VMware vFabric Data Director Administrator and …...VMware vFabric Data Director Administrator and...

VMware vFabric Data DirectorAdministrator and User Guide

vFabric Data Director 2.5

This document supports the version of each product listed andsupports all subsequent versions until the document is replacedby a new edition. To check for more recent editions of thisdocument, see http://www.vmware.com/support/pubs.

EN- 001078-00

http://www.vmware.com/support/pubs

VMware vFabric Data Director Administrator and User Guide

2 VMware, Inc.

You can find the most up-to-date technical documentation on the VMware Web site at:

http://www.vmware.com/support/

The VMware Web site also provides the latest product updates.

If you have comments about this documentation, submit your feedback to:

[email protected]

Copyright © 2012 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectualproperty laws. VMware products are covered by one or more patents listed at http://www.vmware.com/go/patents.

VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. All other marksand names mentioned herein may be trademarks of their respective companies.

VMware, Inc.3401 Hillview Ave.Palo Alto, CA 94304www.vmware.com

http://www.vmware.com/support/

mailto:[email protected]

http://www.vmware.com/go/patents

Contents

About VMware vFabric Data Director Administrator and User Guide 7

1 VMware vFabric Data Director Overview 9

Data Director System Architecture 9VMware Data Director Components 10Data Director User Management Modes 10About Data Director Administration 11Data Director Supported Databases 12

2 Managing Data Director Resources 15

Resource Management Overview 15Resource Bundles and Resource Pools 16System Resource Bundle 17Resource Assignment 17vSphere Resource Pools and Data Director 18Viewing Resource Information 20Create the System Resource Pool 21Create the System Resource Bundle 22Monitor Resource Usage 22Create a Resource Pool 23Create a Resource Bundle 24Assign a Resource Bundle to an Organization 25Perform Advanced Cluster Configuration 26

3 Managing Users and Roles 27

User Management Overview 27Authenticating Users 28Role-Based Access Control 29Predefined Roles 30Privileges 31Propagation of Permissions and Roles 32Organization Privileges and Permissions 32Add Users to Your Organization 33Add Roles to an Organization 33Grant a Permission to a User 34Modify Organization Security Settings 34

4 Building DBVMs and Base DB Templates 37

Database Virtual Machine OVA Files 39Deploy a DBVM OVA File 39Build a SLES and Oracle Base Database Virtual Machine 40

VMware, Inc. 3

Build a Custom RHEL and Oracle Database Template 44Install the Operating System and Database Software in a Blank DBVM 49Requirements for the Kickstart File 49Database Update Configuration 52Configure a vFabric Postgres Update Chain 53Update an Oracle Database 54

5 Managing Organizations 61

Organization Structure 61Operating Organizations 62Managing Resources For Organizations 63Managing Organization Users 64Create a Data Director Organization 64Bind a vCloud Director Organization to Data Director 65

6 IP Whitelists 67

Create an Organization IP Whitelist 67Apply IP Whitelists to Databases 68Create Custom IP Whitelists 68

7 Managing Database Groups 71

Database Group Management Overview 71Managing Resources for Database Groups 72Storage Reservation 73Database Groups and Security 73Create a Database Group 73

8 Managing Database Templates 75

Introduction to Database Templates 75Enable a Base DB Template 76Create a DB Parameter Group 77Create a Resource Template 77Modify a Resource Template 78Create a Backup Template 79Modify a Backup Template 80

9 Managing Databases 83

Database Lifecycle 83Requirements for Creating Databases 85Database Creation 86Using Tags 96Managing the Organization Catalog 97Batch Operations and Scheduled Tasks 99Updating Databases 100Database Administration 101

10 Cloning Databases 107

Clone Types 107


4 VMware, Inc.

Cloning Customizations 109Clone a Database 109Managing Post-Clone Scripts 113Managing a Cloned Database Refresh 117

11 Managing Database Entities 121

Database Entity Management 121SQL Management 126

12 Safeguarding Data 129

Backup Strategies 130Backup Types 130Backup Template Settings 132Preconfigured Backup Templates 133Select a Database Backup Template 133Schedule Regular Database Backups 134Recover a Database 135Import Backups 136Use VMware Data Recovery to Back Up Data Director 136Database End of Life and Backups 138Perform Point-in-time Recovery of Management Server Database 139Add Pre-Action and Post-Action Scripts to the DBVM for Selected Agents 139

13 Monitoring the Data Director Environment 141

Explore Monitoring Customization and Filtering 141Monitoring for System Administrators 142Monitoring for Organization Administrators 146Explore Database Monitoring 150Working with Alarms 151About aurora_mon Configuration 153aurora_mon Configuration Parameters 154

14 Managing Licenses 159

License Management Overview 159Counting Data Director Licenses 161About Evaluation Licenses 161Add License Keys 162View License Information 162View License Usage Information 163Change the vFabric Postgres Database Usage Type 163Remove License Keys 164

15 IP Pool Management 165

Add an IP Pool 165Edit IP Pool 166Delete an IP Pool 166

Contents

VMware, Inc. 5

16 VMware vCloud Director Integration 169Enable vCloud Director Integration in Setup 170Enable vCloud Director Integration after Setup 170Edit or Disable vCloud Director Integration 171Add a vCloud Director Organization Administrator 171

17 Reconfiguring Data Director Networks 173

Change the vCenter IP Address 173Reconfigure the Web Console Network Mapping or Network Adapter 174Reconfigure the vCenter Network Mapping 175Reconfigure the vCenter Network Adapter Settings 175Reconfigure the DB Name Service Network or DB Name Service Network Adapter 176Reconfigure the Internal Network or Internal Network Adapter Mapping 177Verify Network Settings in Data Director 178Reconfigure the Database Access Network Used by a Database Group 178Modify IP Pool Settings 179

18 Managing SSL Keys and Certificates 181

Regenerate Management Server Key and Certificate 181Import Management Server Key and Certificate 182Edit Management Server Certificate 183Regenerate DB Name Server Key and Certificate 183Import DB Name Server Key and Certificate 184Edit DB Name Server Certificate 184Regenerate DBVM Key and Certificate 185Import DBVM Key and Certificate 185Edit DBVM Certificate 186

19 Data Director Troubleshooting 187

vCenter Server Stops Responding 187Resource Bundles Become Unusable Because DRS Is Disabled 188Missing Resource Pool 188Troubleshooting for SSL Communication 189Database Cannot Be Connected Using the JDBC Connection String 189

Index 191


6 VMware, Inc.

About VMware vFabric Data DirectorAdministrator and User Guide

The VMware vFabric Data Director Administrator and User Guide describes the features of VMware® vFabric DataDirector.

VMware vFabric Data Director is an enterprise class database-as-a-service (DBaaS) solution on VMwarevSphere that provides self-service lifecycle management for heterogeneous databases. The solution includesthe following features.

n Database creation, cloning, backup, and restore.

n Flexible, policy-based resource management.

n Resource isolation within organizations and within databases.

n Security policy implementation through role-based access control.

n Database ingestion.

Self-service database lifecycle management enables administrators to create databases, manage schemas,configure backups, perform restores, clone databases for testing and development, scale up database sizes,and decommission databases. Administrators can assign permissions to perform these functions to others,such as application developers, QA (test), and production engineers.

Customizable templates for database configuration and backups simplifies database creation and resourceallocation, enabling administrators to control database parameters and enforce resource allocation policies.

Administrators perform the following types of tasks.

n Create organizations and database groups.

n Allocate resources.

n Create database templates.

n Create, clone, backup and restore databases.

n Monitor the Data Director environment.

Administrators also manage users and roles by assigning various permissions to enable users to performspecific database management tasks.

Intended AudienceThis document is for administrators any user to whom an administrator might grant database permissions.

n System administrators use this document to learn how to manage and monitor a Data Directorenvironment.

n Organization administrators use this document to learn how to manage and monitor database groups anddatabases.

VMware, Inc. 7

n Application developers use this document to learn how to create, manage and monitor databases.

n Application developers, QA and production engineers, and others use this document to learn how toperform functions for which they have been granted permissions.


8 VMware, Inc.

VMware vFabric Data DirectorOverview 1

VMware vFabric Data Director is a software solution that powers Database-as-a-service in your cloud. Itenables you to implement database-aware virtualization on vSphere and provides self-service lifecyclemanagement for heterogeneous databases.

This chapter includes the following topics:

n “Data Director System Architecture,” on page 9

n “VMware Data Director Components,” on page 10

n “Data Director User Management Modes,” on page 10

n “About Data Director Administration,” on page 11

n “Data Director Supported Databases,” on page 12

Data Director System ArchitecturevFabric Data Director automates deployment, management, and governance of thousands of databases andenables policy-based self-service database management for application developers.

Data Director supports the following databases.

n Oracle 11gR2 Enterprise and Standard editions.

n Oracle 10gR2 Enterprise and Standard editions.

n Microsoft SQL Server 2012 Enterprise and Standard editions.

n Microsoft SQL Server 2008 R2 Enterprise and Standard editions.

n vFabric Postgres 9.0 and 9.1, a VMware vSphere optimized relational database based on PostgreSQL.

Data Director provides flexible, policy-based resource management at the system level, and isolation at theorganization and database level. Data Director system administrators can implement security policies throughrole-based access control to restrict system access to authorized users. System administrators use databasetemplates to guarantee corporate compliance to standardization, and carry out important database lifecyclemanagement tasks such as provisioning, backup, snapshots, point-in-time recovery, cloning, updating,monitoring, and so on.

Database administrators and authorized users can configure databases by using customizable parameters.Resource and backup templates simplify database creation. After an administrator assigns appropriatepermissions, users can create databases and allocate resources to them. Users can schedule backups, performrestores, and clone databases to use in testing and development environments. They can scale up databasesaccording to system needs, and decommission databases when they are no longer required.

VMware, Inc. 9

VMware Data Director ComponentsThe Data Director hierarchy consists of organizations, each with its own discrete database groups anddatabases. Currently supported databases include vFabric Postgres, Microsoft SQL Server, and Oracle.

System administrators perform management tasks at the system level, which is the top level of the hierarchy.To edit system-level settings you must have system privileges, but having system privileges does notautomatically allow you to make changes at the other levels.

A system can contain multiple organizations, each with multiple database groups. A database group cancontain multiple databases. You can create database groups only within organizations. Databases can existonly within database groups.

Figure 1-1. Data Director System Hierarchy

System administrators manage Data Director resources at the system and organization levels. Systemadministrators create resource bundles from vSphere resource pools (CPU and memory resources) and storageand network resources, and allocate one or more resource bundles to each organization.

Organization administrators assign resources from the given resource bundles to database groups forconsumption by databases.

Data Director User Management ModesData Director user management modes control how users are assigned and managed among differentorganizations. Data Director has two user management modes: Global mode (for enterprises) and ByOrganization mode (for service providers). Global user management mode is the default.

User management mode must be set to By Organization for VMware vCloud Director integration. See “Organization Structure,” on page 61.

