cfgtoollogs/cfgfw/*
<agent_base_directory>/agent_13.2.0.0.0/cfgtoollogs/cfgfw/*
The component-specific logs are in the following locations:
<OMS_home>/cfgtoollogs/omsca/* for the OMS Configuration Assistant
<OMS_home>/cfgtoollogs/pluginca/* for the Plug-in Configuration Assistant
<OMS_home>/sysman/log/schemamanger/latest/* for the Repository Configuration
Assistant
Proxy settings
Agent
a ble
f e r
a n s
Users and Roles -t
Software library
n r
o
High Availability
s an
) ha eฺ
ฺ c om Guid Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
b a nk ent
u s
S t ud
Every Journey Starts with the First Step
t @
er this
ฺ
The Initial Setup Console is a convenient
s
fo usagglomeration
e of basic setup tasks that would otherwise
need to be accessed viaa i
their
n
rt individual
o menu navigation paths. Some of the tasks can be completed
m e t
directly in the Initial
t e ( Console,
r Setup c e ns 13c. whereas the others have links to the appropriate pages in
F o s
Enterprise Manager li
Cloud Control Tasks are flagged with one of three states–Pending if they
are yetnto be completed, Completed after you have undertaken the task, and Ignored if you choose
toa rtithe task as unnecessary for your site.
flag
M The tasks that are gathered in the Initial Setup Console are considered to be the fundamental steps
in setting up your Enterprise Manager Cloud Control site. They include the following:
• Software library: Add upload file locations (usually at least one is added during installation).
• OMS Agent proxy setting: Define a proxy to sit between the OMS and the agents.
• My Oracle Support proxy setting
• OMS addition for high availability topologies
• Mail server configuration for outgoing email notifications
• My Oracle Support credentials setup
• Roles and users creation
• Start, stop, and check the status of the OMS with emctl.
$OMS_HOME/bin/emctl start oms
Unauthorized reproduction or distribution prohibitedฺ Copyright© 2017, Oracle and/or its affiliatesฺ
s b an den
@ u S tu
Enterprise Manager Control r i s
tise used tothcontrol
Enterprise Manager Control (emctl)ฺ f o s e the OMS and all the agents, although it must
i n u s
rt directory
be invoked from the appropriate
a to to be able to control the desired component.
OMS Log Files r (
m ns e
t e c e
s OMS areli primarily in the following locations:
F
Log files forothe
n
• rti gc_inst/em/EMGC_OMS1/sysman/log
a
M • gc_inst/user_projects/domains/GCDomain/servers/EMGC_OMS1/sysman/log
• gc_inst/user_projects/domains/GCDomain/servers/EMGC_OMS1/logs
Agent Log Files
Log files for the central agent (the agent installed on the OMS server) are in the following location:
• <agent_base_directory>/agent_inst/sysman/log
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
Answer: b, d
te r h i s
o s e t
Although it is important to be relaxed
installation process before r t i nฺf oand
embarking u swell hydrated, it is vital that you are familiar with the
m a e t the installation of Enterprise Manager Cloud Control 13c.
on
This includes checking
t e r all c ns prerequisites
( theeenvironment where you propose to install Enterprise Manager Cloud
F o s
Control 13c against li
documented and addressing any deficiencies that are found
before n starting the installation.
rt i
Ma
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ tu for the OMR. You then install Oracle
u to beSused
r
In this practice, you install a database instance
teonto the s
i server as the OMR instance. You log in to the
hsame
Enterprise Manager Cloud Control o s
13c
e t
Cloud Control Console before t i ฺf
napplying s
uDaylight Saving Time (DST) patches to the OMR and OMS.
a r t o
e r (m ense
F ost lic
a rtin
M
This practice covers creating a user through the Initial Setup Console.
Unauthorized reproduction or distribution prohibitedฺ Copyright© 2017, Oracle and/or its affiliatesฺ
a ble
f e r
an s
n - t r
o
s an
) ha eฺ
ฺ c om Guid
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
b a nk ent
@ tud Console.
usInitialSSetup
s t er this
In this practice, you create a user by using the
i n ฺ fo use
a rt to
m
r ( cens e
t e li
F os
a rtin
M
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tuControl 13c site by using the Add-Host
In this practice, you add a managed host r to your Cloud
temanaged s
hi on that host. Next you create a Gold Agent Image
wizard, and then discover targetsotosbe
e t
i
from the host that you just added,
r t nฺf ando use
us that image to add another host to your Cloud Control 13c
a t
site.
e r (m ense
F ost lic
a rtin
M
a ble
f e r
an s
Report Oracle Target n - t r
catalog
a no
Management privileges
h a s Repository
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
Built-In Enterprise Reporting
te r h i s
f
Every installation of Enterprise ฺManagero s e t
Cloud
t i nready u s Control 13c includes BI Publisher as the preferred
reporting tool. Configured a r
and t o
to use out of the box with a built-in catalog of reports, BI
Publisher is a product m
( that eprovides
rwizard nthe e
s a mature and flexible reporting environment. Using BI
s t
Publisher’s report e li c
and preconfigured OMR data source, you can create a multitude of
F o
reportsnto satisfy your end-users’ needs, who can in turn be safe in the knowledge that they can
a rtionly on targets on which they have view privileges.
report
MIn high availability topologies, BI Publisher can be configured to run on every node or only on some
nodes, alongside or separated from the OMS.
EMBIPAdministrator
Unauthorized reproduction or distribution prohibitedฺ Copyright© 2017, Oracle and/or its affiliatesฺ
EMBIPScheduler EMBIPAuthor
a ble
f e r
EMBIPViewer
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u Manager
S tuCloud Control consists of four roles that are
te r
The BI Publisher security model for Enterprise s
i Control administrators through the Enterprise
hCloud
arranged in a hierarchy that can be o sassigned
e t
to
Manager Command Line Interface
r t i nฺf (EM o
s
uCLI):
a t
• EMBIPViewer:
r (mGranting
e n sethis role to Cloud Control users will allow them to log in to BI
e
st and runlicreports.
Publisher
• in F o
EMBIPAuthor: Granting this role to Cloud Control users will allow them to log in to BI
rt
Ma Publisher and create reports. This role also includes the EMBIPViewer role.
• EMBIPScheduler: Granting this role to Cloud Control users will allow them to schedule
reports. However, they will also need the EMBIPViewer role to view the reports that are to be
scheduled.
• EMBIPAdministrator: Granting this role to Cloud Control users will allow them to log in to BI
Publisher and administer folder and report privileges, create new folders for shared reports,
and perform other BI Publisher administrative tasks. This role also includes the
EMBIPAuthor, EMBIPViewer, and EMBIPScheduler roles.
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ tu Control user by using the Enterprise
u to aSCloud
te r
In this practice, you grant BI Publisher privileges
hi s
Manager Command Line Interface o s
(EMCLI).
e t
r t i nฺf o us
( m a se t
s t er licen
F o
rti n
M a
a ble
f e r
an s
n - t r
o
s an
) ha eฺ
ฺ c om Guid
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
F os
n
Marti
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
Fos
n
Marti
Objectives
• Describe how Enterprise Manager Cloud Control manages Oracle Cloud services
• List the operations that Enterprise Manager Cloud Control enables between on-premises
targets and Oracle Cloud services
a ble
f e r
an s
n - t r
o
s an
) ha eฺ
ฺ c om Guid
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
F os
n
Marti
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
Oracle Cloud Has a Silver Lining
te r h i s
o s e t
If you choose to take advantage
t i ฺfof the benefits
nmanage u s that Oracle Cloud offers, you can use your Enterprise
Manager Cloud Control 13c a r to t o and monitor your cloud services and deployments, just as
you would the hosts m
r (andmachines e
ns that underpin
applications in your own data centers. Cloud Control agents can be
deployed to thes t e
virtual li c e some of the Oracle Cloud services. The same plug-
F o
ins thatnmanage and monitor your local targets can be used with the targets that are running on the
a rti Cloud virtual machines too.
Oracle
MAt the time of writing, the following services were supported by Hybrid Cloud:
• Oracle Database Cloud Services (DBCS)
• Oracle Java Cloud Services (JCS)
• Oracle Compute Cloud Services
This means that you can install the Enterprise Manager Cloud Control management agent on the
virtual machines that are deployed for you as part of the service. In the case of Compute Cloud
Service, you have the potential to use standard Cloud Control plug-ins to manage and monitor
whatever applications you deploy on the Compute Cloud Service VMs.
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
Tools for Every Need
te r h i s
o s e t
r t i nฺf othere
After you subscribe to Oracle Cloud,
u s different ways of monitoring and managing your services:
•
m a web
Oracle Cloud service
e tpages: Serving as your primary entry point to provisioning
( s
n Cloud service, you can also use these pages to manage users and
theiro s ter your
instances in
access, l
Oracle
ice and patch your service instances, configure network access, and
configure
i n F
decommission service instances.
a rt
M • Oracle Management Cloud: If you subscribe to Oracle Management Cloud, you can use it
to monitor your Compute, Database, and Java Cloud Services.
• Enterprise Manager Cloud Control: Exercise the same level of monitoring and
management on your Oracle Cloud service instances that you enjoy with your on-premises
targets by using the same agents, plug-ins, and user interface.
