5 Managing Protection Policies with Recovery Appliance

This chapter explains how to manage protection policies and polling policies, which are part of "Setup and Configuration for Recovery Appliance".

This chapter contains the following topics:

5.1 About Protection Policies

A protection policy is the central mechanism for controlling management of backup storage space, based on pre-defined recovery window goals. From the perspective of a DBA, the most important elements of a protection policy are the disk and tape recovery windows.

This section contains the following topics:

See Also:

"Protection Policies" for an architectural overview

5.1.1 Purpose of Protection Policies

For every database associated with it, a protection policy specifies:

  • The recovery window goal for disk backups

  • The recovery window for tape backups

  • Whether Recovery Appliance must replicate backups or copy them to tape before deleting them

  • Which Recovery Appliance storage location is used for backups

  • An optional backup polling policy

You can attach multiple protected databases to a single protection policy. A Recovery Appliance may have a variety of protection policies to support different data protection support levels. For example, protection policies can be generic service levels such as gold, silver, and bronze. Alternatively, policies can be specific to the requirements of protected databases and applications.

5.1.2 Overview of Protection Policies

A protection policy is a named, logical object recorded in the Recovery Appliance metadata database. To be added to a Recovery Appliance, a protected database must be associated with a specific protection policy. As explained in "Protection Policies", the default protection polices are Platinum, Gold, Silver, and Bronze.

Each protection policy specifies different values for the disk and tape recovery windows. These values apply to every database protected by the policy. For example, Figure 5-1 shows three of the default protection policies, with different protected databases assigned to each policy. In the example, databases prod3 and prod11 are in the same policy, and so both have the same disk recovery window goal of 3 days.

Figure 5-1 Protection Policies

Description of Figure 5-1 follows
Description of "Figure 5-1 Protection Policies"

See Also:

"Protection Policies"

5.1.3 User Interfaces for Protection Policies

This section contains the following topics:

5.1.3.1 Accessing the Create Protection Policy Page in Cloud Control

The Create Protection Policy page in Oracle Enterprise Manager Cloud Control (Cloud Control) is the recommended interface for creating protection policies.

To access the Create Protection Policy page:

  1. Access the Recovery Appliance Home page, as described in "Accessing the Recovery Appliance Home Page".

  2. From the Recovery Appliance menu, select Protection Policies.

    The Recovery Appliance Login page appears.

  3. Enter your login credentials, and then click Login.

    The Protection Policies page appears, as shown in the example in Figure 5-2.

    Figure 5-2 Protection Policies Page

    Description of Figure 5-2 follows
    Description of "Figure 5-2 Protection Policies Page"

See Also:

Cloud Control online help for more information about the Protection Policies page

5.1.3.2 DBMS_RA Procedures Relating to Protection Policies

You can use the DBMS_RA package to create and manage protection policies. Table 5-1 describes the principal program units relating to protection policies.

Table 5-1 DBMS_RA Protection Policy Procedures

Program Unit Description

CREATE_POLLING_POLICY

Creates a backup polling policy.

CREATE_PROTECTION_POLICY

Creates a protection policy.

DELETE_PROTECTION_POLICY

Deletes a protection policy.

See Also:

DBMS_RA Package Reference

5.1.3.3 Recovery Catalog Views for Protection Policies

You can monitor protection policies using the Recovery Appliance catalog views. Table 5-2 summarizes the views that are most relevant for protection policies.

Table 5-2 Recovery Catalog Views for Protection Policies

View Description

RA_PROTECTION_POLICY

This view describes the defined protection policies.

RA_POLLING_POLICY

This view describes the defined backup polling policies.

RA_DATABASE

The POLICY_NAME column of this view lists the protection policy used by this protected database.

RA_REPLICATION_SERVER

The PROTECTION_POLICY column of this view lists the protection policy for a particular Recovery Appliance used for replication.

See Also:

Recovery Appliance View Reference

5.1.4 Basic Tasks for Managing Protection Policies

This section explains the basic tasks involved in managing protection policies. Figure 5-3 shows the overall workflow described in Recovery Appliance Workflow, with the protection policy tasks highlighted.

Figure 5-3 Protection Policy Tasks in Recovery Appliance Workflow

Description of Figure 5-3 follows
Description of "Figure 5-3 Protection Policy Tasks in Recovery Appliance Workflow"

Typically, you perform protection policy tasks in the following sequence:

  1. During the planning phase, group the databases into tiers, and decide the recovery requirements for each tier.

    "Planning for Recovery Appliance" describes these tasks.