By Organization user management mode has the following characteristics.

n Organizations are set up as separate, isolated enterprises with no visibility into other organizations.

n The Data Director system user list is not visible to organizations.

n No organization can see another organization's user list.

n Organization administrators send email to invite users to join their organization, or register users directly.

n Users can navigate to the Data Director web console URL and register for an account, pending approvalfrom the organization administrator.


10 VMware, Inc.

Global user management mode has the following characteristics.

n Organizations are set up as separate departments, business units, or groups within one enterprise, suchas a corporation's HR and Finance departments.

n All Data Director users are visible to all organizations within Data Director.

n Organization administrators grant access to users to the organization or grant access directly from thesystem user list.

n Users can navigate to the Data Director web console URL and register for an account, pending approvalfrom the organization administrator.

About Data Director AdministrationData Director system administrators perform Data Director administration on the system level. Organizationadministrators perform Data Director administration on the organization level.

You create the initial account for the Data Director system administrator during Data Director setup. Thatsystem administrator creates the system resource bundle, base database virtual machines (base DBVMs), andbase database templates.

By default, users do not have roles or permissions and cannot access any organizations. Organizationadministrators assign roles and permissions to users and grant them access to specific organizations.

System administrators perform system-level operations for Data Director or for an entire organization. Systemadministrators perform the following tasks.

Table 1-1. System-Level Operations

Operation Type Examples

Resource management operations n Creating and managing the system resource bundle.n Creating and managing resource bundles.n Creating and managing database virtual machines (DBVMs).n Managing base database templates.n Assigning base database templates to resource bundles.n Assigning resource bundles to organizations.n Creating and managing resource templates.n Creating and managing backup templates.

User and organizationmanagement operations

n Creating system users.n Creating system administrators.n Creating organizations.n Creating organization administrators.n Designating existing users as organization administrators.

Organization administrators perform organization-level operations within their organizations. Organizationadministrators perform the following tasks.

Chapter 1 VMware vFabric Data Director Overview

VMware, Inc. 11

Table 1-2. Organization-Level Operations

Operation Type Examples

Resource management operations n Creating database groups.n Enabling base database templates in resource bundles.n Creating resource templates.n Creating backup templates.n Allocating resources to database groups within the organization.

User management operations n Creating and managing organization users.n Granting organization access to existing Data Director users.n Assigning organization roles to users in the organization.n Creating and managing organization roles and granting roles to

organization user.n Defining organization permissions and granting permissions to

organization users.

By default, Data Director system administrators do not have access to organizations. Organizationadministrators have access to only their own organization. They can create organization users and can grantaccess to existing Data Director users.

Data Director system administrators can create users, but only organization administrators can grant thoseusers access to organizations.

Data Director Supported DatabasesData Director supports self-service database provisioning and automation through a web interface andcompatible client tools and drivers.

Data Director supports the following databases.

n “VMware vFabric Postgres databases,” on page 13

n “Oracle databases,” on page 13

n “Microsoft SQL Server databases,” on page 13

Database administrators and application developers administer databases within their organizations.Database administration includes the following tasks.

n Creating databases and allocating resources to them.

n Cloning databases.

n Managing database users, roles, privileges, and permissions.

n Maintenance such as performing backups and restores.

n Scaling up databases.

n Updating databases.

n Monitoring database usage and performance.

n Monitoring database alarms.

n Decommissioning databases.


12 VMware, Inc.

Oracle databasesAs a system administrator, you upload, test, and manage the Oracle base database templates that organizationadministrators, DBAs, and application developers use to create Oracle databases.

The recommended practice for using Oracle with Data Director is to set up a dedicated vSphere ESXi clusterfor hosting Oracle resources, including operating system, Oracle database server, and client tools. You createOracle base database virtual machines (DBVMs) using the dedicated Oracle resources in vSphere, then uploadthe DBVMs to Data Director to use as database templates.

Data Director supports the following Oracle versions.

n Oracle 11gR2 on SUSE, RHEL, or Oracle Linux.

n Oracle 10gR2 on SUSE, RHEL, or Oracle Linux.

VMware vFabric Postgres databasesData Director provides self-service database provisioning and automation with vFabric Postgres databases.vFabric Postgres is built on the open source Postgres database.

vFabric Postgres is compatible with pSQL and the PostgreSQL tools and client drivers. vFabric Postgresdatabases are fully compliant with ACID and ANSI SQL. The ACID properties, Atomicity, Consistency,Isolation, and Durability, guarantee that database transactions are processed reliably.

For information about the Postgres database features for Data Director, see the Using VMware vFabric Postgresfor Data Director.

Microsoft SQL Server databasesAs a Data Director system administrator you upload and manage the SQL Server base database templates thatorganization administrators, DBAs, and application developers use to provision SQL Server databases.

Use SQL Server with Data Director to set up a dedicated vSphere ESXi cluster for hosting SQL Server resources,including operating system, SQL Server database server, and client tools. You create SQL Server base databasevirtual machines (DBVMs) using the dedicated SQL Server resources in vSphere, and upload the DBVMs toData Director to use as database templates from which you can provision SQL Server databases.

Data Director supports the following SQL Server versions.

n SQL Server 2012 Enterprise and Standard editions.

n SQL Server 2008 R2 Enterprise and Standard editions.

Provisioning Support for SQL ServerData Director supports the creation of a stand-alone SQL Server instance using the default (unnamed) instancename. The default instance name is the same as the host name. You can have only one default instance pervirtual machine.

NOTE A SQL Server instance is either a default, unnamed instance, or it is a named instance. When SQL Serveris installed as a default instance, it does not require a client to specify the name of the instance to make aconnection. The client only has to know the server name.

The Data Director provisioning process prepares and configures the SQL Server software as described in thefollowing list.

n The SQL Server DBVM can join an existing Windows domain during provisioning. You must provide aWindows Active Directory credential with sufficient privileges to join the domain. If a SQL Server DBVMjoins a domain, Windows authentication is the authentication method. The user-supplied domain accountis added to the sysadmin role of the SQL Server instance.

Chapter 1 VMware vFabric Data Director Overview

VMware, Inc. 13

n If the DBVM does not join a domain, Data Director uses mixed authentication, and prompts for the SQLServer System Administrator (SA) password.

n No user databases are created when provisioning within Data Director.

Data Director Support for SQL ServerData Director supports the creation of new, empty SQL Server databases. To learn more about creating a SQLServer database, see “Create an Empty SQL Server Database,” on page 88.

The following Data Director features are not currently supported.

n Database backup and recovery.

n Database cloning.

n Adding databases to the organization catalog.

n Database ingestion.

n Use of IP whitelists.

n Changing disk size.

n DBVM reporting.

n Editing database resources.

n Adding database owners.

n Base DB template validation.

n High availability (HA).

n Upgrading.

NOTE When using Data Director to monitor and manage SQL Server databases, the user interface controls forthe above listed features are not visible in the administration console.


14 VMware, Inc.

Managing Data Director Resources 2System administrators manage CPU, memory, storage, and networking resources, as well as system-widedatabase and backup configuration templates. Organization administrators manage resources for databasegroups and for databases and enable database templates for their organizations.


n “Resource Management Overview,” on page 15

n “Resource Bundles and Resource Pools,” on page 16

n “System Resource Bundle,” on page 17

n “Resource Assignment,” on page 17

n “vSphere Resource Pools and Data Director,” on page 18

n “Viewing Resource Information,” on page 20

n “Create the System Resource Pool,” on page 21

n “Create the System Resource Bundle,” on page 22

n “Monitor Resource Usage,” on page 22

n “Create a Resource Pool,” on page 23

n “Create a Resource Bundle,” on page 24

n “Assign a Resource Bundle to an Organization,” on page 25

n “Perform Advanced Cluster Configuration,” on page 26

Resource Management OverviewSystem administrators allocate resources to organizations. These virtual resources come directly from thephysical resources of the cluster on which Data Director runs. Organization administrators assign organizationresources to database groups and databases.

A vSphere cluster consists of several ESXi hosts that provide the physical CPU and memory resources for thedatabases managed by Data Director. As part of installation, you create the cluster and enable vSphere HighAvailability (HA) and vSphere Distributed Resource Management (DRS) for the cluster. Data Director can takeadvantage of the vSphere HA and vSphere DRS functionality because Data Director runs on top of the cluster.See the vSphere Availability and the vSphere Resource Management documentation for details.

A Data Director resource bundle includes CPU, memory, storage, and networking resources. The CPU andmemory resources come from a resource pool in the vSphere cluster. The storage and networking resourcesare assigned to Data Director during installation or at a later time. Data Director includes a set of VLANs tocarry different types of network traffic.

VMware, Inc. 15

Data Director provides the following types of resource bundles.

n System resource bundle. Data Director system administrators create one system resource bundle at theData Director system level. In addition to providing virtual resources, the system resource bundle containsthe database virtual machines (DBVMs) and base database templates that support creating andprovisioning databases. See “System Resource Bundle,” on page 17.

n Resource bundle. Data Director system administrators create one or more resource bundles to provideoperating resources to organizations.

When system administrators create an organization, they can assign virtual resources to the organization asresource bundles. When organization administrators create a database group, they assign virtual resources tothe database group. These virtual resources are backed by the physical resources of one or more clusters.vSphere clusters provide failover protection and support efficient use of physical resources.

System administrators can assign resources when they create an organization (see “Create a Data DirectorOrganization,” on page 64) or assign resources to an existing organization (see “Assign a Resource Bundleto an Organization,” on page 25). Organization administrators can assign resources when they create adatabase group or assign resources to existing database groups.

If you chose the Express installation in the Data Director Setup wizard and enabled Create defaults, a systemresource bundle and Default resource bundle is already created. A Default organization and Default databasegroup is also created, and the Default resource bundle is assigned to the Default organization.

To help you specify the resources associated with a database template, Data Director includes a calculator thatcomputes the optimum resource configuration based on the anticipated usage patterns. When you createdatabases from the template, the specified resources are allocated.

Resource Bundles and Resource PoolsA resource bundle is a set of compatible IT resources for provisioning databases. To assign the appropriateamount of resources to each organization, system administrators create resource bundles and assign them toorganizations. System administrators specify a resource pool and storage and networking resources when theycreate a resource bundle. If Create defaults was selected in Express installation, a Default resource bundle iscreated and assigned to a Default organization.

Resource Pool All CPU and memory resources of a resource bundle come from a vSphereresource pool that is created in the vSphere Client with reservation equal tolimit. See “Create a Resource Pool,” on page 23.

Storage Resources Each resource bundle includes storage resources for data and storage resourcesfor backup. The storage resources must be visible to all hosts that use theresource bundle.

DB Access Networks DB Access Networks provide communication for databases. A DB AccessNetwork corresponds to a vSphere port group. Each network must be visibleto all hosts that use the resource bundle. DHCP or IP Pool is required. See Chapter 15, “IP Pool Management,” on page 165

Selecting one or more DB Access Networks allows you to isolate differentdatabase groups from one another, for example, to isolate a QA database groupfrom a Production database group. When no DB Access Networks have beenassigned in the environment, select the network that is mapped to the WebConsole Network. Do not select internal networks for DB Access Networktraffic.

