Post on 27-May-2018
Using Oracle RDBMS With Sun Solaris Containers (Zones)Solaris Containers (Zones)
Scott Canaan
Rochester Institute of Technology
• Sun Solaris Zones Overview
– Virtual OS environments
• Each local zone is a mini Solaris box
– Separate name, IP address, IP ports– Separate name, IP address, IP ports
• Each local zone can be addressed independently
– Global zone vs. local zone
• Global zone is the machine
• Local zones are contained inside the global zone
• Global zone
– The server itself
– System-wide configuration & control
– Only 1 per system– Only 1 per system
– Can see all local zones
– Always has at least 1 CPU
• Local zones
– Independent OS environment
– Independent administration
– Secure from other local zones– Secure from other local zones
– Have their own IP, ports
– Can limit system resources
Global root /
/zone /usr /dev
Global Zone
… …
Zone File System Layout
zone1 zone2 zone3
/etc
/bin
/usr
/dev …
Local zones
Zone root
• Global zone view:$ ps -ef | grep smonoracle 25046 1 0 Oct 12 ? 1:29 ora_smon_CLAWPRODoracle 4668 1 0 23:50:19 ? 0:15 ora_smon_REGDPRODoracle 22992 1 0 Oct 12 ? 0:39 ora_smon_OMGRPRODoracle 18172 1 0 05:12:07 ? 0:15 ora_smon_DWKSPRODsrcdco 16603 7258 0 14:24:37 pts/17 0:00 grep smonsrcdco 16603 7258 0 14:24:37 pts/17 0:00 grep smonoracle 17640 1 0 03:26:23 ? 0:10 ora_smon_DWHSPRODoracle 7956 1 0 03:28:31 ? 0:06 ora_smon_JIRAPRODoracle 19079 1 0 Oct 12 ? 0:34 ora_smon_AWRXPRODoracle 22486 1 0 01:05:02 ? 0:32 ora_smon_ADVCCONVoracle 19926 1 0 20:56:49 ? 0:13 ora_smon_DWMTDEVLoracle 2285 1 0 02:21:00 ? 0:18 ora_smon_SIMSPRODoracle 2832 1 0 00:53:13 ? 0:15 ora_smon_ADMMPRODoracle 10555 1 0 21:13:23 ? 0:14 ora_smon_DWHSDEVLoracle 10615 1 0 01:04:30 ? 0:37 ora_smon_ADV1
• Local zone view:oracle@sc2oracle42:DWHSPROD>ps -ef | grep smon
oracle 17640 15323 0 03:26:23 ? 0:10 ora_smon_DWHSPROD
oracle 27047 6782 0 14:25:47 pts/3 0:00 grep smon
oracle@sc2oracle42:DWHSPROD>
• Some advantages:
– Security• Segregation
• Control over access at the zone level
– Independence– Independence• Each zone can’t see or affect other zones directly
– Better use of hardware• Virtual environment uses hardware more efficiently
– Easier administration• SA can administer global zone and local zones together or independently
• Oracle installations
– Oracle installed in local zones
• Install only in the local zones that need Oracle
• More granular control over patching and upgrades• More granular control over patching and upgrades
• Can lower Oracle licensing costs:– http://www.oracle.com/corporate/pricing/specialtopics.html
– Document: partitioning.pdf, page 2 “Hard Partitioning”
• Limits exposure of Oracle to other applications
• Oracle Installations, continued
– Oracle installed in the global zone
• Oracle installation is available to all local zones– Other zones that need the Oracle client or libraries will – Other zones that need the Oracle client or libraries will have access
• All Oracle databases must be patched / upgraded together– An option is to create additional Oracle Homes for each patch or Oracle version needed
• Does not limit Oracle licensing costs
• Issues:
– Security
• Oracle needs to write back to the Oracle Home
• Had to allow local zones the ability to write to the • Had to allow local zones the ability to write to the global zone– Specified the directories that needed write access
• Issues continued:– Dynamic CPU allocation caused Oracle to crash• Only when CPU count was reduced
• Crashed at 10:00pm (auto statistics collection)• Crashed at 10:00pm (auto statistics collection)
• Possibly fixed
– Other applications linked to Oracle libraries• Causes problems at upgrade / patching time
• Can’t delete old versions until applications changed
• Clustering all this
– Originally used Sun Cluster
– Have to keep Oracle Homes the same on all nodesnodes
• We do one install, the SA copies the Oracle Home and orainventory to the other nodes (and clusters)
• RITs implementation:
– Dumped Sun Cluster
– SA wrote cluster software (medacluster)
– Disk is mapped to a zone
– Zone and disk fail from node to node together
– Oracle software always on /u02
– Database on /u01 or /u03 (if more than one in a zone)
– Applications are in their own zones• Applications and databases don’t share zones
• Cluster and zone commands:
• All cluster and zone commands can only be run in the global zone
– havi – vi that allows copying to all nodes in – havi – vi that allows copying to all nodes in the cluster when done:
oracle@vmz03:DWHSPROD>havi oratab
--- do edits ---Do you want to syncronize oratab to other node(s)? [y]y
Copying file to node....vmz07...vmz38...vmz41...vmz43...vmz44...