  2. During the configuration phase (see "Setup and Configuration for Recovery Appliance"), create one protection policy for each database tier.

    1. Optionally, if your Recovery Appliance has access to a backup polling location, and if you are performing configuration using command-line tools, then create a backup polling policy.

      "Creating a Backup Polling Policy (Command-Line Only)" describes this task.

      Note:

      Cloud Control enables you to configure the polling policy and the protection policy in the same page.

    2. Create a protection policy for a specific database tier.

      "Creating a Protection Policy" describes this task.

  3. During the ongoing maintenance phase (see "Maintenance Tasks for Recovery Appliance"), modify protection policies as needed. Typical modification tasks include:

5.2 Creating a Backup Polling Policy (Command-Line Only)

An optional backup polling policy defines a directory where a protected database places backup sets without interacting directly with a Recovery Appliance. The backup polling directory must be created on an external file system and made accessible to a Recovery Appliance as an NFS mount point. The polling policy defines the file system path to the storage and how often the Recovery Appliance checks it for new backup sets (not image copies). Specify the polling policy name within a protection policy.

Note:

The separate step of creating a backup polling policy is not necessary in Cloud Control, which includes it in the Create Protection Policy page.

Backup polling policies are useful for the following reasons:

  • If a Recovery Appliance is offline, then protected databases can continue to send backups to backup polling locations. When a Recovery Appliance comes online, it can poll these locations for backups.

  • If the storage network is faster than your Ethernet, and if you configure the polling location in network storage, then protected database backups to the polling location may be faster.

  • You can use a polling location when migrating legacy backups to a Recovery Appliance.

As explained in "Backup Polling Locations", protected databases that use backup polling store backup pieces and archived redo log files in shared storage. The Recovery Appliance periodically retrieves and processes backups from the shared storage.

Prerequisites

You must log in to the metadata database as RASYS.

Assumptions

Assume that you want to create a polling policy that meets the following requirements:

  • The Recovery Appliance must poll the /u03/shared/polling1 directory, which is a shared directory accessible by the Recovery Appliance and all protected databases.

  • You want the Recovery Appliance to poll the shared directory every 4 hours.

  • You want the Recovery Appliance to delete backups from the shared directory after it has processed them.

To create a backup polling policy:

  1. Start SQL*Plus or SQL Developer, and then log in to the metadata database as RASYS.

  2. Run the DBMS_RA.CREATE_POLLING_POLICY procedure.

    For example, execute the following PL/SQL anonymous block:

    BEGIN
  DBMS_RA.CREATE_POLLING_POLICY (
    polling_policy_name   => 'nas_polling1',
    polling_location      => '/u03/shared/polling1',
    polling_frequency     =>  INTERVAL '4' HOUR,
    delete_input          =>  TRUE);
END;

  3. Optionally, query the recovery catalog to confirm creation of the policy.

    For example, query RA_POLLING_POLICY as follows (sample output included):

    COL POLLING_NAME FORMAT a15
COL DEST FORMAT a40
SELECT POLLING_NAME, DEST, DELETE_INPUT,
       TO_CHAR(EXTRACT(DAY FROM FREQUENCY),'fm00')||':'||
       TO_CHAR(EXTRACT(HOUR FROM FREQUENCY),'fm00')||':'||
       TO_CHAR(EXTRACT(MINUTE FROM FREQUENCY),'fm00')||':'||
       TO_CHAR(EXTRACT(SECOND FROM FREQUENCY),'fm00')
         AS "DD:HH:MM:SS"
FROM   RA_POLLING_POLICY;

POLLING_NAME    DEST                                     DELET DD:HH:MM:SS
--------------- ---------------------------------------- ----- ---------------
NAS_POLLING1    /u03/shared/polling1/                    TRUE  00:04:00:00

See Also:

5.3 Creating a Protection Policy

This section explains how to create a protection policy using either Cloud Control (recommended) or the DBMS_RA.CREATE_PROTECTION_POLICY procedure. The best practice is to create a separate protection policy for each tier of databases (see "Task 1: Group protected databases into tiers").

5.3.1 Creating a Protection Policy Using Cloud Control

This section describes how to create a protection policy from the Protection Policy page in Cloud Control.