The figure shows how Data Director resources come from vSphere resource pools, datastores, and port groups.When administrators create a resource bundle, the resources are always coming from the underlying vSphereenvironment.


16 VMware, Inc.

Figure 2-1. Resources in vSphere and Data Director

vSphere

source RPs

source datastores

source port groups

CPU & memory databasestorage

networkbackupstorage

resource bundle

CPU & memory databasestorage

networkbackupstorage

Data Director

resource bundle

“Resource Assignment,” on page 17 explains how resource assignment differs for the different levels of thehierarchy.

System Resource BundleThe system resource bundle provides CPU, memory, network, and storage resources for the base databasevirtual machines (base DBVMs) and base database templates that you use to create and provision databases.Each Data Director installation must have one system resource bundle. If you chose Create defaults in theExpress installation, a system resource bunde is created automatically.

Data Director system administrators create the system resource bundle before setting up other Data Directorentities and populate it with base database templates and base DBVMs.

The Data Director system administrator creates the system resource bundle at the system level. This ensuresthat the CPU, memory, storage, and networking resources, base database templates, and base DBVMs applyto the entire Data Director platform. The system administrator creates resource bundles and assigns basedatabase templates to them, and assigns the resource bundles to organizations. The organization administratorenables base database templates for use in that organization.

See “Create the System Resource Bundle,” on page 22.

Resource AssignmentResource assignment differs for organizations, database groups, and databases.

Resource Assignment for OrganizationsSystem administrators can assign multiple resource bundles to each organization. System administrators canassign a particular base database template to multiple resource bundles. Organization administrators allocatethe resource bundles to database groups and enable base DB templates. When you create databases, they drawon the resources assigned to the database group and the base database templates enabled in the organization.This resource isolation guarantees that different organizations and different database groups have control overtheir resources.

Chapter 2 Managing Data Director Resources

VMware, Inc. 17

If you chose the Express installation and enabled Create defaults in the Data Director Setup wizard, a systemresource bundle and Default resource bundle are created during setup. A Default organization with a Defaultdatabase group within that organization is also created, and the Default resource bundle is assigned to theDefault organization.

Resource Assignment for Database GroupsWhen you create a database group, you assign a resource bundle that specifies the resources for that group.You cannot assign more than one resource bundle to one database group. Multiple database groups can shareone resource bundle.

When you assign a resource bundle to a database group, you can specify how to allocate each resource.

n CPU priority or reservation.

n Memory priority or reservation.

n Storage allocation.

n Storage reservation percentage.

n A network for the database group. You cannot divide the network. You can select only one network whenyou create a database group even if several networks are associated with the resource bundle.

If you do not specify the CPU or memory allocation, Data Director sets the reservation to zero but setsexpandable reservations to true. If expandable reservations is set to true, the CPU or memory can expandbeyond the specified value.

Resource Assignment for DatabasesA database consumes the resources assigned to its database group.

n You can specify the number of virtual CPUs, the memory size, and CPU and memory priority for eachdatabase that you create.

n You cannot specify storage allocation. All databases consume the data and the backup storage allocatedto their parent database group. You can specify the size of data or PITR disk of each database.

n Each database uses the network assigned to the database group as the DB access network.

vSphere Resource Pools and Data DirectorA vSphere resource pool is a logical abstraction for flexible management of CPU and memory resources.Youadd CPU and memory resources to Data Director resource bundles by adding a vSphere resource pool to thebundle.

Data Director has the following types of resource pools.

Resource Pools forDatabases

vSphere administrators create one or more resource pools to enable DataDirector users to create databases. Resource pools for databases requireconfiguration settings such as DRS and HA enabled, and CPU and memorylimits equal to reservation.

System Resource Pool There is one system resource pool for one Data Director instance. vSphereadministrators can deploy database virtual machine (DBVM) OVA files intothe system resource pool at any time. The configuration settings for the systemresource pool are different from the configuration settings for databaseresource pools. You do not have to enable HA, and CPU, and memory limitsdo not have to equal reservations. The reservation must be greater than 0.


18 VMware, Inc.

You can also enable expandable CPU and memory. See “Create the SystemResource Pool,” on page 21.

CAUTION Data Director can use only resource pools for creating databases if the corresponding cluster isenabled for DRS and HA. Do not disable DRS. If you do, Data Director cannot use the resource pools even ifyou reenable DRS. See “Resource Bundles Become Unusable Because DRS Is Disabled,” on page 188.

Resource pools allow you to group available CPU and memory resources. You can allocate resources explicitly,or use the resource pool share mechanism. You can hierarchically partition available CPU and memoryresources by grouping resource pools into hierarchies. You can allow different organizations access to differentresource pools. For example, a QA department might need large amounts of CPU and memory for runningtests while the marketing department might require smaller amounts.

Data Director expects you to group the hosts that provide the CPU and memory resources into clusters. Eachcluster owns the resources of all hosts. You can create one or more resource pools for the cluster, which has aninvisible root resource pool. Each resource pool owns some of the cluster's resources. If necessary, you cancreate child resource pools. Child resource pools represent successively smaller amounts of CPU and memory.

CAUTION To use Oracle with Data Director, create a cluster specifically for Oracle use. To avoid licensing issues,assign only resources from your dedicated Oracle cluster to organizations that create and provision Oracledatabases and DBVMs.

How you allocate CPU and memory resources to database groups differs from how you allocate those resourcesto databases.

Creating Resource Pools for DatabasesYou create resource pools for databases by using a vSphere Client connected to a vCenter Server system. Specifythe following resource pool settings to ensure that Data Director always receives all of its allocated resourcesand does not have different amounts of CPU and memory available if the cluster is experiencing a light or aheavy load.

NOTE If you do not configure your resource pool with these settings, problems with resource bundle creationor other Data Director tasks might result. Resource pools with incorrect settings do not appear in the list ofavailable resource pools when you create a resource bundle.

Set the Limit equal to theReservation.

If the system never allocates more resources than you reserved, you do notexperience resource fluctuations.

Set ExpandableReservation to checkedor unchecked.

If the system does not attempt to allocate more resources than you reserved,you do not experience resource fluctuations.

Set Unlimited tounchecked.

Data Director requires this setting to avoid a resource bundle taking more thanits share of the resource pool.

After you create the resource pool, you create resource bundles. Each resource bundle uses one resource pool.

See “Create a Resource Pool,” on page 23 and “Create a Resource Bundle,” on page 24.


VMware, Inc. 19

Allocating CPU and Memory Resources to Database GroupsWhen you create a database group and set its CPU and memory allocation, Data Director creates a childresource pool of the resource pool that you select. Data Director configures the resource pool with the allocationthat you specify. Having a different resource pool for each database group isolates the database group'sallocation and makes different groups independent.

n If you specify the CPU and memory allocation, Data Director uses the following settings for the resourcepool it creates.

n Reservation is set to the value you specify.

n Expandable reservation is set to False.

n Limit is set to unlimited.

n If you do not specify CPU or memory allocation, Data Director uses the following settings for the resourcepool it creates.

n Reservation is set to 0.

n Expandable reservation is set to True, allowing the database group to consume resources as they areavailable.

n Limit is set to unlimited.

Allocating CPU and Memory Resources to DatabasesIn the Data Director environment, a database is a virtual machine that consumes resources from the databasegroup. You can specify the CPU and memory allocation for the database. Data Director always sets the limitto unlimited.

Viewing Resource InformationData Director system administrators can view resource usage information for an organization from the DataDirector Manage & Monitor tab.

When you log in to Data Director as a system administrator, you can view information about the resourceusage of the different organizations and about the resource bundle or resource bundles that are being used byeach organization.

n The Organizations pane allows you to manage organizations. You can view organization information,assign and unassign resource bundles, delete the organization, and view the organization's properties.

n The Resource Bundles pane allows you to view all resource bundles currently created for this instance ofData Director. You can display either allocation information or vCenter Server Object information.

n You can click on an item in the heading, such as Organization, to re-sort the table based on thatcolumn. Right-click any resource bundle name and choose Properties to see detailed informationabout each resource bundle.

n If you select vCenter Server Objects, Data Director displays the names of resource pools, datastores,and networks that you see in the vSphere Client UI.

n The Datastore Usage pane shows datastore usage for the main datastore and the backup datastore. Youcan see how resource bundles map to datastores and examine storage allocation information for eachdatastore.

See Chapter 13, “Monitoring the Data Director Environment,” on page 141 for details on using the monitoringinterface.


20 VMware, Inc.

Create the System Resource PoolvSphere administrators create one system resource pool from a vSphere Client connected to a vCenter Serversystem. vSphere Administrators deploy the Data Director database virtual machine (DBVM) OVAs to thesystem resource pool.

Prerequisites

n Connect to the vCenter Server system by using a vSphere Client. You cannot create resource pools if theclient is connected directly to a host.

n Verify that you have permissions sufficient to create a resource pool.

n Choose a location for the resource pool. Data Director cannot use resource pools at the top level.

n See vSphere Resource Management for information about resource pools.

n Before you create any resource pools, you must prepare a cluster. You must have at least one host in thecluster. See the vFabric Data Director Installation Guide for information.

Procedure

1 In the vSphere Client, select Home > Inventory > Hosts and Clusters.

2 Select the cluster to which all Data Director hosts have been assigned.

3 Specify the settings for the system resource pool.

Option Description

Name Name of the resource pool.

CPU Shares Leave CPU shares set to Normal.

CPU Reservation CPU resources to allocate to this resource pool. Set CPU reservation equal toCPU limit value. Must be greater than 0.

Expandable Reservation Can be checked or unchecked.

CPU Limit Maximum CPU resources available to this resource pool. Set CPU limit equalto CPU reservation value.

Unlimited Leave unchecked.

Memory Shares Leave memory shares set to Normal.

Memory Reservation Memory resources to allocate to this resource pool. Must be greater than 0.

Expandable Reservation Can be checked or Unchecked.

Memory Limit Maximum memory resources available to this resource pool. Because this isthe system resource pool, limit does not have to equal reservation.

Unlimited Unchecked.

After the system resource pool is set up, you can deploy Data Director OVA files and point to the systemresource pool when you create the Data Director system resource bundle.

What to do next

Create the system resource bundle. See “Create the System Resource Bundle,” on page 22.


VMware, Inc. 21

Create the System Resource BundleThe system resource bundle resides at the Data Director system level, and enables you to create, test, and runbase database virtual machines.

Prerequisites

n Create a resource pool to use for allocating CPU and memory resources. See “Create a Resource Pool,” onpage 23.

n Determine the storage resources that you want to include in the system resource bundle. Plan for storageresources for database storage and resources for backup storage.

n Determine the networking resource that you want to include in the system resource bundle. You can assignonly one network to the system resource bundle. The networking resource is used by the base DBVMs forbuilding base database templates.