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u Tool S tu
If You Could Only Choose One Management
te r h i s
o s e t
If you could only choose one tool
t i ฺf from the
nCloud u stools that are available to manage your Oracle Cloud
services, Enterprise Managera r t o
Control would be the logical choice.
Primary among the
m
( efor
r reasons e
nsusing Cloud Control is one of the central design tenets of Enterprise
t e c
i the single pane of glass. In an on-premises-only IT ecosystem, the
Manager Cloud
F os Controll13c:
single
rt n of glass design refers to the ability to monitor and manage a variety of target types with a
ipane
a
Msingle tool and to provide access to users of different roles. When Oracle Cloud is added to your IT
ecosystem, the single pane of glass philosophy is truly showcased because the reach of Cloud
Control extends beyond your on-premises targets to the cloud.
Because Cloud Control monitors and manages your Oracle Cloud targets with the same agent and
plug-in software that is used for your on-premises targets, you can exercise the same level of control
over the Oracle Cloud targets that you have over your on-premises targets.
Cloud Control’s awareness of targets on-premises and in Oracle Cloud enables you to clone
database and middleware targets between both domains, effectively lifting and shifting load from
your data centers to Oracle Cloud or vice versa.
• Deploy the standard agent to your Oracle Cloud service instance virtual machine.
• Discover targets in your Oracle Cloud service instance.
Unauthorized reproduction or distribution prohibitedฺ Copyright© 2017, Oracle and/or its affiliatesฺ
s b an den
@ u S tu
Apply What You Already Know
te r h i s
o s e t
in f tand
The Enterprise Manager CloudฺControl
premises targets is usedatortmonitor o uinfrastructure
s that you use to monitor and manage your on-
manage your Oracle Cloud targets, so you already know
how to turn your Oracler (mCloud n e virtual machines (VMs) into managed hosts, and then
sservice
discover yours e
t instances.
service lic e It is simply a matter of installing the Cloud Control agent on your
Compute, F o
rt i nthatDatabase, or Java Cloud Service virtual machine, and then discovering the manageable
Ma
targets are running on those VMs.
After they are discovered, you can monitor and manage your Oracle Cloud targets in the same way
as the on-premises targets. The only caveat to this is when it comes to patching—when you are
given the responsibility to patch your Oracle Cloud VMs, database and Java service instances
should be patched only through the relevant Oracle Cloud Service Console.
Additionally, if you have installed Enterprise Manager Cloud Control 13.2 Plug-ins Update 1
(released in March 2017), you also have the option to discover your Oracle Cloud services directly
by using the Oracle Cloud REST APIs. The same APIs are then used to expose the Oracle Cloud
console functions within Enterprise Manager Cloud Control.
• How to communicate with Oracle Cloud hosts without compromising firewall security?
– Firewalls are proscriptive.
– Opening ports for all agents and targets defeats the purpose of a firewall.
Unauthorized reproduction or distribution prohibitedฺ Copyright© 2017, Oracle and/or its affiliatesฺ
DO NOT DO THIS!
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
It’s a Firewall, Not Swiss Cheese
te r h i s
o s e t
ฺf so they
Firewalls are prohibitive by design,
us block traffic coming in or going out unless configured
otherwise. This poses a a rtin fortoa monitoring
problem and management tool such as Enterprise Manager
(m access
Cloud Control thatrneeds
e n sebetween the OMS and agents and between the OMS and targets.
Although you s e
t configure
could lic your firewalls to allow all traffic in and out between your on-premises
OMS and F o
r t i n Oracle Cloud host agents and targets, this may leave your firewalls full of holes that defeat
Ma
their primary purpose of preventing unwanted and unnecessary traffic.
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
One Tunnel for All Traffic
te r h i s
o s e t
The Hybrid Cloud Agent elegantly
t i ฺf resolves
nways: u s the topological dilemma for accessing hosts and targets
in the Oracle Cloud in several r
a se t o
( m
•
s t er Cloud.
A Secure Shell (SSH)
l i c entunnel is configured in the OMS by providing named SSH credentials
F o
for the Oracle
n
• rti One or more on-premises agents are configured as gateway agents.
a
M • The agents on the Oracle Cloud hosts are installed via a gateway agent.
• Agent-based communications are made over the SSH tunnel via a gateway agent.
• OMS-to-target communications are made directly over the SSH tunnel.
• The OMS and cloud agents are protected from direct communication.
3872
HTTPS Agent
1748
Plug-ins
OMS
Proxy
3872 HTTPS 4900 process
22
a ble
Gateway SSH f e r
Agent Targets
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
Protected by a Gateway and a Proxyr@
u S tu
te t h i s
o s e
Aspects of the hybrid cloud agent
OMS and the hybrid cloud r t i
agent
nฺf are
topology
o u s have been specifically designed to ensure that both the
protected from any illegitimate traffic:
m a e t
• When the OMS
t e c e nscommunication with an agent in Oracle Cloud, it does so via the SSH
r ( initiates
tunnel
F li EMCTL dispatcher on the Oracle Cloud host.
osby using an
• rtin
When the agent initiates communication with the OMS, it does so via a local proxy process
a
M which, in turn, communicates via the SSH tunnel with an on-premise agent that is configured
as a gateway agent.
• When the OMS initiates direct communication with any of the targets on the Oracle Cloud
managed host, such as a database, it does so via the SSH tunnel.
For more information about enabling hybrid cloud agents, see the Enterprise Manager Cloud Control
Administrator's Guide.
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
Doing More with the Same
te r h i s
o s
Having deployed a hybrid cloudฺfagent to s e t
your Oracle Cloud VM, you can start taking advantage of
the benefits that come fromr t i n o your
managing u on-premises and Oracle Cloud environments with the
m a e t
same tool.
t e r ( cens
s of using
The primaryobenefit
F li Enterprise Manager Cloud Control to manage your combined on-
a rt in and Oracle Cloud ecosystem is the ability to easily transfer database and middleware
premises
Minstances between your on-premises hosts and your Oracle Cloud services. Commonly referred to
as “lift and shift,” this allows you to easily move database or middleware load from your on-premises
environments to Oracle Cloud services. Lift and shift can be used for other purposes too, such as
developing locally and deploying to the cloud, or setting up a test-master database in your on-
premises environment and using it to refresh test instances in the cloud.
• Explain how Enterprise Manager Cloud Control manages Oracle Cloud service
instances
a ble
f e r
an s
n - t r
o
s an
) ha eฺ
ฺ c om Guid
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
F os
n
Marti
M arti
F n
os t e
m
li
a rt i n ฺ
r ( cens e
s t
to
@
fo use
b
er this
a
ฺ c
us Stud
nk ent
)
s
om Guid
ha eฺ
an
o n - t r an
sf e r a b
le
4
Unauthorized reproduction or distribution prohibitedฺ Copyright© 2017, Oracle and/or its affiliatesฺ
Upgrade Paths
a ble
f e r
an s
n - t r
o
s an
) ha eฺ
ฺ c om Guid
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
Fos
n
Marti
Objectives
a ble
f e r
an s
n - t r
o
s an
) ha eฺ
ฺ c om Guid
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
F os
n
Marti
13.1.0.0
12.1.0.5 13c R2
12.1.0.4 (13.2.0.0)
Unauthorized reproduction or distribution prohibitedฺ Copyright© 2017, Oracle and/or its affiliatesฺ
12.1.0.3
12.1.0.2
12.1.0.1 BP1 12.1.0.3
12.1.0.4
11.1 12.1.0.5
10.2.0.5
a ble
10.2.0.4
f e r
Earlier
an s
releases of GC n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
Good Planning Results in Successful
te r Upgrades
h i s
o s e t
t i ฺf
Before starting an upgrade to Enterprise
nconsider u Manager
s Cloud Control 13c R2 from an earlier version of
Grid Control or Cloud Control,
a r t o your starting point, because this will determine the upgrade
m
r ( cens
path that you will select. e
t e
osin the slide,li you can upgrade directly from Enterprise Manager Cloud Control 13c R1 or
As illustrated
F
the 12c
a r t inversions 12.1.0.3, 12.1.0.4, or 12.1.0.5. If you are currently running an earlier version of
MCloud Control 12c, you first need to upgrade to one of the three upgradeable versions.