Prerequisites

You must meet the following prerequisites:

  • You must be logged in to the Recovery Appliance as RASYS.

  • The protection policy must not be associated with any protected database. To delete a policy that is associated with one or more databases, you must associate those databases with different policies before you can delete the desired policy.

Assumptions

Assume that you want to create a protection policy called bronze_dev for a tier of databases in a development environment. You have the following requirements for all databases protected by this policy:

  • The disk recovery window goal is 3 days, which means that every database must be recoverable using disk backups to any time within the last 3 days, starting from the current time.

  • You do not want to archive backups to tape.

  • You want the Recovery Appliance to receive new backups even if old backups must be deleted because available storage space is low (see "How Recovery Appliance Manages Storage Space").

  • No backup polling policy is enabled (see "Backup Polling Policies").

To create a protection policy:

  1. Access the Protection Policies page, as described in "Accessing the Create Protection Policy Page in Cloud Control".

  2. Click Create.

    The Create Protection Policy page appears.

    Figure 5-4 Create Protection Policy Page

    Description of Figure 5-4 follows
    Description of "Figure 5-4 Create Protection Policy Page"

    In this page, the default Recovery Appliance storage location DELTA is already selected.

  3. Enter values as follows:

    • In the Name field, enter the name of the new protection policy.

      For example, enter bronze_dev.

    • In the Description field, enter a description for the new policy.

      For example enter, Policy with disk recovery window of 3 days and no tape backup.

    • In the Recovery Window field of the Disk Recovery Window Goal section, specify a recovery window goal that the Recovery Appliance should attempt to meet for point-in-time recovery using disk backups, and then select the units.

      For example, enter 3 and then select days.

    • In the Threshold field of the Unprotected Data Window Threshold section, enter the maximum tolerable interval for data loss.

      For example, enter 5 and then select minutes.

    • In the Recovery Window field of the Media Manager Recovery Window Policy section, optionally specify a larger window within which point-in-time recovery from a media manager will be maintained.

      For example, if no tape backup is desired, then leave this field blank.

    • In the Maximum Retention field of the Maximum Disk Backup Retention section, enter the maximum time that the Recovery Appliance must retain disk backups.

      For example, leave this field blank, which means that the Recovery Appliance does not purge backups unless you explicitly purge them or space pressures exist within a storage location.

    • Optionally, in the Backup Polling Location section, define a backup polling policy (see "Backup Polling Locations").

      • In the Location field, specify a directory accessible by the Recovery Appliance.

      • In the Frequency field, specify a time interval, and then select the time units.

      • To specify that the Recovery Appliance must delete the backups from the polling location after copying them, select Delete Backups After Copy.

      For example, to specify that backup polling is disabled, leave the fields blank.

    • In the Backup Copy Policy section, specify whether the Recovery Appliance must replicate backups or copy backups to tape before deleting them.

      For example, select Always accept new backups even if it requires purging existing backups not yet copied to tape or replicated.

  4. Click OK.

    The Protection Policies page appears, with the newly created protection policy listed.

See Also:

Cloud Control online help for more information about the Create Protection Policy page

5.3.2 Creating a Protection Policy Using DBMS_RA

To create a protection policy, execute the DBMS_RA.CREATE_PROTECTION_POLICY procedure.

Prerequisites

You must log in to the metadata database as RASYS.

Assumptions

Assume that you want to create a protection policy named bronze_dev for a tier of databases in a development environment. You have the following requirements for all databases protected by this policy:

  • The disk recovery window goal is 3 days, which means that every database must be recoverable using disk backups to any time within the last 3 days, starting from the current time.

  • You do not want to archive backups to tape.

  • You want the Recovery Appliance to receive new backups even if old backups must be deleted because available storage space is low (see "Guaranteed Copy").

  • No backup polling policy is enabled (see "Backup Polling Policies").

You also want to create policies for gold_dev, with a disk recovery window goal of 35 days, and silver_dev, with a disk recovery window goal of 10 days. Additionally, you create one policy named test_dev with a disk recovery window goal of 12 hours.

