Thursday, July 31, 2008

Atom Feed for Blog Posts

Ilmar Kerm said:
"Thank you for this interesting and useful blog.
But I have one technical request, please make the blog posts also available as a (Atom) feed. Currently all the feed links I found on this site point to the podcast. Thank you."

Ok Ilmar, thanks for the kind words. I have made an atom feed available for the posts. All the Best.

Thursday, July 24, 2008

Presentation Impressions

Today I had a presentation to the managers and IT / Finance directors of a large insurance company, and showed them Grid Control and all its capabilites. My manager was also present and noted that the seniormost director wrote down 2 pages of notes from my presentation, and seemed very excited by the possiblities of Grid Control.

This I have seen time and again - when demonstrated properly, Grid Control never fails to impress top management with what it can do.

Wednesday, July 23, 2008

Grid Control Levels of Security

A large site told me that their engineering team is concerned that once you login to Grid Control, "you are able to observe and manage all databases in the company and that is a security risk".

We need to make these people aware that there are two levels of security in Grid Control. First you login to the Grid Console using either the "sysman" login (not recommended for large sites, the sysman schema is the owner of the Grid Control repository) or a Grid Control Administrator login (recommended), and then you must also logon to the database.

So it is not possible that a login at the console is able to manage all databases in the whole compnay, unless some has saved the password for all databases when logging on. The rule of course is, never save the database password for the Dba user - always force a logon.

The second point to note is, we are able to create Target Groups in Grid control. Each database, listener, and host is a target. So we can group together targets and then assign to Grid Control Administrators that we can create easily on the console.

The DBA then logins to Grid Control using the partitcular console administrator login that is assigned to him/her. Such an admin is not sysman, so he/she can only see and manage the targets in the target group that is assigned to that console administrator. So it is not possible that a console login can even see all targets in the company, unless of course the login is the sysman, or the login is a console admin that has been purposely assigned ALL targets.

This I have been explaining to many clients in the past 3-4 years as a consultant, and even before that to project teams and the security team in my past companies.

You have the security capability, and you should use it. Take the case of a database - you can easily have all schemas assigned the DBA role, and I have seen that done by many development outfits just as a shortcut. Or you can have proper role-level security set up at the database level. So, just because every schema has been set up by a developer as a DBA, does it mean there is no security in the database? The truth is, there is enough security, and we should know the way to use it.

Friday, July 18, 2008

Grid Control Live Demos in Oracle Booth

Just manned the Oracle booth yesterday at a Computerworld exhibtiion, and had a running demonstration of EM10g Grid Control on Windows, managing multiple 10g and 11g databases. I had the Grid Control Home page open (also had 11g Database Control up on
another browser window).

There were a number of attendees who had lots of databases (some in the 1000s ) and were doing everything manually. When I showed them what they could do with Grid Control:
  1. See at a glance on the home page the up or down status of targets, which versions of databases they had, how many numbers of each versions, and the same for the server OS,
  2. On the server targers, see the server performance, and the configuration of each server for eg. which OS packages loaded, and compare configurations of servers to find what missing OS package or OS patch is causing an issue,
  3. On the database targets, on the database home page, see at a glance the GB size and the general health of the database, then see the database performance on the performance page with the ability to drill down to Sql statements having the biggest hit on performance, and on the other database pages, the ability to perform DBA tasks on database objects, and the ability to setup and schedule RMAN backups without using unix scripts or cron, the ability to setup Dataguard DR databases, and the ability to clone entire Oracle databases and even entire Oracle Homes, and also the ability to download patches from Metalink and apply them to multiple databases,

And they were convinced Grid Control was very powerful and the best tool to work with Oracle databases.

Friday, July 11, 2008

Manually manage 1000 databases or use Grid Control

Just met a friend whose 18 member team is managing more than 1000 Oracle databases,
manually, without Grid Control. Their main issue is patch management since they patch
more than 400 Oracle homes regularly with the quaterly critical patch updates (CPUs) from
Oracle, and they do that by hand.

