|Oracle® Enterprise Manager Cloud Control Administrator's Guide
12c Release 1 (184.108.40.206)
Part Number E24473-01
|PDF · Mobi · ePub|
This chapter provides an overview of the server and software provisioning and patching features offered by Enterprise Manager Cloud Control. This chapter contains the following:
The provisioning and patching features together make up the Lifecycle Management solution area of Enterprise Manager Cloud Control. To read more about this solution area, access the following URL:
To learn how to access the provisioning and patching features within the Enterprise Manager Cloud Control console, see the Oracle® Enterprise Manager Administrator's Guide for Software and Server Provisioning and Patching. This guide is available in the Enterprise Manager documentation library available at:
Enterprise Manager Cloud Control offers provisioning deployment procedures that automate the deployment of software and applications, and patch plans that automate the patching of systems across your network. These features make critical data center operations easy, efficient, and scalable resulting in lower operational risk and cost of ownership. The ability to provision and patch the entire software stack that includes the operating system, the middleware, database, third party software, and applications supplemented by comprehensive reporting tools make these features extremely significant entities in the overall System Management space.
As shown in Figure 23-1, with the help of provisioning deployment procedures and patch plans, Enterprise Manager Cloud Control covers the entire lifecycle management of software, applications, and servers. The deployment procedures orchestrate the initial reference sandbox deployment and then the mass unattended deployment of gold images created from these reference deployments.
Going forward, as the computation demand for the resources decline, Enterprise Manager Cloud Control allows you to deactivate and de-provision the resources making them available for a different purpose.
Figure 23-1 Lifecycle Management Overview
The following are the advantages of using the provisioning deployment procedures and patch plans in Enterprise Manager Cloud Control:
Provides a repeatable, reliable, and automated solution for performing mass, unattended, and schedulable deployment of
Software and servers based on Gold Images created using reference deployment or installation media
Software and operating system updates
Complex and multi-tier software like Oracle Real Application Clusters (RAC), Oracle Cloud Infrastructure, and Fusion Middleware Clusters
Allows new resources to be provisioned at short notice based on compliant and tested gold images.
Allows multiple operations to be accommodated in a single change window.
Supports SUDO, PAM, and Privilege Delegation authentication.
Offers a single interface for multiple players. For example, component designers responsible for creating Gold Images based on corporate standards and the operators all use the same Enterprise Manager Cloud Control console.
Provides automation of repeatable installation and patching operations across the stack leads to substantial cost savings in terms of costs and man-hours.
Automates the patching operation across your network using patch plans. A patch plan is a collection of patches which you might want to consider applying as a group to one or more targets. Patch plans can be created using the My Oracle Support Patches and Updates functionality that is tightly integrated with Enterprise Manager Cloud Control.
Enterprise Manager Cloud Control also provides command-line interface support to all out-of-box provisioning and patching deployment procedures. These features can hence be invoked by custom scripts.
Enterprise Manager Cloud Control also allows you to customize these default deployment procedures to suit your requirements.
Enterprise Manager Cloud Control provides provisioning and patching capabilities across the stack for:
Operating Systems, with Bare Metal Provisioning on Linux and operating system patching
Databases, with Real Application Clusters (RAC) provisioning, extension, and deletion; Cloud Infrastructure provisioning for standalone servers and clustered environments; and flexible patching for Oracle Database and Oracle Real Application Clusters
Middleware, with Oracle Fusion Middleware provisioning, Oracle SOA Suite provisioning, and SOA Artifacts provisioning, BPEL provisioning, Oracle Service Bus provisioning
Note that these features require Oracle Management Agents to be present on the destination hosts where the software has to be provisioned.
Bare metal or operating system provisioning application provides server lifecycle management to build, manage, and optimize server infrastructure. The application:
Automates deployment of consistent, certified Linux operating system images along with larger number of servers on physical and virtual servers.
Automates deployment of hypervisors and virtual machines.
Provides a template-based approach for provisioning a variety of Linux configurations servers (RedHat 3.0/4.0, SuSE/SLES9). This also ensures compliance to standards and consistency across all deployments.
Reduces errors with standardized gold image-based server provisioning.
Supports heterogeneous hardware and network configuration.
Automatically discovers bare metal and live target servers for provisioning.
Especially for Oracle software, the application encodes best practices out-of-the-box for patching.
Results in considerable reduction in manual labor that leads to substantial cost savings.
Software Provisioning automates the deployment of Databases and Fusion Middleware. It makes critical data center operations easy, efficient, and scalable resulting in lower operational risk and cost of ownership.
The features are as follows:
Enables mass deployment of Oracle software (Database, Oracle Real Application Clusters stack, and Fusion Middleware)
Supports all versions up to 11.2 and Cloud Infrastructure Architecture
Enables standardized software deployment via Provisioning Profiles
Allows segregation of duties using Designer and Operator roles
Provides lock down access for controlled and error free deployments
Provides pre-requisite checks and fix-ups
Enables Group-based operations
Supports user-defined deployment procedures
Enterprise Manager Cloud Control offers the ability to mass upgrade Oracle Databases in an easy and efficient way. Upgrading to the latest version of Oracle Database enables you to access the latest technology, thereby increasing efficiency and providing secure data management for your applications.
The features are as follows:
Supports mass upgrade of Oracle Databases
Supports single instance database upgrade in first release
Upgrades from versions 10.2.0.x and 11.1.0.x to 11.2.0.x
Upgrades software and database instances combined or separately
Enterprise Manager Cloud Control offers patch plans that simplify the patching of targets such as Oracle Database, Oracle RAC, Oracle ASM, Oracle Clusterware, and Oracle Fusion Middleware.
