11 Integrating Enterprise Manager with OCI Services

Enterprise Manager allows Oracle Cloud Infrastructure's (OCI) cloud services to easily utilize target-level data managed by Enterprise Manager.

Note:

Extraction of data from Oracle Enterprise Manager Oracle Database targets into an Oracle Cloud Infrastructure service requires Oracle Diagnostics Pack on the Oracle Enterprise Manager Oracle Database targets.

See Oracle Diagnostics Pack and Base Framework Feature Summary for more information.

Enterprise Manager lets you transfer data from Enterprise Manager targets and Oracle Management Repository (OMR) to OCI Object Storage, where it is easily accessed by one or more cloud-native services.

Once OCI connectivity is set up, your target data is automatically uploaded at frequent intervals to Object Storage so that OCI cloud services are always working with the most recent target data.

The following graphic illustrates how target data flows from Enterprise Manager to an OCI service once the configuration process has been completed.


Graphic illustrates the EM to OCI service data flow.

Updating Enterprise Manager

When applying an Enterprise Manager Release Update, in addition to the OMS (if running Enterprise Manager 13c Release 5, Update 3 (13.5.0.3)) or higher, the Release Update must also be applied to any agents that are monitoring targets whose data is being exported to object store using the Cloud Bridge feature.

Prerequisites

Before you can set up Enterprise Manager to OCI connectivity, make sure the following prerequisites have been met.

Ensure an OCI Object Storage Bucket has already been created

Exported target data is stored in an OCI Object Storage bucket where it can be accessed by an OCI service. Ensure that an Object Storage bucket with visibility set to private is available before setting up OCI connectivity. Make a note of you OCID, User OCID, Public Key Fingerprint, Private Key and Region. For more information, see Required Keys and OCIDs and Where to Get the Tenancy's OCID and User's OCID.

Define a Global Named Credential in Enterprise Manager for OCI

A Named Credential allows you to create a user name/password pair that is stored in Enterprise Manager as a named entity, thus allowing the credential to be used without having to expose the actual password. A Named Credential can be defined on a single target, such as a single database or host. Global Named Credentials are defined as global in scope, which makes the credentials available on all targets of a specific type.

A Global Named Credential needs to be defined for use when exporting Enterprise Manager target data to OCI Object Storage. To create a Global Named Credential,

  1. From the Setup menu, choose Security and then Named Credentials.
  2. Click Create. The Create Credential page displays.
  3. From the Authenticating Target Type drop-down menu, select Oracle Cloud Infrastructure. Property details change according to the selected target type.
  4. Set Scope to Global.
  5. Fill in the requisite properties and click Save.

Note:

For more information about Named Credentials and their application, see Named Credentials.

Private key needs to be generated from the command line via openssl (as shown in OCI documentation). Currently the private key generated and downloaded directly from the OCI Console does not work for this feature. For more information about OCIDs and Keys, see Required Keys and OCIDs.

Define a Host Preferred Credentials for all target hosts including the OMS host.

To facilitate data export, you must define Host Preferred Credentials for all hosts supporting relevant targets as well as the host where the OMS is installed. The user provided in the preferred host credential should be the same as the user that was used to push the agent on the host. This user should have read, write and execute privileges on the content in the agent folder. In addition, create a Preferred Credential for the host(s) where the primary and any additional Oracle Management Services (OMS) are installed. For more information about Host Preferred Credentials, see Host Authentication Features.

Ensure that the Database Plug-in has been pushed to all OMS hosts. The Database Plug-in is usually pushed by default with an agent, so verify that it has not been removed.

Verify that the OMS host(s) and hosts that have agents monitoring the database targets that are included in the data extraction have connectivity to OCI/Object Storage.

Set up an exclusive Enterprise Manager Super Administrator user for the Enterprise Manager login.

Oracle recommends that you set up an exclusive Enterprise Manager Super Administrator user login dedicated to exporting data from Enterprise Manager to OCI Object Storage, specifically a user name that identifies a particular Enterprise Manager instance. For example, you might define a user called EM-austin@mycompany.com instead of john_doe_admin. Creating an instance-specific user name allows for the data flowing into Object Storage to be attributed to an Enterprise Manager instance instead of an actual user.

Additionally, creating an instance-specific user name protects against security keys being invalidated if a user leaves the company.

For more information about creating users in Enterprise Manager, see Creating Enterprise Manager User Accounts.

Create an Enterprise Manager group containing the targets for which you want data exported.

In order to export Enterprise Manager target data to OCI, the relevant targets must be members of a group. When defining a source for OCI Service Data Export, you will select a target group and not individual targets. Be sure to make note of this group name.

Note:

For Operations Insights, when adding an Exadata Database Machine to a group, ensure that the osm_cluster/osm_instance targets are listed. If they are not listed, then you must manually add them to the group being enabled for Operations Insights.

For more information about groups, see Managing Groups.

Setting Up OCI Service Connectivity

Configuring OCI service connectivity requires setup of both Enterprise Manager and the OCI service. The content of this chapter focuses primarily on the Enterprise Manager setup. Links to OCI service documentation that contains service-specific Enterprise Manager integration procedures are provided in Step 2.

Enterprise Manager to OCI service connectivity configuration is performed in two steps:

Step 1: Export Enterprise Manager Data to OCI

Note:

Before you can complete this step, ensure that the prerequisites have been met. For more information about these prerequisites, see Prerequisites

To move target data from Enterprise Manager to OCI, you create an Cloud Bridge in Enterprise Manager. The OCI bridge defines a data connection to the OCI Object Storage bucket residing in OCI.