What is the solution? Use Grid Control in a central location, put agents on all database servers,
and with the Provisoning Pack, they will be able to download patches from Oracle Metalink to a
staging area, validate them and apply them. And the other management features of Grid Control
will save a lot of their DBA activity time.

Thursday, July 10, 2008

Blogger Credential

Oracle USA informed me today that I have been approved to receive the Blogger Credential at Oracle Openworld in addition to my ACE status. As per Oracle themselves, the blogger credential is very similar to having a press pass -- it is a press-like credential.

Thanks to our Enterprise Manager Grid Control Blog.

Confirmed about Grid Control and EE

Confirmed with Oracle, Grid Control (base software) is only available free with EE and not with SE. The license for using the EM Packs such as Diagnostics, Tuning, etc. is payable to Oracle.

Wednesday, July 9, 2008

Benefits of Oracle Database Enterprise Edition for Grid Control

Zaffer Khan (DBA, ISCO, Kuwait) wrote:
"This blog is promising in elaboration of EM for all the DBAs around the world. Thanks Porus for such an effort."

Zaffer, thanks for the thanks.

"1 query!!! We are to migrate to 10gr2 from 9i Standard Edition License. Can I use Grid Control Feature under Oracle DB Standard Edition License?"

Regarding your query, the Oracle Price List supplement states that Enterprise Manager is included in Oracle Standard Edition, but remember Enterprise Manager can mean Database Control (for managing one database) as well as Grid Control (for multiple databases).

I feel this refers to Database control. Why? Because Grid Control has built-in partitions when it is installed, and you can't use partitioning without the Enterprise Edition (EE), so I feel Grid Control requires the Enterprise Edition and not the Standard Edition.

Also, even if you can use Grid Control with Enterprise Edition, remember to pay a licence to Oracle if you use any of the Management Packs in production/test, such as the Diagnostic, Tuning packs etc.

In all I would recommend to speak with your Oracle representative for your company on licencing, since he/she would give you the 100% correct picture, we can only guess. Please do this before using Grid Control in production/test.

There are various other benefits of moving to EE. You should convince your management of upgrading your licence to EE. I have listed a few below.

EE Includes:

<> Normal Dataguard
= Standby database for purpose of:
+ Disaster Recovery
+ High Availability
= Can be opened for reporting purposes for some window of time.
= Requires EE licence on standby server.

<> Advanced Backup and Recovery via these RMAN features:
= Incremental Backups – very important to avoid full backups each day.
= Block Level Media Recovery.
= Trial Recovery.

<> Parallel Query
= Ability to break large queries into chunks handled by multiple processes.
= Very important for large tables (more than 1GB in size).

<> Automatic Storage Managmeent (ASM)
= Manages storage as file system and volume manager.
= No need to buy 3rd party file system and volume management software.
= Automatic I/O balancing and hot spot fixing, no other volume mgr can do so automatically

<> Streams
= Oracle’s new method of replication between 2 databases.
= Can be 2-way replication (multimaster).
= Multi-master must be programmed to resolve conflicts, not out-of-box.

Friday, July 4, 2008

Added interesting blog list

Added other interesting blogs, especially the Application Managment Blog,
and the OTN tech blog, in a blog list to this blog.

If any of you have a blog with some discussion on Grid Control going on,
let me know and I will add it to the blog list.

Wednesday, July 2, 2008

Mentioned in OTN Techblast

Our Grid Control blog, the first of its kind in the world, has been mentioned in the Oracle OTN Techblast (July 2008). The Techblast is an immensely popular mass monthly email communication sent out by Oracle to tens of thousands of the Oracle community worldwide, pointing them to technical information and community events.

The Techblast contains this under the section "Oracle Ace Tracker":

The Grid Guy: Oracle ACE (Database) Porus Homi Havewala of S&I systems Singapore has created the first blog dedicated to Grid Control, and is inviting authors to contribute. Based on real life experience in a large corporate, the blog also features a podcast on Grid Control Architecture in large sites.


Opinions expressed in this blog are entirely the opinions of the writers of this blog, and do not reflect the position of Oracle corporation. No responsiblity will be taken for any resulting effects if any of the instructions or notes in the blog are followed. It is at the reader's own risk and liability.

Blog Archive