NOTE If you do not configure your resource pool with these settings, you might have problems with systemresource bundle creation or other Data Director tasks.

Procedure

1 Log in to Data Director with system administrator privileges.

2 Select System, and click System Settings.

3 ClickSystem Resource Bundle in the left pane.

4 ClickCreate System Resource Bundle

5 Specify the following information about the resource bundle in the wizard.

Wizard screen Action

Name and Description Type a name and optional description and click Next.

CPU and Memory Select the resource pool from which you want to assign CPU and memoryresources and click Next.

Storage Click Edit to select a datastore, and allocate the number of gigabytes to usewith Data Director, or allocate all unallocated space. Repeat the process forbackup storage.NOTE Do not select a datastore that is in a datastore cluster.

Networks Select the networks that you want to have available to this resource bundle.These networks provide the public network for the organization's databases.Resource bundles must use a database network when available.

The resource bundle is created.

What to do next

Create a base DBVM. See Chapter 4, “Building DBVMs and Base DB Templates,” on page 37.

Monitor Resource UsageSystem administrators can view usage information for resource bundles and datastores and can reassignresource bundles from the Manage & Monitor tab.

The focus of this task is on monitoring, not on changing current settings.

Prerequisites

n Log in to Data Director as a user with system administrator privileges.


22 VMware, Inc.

n Verify that one or more organizations exist in your environment.

n Verify that resource bundles and datastores have been assigned to the organizations.

Procedure

1 In Data Director, click the System tab, and click the Manage & Monitor tab.

The Organizations panel displays resource allocation information about each organization.

2 Click one of the columns, for example Total Memory, to reorder the rows of the table.

3 Click one of the organizations to display resource bundle information for the selected organization.

4 Click Resource Bundles to display the Resource Bundles pane.

5 Click Datastore Usage to display information about available datastores, their capacity, and the allocatedand unallocated storage for each.

6 Click one of the datastores to display the associated resource bundles and their storage allocation.

What to do next

You can change the resource bundle information by clicking the Actions icon and selecting Properties. Ifproperties are dimmed, you do not have permissions to change them.

Create a Resource PoolYou allocate CPU and memory resources to Data Director by creating one or more resource pools from avSphere Client connected to a vCenter Server system. From the Data Director user interface, you can thenassign the resources from those resource pools to database groups and databases.

Before you create the resource pools, you must prepare a cluster. Enable the cluster for HA and DRS, and addall Data Director hosts to the cluster. See the vFabric Data Director Installation Guide for information.

Prerequisites

n Connect to the vCenter Server system by using a vSphere Client. You cannot create resource pools if theclient is connected directly to a host.

n Verify that you have permissions sufficient to create a resource pool.

n Choose a location for the resource pool. Data Director cannot use resource pools at the vApp top level.For information about resource pools, see the vSphere Resource Management documentation .

Procedure

1 In the vSphere Client, select Home > Inventory > Hosts and Clusters.

2 Select the cluster to which all Data Director hosts were assigned.

3 Configure the resource pool.

Option Description

Name Name of the resource pool.

CPU Shares Do not specify CPU shares. Instead, specify the CPU reservation.

CPU Reservation CPU resources to allocate to this resource pool. Must be greater than 0.

Expandable Reservation Checked or unchecked.

CPU Limit Maximum CPU resources available to this resource pool. Set Limit to be equalto CPU Reservation.


Memory Shares Do not specify memory shares. Instead, specify a memory reservation.

Memory Reservation Memory resources to allocate to this resource pool. Must be greater than 0.


VMware, Inc. 23

Option Description

Expandable Reservation Checked or Unchecked.

Memory Limit Maximum memory resources available to this resource pool. Set Limit to beequal to Memory Reservation.


After you create and configure the resource pool, you can point to the resource pool when you create the DataDirector resource bundle.

What to do next

Create a resource bundle. See “Create a Resource Bundle,” on page 24.

Create a Resource BundleResource bundles allow you to bundle CPU, memory, storage, database template, and networking resources.You create resource bundles using the Data Director user interface.

When you create a resource bundle, the wizard displays only resource pools with a parent cluster that meetsthe following requirements.

n vSphere DRS and vSphere HA are enabled.

n VM Monitoring is set to VM and Application Monitoring.

n VM Restart Priority is not disabled for any of the virtual machines.

n Host monitoring and admission control are enabled.

See “Perform Advanced Cluster Configuration,” on page 26 for details on recommended settings.

Prerequisites

n Create a resource pool to use for allocating CPU and memory resources. See “Create a Resource Pool,” onpage 23.

n Decide on the storage resources that you want to include in the resource bundle. Plan for storage resourcesfor database storage and resources for backup storage.

n Decide on the database templates (base DB templates) that you want to assign to the resource bundle.Organization users can create and provision databases only when base DB templates are assigned to, andenabled in, an organization's resource bundle(s). You can assign additional base DB templates to resourcebundles at any time.

n Decide on the networking resources that you want to include in the resource bundle. The resource bundle'snetworking resources are used for the DB access network for databases in an organization.

NOTE If you do not configure your resource pool with these settings, you might have problems with resourcebundle creation or other Data Director tasks.

Procedure


2 Select System, and click Manage & Monitor.

3 Click Resource Bundles.

4 Click the plus (+) icon.


24 VMware, Inc.

5 Specify the following information about the resource bundle in the wizard.

Wizard Screen Action


Resource Pool Select the resource pool from which you want to assign CPU and memoryresources and click Next.

Storage a Click Edit to select a Datastore, and allocate the number of gigabytes touse with Data Director, or allocate all unallocated space. Repeat theprocess for backup storage.NOTE Do not select a datastore that is in a datastore cluster.

b Specify the storage reservation. The default is 100%. The minimumstorage reservation is the lower bound of the storage reservations ofdatabase groups created under the resource bundle. Systemadministrators typically use this reserve to control how much storageover allocation can be allotted by organization administrators with thisresource bundle. See Chapter 7, “Managing Database Groups,” onpage 71 for more information about storage reservation.

Base Database Templates Select the base Database templates available in this resource bundle. Userscreate and provision databases using these templates. You can assign basedatabase templates to resource bundles at any time.

DB Access Networks Select the networks that you want to have available to this resource bundle.These networks provide the public network for the organization's databases.Resource bundles must use a database network when available.

What to do next

System administrators can assign additional base database templates to resource bundles, and allocate theresource bundles to organizations. Organization administrators can assign resources to their database groups.

Assign a Resource Bundle to an OrganizationSystem administrators can assign a resource bundle to an organization when they create an organization. Youcan also assign a resource bundle to an organization at a later time.

Prerequisites

Log in to Data Director as a system administrator or a user who can assign resource bundles to organizations.

Procedure

1 Click the Manage & Monitor tab and, click Organizations.

2 Right-click the organization that you want to assign a resource bundle to, and select Assign ResourceBundle.

3 Select the resource bundle that you want to assign from the list of resource bundles and click OK.

What to do next

System administrators can assign additional base DB templates to the resource bundle. Organizationadministrators can enable base DB templates for their organizations and create one or more database groupsand databases. See Chapter 9, “Managing Databases,” on page 83 and “Create a Database Group,” onpage 73.


VMware, Inc. 25

Perform Advanced Cluster ConfigurationDuring installation, you configure the Data Director cluster with vSphere DRS and vSphere HA enabled, andwith certain monitoring settings. You can later edit the Data Director cluster configuration to change themonitoring sensitivity for virtual machines.

As part of the installation process, you configure the Data Director cluster. See the vFabric Data DirectorInstallation Guide. After installation, you can customize the cluster to work in your environment. See the vSphereAvailability documentation and the vSphere Resource Management documentation for background information.

Not all changes that you can make to a vSphere cluster are compatible with Data Director. You must makesure that the cluster settings remain compatible with Data Director. Data Director checks the following settings.

n DRS must be enabled. DRS automation level can be any of the supported options. Partially automatedworks best with Data Director in most situations.

n HA, host monitoring, and admission control must be enabled.

n VM Monitoring is set to VM and Application Monitoring.

If cluster settings are not compatible with Data Director, and if you create a resource pool in the cluster, youcannot import the resource pool to a Data Director resource bundle.

If you change cluster settings from Data Director compatible to Data director incompatible, Data Directordisplays alerts but does not revert the settings. You must revert the settings to make the cluster compatibleagain.

CAUTION Do not disable DRS, because you lose all resource pools. Reenabling DRS does not restore the resourcepools. See “Resource Bundles Become Unusable Because DRS Is Disabled,” on page 188.

If you customize the HA settings for a virtual machine, and if those settings are not compatible with DataDirector, an alert appears. You must make the cluster compatible again.

Prerequisites

Verify that you have log-in privileges and privileges for cluster modification for the vCenter Server system onwhich the Data Director cluster runs.

Procedure

1 Log in to a vSphere Client that is connected to the vCenter Server on which the Data Director cluster runs.

2 Right-click the cluster and click Edit Settings.

3 Click VM Monitoring.

4 Select the Custom check box and specify custom settings.

These are the lowest acceptable settings. Values can be higher.

Option Description

Failure interval 30 seconds

Minimum uptime 120 seconds

Maximum Per-VM resets 3

Maximum resets time window Within 1 hour

5 Click OK.


26 VMware, Inc.

Managing Users and Roles 3User management controls the users that can log in to Data Director and what they can see and do after theylog in.


n “User Management Overview,” on page 27

n “Authenticating Users,” on page 28

n “Role-Based Access Control,” on page 29

n “Predefined Roles,” on page 30

n “Privileges,” on page 31

n “Propagation of Permissions and Roles,” on page 32

n “Organization Privileges and Permissions,” on page 32

n “Add Users to Your Organization,” on page 33

n “Add Roles to an Organization,” on page 33

n “Grant a Permission to a User,” on page 34

n “Modify Organization Security Settings,” on page 34

User Management OverviewSystem and organization administrators use a combination of user logins, privileges, permissions, and roles(role-based access control) to manage Data Director users. Role-based access control provides management ofusers and the tasks that they can perform on objects. You can grant and revoke roles and permissions at thesystem level, on organizations, and on database groups, databases, and templates within organizations.

Roles are sets of permissions required to perform particular jobs. Jobs are sets of tasks that a user with aparticular role is responsible for performing, such as the set of tasks that are the responsibility of a databaseadministrator. System and organization administrators define roles as part of defining security policies, andgrant the roles to users. To change the permissions and tasks associated with a particular job, the system ororganization administrator updates the role settings. The updated settings take effect for all users associatedwith the role.

n To add a user to a job, the system or organization administrator grants the role to the user.

n To remove a user from a job, the system or organization administrator revokes the role from the user.Changes are effective immediately.

VMware, Inc. 27

Roles apply only to the organization in which they are created. For example, an organization administratorcreates a database administrator role that includes permission to add and remove database users, start andstop databases, and perform backups for a specific database in that organization. Users that are granted thedatabase administrator role in that organization can perform database administrator tasks only within thatorganization.