To create protection policies:

  1. Start SQL*Plus or SQL Developer, and then log in to the metadata database as RASYS.

  2. Run the DBMS_RA.CREATE_PROTECTION_POLICY procedure.

    For example, execute the following PL/SQL anonymous block:

    BEGIN
 DBMS_RA.CREATE_PROTECTION_POLICY (
  protection_policy_name => 'bronze_dev',
  description            => 'For protected dbs in bronze tier',
  storage_location_name  => 'delta',
  recovery_window_goal   => INTERVAL '3' DAY,
  guaranteed_copy        => 'NO');
 DBMS_RA.CREATE_PROTECTION_POLICY (
  protection_policy_name => 'silver_dev',
  description            => 'For protected dbs in silver tier',
  storage_location_name  => 'delta',
  recovery_window_goal   => INTERVAL '10' DAY,
  guaranteed_copy        => 'NO');
 DBMS_RA.CREATE_PROTECTION_POLICY (
  protection_policy_name => 'gold_dev',
  description            => 'For protected dbs in gold tier',
  storage_location_name  => 'delta',
  recovery_window_goal   => INTERVAL '35' DAY,
  guaranteed_copy        => 'NO');
 DBMS_RA.CREATE_PROTECTION_POLICY (
  protection_policy_name => 'test_dev',
  description            => 'Test policy',
  storage_location_name  => 'delta',
  recovery_window_goal   => INTERVAL '12' HOUR,
  guaranteed_copy        => 'NO');
END;

  3. Optionally, query the recovery catalog to confirm creation of the policy.

    For example, query RA_PROTECTION_POLICY as follows (sample output included):

    COL POLICY_NAME FORMAT a11
COL DESCRIPTION FORMAT a36
SELECT POLICY_NAME, DESCRIPTION, 
       TO_CHAR(EXTRACT(DAY FROM RECOVERY_WINDOW_GOAL),'fm00')||':'||
       TO_CHAR(EXTRACT(HOUR FROM RECOVERY_WINDOW_GOAL),'fm00')||':'||
       TO_CHAR(EXTRACT(MINUTE FROM RECOVERY_WINDOW_GOAL),'fm00')||':'||
       TO_CHAR(EXTRACT(SECOND FROM RECOVERY_WINDOW_GOAL),'fm00')
         AS "DD:HH:MM:SS"
FROM   RA_PROTECTION_POLICY
WHERE  POLICY_NAME LIKE '%DEV'
ORDER BY POLICY_NAME;

POLICY_NAME DESCRIPTION                          DD:HH:MM:SS
----------- ------------------------------------ ---------------
BRONZE_DEV  For protected dbs in bronze_dev tier 03:00:00:00
GOLD_DEV    For protected dbs in gold_dev tier   35:00:00:00
SILVER_DEV  For protected dbs in silver_dev tier 10:00:00:00
TEST_DEV    Test policy                          00:12:00:00

5.4 Updating a Protection Policy

This section explains how to update protection policies using either Cloud Control (recommended) or the DBMS_RA PL/SQL package.

5.4.1 Updating a Protection Policy Using Cloud Control

This section describes how to update a protection policy from the Protection Policy page in Cloud Control.

Prerequisites

You must be logged in to the Recovery Appliance as RASYS.

Assumptions

Assume that you created the bronze_dev policy as described in "Creating a Protection Policy Using Cloud Control". You want to update the disk recovery window goal from 3 days to 6 days.

To update a protection policy:

  1. Access the Protection Policies page, as described in "Accessing the Create Protection Policy Page in Cloud Control".

  2. In the Protection Policies table, select the protection policy that you want to edit.

    For example, select the BRONZE_DEV row.

  3. Click Edit.

    The Edit Protection Policy page appears.

  4. Change the desired values, and then click OK.

    For example, in the Recovery Window field of the Disk Recovery Window Goal section, enter 6.

    The Protection Policies page appears, with the newly updated protection policy listed.

See Also:

Cloud Control online help for more information about the Protection Policies page

5.4.2 Updating a Protection Policy Using DBMS_RA

To update a protection policy, execute the DBMS_RA.UPDATE_PROTECTION_POLICY procedure. Parameters that are null retain their existing values. For example, if guaranteed_copy is currently NO for a protection policy, and if you specify null for this parameter in DBMS_RA.UPDATE_PROTECTION_POLICY, then the value remains NO.

Prerequisites

You must log in to the metadata database as RASYS. The protection policy bronze_dev that you created in "Creating a Protection Policy Using DBMS_RA" must exist.