oracle@vmz03:DWHSPROD>
– hacp – cp that does the copy on all nodes in the cluster
– harun – runs whatever command follows on all nodes in the cluster (must be in double all nodes in the cluster (must be in double quotes)
oracle@vmz03:DWHSPROD>cp zz_fill_cfae.sql test.sqloracle@vmz03:DWHSPROD>hacp test.sqloracle@vmz03:DWHSPROD>harun "ls -lia test.sql" -----vmz03 command: ls -lia test.sql-----
416716 -rw-r----- 1 oracle dba 99619 Oct 15 16:18 test.sql-----vmz07 command: ls -lia test.sql-----
455466 -rw-r----- 1 oracle dba 99619 Oct 15 16:18 test.sql-----vmz38 command: ls -lia test.sql----------vmz38 command: ls -lia test.sql-----
415720 -rw-r----- 1 oracle dba 99619 Oct 15 16:18 test.sql-----vmz41 command: ls -lia test.sql-----
410556 -rw-r----- 1 oracle dba 99619 Oct 15 16:18 test.sql-----vmz43 command: ls -lia test.sql-----
415567 -rw-r----- 1 oracle dba 99619 Oct 15 16:18 test.sql-----vmz44 command: ls -lia test.sql-----
428986 -rw-r----- 1 oracle dba 99619 Oct 15 16:18 test.sql----------------------------------oracle@vmz03:DWHSPROD>
• Cluster and zone commands continued:
– hacheck – checks that the named file is on all nodes and is the same
oracle@vmz03:DWHSPROD>hacheck test.sql
Using "vmz03" as master copy of file: "test.sql"
Checking remote server: "vmz07"...files same
Checking remote server: "vmz38"...files same
Checking remote server: "vmz41"...files same
Checking remote server: "vmz43"...files same
Checking remote server: "vmz44"...files same
oracle@vmz03:DWHSPROD>
– hacrontab – runs crontab and allows the cron file to be copied to each node in the cluster
oracle@vmz03:DWHSPROD>hacrontab –e
--- do edits ---Do you want to syncronize cron to other node(s)? [y]yDo you want to syncronize cron to other node(s)? [y]y
Copying cron to node....vmz07...vmz38...vmz41...vmz43...vmz44...
oracle@vmz03:DWHSPROD>
– zonecrontab – runs crontab and allows the cron file to be coped to each node in the cluster and each zone on each node
oracle@vmz03:DWHSPROD>zonecrontab –eDo you want to syncronize cron to other node(s)? [y]yCopying cron to node....vmz07...vmz38...vmz41...vmz43...vmz44...-----vmz03 command: /opt/ha/zonecp /tmp/mycron..4567-----Copying to sc2oracle01: /tmp/mycron..4567Copying to sc2oracle01: /tmp/mycron..4567Copying to sc2oracle09: /tmp/mycron..4567Copying to sc2oracle10: /tmp/mycron..4567Copying to sc2oracle21: /tmp/mycron..4567Copying to sc2oracle29: /tmp/mycron..4567Copying to sc2oracle26: /tmp/mycron..4567Copying to sc2oracle44: /tmp/mycron..4567Copying to sc2oracle42: /tmp/mycron..4567Copying to sc2oracle13: /tmp/mycron..4567Copying to sc2oracle34: /tmp/mycron..4567Copying to sc2oracle35: /tmp/mycron..4567
--- lots of additional verbage ---------vmz03 command: /opt/ha/zonerun /bin/crontab /tmp/mycron..4567-----Running in sc2oracle01: /bin/crontab /tmp/mycron..4567Running in sc2oracle09: /bin/crontab /tmp/mycron..4567Running in sc2oracle10: /bin/crontab /tmp/mycron..4567Running in sc2oracle21: /bin/crontab /tmp/mycron..4567Running in sc2oracle29: /bin/crontab /tmp/mycron..4567Running in sc2oracle29: /bin/crontab /tmp/mycron..4567Running in sc2oracle26: /bin/crontab /tmp/mycron..4567Running in sc2oracle44: /bin/crontab /tmp/mycron..4567Running in sc2oracle42: /bin/crontab /tmp/mycron..4567Running in sc2oracle13: /bin/crontab /tmp/mycron..4567Running in sc2oracle34: /bin/crontab /tmp/mycron..4567Running in sc2oracle35: /bin/crontab /tmp/mycron..4567
--- even more verbage ---
• Bibliography / Resources Used:– “Solaris 10 Containers” Kimberly Chang, Sun Microsystems
– “Working With Solaris Containers and the Solaris Service Manager” Joost Pronk van Solaris Service Manager” Joost Pronk van Hoogeveen, Solaris Software, Sun Microsystems, 2006
– “Running Oracle Database in Solaris 10 Containers – Best Practices”, Oracle, 2006 (metalink Note:317257.1)