It is possible to upgrade from Enterprise Manager 11g Grid Control version 11.1 or from Enterprise
Manager 10g Grid Control version 10.2.0.5 by first upgrading to an upgradeable version of Cloud
Control 12c. If you are currently running an earlier version of Grid Control, you first need to upgrade
to 10.2.0.5 or 11.1. All these upgrade paths involve one or more updates through the intervening
versions between your starting point and an upgradeable version of Cloud Control 12c, including
upgrading your OMR repository to a version of the database that is supported with 12c.
s b an den
@ S tuControl 12c to 13c, most of the upgrade
u of Cloud
When upgrading from an upgradeable version r s
hi (OUI) in graphical or silent mode. The agents are
te Installer
s
steps are handled by the Oracle Universal
o e t
i
upgraded later by using thetAgent
r nฺf Upgrade
o us Console (AUC), which is an interface that is integrated
with the Cloud Controlm a
Console. e t
The AUC also handles agent post-upgrade tasks.
r ( n s
In line with thesbest
o l icefor Cloud Control 13c, use the AUC for your initial agent upgrades, and
te practice
then create
i n F Gold Agent Images from those upgraded agents. You can then add your remaining 12c
t
ar as subscribers to the Gold Agent Images and use the Gold Agent Image upgrade process to
agents
Mupgrade the 12c subscribers.
s b an den
@ u S tu
Choose Your Own Down Time
te r h i s
o s e t
Upgrading the 12c OMS requires
choosing between the all-at-oncer t i nฺf shutting
o u
procedure
sit down but you can determine when that happens by
or the software-only install, and then configure
m a e t
procedure. You can
t e (also elect
r opt c e nsto them
install new plug-ins, and if you are using the software-only
procedure, you
F o s can li
to install with the software or during the configuration phase. Finally,
you have n the choice of running the installer in graphical or silent mode, although silent mode
a rt i
precludes the ability to install plug-ins during the software installation phase of the software-only
Mprocedure.
Oracle-Recommended Procedure
The recommended procedure is to use the software-only method along with additional plug-ins in
graphical mode. This procedure is made up of three phases:
• Installing the 13c software
• Configuring the 13c OMS and upgrading OMR to the 13c schema
• Upgrading the agents in a rolling fashion
The detailed steps for this procedure are outlined in the following slides.
Agent/OMS Incompatibility Across Versions
Cloud Control 12c agents version 12.1.0.3 and later are compatible with Cloud Control 13c OMS.
Therefore, there would appear to be no imperative to upgrading agents after upgrading the OMS.
However, when you consider that the 12c agent does not support 13c agent plug-ins, it is clear that
you should ensure that all 12c agents are upgraded to 13c to take full advantage of current and
future 13c functionality.
1. Ensure that the existing 12c system is up-to-date and upgradeable (12.1.0.3 or later).
2. Copy the emkey to the OMR.
Unauthorized reproduction or distribution prohibitedฺ Copyright© 2017, Oracle and/or its affiliatesฺ
s b an den
@ uprocedure
S ttou upgrade from Cloud Control 12c to 13c are
The steps of the software-only with plug-ins
te r hi s
described in detail on the following o s
pages.
e t
r t i nฺf o us
( m a se t
s t er licen
F o
rti n
M a
12c Agents
Unauthorized reproduction or distribution prohibitedฺ Copyright© 2017, Oracle and/or its affiliatesฺ
12c OMS 1
Meet version requirements.
2
Copy
emkey.
12c Central
Agent
a ble
f e r
an s
n - t r
a no
h a s 12c OMR
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u UpgradeS tu
Preparing for a Cloud Control 12c 1-System
te r h i s
o s e t
actual upgrade itself. arti
n f o u12c
The first two steps in the CloudฺControl s 1-System Upgrade procedure are preliminary to the
m e t
Step 1: The firste (
r in the
step e n s
1-System upgrade of a 12c system to 13c is to ensure that you are at
s t l i c
o 12.1.0.3. You must also apply all the latest recommended patches for agents. These
least on version
patchesi n F
are available from My Oracle Support and will indicate the versions they are intended for,
a rt
Malong with detailed steps to apply them. Note that 12c agents earlier than 12.1.0.3 must be brought
up to at least version 12.1.0.3. Follow the support instructions to perform this step if your agents
belong to earlier versions.
Step 2: Copy your emkey into the repository. The emkey is the encryption key that is used to
encrypt and decrypt all sensitive data in the repository, and is stored in the file system to protect the
integrity of the OMR and its backups. In an upgrade, you must preserve the same key, saving it
temporarily in the repository, and then moving it back to the OMS after the system is upgraded. The
upgrade process will automatically copy the emkey from the OMR to the upgraded OMS.
12c Agents
Unauthorized reproduction or distribution prohibitedฺ Copyright© 2017, Oracle and/or its affiliatesฺ
12c Central
Agent
a ble
f e r
an s
n - t r
a no
h a s 12c OMR
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
Installing the 13c Software and Extra
te r Plug-Ins
h i s
o s e t
Universal Installer (OUI).arti
nฺfthe o13cusoftware
The next step involves installing s along with any extra plug-ins by using the Oracle
m e t
Step 3: Run the e ( n s
r OUIcinesoftware-only
13c with plug-ins upgrade mode and install the Cloud Control
13c software s t l i
oas well as any new plug-ins. This mode of the installer can be triggered only by passing
i n F
two parameters to the installer on the command line when invoking the installer:
a rt
MINSTALL_SWONLY_WITH_PLUGINS=true and PLUGINS_LOCATION=<location>.
Note that the OMS upgrade is an out-of-place upgrade; therefore, it will create a new middleware
home. You must ensure that the OMS server meets all the requirements of the new Enterprise
Manager Cloud Control 13c version.
12c Agents
Unauthorized reproduction or distribution prohibitedฺ Copyright© 2017, Oracle and/or its affiliatesฺ
4
Shut down the 12c OMS
and central agent.
12c Central
Agent
a ble
5 f e r
Back up the 12c OMR, and then
an s
patch and/or upgrade to meet
n - t r
a no version requirements.
h a s 12c OMR
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
Down Time While Preparing the OMR
te r h i s
The next steps involve shuttingฺdown o s
f the e t
t i n againstu scurrent OMS and central agent, and then ensuring that
a r
your OMR database is certified t o the 13c requirements. At this point, your Cloud Control 12c
m
r ( cens
console will be unavailable. e
t e
s the 12c li OMS and the central agent that monitors the repository, but leave all your
Step 4: Shut
F odown
a r in agents running. The 12c agents will continue to gather metrics on your managed hosts
othert12c
Mand targets, but will not be able to upload or report any problems.
Step 5: Back up your OMR, and then apply any patches that may be required for 13c. You may also
need to upgrade the OMR database to a version that is certified as a 13c repository. Backing up
before patching the database means that your backup can still be used to revert to Cloud Control
12c if required. Deferring the database patching and upgrade to this step has the advantage that you
can use the downtime window of the upgrade. Alternatively, you may decide to perform the OMR
database upgrade as a completely separate exercise on your Cloud Control 12c environment before
embarking on the 13c upgrade.
12c Agents
Unauthorized reproduction or distribution prohibitedฺ Copyright© 2017, Oracle and/or its affiliatesฺ
13c OUI
6
12c OMS 13c OMS
ConfigureGC.sh
12c Central
Agent
a ble
f e r
an s
n - t r
a no
h a s 12c OMR
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
Upgrading the OMS and the OMR r@
u S tu
te t h i s
o s e
The next step involves upgrading
(OUI). r t i nฺf Cloud
o uControl
s 12c to 13c by using the Oracle Universal Installer
( m a se t
Step 6: Run the e
t 13c n
r OUIcine1-System upgrade mode again to configure your 13c OMS and upgrade
your OMR to o s
the 13c l i
schema. You initiate the OUI by executing the ConfigureGC.sh script from
F
in Control 13c installation. The OUI will automatically start your upgraded OMS, at which
your tCloud
a r
Mpoint your 12c agents will be able to upload metrics and monitoring information again.
At this point, only the data in your OMR that is required to ensure ongoing monitoring and
management of current targets will have been migrated to the new 13c schema unless you opt
otherwise. Deferred Data Migration (DDM) is the collective term for jobs that are used to migrate
noncritical data from the 12c OMR schema to the 13c OMR schema. After the upgrade, the Deferred
Data Migration jobs can be seen on the Post-Upgrade Tasks page where they are listed by data
type. You can drill down to see information about the job and retry, if necessary. Deferred Data
Migration jobs are executed as Enterprise Manager Cloud Control 13c jobs.
Deploy new
12c OMS 13c OMS agent and
plug-ins.
12c Central
Agent
13c Central
Agent a b le
7
Agent s f e r
Upgrade
a n
n-tr
Console
a no
h a s 12c OMR
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
Upgrading all Agents and Their Plug-Ins
te r h i s
o s e t
The final step in the Cloud Control
r t i nฺf 12c
o
1-System
u s upgrade involves the management agents.
a seConsole
Step 7: Use the Agent Upgrade
m t (AUC) to upgrade your management agents, starting with
the central agent.e In ( e n
r the background, the AUC will place the 12c agent under a blackout while
s t l i c
o 13c agent, before finally switching over to the 13c agent.
deploying the
n F
a rti
M
12c Agent
Unauthorized reproduction or distribution prohibitedฺ Copyright© 2017, Oracle and/or its affiliatesฺ
1
Upgrade 13c Agent
using AUC.
2
Create Gold
Image. 12c Agents
3
Subscribe.
13c Agents
a ble
f e r
13c Agent
an s
Gold Image
4
Update. n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
A Best Practice Worth its Weight in rGold @ u S tu
te t h i s
o s e
Although you could use the Agent
advantage of Cloud Control r t i nฺf Gold
13c’s
Upgrade
o u s Console (AUC) to upgrade all of your 12c agents, taking
Agent Image functionality provides benefits beyond the point
m a e t
of the upgrade itself.
t e rvastly c e ns thus
(By subscribing your agents to a Gold Agent Image, the process of keeping your
agents updated
F o s is lisimplified, helping to ensure currency and compliance across your
Enterprisen Manager site.
rt i
a a Gold Agent Image to upgrade your agents to 13c is a multistep process:
MUsing
• Upgrade at least one agent (that is not the central agent) by using the AUC.