Organization administrators usually manage role and permission assignments for their organizations.However, any user that has the permission to grant and revoke permissions on an object can grant allpermissions on that object to any user or any role. Organization administrators can also grant permissionsdirectly to users.

Each user's login account is unique in the system. Managing access, roles, and permissions for each user isbased on their user login account. The organization administrator can grant users access to one or moreorganizations. Within those organizations, each user can be granted multiple roles and permissions.

Users who cannot view or access certain objects or cannot perform certain operations were not granted thepermissions to do so.

The following figure illustrates the scope of users and roles in Data Director.

Figure 3-1. Scope of users and roles in Data Director

User Namespace

Bob

role domain

System

(user) Alliance

DBG DBGDBGDBG

role domain role domain

(user) BenefitsDBAdmin

SysAdmin

DBAdmin Organization Organization

In the figure, user Bob is logged in to Data Director and has been granted access to the system and to theorganization Alliance. Bob is also granted the SysAdmin role at the system level, and the DBAdmin role in theorganization Alliance. Bob's SysAdmin role applies to the system level. The SysAdmin role does not propagateto any organizations. The role DBAdmin in organization Alliance and the role DBAdmin in organizationBenefits are separate roles that apply only within their organizations. Bob has the DBAdmin role in the Allianceorganization but does not have access to the Benefits organization.

Authenticating UsersUser authentication is based on user login and password.

User login accounts and credentials are unique in Data Director. This enables managing credentials, roles,permissions, and privileges for each user based on the user login account.

Create users and passwords in the following ways.

n A system or organization administrator creates the user account and assigns a password.

n A user registers for a Data Director account and specifies a password as part of the registration request.


28 VMware, Inc.

Data Director encrypts the password and stores it with the user information. When the user logs in, that user'scredentials are stored in an HTTP session. Data Director uses the credentials to validate that the user isauthorized to view organization objects (database groups and databases) and to perform tasks.

Role-Based Access ControlRole-based access control enables system and organization administrators to control user access to DataDirector and to control what users can do after they log in. To implement role-based access control, systemand organization administrators associate (or revoke) privileges, permissions, and roles with (or from) userlogin accounts.

Users User logins (users) are unique accounts that enable users to access DataDirector. They include a password and identifying information such as name,email address, and phone number. Because user login accounts are unique,system and organization administrators can control each user's access andactions by granting or revoking privileges, permissions, and roles to or fromthe user's login account.

Users can be active or inactive. Inactive users cannot log in.

Privileges Privileges control all actions in Data Director. They define the allowable actionswithin an organization. Privileges apply to particular types of Data Directorobjects. For example, you can apply the Stop Database privilege toorganizations, database groups, and databases and apply the CreateDatabase privilege to organizations and database groups. Privileges bythemselves are not associated with specific objects within an organization.

Permissions Permissions associate a user and privilege pair with an object in Data Director.Examples are granting a user permission to start or stop a specific database, tomodify an organization's backup templates, or to create other users in anorganization.

You can grant permissions to users by assigning a role to a user, or by grantingpermissions directly to the user.

Roles Roles are collections of permissions that can be associated with or granted tousers. Roles provide a convenient way to package all the permissions requiredto perform a job, such as that of database administrator. Roles apply only tothe entity in which they are created. If you create a role at the system level, itapplies only to the system. If you create a role in an organization, it applies onlyto the organization. Organizations have no visibility into each others' roles. Iftwo organizations in the same Data Director data cloud each have a role thathas the same name, those roles are distinct within each organization.

One user can have multiple roles within an organization. Users can have accessto multiple organizations and can have multiple roles in each organization.

A user can have different roles for different objects. For example, if you havetwo database groups in your organization, DBG1 and DBG2, you can grant theDatabase Admin role to a particular user on DBG1 and grant that user the DBUser role on DBG2. These assignments might allow the user to performadministrative tasks in DBG1, but not in DBG2.

Chapter 3 Managing Users and Roles

VMware, Inc. 29

Predefined RolesData Director provides the predefined roles of system administrator, user administrator, and organizationadministrator. Predefined roles provide a starting point for administering Data Director users and roles andfor defining custom roles. You can also create custom roles.

Organizationadministrator role

Organization adminstrators manage their organizations. They control whichusers can access the organizations, how users request access to theorganizations, and what those users can see and do within the organization.This role has all privileges on the organization for which it is created.Organization administrators invite users to join the organization, grant access,roles, and permissions to users in the organization, create database groups, andcan create databases. You can choose to create an administrator user when youcreate a new organization, or you can select an existing user as the neworganization administrator.

Organization administrators perform all user management tasks within theirorganizations, including the following.

n Add users to organizations, database groups, and databases.

n Modify user settings.

n Remove users from organizations, database groups, and databases.

n Create roles.

n Grant privileges and permissions to roles and to individual users.

n View users, roles, and permissions granted to users and roles.

Organization administrators can view, grant, and revoke privileges on allobjects within their organizations, including database groups, databases, andtemplates. Privileges include Create Database Groups and Modify DatabaseConfiguration Templates.

System administratorrole

System administrators operate Data Director. The first system administratoruser is created during Data Director installation. This role has all system-levelprivileges, including managing resources for the system and for organizations.System administrators can see, grant, and revoke permissions at the systemlevel. The first system administrator configures Data Director, creates othersystem administrators and system-level users, and creates initial organizations.System administrators manage users at the system level. By default they do nothave access to organizations unless an organization administrator grants accessto them.

Template user role Template users can use any resource templates and backup templates whencreating databases.

User administrator role The User administrator role manages users at the system level, includingcreating, editing settings for, and deleting system users.


30 VMware, Inc.

PrivilegesPrivileges define the allowable actions on objects in vFabric Data Director. You associate privileges with a userlogin and a Data Director object to define permissions.

For example, the Start and Stop Database privilege indicates that in general, Data Director users can start andstop databases. But the privilege by itself does not indicate which users can start and stop databases, or thedatabases that they can start and stop. To provide context, you associate the privilege with a user login and aData Director object. The combination of privilege, user login, and Data Director object is a permission. Youcan group related permissions into roles to package all the permissions required to perform a job, such as thatof database administrator.

System System privileges relate to Data Director management, such as ManageResources and Manage System Settings. These privileges apply only to thesystem. System privileges do not propagate to organizations.

Organizations Privileges on organizations relate to organization management, such asManage Organization Settings and Manage Registration. Organizationprivileges apply only to organizations. They do not propagate beyondorganization boundaries.

Database Group Privileges on database groups relate to database group management, such asCreate Databases and Import Backups. Database group privileges apply onlywithin the organization and to the organization's database groups.

Organization administrators and users with database group managementprivileges grant and revoke privileges on database groups, and enable users toaccess a database group by adding the database group to the user's account.

Databases Privileges on databases relate to database management, such as Start and StopDatabase and Edit Database Info. Database privileges apply only to databases,database groups, and organizations. If a database-related privilege is on adatabase group, that privilege applies to all databases within that databasegroup. If the database-related privilege is on an organization, it applies to everydatabase group and database in the organization.

Organization administrators and users with database management privilegesgrant and revoke these privileges and permissions on databases. To gain accessto databases, the databases must be added to a user's account.

Resource Templates,Backup Templates, andBase DB Templates

Privileges on templates relate to template management, such as edit templateand view and user template. Edit template applies only to the organization.View and user template applies to individual templates or to the organization.If a template privilege is on an organization, it applies to all templates withinthat organization.

Organization administrators and users with template management privilegesgrant and revoke template privileges and permissions. To gain access totemplates, the templates must be added to a user's account.


VMware, Inc. 31

Propagation of Permissions and RolesHow permissions and roles propagate through an organization depends on where and on what types of objectsthey are granted. Understanding how permissions and roles propagate can help you to assign them to usersappropriately.

Permission and role propagation stops at the organization boundary. Permissions granted within anorganization propagate only within that organization. Permissions granted at the system level do notpropagate to organizations.

Permissions (and their associated privileges) that apply to an organization are inherited by that organization'sdatabase groups and databases. Users or roles can have permissions on specific database groups, and thosepermissions propagate to databases within the database groups.

Roles apply only to the organization in which they are defined. If a role is defined at the system level, it appliesonly to the system and is not visible to organizations. If a role is defined within an organization, it applies onlyto that organization and is not visible to the system or to other organizations.

You can grant permissions and roles on objects within an organization, such as on a database group, on adatabase, or on a template. For example, granting the Start/Stop Database permission on a database groupmeans that the user or role has the Start/Stop Database permission on all databases within that database group.If a user is granted the Start/Stop Database permission on a database group, that user can start and stop anydatabases within that database group. However, permissions that apply only to certain types of objects do notpropagate to other objects. For example, granting the database group permission Create Database on a databaseis meaningless.

Organization Privileges and PermissionsOrganization administrators grant privileges and permissions to users and roles in their organizations. Thoseprivileges and permissions propagate to database groups, base DB templates, and databases in theorganization.

You can grant the following types of privileges and permissions to users and roles on organizations.

n User and permission management, such as manage roles and registration and grant/revoke permissions.

n Organization management, such as manage organization settings, database configuration and backuptemplates, and import databases.

n Database group management, such as manage database groups, create databases, and import backups.

n Database management, such as edit database information, resource, and backup settings, modify databaseusers, upgrade databases.

n Database operations, such as enable/disable databases, delete databases, start and stop databases, andrestart databases.

n Database backup and recovery, such as create and delete snapshots, create and delete external backups,clone databases, and recover databases.

n Templates, such as use templates.

n View and monitor, such as viewing reports and monitoring resource usage.


32 VMware, Inc.

Add Users to Your OrganizationUsers can self-register to login to Data Director, but cannot access Data Director organizations, database groups,or databases until organization administrators grant access to them. You must add the users to yourorganization to grant them access.

Prerequisites

n Verify that you have Manage Registration permission for the organization.

n Verify that the system setting Allow Public Registration is on.

Procedure

1 Log in as an organization administrator.

2 Click the Organization Settings tab, expand Users and Roles, and click Users.


4 Complete the user information in the Credentials and Contact Information sections.

5 Grant roles and permissions now or choose to grant roles and permissions later.

6 Click OK.

If the Email Validation system setting is on, users receive an activation email that contains a link that they clickto activate their account. The new users' status is Pending and the users cannot log in until they activate theaccount.

The new user appears in the Users list.

Add Roles to an OrganizationRoles enable you to group the permissions required to perform tasks associated with a job, such as the job ofdatabase administrator. You can then grant the role to users rather than granting individual permissionsneeded for each task. You can add custom roles to your organization and grant them to the users who areresponsible for performing particular jobs.

Prerequisites

n You are logged in to Data Director.

n You have the OrgAdmin role with permissions on all objects in the organization, or permissions for theorganization in which to create the role.

n You have grant and revoke permissions on objects.

Procedure

1 Click the Organization Settings tab.

2 Expand Users and Roles and click Roles.

The OrgAdmin role appears in the list.


4 Type a name for the role.

5 (Optional) Enter a description


VMware, Inc. 33

6 Right-click Status.

n Select Enable to activate the role.

n Select Disable to deactivate the role.