Assumptions

Assume that you want to change the disk recovery window goal of bronze_dev from 3 days to 6 days.

To update the attributes of an existing protection policy:

  1. Start SQL*Plus or SQL Developer, and then log in to the metadata database as RASYS.

  2. Run the DBMS_RA.UPDATE_PROTECTION_POLICY procedure.

    For example, execute the following PL/SQL anonymous block:

    BEGIN
 DBMS_RA.UPDATE_PROTECTION_POLICY(
  protection_policy_name => 'bronze_dev',
  recovery_window_goal   => INTERVAL '6' DAY);
END;

  3. Optionally, query the recovery catalog to confirm the update of the policy.

    For example, query RA_PROTECTION_POLICY as follows (sample output included):

    COL POLICY_NAME FORMAT a11
COL DESCRIPTION FORMAT a36
SELECT POLICY_NAME, DESCRIPTION, 
       TO_CHAR(EXTRACT(DAY FROM RECOVERY_WINDOW_GOAL),'fm00')    ||':'||
       TO_CHAR(EXTRACT(HOUR FROM RECOVERY_WINDOW_GOAL),'fm00')   ||':'||
       TO_CHAR(EXTRACT(MINUTE FROM RECOVERY_WINDOW_GOAL),'fm00') ||':'||
       TO_CHAR(EXTRACT(SECOND FROM RECOVERY_WINDOW_GOAL),'fm00')
         AS "DD:HH:MM:SS"
FROM   RA_PROTECTION_POLICY
WHERE  POLICY_NAME='BRONZE_DEV';

POLICY_NAME DESCRIPTION                          DD:HH:MM:SS
----------- ------------------------------------ ---------------
BRONZE_DEV  For protected dbs in bronze tier     06:00:00:00

5.5 Deleting a Protection Policy

This section explains how to delete protection policies using either Cloud Control (recommended) or the DBMS_RA PL/SQL package.

5.5.1 Deleting a Protection Policy Using Cloud Control

This section describes how to delete a protection policy from the Protection Policy page in Cloud Control.

Prerequisites

You must be logged in to the Recovery Appliance as RASYS.

Assumptions

Assume that you created the bronze_dev policy as described in "Creating a Protection Policy Using Cloud Control". You want to delete this policy.

To delete a protection policy:

  1. Access the Protection Policies page, as described in "Accessing the Create Protection Policy Page in Cloud Control".

  2. In the Protection Policies table, select the protection policy that you want to delete.

    For example, select the BRONZE_DEV row.

  3. Click Delete.

    A confirmation window appears.

  4. Click Yes.

    The Protection Policies page appears, with the deleted protection policy no longer listed.

See Also:

Cloud Control online help for more information about the Protection Policies page

5.5.2 Deleting a Protection Policy Using DBMS_RA

To delete a protection policy, execute the DBMS_RA.DELETE_PROTECTION_POLICY procedure.

Prerequisites

You must meet the following prerequisites:

  • You must log in to the metadata database as RASYS.

  • The protection policy must not be associated with any protected database. To delete a policy that is associated with one or more databases, you must associate those databases with different policies before you can delete the desired policy.

Assumptions

Assume that you want to delete the protection policy named test_dev that you created in "Creating a Protection Policy".

To delete a protection policy:

  1. Start SQL*Plus or SQL Developer, and then log in to the metadata database as RASYS.

  2. Confirm that the protection policy that you intend to delete is not currently associated with any protected databases.

    For example, query all protection policies not associated with databases:

    SELECT POLICY_NAME AS "Currently unused policy"
FROM   RA_PROTECTION_POLICY
WHERE  POLICY_NAME NOT IN (SELECT POLICY_NAME FROM RA_DATABASE)
ORDER BY POLICY_NAME;

Currently unused policy
-----------------------
TEST_DEV

  3. Delete the policy.

    For example, execute the following PL/SQL anonymous block to delete the protection policy named test_dev:

    BEGIN
  DBMS_RA.DELETE_PROTECTION_POLICY(
    protection_policy_name => 'test_dev');
END;

  4. Optionally, confirm the deletion.

    For example, count the rows for policies named test_dev (sample output included):

    SELECT COUNT(*)
FROM   RA_PROTECTION_POLICY
WHERE  POLICY_NAME = 'TEST_DEV';

  COUNT(*)
----------
         0