• Create a Gold Agent Image by using the newly upgraded agent as the source.
• Mark the Gold Agent Image as the current version.
• Subscribe other 12c agents to the Gold Agent Image.
• Update the subscribed agents to the current version of the Gold Agent Image.
You can also get the update process to remove the old 12c agent when the upgrade succeeds.
ble
12c Central 13c Central
Agent
fe r a Agent
8
Agent s
Upgrade
n
Delete old central agent. traConsole
o n -
12c OMR
s an
) ha eฺ
ฺ c om Guid Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
b a nk ent
u s
S t ud
Post-Upgrade Tasks
t @
er this
Step 8: If you have not used the ฺ s
foGold Agente Image upgrades to delete the old 12c agents, use the
i n u s
Post Agent Upgrade Tasks a rttab in thetoAUC to delete the old 12c agents. When you are satisfied that
m
( system
your Cloud Controlr 13c
e n siseoperational, you can also delete the 12c OMS directories by using
e
ost ensurelthat
the OUI that will
F
ic the Oracle Inventory is also updated.
a rtin
M
• You must have a minimum starting point of 12.1.0.3 for a 12c to 13c upgrade.
• Best practices:
– The upgrade requires planned down time.
Unauthorized reproduction or distribution prohibitedฺ Copyright© 2017, Oracle and/or its affiliatesฺ
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
Be Prepared
te r h i s
o s e t
r
upgrade to 13c. This includes:t i nฺf ooperations,
Like all major patching and upgrade
u s you should carefully plan your Cloud Control 12c
( m a se t
•
s t en the minimum start point requirements for the upgrade, in this case,
er youlicmeet
Ensuring that
F o
version 12.1.0.3
n
• rti Notifying your stakeholders that the upgrade involves down time of the OMS, although the
a
M agents will still be running
• Considering performing a software-only installation of the new Cloud Control 13c binaries
and upgrading only during your change window with the ConfigureGC script
• Using Gold Agent Images to upgrade your 12c agents to 13c
• Knowing that you can apply patches to your agents at the same time as upgrading them.
Gold Agent Images are an ideal way to achieve this. Refer to the documentation for more
information.
• Thinking about using EM CLI to script the mass upgrading of your agents
• Proactively replacing any MD5 certificates used to communicate with your targets with SHA
certificates
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
Java Has Already Disabled MD5 Certificates r s
hi MD5 certificates in your Cloud Control ecosystem,
te using any
o s e t
nฺfHashoAlgorithm
You should follow the lead of Java and stop
r t i
replacing them instead with Secure
t us (SHA) certificates. By default, usage of MD5 certificates is
disabled in Java 7 Update
( a e but in order to allow you enough time to make any necessary changes,
m95 andnslater,
r
te (built
Cloud Control 13cR2
ce Java
s
Cloud Controloupdate iwith
and lwhen
7 Update 111) has re-enabled them. This will be reversed in a future
that happens, any communication that is secured with an MD5 certificate
i n F
t
between your OMS and agents, OMS and targets, or agents and targets will be broken.
ar an SHA certificate between the OMS and agents
MUsing
When you upgrade to Cloud Control 13cR2, the OUI will automatically create an SHA certificate for use
between the OMS and agents, which will be deployed to your agents as you upgrade them.
Using an SHA certificate between the OMS or agents and targets
The Fusion Middleware targets in the GC Domain (that are part of the OMS) will be configured by the OUI to
use an SHA certificate. You will need to intervene for all other targets that use secure communications, and are
currently using an MD5 certificate. Details on how this can be done can be found in each target type’s
documentation.
How do I know where MD5 certificates are used?
The OUI will test to see where MD5 certificates might be used, and present you with a warning if it finds any
signs of possible usage. At that point, you can simply dismiss the warning and choose to deal with the issue
later, or you can cancel the upgrade and proactively deal with the issue. Of course, you can also address the
issue of MD5 certificate usage before commencing your Cloud Control 13cR2 upgrade.
My Oracle Support note EM 13.2 SHA2 Certificate Pre-upgrade verification for OMS & Agent (Doc ID
2179909.1) includes a utility called CheckForMD5Usage that can be registered with Cloud Control 12c or 13c
and executed to determine where, if at all, MD5 certificates are being used in your Cloud Control ecosystem.
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
Answer: a, e
te r h i s
o s e
Deploying the 13c agent beforeฺfshutting down
t
because it makes sensea in theto12cusagentthe
tortkeep
12c agent is an easily understood concept,
up and running for as long as possible while we
prepare the 13c agent.
r n se agent continues to collect data while the new agent software is
(mTheecurrent
e
ostand thenlicthe switch is performed.
being installed,
F
Because
a rt in the 13c agent can communicate only with a 13c OMS, the 12c to 13c upgrade requires that
Mthe OMR and OMS be upgraded before the agents are upgraded.
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
Answer: b
te r h i s
o s e t
Strictly speaking, you should consider
t i ฺf the
nsets u scurrent Cloud Control unavailable for the entire 1-System
upgrade process because a r
this a
t ofirm expectation in the minds of all those who use and rely on
m
r (targets
Cloud Control. Contingency e
ns fortomonitoring
plans and management must be put in place because the
managed hosts s t e
and li c e continue operate and be used even though the current system will be
temporarilyF o
rt i n unavailable.
a
MCommunication with your “customer base” is an important aspect of any operation of this type and
should be given serious consideration, along with the technical aspects, from the start of the upgrade
planning process.
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
Answer: e
te r h i s
o s e t
You will not use the backup of the
against the unforeseeable, r t i nฺf aOMR
taking o u as
backup
s part of the upgrade, so why do it? Because it mitigates
at a specific point in time will give you the confidence to
m a e t
t e in( your
proceed safe in ther knowledge
c e nsthat you can revert if you have to. Including a possible reinstatement
of the current s
F o OMS li upgrade plan is vital. Even if your site does not impose change control
processes n bethat strictly require and enforce a change window that includes a point in time at which the
a
call rt i
must made to roll back, planning for failure is one of the keys to avoiding it.
MFurthermore, be sure to use the same backup process in your upgrade tests that will be used in the
production upgrade, and also include a rollback as part of your upgrade tests to ensure that the
backup is usable.
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
F os
n
Marti
a ble
f e r
an s
n - t r
o
s an
) ha eฺ
ฺ c om Guid
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
F os
n
Marti
Implementation Planning
a ble
f e r
an s
n - t r
o
s an
) ha eฺ
ฺ c om Guid
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
Fos
n
Marti
Objectives
After completing this lesson, you should be able to describe the following:
• Enterprise Manager implementation life cycle
Unauthorized reproduction or distribution prohibitedฺ Copyright© 2017, Oracle and/or its affiliatesฺ
a ble
f e r
an s
n - t r
o
s an
) ha eฺ
ฺ c om Guid
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
F os
n
Marti
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
A Life Cycle of Continuous Growth r@
u S tu
te t h i s
o s e
r t i nฺf o uimplementation
The life cycle of an Enterprise Manager s ideally starts with the following:
• The appointmenta
m e t Manager administrator/owner
of an Enterprise
( s
en topology
r installation
• Design of
s t ethe l i c
• F
Planoof the implementation, starting with the initial rollout and looking toward future expansion
n
rtiRollout
M a
Initial
Your initial rollout will, of course, include the Enterprise Manager Cloud Control installation itself, but
will also include the initial set of managed hosts and targets, how they will be monitored, and who
will administer them. Consideration should be given to how many hosts and targets you want to
initially manage, especially if this is your first exposure to Enterprise Manager. For example, you may
simply want to start by managing a handful of databases.
Short-Term Growth
After the initial rollout, you can expect to add more managed hosts and targets in the short term.
a ble
f e r
ans
n - t r
o
s an
) ha eฺ
ฺ c om Guid
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
Fos
n
Marti
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
The Implementation Plan Is Crucial to
te r Success
h i s
o s e t
ฺf theumost
The implementation plan is probably s important element of an Enterprise Manager Cloud
rtin whattoyou
Control rollout because itamaps are going to do and when, what resources you have
m
( monitoring,
available, what your are e
ns isand how you will monitor it. Controlling the expansion of Cloud
t e li c e
F os
Control through your environment vital to ensure that the implementation is successful.