7 In the Permissions section, select the permissions to grant to this role.

You can grant permissions to the role on the organization, database groups within the organization,databases within the organization's database groups, and on organization templates.

8 Click OK.

The new role appears in the Roles list.

What to do next

Grant this role to organization users.

Create other roles and grant permissions to them.

Grant a Permission to a UserIf a user requires only limited privileges in your organization, you can grant just those privileges to the userinstead of granting a role to that user.

Prerequisites

You are logged in to a Data Director organization as an organization administrator.

Procedure

1 Click the Organization Settings tab, then click Users.

2 Select a user name.

3 Use one of the following methods to access the Edit Permissions window.

n Select the user name, click the gear icon, and select Edit Direct User Permissions.

n Right-click the user name and select Edit Direct User Permissions.

n Left-click the user name, select Grant direct user permissions now, then click Edit.

4 Grant privileges to the user.

n To grant a category of privileges to the user, click the All privileges check box.

n To grant a specific privilege to the user, click the privilege's check box.

5 Click OK.

What to do next

Use the Edit Permissions window to grant the user access to database groups, databases, and templates withinthe organization.

Modify Organization Security SettingsOrganization security settings determine whether your organization allows open registration or users mustbe invited to register, and whether or not the system administrator can access your organization. You canchange the security settings at any time.

Prerequisites

Log in as organization administrator or as a user with the Manage Organization Settings permission.


34 VMware, Inc.

Procedure


2 Click Settings, then click Security.

3 (By Organization user management mode only) Choose one of the following Allow public registrationsettings.

Setting Description

No User registration is by invitation only.

Yes Users can see the organization and register themselves.

4 Choose one of the following Allow System Administrator to log into Org settings.

Setting Description

No Do not allow the system addministrator to log into the organization.

Yes Allow the system administrator to log into the organization.

5 Click Apply to accept the settings.


VMware, Inc. 35


36 VMware, Inc.

Building DBVMs and Base DBTemplates 4

Data Director enables administrators to quickly provision databases, such as Oracle and vFabric Postgres,using database templates. Administrators prepare templates that let users create databases in Data Director.

Data Director uses base database templates (base DB templates) to create databases. A base DB template is avirtual machine that contains all the required software to create a database. Required software includes theoperating system (OS), database, and system software configurations. The base DB template can also containthird-party tools that are required for a particular environment.

You create a base database virtual machine (DBVM) and install the operating system and database softwarerequired to create databases.You create a base DB template from a base DBVM. A DBVM is a virtual machinewith a disk layout that contains the seven virtual machine disks (VMDK) required for base DBVMs to work inData Director.

Base DBVMs contain the virtual hardware, structure, and the required files and configuration informationnecessary to build base DB templates and to create and operate databases. Base DB templates provide theblueprints for creating databases in Data Director.

Data Director supports vFabric Postgres, and the following OS and Oracle database versions.n OS: SUSE Linux Enterprise Server (SLES) 11 SP1; Red Hat Enterprise Linux (RHEL) 5.4 and later (6.0 is

not supported); Oracle Linux 5.4 and later (5.7 and 6.0 are not supported).

n Database software: Oracle 11gR2, Oracle 10gR2.

Data Director supports the following SQL Server versions on the Windows Server 2008R2 OS.n SQL Server 2008R2 Enterprise and Standard editions.

n SQL Server 2012 Enterprise and Standard editions.

The DBVM workflow shows the roles for building a DBVM, preparing the base DB template, and creatingdatabases.

VMware, Inc. 37

Figure 4-1. DBVM Workflow

Install Data Director

Create SystemResource Pool (SRP)

Download OVA anddeploy into SRP

Install OS and database

Create resource pools

Create system resource bundle

Convert DBVM toBase DBVM Template

Optionally run validate

Create resource bundle

Create organization

vSphereSystem Administrator

Data DirectorSystem Administrator

Data DirectorOrg Administrator

Create organizationroles and users

Enable Base DBVM Template

Assign Base DBVM Templateto resource bundle

To prepare DBVMs for use, vSphere administrators perform the following tasks.

n Download the DBVM template OVA files into a directory the vSphere Client can access.

n Create a system resource pool to contain the DBVM templates. See “Create the System Resource Pool,”on page 21.

n Use vCenter to deploy each DBVM template OVA file into the system resource pool. Deploy the OVA filesone at a time. See vSphere Virtual Machine Administration for information about deploying OVA files.

n If required for your business environment, install the operating system and database software into a blankDBVM to customize a database template.

To prepare base DB templates for use, Data Director system administrators perform the following tasks.

n Create one system resource bundle to contain base DBVM templates. See “System Resource Bundle,” onpage 17

n Convert the DBVMs to base DB templates.

n Assign the base DB templates to the resource bundle for an organization.

n Optionally validate the base DB template to ensure it built successfully.

Organization administrators enable base DB templates in their resource bundles. After a base DB template isenabled, organization users can use the base DB template to create databases.


38 VMware, Inc.


n “Database Virtual Machine OVA Files,” on page 39

n “Deploy a DBVM OVA File,” on page 39

n “Build a SLES and Oracle Base Database Virtual Machine,” on page 40

n “Build a Custom RHEL and Oracle Database Template,” on page 44

n “Install the Operating System and Database Software in a Blank DBVM,” on page 49

n “Requirements for the Kickstart File,” on page 49

n “Database Update Configuration,” on page 52

n “Configure a vFabric Postgres Update Chain,” on page 53

n “Update an Oracle Database,” on page 54

Database Virtual Machine OVA FilesData Director provides downloadable database virtual machine (DBVM) templates as OVA files.

Downloadable OVA Files

vFabric Data DirectorvPostgres 9.0 (VMware-Data-Director-SLES11-vPostgres 90-Base-DBVM-<build#>.ova)

Includes virtual hardware and the SUSE Linux Enterprise Server withvFabric Postgres 9.0 database software installed with default parameters.

vFabric Data DirectorvPostgres 9.1 (VMware-vFabric-Data-Director-SLES11-vPostgres 91-Base-DBVM-<build#>.ova)

Includes virtual hardware and the SUSE Linux Enterprise Server withvFabric Postgres 9.1 database software installed with default parameters.

vFabric SUSE Linuxoperating system(VMware-Data-Director-SLES11-Base-DBVM-<build#>.ova)

Includes virtual hardware and the SUSE Linux Enterprise Server with nodatabase software installed.

Custom (blank) VMTemplate (VMware-Data-Director-Blank-Base-DBVM-<build#>.ova)

Contains only virtual hardware, no operating system or database components.Also called the custom or empty DBVM. The blank DBVM template has thedisk layout required for Data Director database virtual machines. Use the blankDBVM template to build custom database environments. For example, use theblank DBVM template to build a custom DBVM with the Red Hat EnterpriseLinux operating system and Oracle 11g database software.

Deploy a DBVM OVA FileAs a vSphere administrator, you deploy the provided DBVM template OVA files to the system resource poolfor Data Director.

Prerequisites

n Verify that you have vSphere administrator privileges.

n Verify that you can log in to the console as root.

Chapter 4 Building DBVMs and Base DB Templates

VMware, Inc. 39

n Verify that Data Director is installed.

n Verify that the Data Director DBVM template OVA files are downloaded to a directory that you can accessfrom vSphere.

n Verify that the system resource pool is created in vSphere.

n Verify the network mapping or determine how to map the networks configured for Data Director to theDBVM template's networks. See the vFabric Data Director Installation Guide and the vFabric Data DirectorWorksheets.

Procedure

1 In the vSphere Client Inventory view, click the system resource pool.

2 Click File, and select Deploy OVF Template.

3 In the Source page, choose the DBVM template OVA file and click Next.

4 click Next.

5 Type a unique name for the template, select the cluster, and click Next.

6 choose a datastore that has at least 100GB of available space and click Next.

7 Map the DBVM template networks listed to the networks configured for Data Director.

8 (Optional) In the Disk Format page, select Thin Provision and click Next.

9 Click Next, review the settings, and click Finish.

The DBVM is deployed in the system resource pool.

What to do next

Deploy another DBVM template OVA file, or install operating system and database software to the DBVM.

Build a SLES and Oracle Base Database Virtual MachineData Director provides a base DBVM with SLES. You can install Oracle into the SLES DBVM to provide anenvironment for proof-of-concept projects or to allow non-Oracle DBAs to explore Oracle.

Prerequisites

n Verify that you can log in to vSphere as an administrator.


n Verify that the SLES DBVM is deployed to the system resource pool in vSphere.

n Verify that the Data Director system resource bundle is set up.

Procedure

1 Install Oracle in the SLES Base DBVM on page 41As a vSphere administrator, you can provide an SLES and Oracle database environment by installingthe Oracle database software in a DBVM with the SLES operating system already installed.

2 Create a Base DBVM on page 41You can create a base DBVM and install the operating system and database software required to createdatabases. The blank base DBVM contains the structure for installing an operating system and databasesoftware combination not provided by preconfigured base DBVMs.


40 VMware, Inc.

3 Convert a Base DBVM into a Base DB Template on page 42Data Director system administrators convert base DBVMs into base DB templates to provide theblueprints for creating databases.

4 Validate a Base DB Template on page 43As a Data Director system administrator, you can validate a base DB template to confirm that it builtcorrectly. You can validate a base DB template at any time.

5 Assign a Base DB Template to a Resource Bundle on page 43As a Data Director system administrator, you assign base DB templates to resource bundles as part ofproviding organizations with access to the base DB templates.

Install Oracle in the SLES Base DBVMAs a vSphere administrator, you can provide an SLES and Oracle database environment by installing the Oracledatabase software in a DBVM with the SLES operating system already installed.

Prerequisites

n Open a console in vSphere and log in as root.

n Deploy vFabric Data Director SLES 11 DBVM Template (VMware-Data-Director-SLES11-Base-DBVM-<build#>.ova) to the system resource pool.

n Verify that the deployed DBVM can access the Oracle installation bits.

Procedure

1 Log in to the vSphere Client as a administrator.

2 In the Data Director system resource pool, right-click the SLES Base DBVM and click Open Console.

3 Log in to the console as root.

4 Type the following command to run the Oracle installation script.

/opt/aurora/installation/install.sh [NFS PATH FOR ORACLE][Oracle version]

n NFS PATH FOR Oracle is the full pathname of the NFS server where the Oracle installation files reside.

n Oracle version is the full version number of the Oracle installation.

When the message Oracle installation finished appears on the console, the installation is complete andyour SLES Oracle base DBVM is built on the vSphere Client.

What to do next

Go to “Convert a Base DBVM into a Base DB Template,” on page 42

Create a Base DBVMYou can create a base DBVM and install the operating system and database software required to createdatabases. The blank base DBVM contains the structure for installing an operating system and databasesoftware combination not provided by preconfigured base DBVMs.

Prerequisites

Create the system resource bundle.

Ensure there is adequate free space on the datastore.

