EM 12c Cloud Control

Architecture

About Me… {Deepak Sharma} ORACLE DBA for 4+ years. Worked on technologies like

Oracle 11g Grid Control, Oracle 12c Could Control, Oracle Configuration Manager PeopleSoft..

Oracle Certified Professional 9i. Oracle Certified Professional 10g. Active Speaker of

OEM 12c Cloud Control New Features 2

EM12c Series Topics…

EM12c Cloud Control Architecture Installation & Configuration OMS & Repository Management EM12c console, S/L, patching &

provisioning Best Practices of Monitoring Plug-ins & Metrics Extensions Creating & Managing Jobs in EM12c Incident Management Backup, Recovery & High Availability.

Introduction EM12c Cloud Control is end-to-end

management tool for both Oracle and non-Oracle technology.

Before this release it was known as Oracle Enterprise Manager or Oracle Enterprise Manager Grid Control.

EM12c has enhanced functionality from only being just Database Administrator’s Monitoring to Monitor Complete Data Center.

Features of EM Cloud Control

Enterprise Monitoring: Monitor Database, Middleware & Applications. Provide way of notifying you when issue arise, resolving them and reporting on them.

Framework & Infrastructure: provides security, scalability, rich user interface & self update.

Lifecycle Management: Automates processes like Discovery, Provisioning & Patching, Change Management & Configuration Management

Features of EM Cloud Control Cont.. Database Management: Patching, Upgrading,

Provisioning, Performance Tuning, Data Masking, Subsetting, Configuration & Change management.

Middleware Management: Web logic Server, SOA Suite, Identity Management, Web center & Coherence. IBM’s WebSphere.

Application Management: Monitoring and Management for all Oracle-provided applications (EBS, PeopleSoft, Siebel, JD Edwards etc) and third-party applications.

Features of EM Cloud Control Cont.. Application Performance Management: End to

End monitoring of applications including Real-user monitoring via RUEI (beacons)

Hardware & Virtualization Management: Monitor both physical & Virtual environment including provisioning, patching, configuration management etc. Manage system running on Linux, Unix, Windows, Oracle VM Server etc.

Architecture Overview Cloud Control Console Oracle management Agent Oracle Management Service Oracle Management Repository Plug-in

Architecture Overview

Cloud Control Console User interface to access, monitor and

administer environment.

Access via Web Browser from any location

EM12c console can be customized: Choose your Homepage Move regions on target Homepage Add regions Delete regions

GUI provides history, pages can be marked as favorites.

Oracle Management Agent Installed on each host that needs to be monitored.

Can be installed from Console or Command line.

Auto discovery of target on the host.

Can be used to Control Blackout, execute jobs collect metrics

EM12c agents are re-written to provide greater performance.

Only disadvantage - 12c Agent can only talk with 12c OMS.

Oracle Management Service Web-based application

Communicate with agents & OMR to collect & store information respectively.

Installed into Middleware Home Oracle WebLogic Server Oracle Management Agent for middleware tier OMS instance base directory Java Development Kit Other configuration files

Oracle Management Repository

Also known as OMR is Oracle Database.

Stores info collected by Various Agents

Composed of – Users, Tablespaces, tables, views etc.

Installation of OMR requires already existing database.

Plug-ins System-monitoring Utilities used to monitor and manage non-

Oracle Software. Plug-ins have been expanded to include every target type like:

i. Oracle Database plug-in

ii. Fusion Middleware plug-in

iii. Fusion Application plug-in

Can be downloaded, applied & deployed using self-update functionality.

Agents are no longer configured to be able to monitor any target. Agent will only download plug-in. Agents are smaller & simpler leading biggest improvement in

Architecture.

High-Availability EM12c Configuration

Simple Basic Installation [Level 1]

Level 2

Software Library Storage area used to store patches, self

update downloads and gold images. To create software library:

Setup Provisioning & Patching Software Library Menu

Location should be accessible from each OMS

New Features related to Software Library

SL is single location for most of the entities (self-updatable) making SL integrated with Self-Update.