• Consider:
- Security and access: Administrators, groups, and privileges
- Business requirements: Availability, monitoring, administration, and reports
Have a Test Site
• It is very important to have a non-production site where you can experiment with
metrics extensions, patch updates, and so on.
a ble
• You want to test changes and discover possible performance hits before rolling them
f e r
out to production.
a n s
• -t
A test site provides an internal proof-point to showcase additional features.
n r
o
•
s a n for OVM and
Consider using a virtualized environment. Oracle provides VM templates
VirtualBox through the Oracle Software Delivery Cloud. ha
m ) ideฺ
k ฺ co t Gu
s b an den
@ u S tu
te r hi s
o s e t
r t i nฺf o us
( m a se t
s t er licen
F o
rti n
M a
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
Growth Is Inevitable
te r h i s
o s e t
An enterprise-wide management
t i ฺf systemussuch as Cloud Control is considered because the
ndictate
enterprise is large enougha r
to toit. Therefore, growth is inevitable in the managed hosts and
m e
sof Cloud Control. As such, your Cloud Control infrastructure may
er ( licen
targets that fall under the scope
need to grow s t
too.
n Fo Size
InitialtiRollout
ar is no hard and fast rule for determining the size of the infrastructure that should be placed
MThere
under Cloud Control, although you can estimate the volume of metric data that will be gathered by
the agents and, therefore, the potential growth of your OMR. As long as you plan carefully, you can
always grow the infrastructure as your Cloud Control enterprise expands. In particular, you can
provide for future growth by:
• Using RAC for your OMR, even if it is only a single-node cluster, to give it the potential to
scale
• Avoiding communicating directly from the agents to an OMS. Instead, use the abstracted
management server or load balancer host name.
• Using nonlocal (shared) storage for your software library to ease the transition to multiple
OMSes in the future
Long-Term Growth
Long-term growth is something that the Enterprise Manager administrator needs to map and
see coming in the future. There might be other groups or geographically distant sites in the
organization that can be brought into the Enterprise Manager fold. There may be internally
developed systems that could be monitored through custom plug-ins. It may be appropriate
to duplicate the Enterprise Manager hardware at this point to scale up the infrastructure.
a ble
f e r
ans
n - t r
o
s an
) ha eฺ
ฺ c om Guid
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
F os
n
Marti
A site is a distinct set of Enterprise Manager components and supporting infrastructure that
comprises the following:
• Oracle Management Repository
Unauthorized reproduction or distribution prohibitedฺ Copyright© 2017, Oracle and/or its affiliatesฺ
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u SiteStu
Considerations for an Enterprise Manager
t e r h is
s
foconsider t
e performance, configuration, and accessibility of each
In planning your implementation,
i n ฺ u sthe
component to optimize your a rtend users’
to experience of Enterprise Manager Cloud Control.
Oracle Management
m ns
r ( Repository e
s t e c e
li Servers must be able to insert data into and retrieve data from the OMR
F
Your Oracle oManagement
rtin and quickly as possible. The performance of your OMR will be sensitive to the
as efficiently
a
Munderlying CPU, memory, and storage capability and capacity of the OMR server.
Oracle Management Servers
As Cloud Control’s view of your IT enterprise grows, so too will the amount of data being uploaded
by agents which, in turn, needs to be stored in the OMR. Therefore, the OMS is sensitive to network
latency between it and the OMR. You must also take into account any firewalls between the OMS
and its agents, and any load balancers fronting your OMSes. For disaster recovery implementations,
the OMSes must be on replicated storage (such as Oracle’s Sun ZFS Storage Appliance Remote
Replication or NetApp Filer).
disaster recovery solutions, the software library files should be duplicated and periodically
synchronized.
a ble
f e r
ans
n - t r
o
s an
) ha eฺ
ฺ c om Guid
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
Fos
n
Marti
a ble
f e r
an s
EM CC n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u and S tu
r
Having one Enterprise Manager site to monitor s manage your entire enterprise implies:
• One set of hardware ฺfos
te
e thi
s
• a rtin to u
A centralized infrastructure
• r
Global network(maccess
e n stoeall machines
t e lic
• F ossecurity
Global requirements
a rtin
Advantages:
M
• A centralized global view of the entire IT enterprise
• Security controlled at one point
• One monitoring standard enforceable at a single point
Disadvantages:
• Increased requirement for high availability because your site may be utilized across multiple
time zones and the International Dateline
• Latency or network disruptions between your management agents and the OMS
a ble
f e r
an s
EM CC EM CC EM CC n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
Using multiple Enterprise Manager sitesr@
u and
to monitor S tumanage your enterprise implies:
te hardware.
t hi s
• Each site has its own Cloud ฺf o sControle
• Each site has its a r t i n
own localized t o us
infrastructure.
• r (m access
Localizedenetwork e n seto the managed hosts is all that is required.
• F
Local
st requirements
osecurity lic can be enforced and are all that need to be adhered to.
t i n
ar
MAdvantages:
• Restricted access to only local targets for local administrators
• Specialized management setup per site (SLA, notifications, monitoring)
Disadvantages:
• There is no centralized overview of the entire enterprise.
Because of the complexities involved, you should consider using multiple sites only if business
requirements demand it. Regardless of your implementation plan, it is recommended that your initial
rollout consists of only a single site to remove a layer of complexity and potential problems in the
short term.
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
Repository Size Can Be Estimated r@
u S tu
te t h i s
Although the size of your repository o s
ฺf cannot e
t i nrollout u s be accurately calculated in advance, the size can be
a r
estimated based on the initial o
t projected growth predicted for your installation. The
and
m ns e
r ( recommendations
documentation contains for small, medium, and large deployments, and these are
t e li c e
os
ideal starting points.
F
rtin Targets
Discovered
a
MThe agent will upload a certain amount of metric data in each 24-hour period for each discovered
target. The quantity of data depends on the target type. The OMS also stores configuration data for
each target, which we can estimate to be 10% to 30% of the size of that target’s metric data.
Retained Historical Data
Historical data contributes to the size of the repository. By default, the OMS applies the following
retention periods:
• Weekly, monthly, and yearly metric data rollups
• Retention of state information for six months
• Retention of configuration data for one year
JVMD Metrics
Collection of Java Virtual Machine (JVM) diagnostic metrics from JVMs across the enterprise
is often overlooked in the planning phase because the JVM instances are seen as a
subtarget of middleware. However, JVMD diagnostics will cause your OMR to grow rapidly,
and it is easier to cater to such growth in the planning phase rather than during post-
implementation. For example, collecting diagnostic metrics for 1,000 JVMs each with 8 GB
heap size over a two-second sample interval and raw data retention of 10 days with 30 days
a ble
of aggregated data is estimated to require almost 1.6 TB of storage.
f e r
ans
n - t r
o
s an
) ha eฺ
ฺ c om Guid
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
F os
n
Marti
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
Maintain and Secure the OMR Database
te r h i s
o s e t
The OMR database should be treated
t i ฺf like
npatches u sany other database in your enterprise and kept current by
applying Enterprise Managera r t o and database patches as they become available. For this
m
r (before
reason, the Enterprise Manager e
ns test environment takes on renewed importance as the site where
s t e
you can test patches li c e applying them to your production environment. If you are using a
multinode F o
r t i n RAC cluster, rolling patches can be applied without any outage to your OMR.
a the network security feature of the database Oracle Advanced Security Option (AOS) to secure
MUse
communication between the OMR and OMS. AOS combines network encryption, database
encryption, and strong authentication.
You can further restrict access to the OMR so that the database accepts connections only from
those servers that are hosting the OMS.
The OMR is a production database and should be protected with your standard production database
backup regime. Make sure that the backups are valid and can be used to perform a restore
operation.
s b an den
@ u S tu
Maintain and Secure the OMS
te r h i s
o s e t
The OMS and its underlying WLS
in your enterprise, and keptr t i nฺf installation
current o
by u s should be treated like any other middle-tier application
applying Enterprise Manager and WLS patches as they
m a e t
become available.rAs
t e ( with eOMR
c nswhere
maintenance, the Enterprise Manager test environment takes on
F o s
renewed importance asli
the site you can test patches before applying them to your production
environment.
a rt in
MAssuming that you use the default secure communication between the agents and the OMS, disable
unsecure communications with the emctl command: emctl secure lock.
Enterprise Manager Cloud Control, out of the box, uses an SSL certificate that is a self-signed
“demonstration” certificate and is not issued by a valid certificate authority. Replacing this with a
certificate issued by a trusted authority increases the security of the Cloud Control Console.
The user who owns the middleware home should not be able to log in directly to the operating
system; instead, access should be only through impersonation utilities such as sudo and pbrun.
Back up the OMS configuration after installation and again after every change in infrastructure with
the emctl command: emctl exportconfig oms.
s b an den
@ u S tu
Pieces of the Same Puzzle
te r h i s
o s e t
r
your needs and requirements.t i nฺf oinvolves
Designing a highly available system
u s taking various elements and combining them to suit
( m a se t
High Availability
s t er licen
F o high availability gives consideration to the single points of failure in your system
Strictly speaking,
ti n
andreliminates them through redundancy. Examples are RAC databases, ASM storage, and multiple
a
MOMSes fronted by a load balancer.
Disaster Recovery
Disaster recovery extends the concept of high availability beyond single points of failure by providing
secondary elements that can be brought into play when the primary elements fail. Examples are
active/passive middleware clusters and standby databases.