A patch plan is a collection of patches which you might want to consider applying as a group to one or more targets. Each target can have a separate group of patches. A patch plan can include a description and a deployment date for the plan and one or more patches.
A patch can be added to a target in a plan only if the patch has the same release and platform as the target to which it is being added. You will receive a warning if the product for the patch being added is different from the product associated with the target to which the patch is being added. The warning does not prevent you from adding the patch to the plan.
Patch plans can be created using the My Oracle Support Patches and Updates feature that is tightly integrated with Enterprise Manager Cloud Control. This integration greatly simplifies the patching operations by offrering timely and easy access to invaluable patch and support information during the patch planning phase, thus enabling you to utilize the wealth of information from My Oracle Support to implement the best possible patch rollout for your organization. Not only does this help you make important decisions regarding your patch and deployment process, it also helps you resolve conflicts quickly.
In addition to creating new patch plans, you can also create patch plan templates using these patch plans.
A patch plan template is a predesigned plan based on an existing successfully analyzed or deployable patch plan, however without any targets selected.
A patch plan template enables you to create new patch plans using a predetermined set of patches and deployment options saved from the source patch plan, and by selecting a completely new set of targets. Doing this reduces the time and effort required to create new patch plans and enables patch designers to expose only approved plans to patch operators.
The Patch Linux Hosts application facilitates the automated management of Linux hosts in an enterprise. You can use this feature to keep the Linux hosts in your enterprise up to date with vital software updates from your Linux vendor.Patch Linux Hosts uses a reference-based grouped patching model, where you can create one or more reference package repositories containing up-to-date versions of various packages, and associate a group of Linux hosts with these package repositories.The Patch Linux Hosts tool uses package repositories to patch the hosts as well as to monitor the deviation of the packages installed on the hosts. You can create different groups suited to your administrative needs and even associate different package repositories with different priorities for each group. You can independently control when and how often to update the hosts in the group, and how to determine their compliance with respect to the package repositories.
Note:To use this feature, make sure you have the following:
Licenses for the Provisioning and Patch Automation Pack
Linux Management Pack
"Operator" privileges on the host that you want to patch
Ability to do sudo to the root user
The Linux patching feature provides the following functionalities:
Setting up and managing RPM Repositories by subscribing to Unbreakable Linux network (ULN) channels
Setting up and managing custom RPM Repositories and channels (cloning channels, copying packages from one channel into another, and deleting channels)
Setting up Linux Patching Group to update a group of Linux hosts and compliance reporting from the Linux Patching group
Scheduling Patching for non-compliant groups
Managing Configuration file channels (creating/deleting channels, uploading files, and copying files from one channel into another)
Patching through deployment procedures and emergency patching
Undo Patching feature
Enhanced Linux Patching feature of Enterprise Manager supports the Unbreakable Linux Network (ULN) subscribers through EM. ULN provides access to Linux software patches, updates and fixes for its customers. Oracle provides three levels of Unbreakable Linux support:
Network Support - access to patches and updates via ULN
Basic Support - access to patches and updates via ULN, 24x7 support, complete Linux server lifecycle management
Premier Support - access to patches and updates via ULN, 24x7 support, Linux server lifecycle management, backporting, lifetime support
The Linux RPM Repository Server Setup page in Enterprise Manager allows you to set up a RPM repository server for Linux patching. You can select the Host to setup the RPM repository server and register the host to the Unbreakable Linux Network (ULN).
Linux Host Patching Groups: You can group a set of Linux hosts together to update all at once. Each group is associated with one or more package repositories that contain all the certified and appropriate versions of the software packages for the hosts of that group. Each group is configured with an update schedule for a recurring job to run to update the hosts with the associated package repositories.
RPM Repository: RPM repository is a directory that contains RPM packages. The RPM repository is accessible via http or ftp. A RPM repository can be organized to contain packages from multiple channels.
Custom Channel: A custom channel is a channel created by the user to store a set of custom RPM packages. Custom channels can be added to the RPM repository.
Configuration Channel: A channel that is created by the user to store a set of Linux configuration files. Configuration channels can be used in the Linux patching application user interface to update configuration files on Linux hosts.
Compliance and automatic updates: The compliance page contains information on the number of hosts in a group that are in compliance, as well as the number of "rogue" packages on a particular host. You can see metrics and charts to measure compliance for all Linux Host Patching Groups, as well as historical compliance data.
Emergency Patching: This feature gives you the option of performing "forced" updates, outside of the established schedule, to immediately respond to critical bugs or security alerts for all configured Linux hosts.
Undo Patching: This feature adds flexibility by allowing you to roll back the software to its previous stable version, or even de-install the unstable version completely if that software version was found to be unsuitable or to have a bug or security vulnerability.
Patching through Deployment Procedures: You can use deployment procedures to set up RPM repository, patch linux hosts, and perform other custom patching procedures.
The provisioning and patching deployment procedures offered by Enterprise Manager Cloud Control are default procedures that have been created considering all the best practices in the industry. The steps embedded within a deployment procedure ensure that they meet all your provisioning and patching requirements. You can, of course, use them with the default settings to provision or patch your targets in the environment, however, you also have the choice of customizing them to include additional custom steps, disable unwanted steps, and use authentication tools to run some steps as another user.
You can also customize the deployment procedures to run them as another user, ignore the steps that require special privileges, add new steps, run custom scripts as part of the procedure, implement different error handling methods, and so on. You can run the above-mentioned deployment procedures using EMCLI commands.