Quorum
This chapter describes how quorum works when compliance is in operation on the Oracle Zero Data Loss Recovery Appliance.
When compliance is in effect, certain RACLI commands are not just restricted to privileged users but also can be subject to a quorum operation that requires two approvals and no denials from the set of other privileged users. The two tests for validating quorum are:
-
Test 1:
TRUE
if there are backups under compliance, legal hold, or other keep control. -
Test 2:
TRUE
if the compliance mode has been enabled.
If Test 1 or Test 2 are TRUE
, quorum is required. If both tests are FALSE
, quorum isn't required.
The quorum scenario given below assumes:
-
bob
,sue
, andjim
aredb_user
s of the system. -
bob
andsue
are givendb_user --user_type=admin
for administration rights. -
bob
,sue
andjim
are givenadmin_user
with administration rights.
The scenario below illustrates quorum operations.
-
Administrator
bob
is working. He uses hisdb_user --user_type=admin
with hisssh_user
account. He's been adding protected database and trouble shooting incidents. -
An issue arises with the Recovery Appliance.
-
The action plan from Oracle Support/Development includes tasks that require
rasys
to run. -
User
bob
issues the RACLI command to enable therasys
login for 6 hours.racli enable rasys_user --expire=6
This returns a request identifier that is associated with the user and an increment, such as
bob.1
. -
User
bob
can monitor that status of his request.racli status request --request_id=bob.1
-
At least two users who are
admin_user
must approve the request. Userssue
andjim
use the request identifier and approve the request.(sue) racli approve request --request_id=bob.1 (jim) racli approve request --request_id=bob.1 (bob) racli status request --request_id=bob.1
If one
admin_user
denies the request, then the operation (with that request identifier) will not be processed. -
When the request is approved, user
bob
can proceed with his task of enablingrasys
, but this time with the request identifier.racli enable rasys_user --request_id=bob.1
This particular operation may prompt
bob
for the password to be used forrasys
whilerasys
is enabled. -
User
bob
performs the action plan from Oracle Support/Development, logging in asrasys
with the password specified bybob
in the command. -
User
bob
disablesrasys
.racli disable rasys_user
This returns a request identifier that is associated with the user and an increment, such as
bob.2
. -
User
bob
can monitor that status of his request.racli status request --request_id=bob.2
-
At least users who are
admin_user
must approve the request. Userssue
andjim
use the request identifier and approve the request.(sue) racli approve request --request_id=bob.2 (jim) racli approve request --request_id=bob.2 (bob) racli status request --request_id=bob.2
If one
admin_user
denies the request, then the operation (with that request identifier) will not be processed. -
When the request is approved, user
bob
can proceed with his task of disablingrasys
, but this time with the request identifier.racli disable rasys_user --request_id=bob.2