Maximum Availability Architecture
Implementing high availability to address single points of failure and disaster recovery to address
system failure leads you down the path of maximum availability architecture (MAA).
a ble
f e r
ans
n - t r
o
s an
) ha eฺ
ฺ c om Guid
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
Fos
n
Marti
• Level 3: Local HA
• Level 4: Local HA and Remote Active/Passive DR
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
Building Levels of Availability
te r h i s
o s e t
The levels of availability build on
previous level. Observing r t i
these
nฺfrecommended
each other,
o u s expanding the redundancy and recovery options of the
topologies will open pathways for transition from a
m a e t
t e r ( cens
lower to a higher level.
i
ospracticelinstallation
Level 1: Best
F
rti1navailability involves implementing a best practice, out-of-the-box configuration of Enterprise
Level
a
MManager Cloud Control, which is ready for future transition to higher levels of availability, but with no
specific high availability elements. Even with no action taken other than installing the product,
availability is considered to be around 95%. Consider using a database instance for the OMR with
protected storage (ASM) that will provide an element of protection against a storage-level failure, but
there is no redundancy for any of the Enterprise Manager components.
Level 2: Local active/passive HA
Level 2 availability consists of an active and passive OMS with shared storage at the same physical
location, which employs Data Guard to replicate the OMR to the failover hardware. Some down time
is incurred during the failover to the redundant system.
in accordance with Maximum Availability Architecture (MAA) principles. A best practice for
implementing dual-site Active/Passive DR in this solution is to place the Oracle Inventory,
Oracle Homes, Software Library, and BI Publisher storage for the OMSes on replicated
storage (such as Oracle’s Sun ZFS Storage Appliance Remote Replication or NetApp Filer)
and replicate the OMR by using Data Guard.
a ble
f e r
ans
n - t r
o
s an
) ha eฺ
ฺ c om Guid
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
Fos
n
Marti
OMS
Sharable Storage
a ble
f e r
an s
OMR
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
Level 1: Preparing for the Future r@
u S tu
te t h i s
o s e
f isueffectively
you can incorporate features r t i nofฺthe
Even though the Level 1 architecture
o
other
s
high
nothing more than an out-of-the-box installation,
availability architectures that will smooth any future
m a e t
t e r (HA level:
transition to a higher
c e ns
• Install i a subdirectory of ORACLE_BASE on media that can be shared, for
osthe OMS lunder
F
a rtinexample, /u01/app/oracle/product/oms.
M • Use sharable storage for the Oracle Inventory, Software Library, and BI Publisher.
• Install against an alias host name that your agents and web console connections will use
instead of the actual OMS server’s host name.
s b an den
Level 2: Local Active/Passive HA r@
u S tu
te t h i s
o s e
r
single physical location witht i nฺf availability
An Enterprise Manager High Availability
high o uLevel
s 2 topology is characterized by being confined to a
achieved by failing over from an active OMS and OMR
m a e t
to a passive standby
t e r (OMSceandnsOMR.
s consists
This Level 2odesign
F li of the following:
• rtin
An active OMS
a
M • An active OMR
• A standby OMS
• A physical standby OMR
• Shared storage for the Oracle Inventory, Oracle Homes, Software Library, and BI Publisher
• Software installed against alias host names
• Agent and Cloud Control Console connections made to the application virtual host name
• Failover performed at the network level
Load Balancer
a ble
Shared Storage
f e r
an s
OMR RAC Cluster
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
Level 3: Local HA
te r h i s
o s e t
t i ฺf
An Enterprise Manager High Availability
nOMS u Level
s 3 topology is characterized by active and passive
redundant components at a r
the t o
and OMR tiers, all hosted at the same physical location.
This Level 3 design
m e
( enofsthe following:
r consists
t e
s OMSes lic and one passive OMS that is fronted by a load balancer
• F
Two oactive
in
• rt Shared storage for the Oracle Inventory, Oracle Homes, Software Library, and BI Publisher
a
M • Software installed against alias host names
• Agent and Cloud Control Console connections made to the application virtual host name
• OMS failover performed by a load balancer
• OMR protected locally by RAC cluster and Data Guard
a ble
f e r
Physical
an s
Standby
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u DR S tu
Level 4: Local HA and Remote Active/Passive
te r h i s
o s e t
ฺf
An Enterprise Manager High Availability
uLevel
s 4 topology is characterized by active/active and
active/passive HA at thea rtin sitetoand
primary active/passive DR across the primary and secondary sites.
This topology is the m
( elevel
r highest e
ns of Maximum Availability Architecture (MAA) for EM.
t e c
s is alimultiple-site solution and consists of the following:
This Level 4odesign
F
• rtinA Level 3-design primary site
a
M • A remote secondary site with a physical standby RAC cluster database for the OMR
• Replicated storage across both sites for the Oracle Inventory, Oracle Homes, Software
Library, and BI Publisher
• Software installed against alias host names
• Agent and Grid Control Console connections made to the application virtual host name
• Site failover performed by a global load balancer or DNS between load balancers
• Network infrastructure and device redundancy within and between sites
• Power redundancy
Availability
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
The Illustrated Availability Continuum
te r h i s
o s e t
The graph in the slide depicts the
between levels of availability.r t i nItฺisf increase
noto u s in availability that can be gained with the progression
based on empirical data, and the relative values that are used
m a e t
r ( ceonly.
are for illustrative purposes
t e ns
Another wayoto
F s interpretlithe y-axis scale is as a measure of acceptable down time—the lower end of
a rt inrepresents a reasonable amount of down time as being tolerable, whereas the upper end of
the axis
Mthe axis represents even the smallest amount of down time as being intolerable.
Yet another way to think of the y-axis is in terms of costs. If the demanded availability is higher and if
down time becomes accordingly less acceptable, there will be higher costs in achieving the desired
level of availability.
Advanced configuration of Enterprise Manager Cloud Control, including implementations of various
levels of high availability, are covered in more detail in the Oracle Enterprise Manager Cloud Control
13c Advanced Configuration Workshop course.
— http://www.oracle.com/technetwork/database/features/availability/em-maa-155389.html
– My Oracle Support (search for “maximum availability architecture”)
– My Oracle Support community
https://community.oracle.com/community/support/enterprise_manager
– OTN Community https://community.oracle.com/community/enterprise_manager
• More details in the Oracle Enterprise Manager Cloud Control 13c Advanced
Configuration Workshop
a ble
f e r
an s
n - t r
o
s an
) ha eฺ
ฺ c om Guid
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
F os
n
Marti
a ble
f e r
an s
n - t r
o
s an
) ha eฺ
ฺ c om Guid
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
F os
n
Marti
M arti
F n
os t e
m
li
a rt i n ฺ
r ( cens e
s t
to
@
fo use
b
er this
a
ฺ c
us Stud
nk ent
)
s
om Guid
ha eฺ
an
o n - t r an
sf e r a b
le
A
Unauthorized reproduction or distribution prohibitedฺ Copyright© 2017, Oracle and/or its affiliatesฺ
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
Fos
n
Marti
We Are Already Consumers of the Cloud
“Then” 1 2
a ble
f e r
an s
“Now”
n - t r
a no 1
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
We Consume Cloud Services Every rDay @ u S tu
te t h i s
f o
The cloud metaphor is invokedฺwhenever
s e
sthe details of an implementation or provision of a service
are obfuscated from the a rtin toof uthe end consumer. There are many examples of cloud-based
perspective
services in everyday
r m suchnsasea phone call between two parties. Before the advent of automated
(life,
s
exchange, making
o
e
t a phonel icecall involved multiple steps that you may be aware of:
1. tin F the operator and ask for a connection to the other party.
Call
r
Ma2. Wait for the operator to connect you to the other party.
3. Converse with the other party (with the possibility of the operator sniffing all voice traffic).
Therefore, when you made the phone call, you were aware of how the call was routed to the other
party, and could possibly even trace the phone lines along which the call was transmitted.
These days, making a phone call requires only access to a phone service and knowledge of the
other party’s phone number. How your call is actually connected to the other party is obscured within
the telecommunications cloud, and in this era of voice-over-IP, mobile communication, and global
roaming, the means of communication is further obfuscated.
• Mail delivery network. Whereas earlier your post could be guaranteed to be collected,
sorted, and delivered by a single government agency, now there could be multiple
independent contractors between the sender and the recipient.
In all these examples, the service or product that you consume has not altered; only the way
in which it is provided has changed.
To further illustrate how cloud is already part of our everyday life, consider one more
example:
a ble
• Browsing a website. You are typically unaware of the route taken by the HTTP
f e r
packets between your browser and the site’s web servers, or even where the web
ans
server is physically located.
n - t r
o
s an
) ha eฺ
ฺ c om Guid
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
F os
n
Marti
s b an den
@ u S tu(NIST) defines cloud computing as “a model
The US National Institute of Standards and
te r Technology
i s
hnetwork
for enabling ubiquitous, convenient,
f o son-demand
e t access to a shared pool of configurable
ฺ
in to u
computing resources (e.g., tnetworks, s
servers, storage, applications, and services) that can be rapidly
a r
provisioned and released
r ( e management effort or service provider interaction.”
m withnsminimal
Every Cloud s
o Has l iceLining
te a Silver
n F
Cloudticomputing takes on a different meaning depending on your perspective, and all present
a r views of the
different benefits that can be derived from cloud computing.
M
From the perspective of a consumer of cloud-based resources, the cloud is simply a capability or
service that is used without having knowledge of how or where it is implemented. Indeed, knowledge
of how the consumable product is provided is obscured by the very nature of it being accessed via
“the cloud.” Because implementation details are of no concern to the consumer, their primary interest
is availability and usability.
agreements.
a ble
f e r
ans
n - t r
o
s an
) ha eฺ
ฺ c om Guid
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
Fos
n
Marti
• On-demand self-service
– Anytime. No human involvement is required.