Procedure

1 Log in to Data Director as a system administrator.


VMware, Inc. 41

2 In the System tab, click Manage and Monitor.

3 Expand Templates and select Base DBVMs.

4 Click the plus (+) icon to start the Create Base DBVM wizard and enter the appropriate information.

Option Description

Name Enter a unique name for the base DBVM.

Database type Select a database type, or select Empty to create a blank base DBVM.

Database version Select a version.

Installer ISO Type the path to the ISO file on the datastore in the cluster. The path mustbe of the form[datastore]folder/DB .iso. Ensure that the database versionmatches the database type you selected.

Operating system Select an operating system from the drop-down menu of supportedoperating systems.

OS installer ISO Type the path to the IOS file on the datastore in the cluster. The path mustbe of the form[datastore]folder/OS.iso.

Data Director installs the OS, copies the Oracle or SQL Server files, installs the virtual machine tools and agents,and invokes Windows sysprep. The base DBVM appears in the Base DBVMs list with the status Creating. Theprocess can take a few minutes. The status changes to Running when creation finishes.

What to do next

Go to “Convert a Base DBVM into a Base DB Template,” on page 42.

Convert a Base DBVM into a Base DB TemplateData Director system administrators convert base DBVMs into base DB templates to provide the blueprintsfor creating databases.

Prerequisites

You have installed the operating system and database software into the base DBVM.

Procedure


2 Click the Manage and Monitor tab and expand Templates.

3 Select Base DBVMs.

4 Select the base DBVM to convert.

5 Click the gear icon and select Convert to Base DB Template.

6 In the Convert to Base DB Template wizard, provide the appropriate information.

Option Action

Name Enter a unique name for the base DB template.

Description (Optional) Enter a description of the base DB template.

Save the source DBVM (clone beforeconverting)

Click the checkbox to retain the source base DBVM for future use.

7 Click OK.

When conversion is finished, the base DB template appears in the Base DB Templates list.


42 VMware, Inc.

What to do next

For Oracle and vFabric Postgres BDVMs, go to “Validate a Base DB Template,” on page 43. Templatevalidation is optional. Validation is not supported for SQL Server.

Validate a Base DB TemplateAs a Data Director system administrator, you can validate a base DB template to confirm that it built correctly.You can validate a base DB template at any time.

Prerequisites

Complete the step “Convert a Base DBVM into a Base DB Template,” on page 42.

Procedure


2 Click Manage and Monitor, expand Templates and click Base DB Templates.

3 Right-click a base DB template and select Validate.

4 Select the organization and database group in which to validate the base DB template and click OK.

What to do next

If validation does not succeed, troubleshoot the base DB template in vSphere. Contact your VMwarerepresentative for assistance. After you have validated a base DB template, see “Assign a Base DB Templateto a Resource Bundle,” on page 43.

Assign a Base DB Template to a Resource BundleAs a Data Director system administrator, you assign base DB templates to resource bundles as part of providingorganizations with access to the base DB templates.

As a best practice, run validation before assigning a template to an organization. See “Validate a Base DBTemplate,” on page 43.

Prerequisites

n Complete the task “Convert a Base DBVM into a Base DB Template,” on page 42.

Procedure

1 Log in to Data Director as a user with system administrator privileges.

2 In Manage and Monitor, select Resource Bundles.

3 Right-click a resource bundle, and select Assign Base DB Templates.

4 Select one or more templates.

5 Click OK.

The base DB template is available to the resource bundle.

What to do next

Assign the resource bundle to an organization. See “Assign a Resource Bundle to an Organization,” onpage 25.


VMware, Inc. 43

Build a Custom RHEL and Oracle Database TemplateData Director system administrators can build custom DBVMs to enable organization users to create databaseswith a specific operating system and database combination.

To build a template that includes RHEL 5.5 and Oracle 11gR2, you must meet Oracle and Data Directorprerequisites.

Prerequisites

n Verify that Data Director is installed and the system resource bundle is set up.

n Verify that you have access to a RHEL 5.5 installation ISO image

n You have prepared a custom KS.cfg file for the Linux and Oracle. See “Requirements for the KickstartFile,” on page 49.

n Verify that you have access to Oracle installation bits. The installation bits must be available on an NFSshare.

Procedure

1 Deploy the base database VM into the System Resource Pool on page 44You can use a blank base database VM to build a custom database template.

2 Repackage the Linux ISO Image on page 45Because the original Red Hat ISO image is not Data Director compliant and does not distribute DataDirector related scripts, repackage your custom kickstart file with Red Hat ISO image

3 Install Linux on a Blank Virtual Machine on page 45You can install Linux as the operating system on the blank virtual machine.

4 Initialize the Virtual Machine to Make It Oracle and Data Director Compliant on page 46You can initialize the base database virtual machine to ensure that the Oracle and Data Directorrequirements are met.

5 Install Oracle 11g R2 Software on page 47You can use a provided script that will install Oracle Home in the correct disk.




Deploy the base database VM into the System Resource PoolYou can use a blank base database VM to build a custom database template.

Prerequisites

Verify that the system resource pool has sufficient resources.


44 VMware, Inc.

Procedure

1 Log in to vSphere Client as a system administrator and connect to the vCenter server.

2 2. Deploy the VMware-Data-Director-Blank-Base-DBVM-<build#>.ova file into the system resource pool.

When deployment completes, the virtual machine appears in the system resource pool. This virtualmachine is known as the base VM.

3 Power on the base VM.

Repackage the Linux ISO ImageBecause the original Red Hat ISO image is not Data Director compliant and does not distribute Data Directorrelated scripts, repackage your custom kickstart file with Red Hat ISO image

Prerequisites

The repackage scripts run on a Linux OS with the sed and mkisofs commands.

Procedure

1 Obtain a working Linux environment with sufficient storage to repackage the Linux ISO image.

If you mount the RHEL ISO from an NFS server, 8GB is sufficient. You need 12GB if you upload the ISOto your local disk.

2 Ensure that you have a discoverable path to the working Linux environment for the original RHEL ISOimage, local directory, or NFS path.

3 Download the ISO image from the VMware product download page.

4 Mount the ISO image by typing the following command, substituting your build number for <build#> .

mount –o loop /mnt/Data-Director-Initialize-Base-DBVM-build#.iso /tmp/mnt

5 To repackage the RHEL ISO image, mount the NFS manually, then type the following command.

/tmp/mnt/Tools/repack_rhel_iso.sh REDHAT_ISO_PATH Output_folder

For example, the command

/tmp/mnt/Tools/repack_rhel_iso.sh rhel5.5.iso ./

specifies the original Linux ISO image as the source ISO image. The command repackages the ISO image,which can pick up the kickstart file automatically from the floppy device.REDHAT_ISO_LOCAL_FILE_PATH must be a local path. If the Red Hat ISO is on an NFS volume, mountit to the local directory before using this command.

A RHEL ISO image is created, with its own kickstart file.

Install Linux on a Blank Virtual MachineYou can install Linux as the operating system on the blank virtual machine.

Prerequisites

Deploy the base database virtual machine into the system resource pool. See “Deploy the base database VMinto the System Resource Pool,” on page 44.

Repackage the Linux ISO image. See “Repackage the Linux ISO Image,” on page 45.

A floppy image containing the ks.cfg file (unless you have packaged your own customized ks.cfg file intothe ISO.

A CDROM device containing the OS ISO.


VMware, Inc. 45

A CDROM device containing the database binary ISO.

A CDROM device containing the initialized ISO.

Procedure

1 In the vSphere Client, select the blank virtual machine that you deployed.

2 Click Edit Settings.

3 Click the Hardware tab, and select CD/DVD drive in the hardware list.

4 In the right panel, click Datastore ISO file and click Browse.

5 Enter the path of the repackaged Linux ISO image.

You can alternatively use the client device to connect the local ISO when the virtual machine is running.

6 In the Device Status pane, click Connected and click Connected at Power On.

7 Click Save.

8 Power on the virtual machine if it is not running, and open a console to observe.

The virtual machine will start to bootstrap, and install Linux as specified in the custom kickstart file.

Linux is installed. The kickstart file brings up the installaiion for the database binary and orhter requiredpacakges from the CDROM.

What to do next

Initialize the same base virtual machine by installing the required software components and scripts, to ensurethat it is Oracle and Data Director compliant.

Initialize the Virtual Machine to Make It Oracle and Data Director CompliantYou can initialize the base database virtual machine to ensure that the Oracle and Data Director requirementsare met.

Prerequisites

You have installed Linux on the virtual machine.

Procedure

1 In vSphere Client, right-click the base database virtual machine and open the console.

2 Log in as root and type password when prompted for the password.

The password value is defined in the kickstart file, and appears at the top of virtual machine console. T

3 Click the CD/DVD drive icon, and select the datastore ISO file from the storage disk.

4 Type the following command to mount the CDROM to the local directory.

mount /dev/cdrom/mnt/cdrom

5 As root, type the following command from the local directory.

./install.sh –i

This command installs scripts for Oracle install, VMware Tools, and Python 2.6 runtime.

When the installation completes, the base database virtual machine is Oracle and Data Director compliant.

What to do next

Install Oracle 11g R2 in the base database virtual machine.


46 VMware, Inc.

Install Oracle 11g R2 SoftwareYou can use a provided script that will install Oracle Home in the correct disk.

Prerequisites

Verify that you have initialized the virtual machine to make it Oracle and Data Director compliant.

Procedure

1 Log in to the OS as root.

2 Type the following command to install Oracle.

/opt/aurora/installation/install.sh NFS_PATH_FOR_Oracle_binary_folder Oracle_version

NFS_PATH_FOR_Oracle_binary_folder is the full path of the NFS server where you store your Oracleinstallation software components.

Oracle_version is the full version number of the Oracle software.

3 Power off the virtual machine when the Oracle installation finishes.

4 Remove the CD/DVD devices.

The Oracle EE binary is installed.

What to do next

Convert the base database virtual machine into a database template. See “Convert a Base DBVM into a BaseDB Template,” on page 42You can, optionally, install third party tools to ensure that all necessary tools areinstalled on the binary disk.


Prerequisites


Procedure







Option Action





7 Click OK.


VMware, Inc. 47


What to do next

For Oracle and vFabric Postgres BDVMs, go to “Validate a Base DB Template,” on page 43. Template validationis optional. Validation is not supported for SQL Server.


Prerequisites


Procedure





What to do next




Prerequisites


Procedure





5 Click OK.


What to do next



48 VMware, Inc.

Install the Operating System and Database Software in a Blank DBVMvSphere users with access to the Data Director DBVMs, install the operating system and database software inthe blank DBVM as part of building a custom base DBVM template.

Prerequisites

n Verify that you can log in to vSphere as an administrator.


n Verify that the blank DBVM is deployed to the system resource pool in vSphere.

n Verify that the Data Director system resource bundle is set up.