To create the Cloud Bridge in Enterprise Manager, do the following:

Note:

Bridge creation is a one-time setup. Once created, it can be edited, updated or deleted as needed.

Log in as the newly created data exporting Super Administrator user recommended earlier and create an Cloud Bridge.

  1. From the Setup menu, choose Export EM Data to OCI. The Manage EM Data for OCI Services page displays. This page will be empty the first time you access it.
  2. Click Manage OCI Connectivity. Enter the following:
    • The credential name you created above.
    • The base URL for the Storage Bucket.

      Syntax: https://objectstorage.<region>.oraclecloud.com

      Example: https://objectstorage.us-phoenix-1.oraclecloud.com

    • The bucket name and optionally a name for the bridge you are about to create

    Then, click Create and OK.

  3. Click Enable Data Export.
  4. Under OCI Service, select a service type. For example Operations Insights: EM Warehouse.
  5. Select the group you created in a prior step that contains all the targets for which you want data exported.
  6. Select the Cloud Bridge and click Submit. Data from your Enterprise Manager instance should start uploading to the OCI bucket you defined.
  7. In OCI, you can verify the data stored in your storage bucket. Navigate to OCI Storage, select Buckets and, in the compartment you created your bucket, click on the name of your bucket. The data in this bucket should look similar to the one shown below. Make a note of the name of your object store folder and emid.
    Graphic shows object storage bucket content.

Step 2: Import Data from the Object Storage Bucket to the OCI Service

Once you've set up the Cloud Bridge to move data from Enterprise Manager to the OCI Object Storage bucket, you will need to create an EM Bridge to move Enterprise Manager target data from the Object Storage bucket to your OCI service for processing.

See your OCI service documentation for more information about importing Enterprise Manager target data.

Viewing Data Upload Status for a Service

Once you've successfully created an Cloud Bridge in Enterprise Manager and selected one or more target groups for data export to OCI, the Manage EM Data for OCI Services dashboard will show the current upload status for each service including the groups that have been added for each service.

The Summary graphs display target upload rollup data for each OCI Service while the table provides a granular view of upload data for each service.


Graphic shows the Manage EM Data for OCI Services dashboard.

You can easily view which services are regularly uploading target data. Target data upload successes and failures appear in the Data Export Status column. The following table shows all possible status conditions.

Table 11-1 Data Export Status

Status Condition Description
Success No errors for the source. The source is participating in data export.
Extract Error Source has extraction errors. The source is participating in data export.
Transfer Error Source has transfer errors. The source is participating in data export.
Load Error Source has load errors. Source is participating in data export.
Data export paused at service Data export paused at the OCI service level. Data export jobs are not running.
Group excluded from data export

Group is not participating in data export.

Data export jobs are running.

Excluded from data export due to errors

Source has extraction errors and has

been excluded from data export. The source is not participating in data export.

Source excluded from data export

Source is not participating in data

export. Data export jobs are running.

You can also perform actions specific to the OCI service, target groups associated with that service, and individual target members of each group by clicking the vertical ellipsis in the Data Export Status column. You can perform the following:

For an OCI Service, you can:

  • Pause data export at the OCI service will stop/remove data export for that service. Restarting data export at the OCI service will start data export for the service.
  • Restart/Pause/Resume data export for all relevant target groups associated with the selected OCI service to the OCI Object Storage bucket. Pausing data export at the OCI service will stop/remove data export for that service.
  • Run Diagnostics: Enterprise Manager will run a series of diagnostics to check for problems that may have occurred with the target data export process as shown in the following graphic.
    Graphic shows the Run Diagnostics dialog.

  • Show Errors from related entries in the OMS log files.
  • Remove the Service

For a target group, you can:

  • Pause/Restart target group data export to the OCI Storage bucket. Pausing/restarting data export at the group level only excludes/includes the group involved in the data export. Data export jobs are not affected.
  • Remove the Group

For any target within a group, you can:

  • Toggle Status: You can start or stop individual target data export.
  • Show Errors

Jobs

Whenever you click Submit to create an Cloud Bridge or add target groups for data export, an Enterprise Manager jobs are submitted to perform the requisite actions. If necessary, you can check on the status for all OCI-related jobs by clicking on the Jobs tab to view explicit information about all jobs related to the management of EM Data for OCI Services.


Graphic shows the ETL jobs tab.

Typically, you will not need this level of information. When you perform Run Diagnostics for a specific OCI service, all jobs associated with target data export are checked.

Adding Target Groups to OCI Services

Once the Cloud Bridge has been created, you can export additional Enterprise Manager target data for OCI service consumption by creating additional OCI service/target group pairings.

Navigate to the OCI Service Data Export dialog.

  1. From the Setup menu, choose Export EM Data to OCI.
  2. Click the Enable Data Export tab to display the OCI Service Data Export dialog.

When you select an OCI service, the associated Cloud Bridge is automatically selected. Simply select a new Source (target group) and click Submit.

Managing Cloud Bridges

You can create a new Cloud Bridge or edit/delete an existing bridge via the Manage OCI Connectivity dialog.

Navigate to the OCI Service Data Export dialog.

  1. From the Setup menu, choose Export EM Data to OCI.
  2. Click the Manage OCI Connectivity tab to display the Manage OCI Connectivity dialog.

Note:

More than one OCI service can be associated with a single Cloud Bridge. Once a Cloud Bridge has been created for a service, it is no longer a selectable option from the OCI Service drop-down menu.