• Broad network access
Unauthorized reproduction or distribution prohibitedฺ Copyright© 2017, Oracle and/or its affiliatesฺ
s b an den
@ u S tu
Five Essential Characteristics of Cloud
te r Computing
h i s
o s e t
r t i nฺf o uincludes
The NIST definition of cloud computing s five essential characteristics:
•
( m a se t
On-demand self-service
Consumers
s t i c en and receive computing resources as required without human
er can lrequest
F o
intervention by a provider.
n
• rti Broad network access
a
M The resources and self-service portals provided by the cloud can be accessed through
standard network-connected devices (for example, mobile phones, tablets, laptops, and
workstations).
• Resource pooling
Providers use their computing resources to serve the demands of many customers in a multi-
tenancy model. All customers can then benefit from the dynamic allocation of resources from
the pool to meet their demands. Examples of resources include storage, processing,
memory, and network bandwidth.
• Rapid elasticity
The capacity of the cloud can be scaled up or down in response to consumer demand in a
manner that appears to the consumer to provide unlimited capabilities.
a ble
f e r
ans
n - t r
o
s an
) ha eฺ
ฺ c om Guid
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
F os
n
Marti
Customizations
Application
Platform a ble
SaaS
f e r
PaaS
an s
Infrastructure IaaS n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
Three Cloud Computing Service Models
te r h i s
o s e t
r t i nฺf o uincludes
The NIST definition of cloud computing s three service models.
a (IaaS)
Infrastructure as a Service
m e t
( s
enmakes available resources such as processing, networking, and
t er provider
The cloud computing
s l i c
F
storage thatocan be requested by consumers. Typically, the infrastructure that is provisioned in an
n
i is virtualized, although this is not necessarily apparent to the consumer. The consumer is
IaaSrtcloud
a
Mresponsible for providing an application platform and applications to deploy on that platform, and can
of course customize those applications as required.
An example of an IaaS cloud request is an Oracle Linux 5 Update 7 x86-64 virtual machine with 16
GB of RAM and 250 GB of storage.
Platform as a Service (PaaS)
The cloud computing provider makes available platforms onto which consumers can deploy their
own applications, and then customize those applications as required.
Examples of platforms that might be available in a PaaS cloud are Oracle Database (both single
instance and RAC) and Oracle WebLogic Server.
a ble
f e r
ans
n - t r
o
s an
) ha eฺ
ฺ c om Guid
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
Fos
n
Marti
• Private
– For exclusive use by a single organization
• Community
Unauthorized reproduction or distribution prohibitedฺ Copyright© 2017, Oracle and/or its affiliatesฺ
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
Four Cloud Computing Deployment rModels @ u S tu
te t h i s
o s e
r t i nฺf o uincludes
The NIST definition of cloud computing s four deployment models:
Private Cloud
( m a se t
The hosting andte r ceofnprivate clouds may also be outsourced to a third-party service provider,
operation
F s li for the exclusive use of one organization.
ocloud remains
but a private
a rtin Cloud
Community
M
Examples of communities are all the different branches of the military, all the universities in a given
region, or all the suppliers to a large manufacturer.
Public Cloud
All underlying infrastructure is owned and operated by the public cloud provider.
Hybrid Cloud
This may be to implement a “cloud bursting” scenario, where an organization might run the steady-
state workload of an application on a private cloud. But when a spike in workload occurs (such as at
the end of a financial quarter or during the holiday season), the application can burst out to use
computing capacity from a public cloud, and then return those resources to the public pool when
they are no longer needed.
s b an den
The Cloud Is a Win-Win Scenario forr@
u
IT ProvidersS tuand Consumers
te t h i s
o s e
infrastructure and services.r t i nฺf odistributed
The benefits of the cloud are equally
u s between providers and consumers of IT
( m a se t
•
er licecan:
Resource providers
t n
s
- o Manage the underlying infrastructure in any manner they choose, provided they meet
F
rti n their service-level agreements
M a
- Deploy resources where they are needed, as they are needed
- Pool resources to provide scalability and multi-tenant capabilities
- Use IT hardware to ensure optimum return on investment
• Resource consumers:
- Need to focus only on their area of interest and expertise
- Can leave provisioning and management of underlying infrastructure to the resource
providers
- Consume as much or as little resources as needed, when needed
consumer’s current reach by consolidating and sharing infrastructure across the needs and
requirements of many consumers. Conversely, by servicing a wider group of consumers, the
cloud service provider can offer a greater range and depth of resources by recouping the
requisite IT infrastructure costs through metering and chargeback.
a ble
f e r
ans
n - t r
o
s an
) ha eฺ
ฺ c om Guid
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
Fos
n
Marti
• Standardization
• Consolidation
Unauthorized reproduction or distribution prohibitedฺ Copyright© 2017, Oracle and/or its affiliatesฺ
• Centralization
• Optimization
• Abstraction
• Flexibility
• Self-service
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u
Bad is S
tu
A Cloud Over Your Head Is Not Always
te r
o s
The move to a computing cloudฺfcan be compelling e th for an organization on many fronts:
• Standardization ar
tin to us
r (m model n e
snaturally
-
sThe
t e cloud
l e lends itself to the adoption of standards, including
icapplication platforms,
F o hardware, and integration technologies.
n
• rti Consolidation
M a
- Combining physical infrastructure and IT budgets across multiple departments
- More efficient purchasing, installation, maintenance, and operation processes
- Reduced operational overhead with fewer physical pieces of infrastructure to manage
- Potential gains per application deployment in terms of available compute resources
• Centralization
- Consolidation may result in co-location of previously distributed infrastructure.
- Operations may be simplified through the reduction of infrastructure.
IT Professionals
• Use cases:
Customizations
– Relocating existing workloads
– Building highly customized
Application platforms and applications
Cloud
Consumer
Platform
a ble
f e r
Cloud
an s
Infrastructure IaaS
Provider
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
IaaS Cloud Service Model
te r h i s
o s
The three cloud service modelsฺfdefined by e t
users due to the level of a control us NIST
rtin eachtomodel
(IaaS, PaaS, SaaS) are suited to different types of
allows for the cloud provider and the cloud consumer.
As a cloud consumer, r (m
you aree n se
attracted to the IaaS provider’s cloud because you do not want to own
s t e l i c
and manageoyour own hardware but you do want to control everything from the operating system
i
upwards. n FIn the IaaS service model, cloud consumers use self-service to request compute, memory,
t
arstorage resources together with a base operating system. They then install application servers,
Mand
databases, and other platforms, followed by the applications that they want along with the
customizations they need.
An IaaS cloud may be suitable in a number of circumstances, such as the following:
• You want to divest yourself of the cost of purchasing and maintaining your own infrastructure.
• Your existing infrastructure is unable to meet the current or projected demands, and the IaaS
cloud allows you to use as much computing power as you require.
• Your internal infrastructure requirements can be best met by consolidating your existing IT
hardware into a private IaaS cloud.
Platform
a ble
PaaS
Cloud
f e r
Provider
an s
Infrastructure
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
PaaS Cloud Service Model
te r h i s
o s e t
r
that you can deploy applicationst i nฺfandostart
As a cloud consumer, you are attracted
utosthe PaaS provider’s cloud because you want somewhere
using them. You may be an application developer or a
m a e t
licensed application r (owner. e
In s PaaS service model, cloud consumers use self-service to request
nthe
s
for a deployment t e li
platform csuch as an application server or database. They then install their
F
applications
o
r t i n on that platform and customize them to suit their needs.
MA aPaaS cloud may be suitable in a number of circumstances, such as the following:
• Your organization has the skills to build an application, but you do not want to invest in the
underlying platform and computing resources. You also want the flexibility to scale your
platform up or down as required.
• You own licenses for an application but do not want to invest and maintain the underlying
platform and computing resources yourself.
• You are an IT development shop that specializes in J2EE and database applications, and a
private PaaS cloud will allow you to consolidate existing resources and service the needs of
all your development projects.
Business Users
• Use cases:
Customizations Cloud
Consumer – Implementing business processes
without any IT acquisition
Application – Building complex business flows
with publicly available services
Platform Cloud
SaaS Provider
a ble
f e r
an s
Infrastructure
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
SaaS Cloud Service Model
te r h i s
o s e t
As a cloud consumer, you are attracted
t i ฺf
nthe utosthe SaaS provider’s cloud because you just want to use
an application without owning
a r o
hardware
t or platform that it runs on, nor do you want to own
m
software licenses.rIn(the SaaS e
sservice model, cloud consumers use self-service to request access to
nFusion
t e as Oracle
an applicationssuch li c e Purchasing or Oracle Social Network that they can then
customize F o
rt i n to suit their needs.
MA aSaaS cloud may be suitable in a number of circumstances, such as the following:
• Your organization needs to implement a business process but cannot justify the cost of
investing in and maintaining a technology stack and application licenses.
• Your organization uses the services of a number of SaaS providers and wants to link them
together.