Expanded support for storage-type (NFS being shared b/w OMS and any other).

Referenced location supported for S/L (Centralized location).

Support notes or Readme files can be attached to S/L entities.

Management Tools Oracle management tools How to differentiate b/w them Which one to use and when

Cloud Control Database Control Fusion Middleware Control

ArchitectureManage entire Data Center

Can connect to single env. at a time Single Oracle DB

If you want to use DB control for some other DB, have to disconnect

Create Database: using DBCA will ask whether to manage database centrally via EM12c or database control

Imp note: If database pointed at time of installation is configured DBCA to be locally managed it will give you error.

Management Tools

Command Line Tools Enterprise Manager Command Line

Interface (EMCLI) used for repeated scripting operations can be installed on any computer simply by downloading

tool via Cloud Control setup menu Limited Functionality

Enterprise Manager Control (EMCTL) Tasks like starting, stopping, status for agent Manage/control OMS To secure/unsecure agents and OMS Starting and stopping Blackouts

Repository Users SYSMAN user - most important in an EM12c.

SYSMAN - owner of database schema containing repository.

Other users created during repository creation: CLOUD_ENGINE_USER CLOUD_SWLIB_USER MGMT_VIEW is used for report generation

Specific for Cloud Operations

SYSMAN_APM SYSMAN_MDS SYSMAN_OPSS SYSMAN_BIP {Business Intelligence

Integration} SYSMAN_RO {read-only user for general

purpose}

metadata schema for Fusion Middleware

Repository Users

Repository Views Store information about administrator,

targets, metric blackout etc. Can be used by developer or admin to

generate report. Common Views

○ EM_CURRENT_VIOLATION ○ EM_EVENT_BUS_QUEUES ○ EM_EVENT_CLASS_ATTRS ○ EM_EVENT_MSGS ○ EM_RULES ○ EM_VIOLATIONS

Communication Flow Lets see communication flow among all

parts of this product. Areas involved are :

o Protocolso Ports involvedo Firewall

Three main protocols involved in communication1) HTTP or HTTPS: to communicate b/w OMA,

OMS & OMR

2) Java Database Connectivity (JDBC): used by OMS to communicate with the repository as well as to communicate with any database targets.

3) ICMP: used by the OMS to communicate with a host

Protocols

Ports A list of ports for entities to communicate

A default list is provided on the Port Configuration Details page

First port number listed in this column is the default port

Post installation, you can also find the port numbers that were used in the staticports.ini file, located on the OMS host.

Ports

Firewalls A business will require firewalls to be used

to control both outgoing and incoming network traffic.

This involves restricting either the availability of ports or the type of traffic that can pass through configuration

Protocols, Ports & Firewalls

Authentication in EM12c New pluggable framework

Accepts a range of pluggable authentication schemes

Any authentication method that WLS supports can be used to authenticate to EM12c.

Authentication Methods

Repository-based authentication• Default authentication option• Standard password options-such as password lifetime,

password grace, number of failed attempts, and password complexity

Single sign-on authentication

• If you use sign-on (SSO) authentication in your enterprise, you can register those SSO credentials as an administrator in EM12c.

Oracle Access Manager SSO authentication• SSO solution supplied with Oracle’s Fusion Middleware

product• If you are using OAM SSO, you can register those

credentials as an administrator in EM12c and use them to access the console.

Enterprise User Security authentication• Allows you to create & store enterprise users and roles

as directory objects in a directory server compliant with the Lightweight Directory Access Protocol (LDAP)

• Use EMCTL to set some properties to allow you to drill into those databases without displaying the standard logon pages.

Authentication Methods

LDAP authentication• In previous releases, restricted to Oracle Internet

Directory (OID).• Microsoft’s Active Directory product in addition to OID.

Authentication Methods

Thank You…