• Different departments within your organization generate unsynchronized fluctuating demand
and a private SaaS cloud will allow you to consolidate and scale up or down across globally
distributed data centers.
• Savings depend on the ability to exploit pooled resources, elasticity, and self-service
automation.
• It is a simple model for the initial transition to cloud.
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
Private Cloud for Complete Peace ofr@
u
Mind is S
tu
o s te h the entire cloud is solely used by one cloud
tthat
The private cloud deployment modelฺ f e
dictates
us to the underlying hardware that is being used to provide
a rtincan be
consumer, and this exclusivity t o traced
the cloud resources. r (Amprivate
e n se may be owned and operated by an organization from its own or
cloud
e
t orliitcmay be owned, operated, and managed by a third party in an exclusive
a leased datascenter,
arrangement.F o
a rt in
MAaspect
primary advantage of an internal private cloud is the ability for the cloud consumer to control every
of the implementation, thereby ensuring compliance with security, naming, and other
standards that may be key requirements of the consuming organization.
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
Community Cloud for Shared Compliance
te r h i s
o s e t
The community cloud deployment
r t
security, privacy, and compliance i nฺf considerations.
model s
o u is appropriate for multiple organizations with common
Often these shared facets arise due to a common
m a e t
owner and a common r ( regulator.
e s A community cloud may be owned and operated by the community
ncenter,
t e li c
F os
from its own or a leased data or it may be owned, operated, and managed by a third party.
a rt in clouds offer each member of the community the benefit of being able to share the costs
Community
Mof investing in and operating technologies and controls that may be required by rules and
regulations.
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
Public Cloud for General Access r@
u S tu
te t h i s
o s e
The public cloud deployment model
themselves of computingaor inฺf toisresources
rtsoftware
appropriate
us without for organizations or individuals wishing to avail
the associated costs and requirements of
m e
Aspublic cloud is owned by an organization selling cloud services.
r ( in ctheenpublic
ownership and maintenance.
s t e
There is no exclusivity li cloud model—consumers have no control over whether the cloud
resources F o
they are using are shared with any other consumer, or even with which other consumers
rt i n shared.
a
they are
MPublic clouds relieve an individual organization of the burden of owning and maintaining computing
and software resources, including the infrastructure and services required to operate a data center
such as power, cooling, and lighting. Another potential benefit is the ability to operate a business in
geographical locations that were previously untenable due to the cost of expanding the
organization’s network and general IT infrastructure—in the public cloud model, the onus of global
accessibility falls on the shoulders of the cloud provider.
Develop
a ble
f e r
an s
Deploy Secure
n - t r
no
transfer
Private
Public
s a Lifecycle Distribution
h a
) ideฺ
m
co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
k ฺ
s b an den
@ u S tu
Hybrid Cloud for Total Flexibility
te r h i s
o s e t
The hybrid cloud deployment model
are separate entities buta
nฺf by
rtibound
are
involves
o u s two or more private, community, or public clouds that
common technologies. These common technologies allow
m e t
r ( migrate,
applications to scale,
e s communicate between the clouds.
nor
t e c
forliimplementing a hybrid cloud deployment model are:
os
The three use-cases
F
• rtin
Lifecycle distribution: Your organization may be developing its own application, but does
a
M not wish to own and maintain a development environment, including the source code control
system, development platform, and other development resources. An example of the hybrid
cloud model would be using resources in a public cloud to develop and test code, which is
then deployed to an internal private cloud where your production environment is running.
• Functional distribution: Your organization may have a business process, such as an
insurance claim workflow, where some client interaction is unregulated but the regulatory or
privacy compliance part of the process needs to be strictly controlled and monitored. The
hybrid cloud model allows you to take advantage of the benefits of a public SaaS cloud, while
ensuring regulatory compliance by protecting sensitive operations and information in your
internal private cloud.
a ble
f e r
ans
n - t r
o
s an
) ha eฺ
ฺ c om Guid
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
F os
n
Marti
s b an den
@ u S tu
Calculating the Cloud Type
te r h i s
o s e t
With four basic cloud types to choose
t i ฺf from,
nthorough u s deciding which cloud type best meets your
organization’s needs requires
a r t o planning. One suggested approach is to start with a private
cloud that will allow m
( to eassess
r you e
s if your organization can realize the benefits of cloud computing.
nsuited
t e li c
F os
Choosing which cloud is best to your needs depends on three factors:
• tin
a r Service host: Where will your cloud infrastructure be hosted? Internally in your own data
M center, in a leased data center, or in a cloud provider’s data center? Regardless of the cloud
service model you use (IaaS, PaaS, or SaaS), there is a need for basic computing resources
(CPU, memory, and storage), as well as the supporting networking, power, lighting, cooling,
and other elements that comprise a modern data center.
• Service owner: Regardless of where the cloud infrastructure is hosted, who will own the
cloud service that you use? Will your organization set up its own cloud service or use that of
a cloud provider? The service owner will also need to bear the costs of the entire
infrastructure underpinning the cloud, as well as perform the role of a service operator and
ensure that service-level agreements are met (for example).
• Tenancy model: Do your organization’s regulatory and privacy needs dictate that you are
the sole tenant of the cloud, or can you share the cloud with other consumers?
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
Make Haste Not Speed
te r h i s
o s e t
Adopting a cloud model will have ฺf ramifications
s far beyond the boundaries of your IT enterprise, and
rtin depends
a successful transition toacloud t o u on these being established and understood early in the
m e
( enansIT enterprise may be the initial driver of the move to the cloud in any
move to the cloud.rAlthough
s t e
given organization, the lic benefactors should be the business system owners and users, and
ultimate
F
they should
o
rt i n be considered at every decision point.
a cloud model introduces new behaviors and processes for your end users to adopt, and these
MThe
changes should help rather than hinder the core activities of these people. Similarly, your system
and software administrators must benefit from the changes introduced by adopting the cloud—
introducing an IaaS private cloud where your system administrator now has to maintain the operating
systems on hundreds, if not thousands of virtual machines, would not be seen as beneficial by the
system administrator.
Regardless of the cloud model you choose to use, you cannot ignore or abandon the security and
compliance requirements of both your IT enterprise and your business. IT security standards must
continue to be observed, as should any compliance standards that you have in place for
infrastructure and software configuration. Upholding business process security standards and
regulatory compliance are also paramount to the success of any transformation to a cloud model.
a ble
f e r
ans
n - t r
o
s an
) ha eฺ
ฺ c om Guid
b a nk ent
@ us Stud
s t er this
i n ฺ fo use
a rt to
m
r ( cens e
t e li
Fos
n
Marti
• Enterprise architects
– Want platform standardization in order to reduce the number of technologies
• Procurement managers
Unauthorized reproduction or distribution prohibitedฺ Copyright© 2017, Oracle and/or its affiliatesฺ
s b an den
@ u S tu
Walking the Tightrope
te r h i s
o s e t
t i ฺf
When you embark on a cloud implementation
ncan u s project, you will find that different stakeholders
perceive different benefits
a r
that be
t o derived from the ensuing transformation. Managing and
m
r ( cofrests
meeting the expectations your e
nsonstakeholders may be challenging, but the success of a cloud
implementations t e li
ultimately e its acceptance by the business sponsors. Therefore, you will need
F o
to workntoward satisfying each of their needs.
a rtiare quantifiable benefits in standardization, consolidation, and self-service automation.
There
MConversely, there are quantifiable costs involved in moving any or all of your existing IT enterprise to
a cloud model. You may find that it is a fine line between acceptance and rejection of a cloud model,
and ultimately the benefits must outweigh the costs for you to transform your business.
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
Ask Yourself …
te r h i s
o s e t
Who are my stakeholders?
r t i nฺf o us
Who stands to benefit from
m a a cloud? e t
( s
en be best?
s t
What cloud service er model
l i cwould
F otype would be best?
i n
What cloud
rtcould
M a
How I sell my chosen cloud service model and type to my stakeholders?
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
Ask Yourself …
te r h i s
o s e t
Who are my stakeholders?
r t i nฺf o us
Who stands to benefit from
m a a cloud? e t
( s
en be best?
s t
What cloud service er model
l i cwould
F otype would be best?
i n
What cloud
rtcould
M a
How I sell my chosen cloud service model and type to my stakeholders?
• An online retailer has attracted more and more customers to its site through a number of
marketing campaigns.
• Your next campaign will be 24 hours of exclusive deals.
Unauthorized reproduction or distribution prohibitedฺ Copyright© 2017, Oracle and/or its affiliatesฺ
• You are pretty sure that the online store can handle the load, and IT is putting a strain on
your profits anyway.
• Should the online store move to a cloud? If so, what type and why?
a ble
f e r
an s
n - t r
a no
h a s
m ) ideฺ
k ฺ co t Gu Copyright © 2017, Oracle and/or its affiliates. All rights reserved.
s b an den
@ u S tu
Ask Yourself …
te r h i s
o s e t
Who are my stakeholders?
r t i nฺf o us
Who stands to benefit from
m a a cloud? e t
( s
en be best?
s t
What cloud service er model
l i cwould
F otype would be best?
i n
What cloud
rtcould
M a
How I sell my chosen cloud service model and type to my stakeholders?