Procedure

1 Log in to the vSphere Client.

2 Run the installation script as instructed by your VMware representative.

The installation script creates a directory with a name such as /opt/aurora/agent2/plugin. The directorycontains files such as the following examples.

n config.py contains one line that indicates the active plugin.

n vdd-vpg vPostgres plug-in.

n vdd-SUSE-oracle-11 SUSE Linux Enterprise Server (SLES) SUSE Oracle 11 plug-in.

n XML files contains database configuration parameters.

3 (Optional) Customize the XML database parameter file and database plug-in.

4 Edit the config.py file to indicate the active plug-in.

5 (Optional) Modify the active plug-in as required for your installation or write your own plug-in to suityour requirements.

What to do next

Convert the base DBVM to a base DB template. See “Convert a Base DBVM into a Base DB Template,” onpage 42.

Requirements for the Kickstart FileThe kickstart installation method is used primarily by the RHEL to perform unattended operation systeminstallation and configuration automatically. To customize a base DB template for Data Director, the kickstartfile must be fully compliant with Data Director and the target database.

Kickstart OptionsGo to the Red Hat Web site for Red Hat documentation on kickstart options.

Kickstart Options Required for Data DirectorThe following content is required in your kickstart file to be compliant with Data Director.

1. # Disk partitioning information

2. part / --bytes-per-inode=4096 --fstype="ext3" --grow --ondisk=sda --size=1

3. part /opt/aurora/oracle --bytes-per-inode=4096 --fstype="ext3" --grow \

--ondisk=sdb --size=1

4. part /opt/aurora/archive --bytes-per-inode=4096 --fstype="ext3" --grow \


VMware, Inc. 49

--ondisk=sdc --size=1

5. part /var --bytes-per-inode=4096 --fstype="ext3" --grow --ondisk=sdd --size=1

6. part /opt/aurora/dbg --bytes-per-inode=4096 --fstype="ext3" --grow \

--ondisk=sde --size=1

7. %packages

8. @core

9. @base

10. @development-tools

12. @legacy-software-development

13. @editors

14. unixODBC

15. libaio-devel

16. libXtst-devel

17. libXp-devel

18. libXau-devel

19. sysstat

20. iptables*

21. httpd

22. httpd

23. openldap-clients

24. %post

25. /bin/cat > /root/firstboot.sh <<EOF

26. mkdir /mnt/cdrom2 /mnt/cdrom3

27. mount -o loop /dev/cdrom-hdb /mnt/cdrom2

28. mount -o loop /dev/cdrom-hdc /mnt/cdrom3

29. /mnt/cdrom2/Redhat/install.sh -i -o /mnt/cdrom3 -v 11.2.0.1.0

30. umount /mnt/cdrom2

31. umount /mnt/cdrom3

32. sed -i '/^#FIRSTBOOT_START#/,/^#FIRSTBOOT_END#/d' /etc/rc.local

33. EOF

34. chmod a=x /root/firstboot.sh

35. /bin/cat >> /etc/rc.local >> EOF

36. #FIRSTBOOT_START#

37. echo "Initializing base vm and install Oracle, you can find log in \

38. /root/VMware-Data-Director-Install.log."

39. /root/firstboot.sh

40. #FIRSTBOOT_END#

41. EOF

NOTE Lines 14 through 18 are fields required by Oracle and the original equipment manufacturer (OEM).

Sample Kickstart fileThis is a sample kickstart file.

#platform=x86, AMD64, or Intel EM64T

key --skip

# System authorization information

auth --useshadow --enablemd5

# System bootloader configuration

bootloader --location=mbr

# Clear the Master Boot Record

zerombr

# Partition clearing information

clearpart --all --initlabel

# Use text mode install


50 VMware, Inc.

text

# Firewall configuration

firewall --disabled

# Run the Setup Agent on first boot

firstboot --disable

# System keyboard

keyboard us

# System language

lang en_US

# Installation logging level

logging --level=info

# Use CDROM installation media

# Network information

cdrom

network --bootproto dhcp --device eth0

network --bootproto dhcp --device eth1

# Reboot after installation

reboot

#Root password

rootpw --iscrypted $1$X0Hs3tQw$Zw7.vM.MQfnmRlU4qs9zP/

# SELinux configuration

selinux --enforcing

# System timezone

timezone Etc/GMT

# Install OS instead of upgrade

install

# X Window System configuration information

xconfig --defaultdesktop=GNOME --depth=8 --resolution=800x600

# Disk partitioning information

part / --bytes-per-inode=4096 --fstype "ext3" --grow --ondisk=sda --size=1

part /opt/aurora/oracle --bytes-per-inode=4096 --fstype "ext3" --grow \

--ondisk=sdb --size=1

part /opt/aurora/archive --bytes-per-inode=4096 --fstype "ext3" --grow \

--ondisk=sdc --size=1

part /var --bytes-per-inode=4096 --fstype "ext3" --grow --ondisk=sdd \

-size=1

part /opt/aurora/dbg --bytes-per-inode=4096 --fstype "ext3" --grow \

--ondisk=sde --size=1

%post

/bin/cat >> /etc/issue <<EOF

root login password -- password

EOF

/bin/cat > /root/firstboot.sh <<EOF

mkdir /mnt/cdrom2 /mnt/cdrom3

mount -o loop /dev/cdrom-hdb /mnt/cdrom2

mount -o loop /dev/cdrom-hdc /mnt/cdrom3

/mnt/cdrom2/Redhat/install.sh -i -o /mnt/cdrom3 -v 10.2.0.1.0

umount /mnt/cdrom2

umount /mnt/cdrom3

sed -i '/^#FIRSTBOOT_START#/,/^#FIRSTBOOT_END#/d' /etc/rc.local

EOF

chmod a+x /root/firstboot.sh

/bin/cat >> /etc/rc.local <<EOF

#FIRSTBOOT_START#

echo "Initializing base vm and install Oracle, you can find log in /root/ \


VMware, Inc. 51

VMware-Data-Director-Install.log."

/root/firstboot.sh

#FIRSTBOOT_END#

EOF

%packages

@core

@base

@development-tools

@legacy-software-development

@development-libs

@editors

sysstat

iptables*

openldap-clients

unixODBC

libaio-devel

httpd

mod_ssl

libXtst-devel

libXp-devel

libXau-devel

Database Update ConfigurationYou update databases to take advantage of features in new releases or upgrades of database software. Also,to incorporate enhancements to a database virtual machine (DBVM) or to third party software tools. Systemadministrators manage the base DB template update chain to ensure that users update databases based ontemplates that comply with defined update policies.

Updates apply enhancements to a DBVM that are not necessarily database software upgrades. You can createa base DB template from an existing version of a database and add third party software tools to the new baseDB template. You can then apply the new base DB template to multiple databases by performing a batch update.

Update Chain ManagementThe update chain is a property of base DB templates, and determines which base DB templates can be updatedfrom or updated to the current base DB template. You can assign templates with the same database engine(Oracle or vFabric Postgres) to the current template chain. You set the update mode when configuring thetemplate chain.

Update Mode Determines how databases are updated. You select an update mode accordingto the capability and update scenario of the destination base DB template. Thereare two update modes.

In-place update Modifies the original database files. No additional storage is required and nonew files are created during the in-place update process. You use the in-placeupdate mode when updating within the same vFabric Postgres version, that is,when updating from 9.0 to 9.0, or from 9.1 to 9.1.

Dump-restore update Requires additional storage to finish the update. The process moves the originaldatabase to a separate location, and then restores the files to the updateddatabase instance


52 VMware, Inc.

User Defined Upgrade Scripts for Oracle databasesIn the update process, Data Director attempts to run two user defined scripts, the source base DB templatepreupgrade script, and the target base DB template postupgrade script. To achieve customization in the updateprocess, you must upload a script to the base DBVM before converting it to a base DB template.

Table 4-1. Upgrade Scripts

Upgrade Script Scope Description

Preupgrade script Source base DB template Preupgrade scripts run in the originaldatabase before updating. Scripts arelocated at ${AgentHome}/plugin/${ActivatedPluginFolder}/upgrade_script/preupgrade_script.For Oracle 11 template, the full pathis/opt/aurora/agent2/plugin/vfdd_linux_oracle_11/upgrade_script/pretupgrade_script.

Postupgrade script Target base DB template Postupgrade script run in the stagingdatabase after the system appliesupdates, such as new third party toolsor database software upgrades. Thedatabase instance is started after thepost-upgrade script finishes. Scripts arelocated at ${AgentHome}/plugin/${ActivatedPluginFolder}/upgrade_script/postupgrade_script.For Oracle 11 template, the full pathis/opt/aurora/agent2/plugin/vfdd_linux_oracle_11/upgrade_script/postupgrade_script.

Permission To ScriptsThe directory upgrade_script must be accessible and writable to system database administrator users. Thescript files preupgrade_script and postupgrade_script must be readable and executable to system databaseadministrator users.

Configure a vFabric Postgres Update ChainYou configure an update chain to enable database users to update databases based on templates the complywith update policies.

Prerequisites

• Verify that Data Director has one vFabric Postgres 9.1 db template.

• Verify that Data Director has one vFabric Postgres 9.0 db template.

NOTE You must upgrade vFabric Postgres 9.0 on Data Director 1.0 to vFabric Postgres 9.0 on Data Director2.x before you upgrade to vFabric Postgres 9.1 on Data Director 2.x.

Procedure


2 Click the Manage and Monitor tab.


VMware, Inc. 53

3 Click the Base DB Templates in the left pane.

4 Right-click vPostgres 9.1, and select Properties.

5 Click the Update From tab.

6 Check the box for a vFabric Postgres 9.0 template, and select dump-restore.

7 Click OK.

Update an Oracle DatabaseYou update an Oracle database to take advantage of features available in the latest release of the databasesoftware, or to incorporate enhancements to a database virtual machine (DBVM) or to third party softwaretools. Updating an Oracle database is referred to as patching.

Prerequisites

Verify that you have Oracle databases that require upgrading in Data Director.

Procedure

1 Identify Existing Target DBVM on page 55To create a template with the required patches, determine whether a base database virtual machine ofthe Oracle database that you intend to patch is available.

2 Create a Base Database VM from an Existing Template on page 55You create a base database VM to correspond with a base database template so you can make patches toan Oracle database.

3 Apply a Patch to the Base Database Virtual Machine on page 55You apply a patch to an Oracle database to update it to the latest release of the database software.




7 Enable a Base DB Template on page 58Organization administrators enable a base DB template on the underlying resource bundles so thatorganization users can provision databases based on the base DB template. Only organizationadministrators and users with Manage base DB templates privileges can enable, disable, and edit baseDB templates.

8 Configure an Oracle Update Chain on page 58You configure an update chain to enable database users to update databases based on templates thatcomply with update policies.

9 Update a Database on page 59You can update a database to apply enhancements or software upgrades.


54 VMware, Inc.

Identify Existing Target DBVMTo create a template with the required patches, determine whether a base database virtual machine of theOracle database that you intend to patch is available.

Prerequisites

Verify that you have Oracle databases that required upgrading in Data Director.

Procedure

1 Log in to Data Director as an organization administrator.


3 Double-click a database group in the left pane.

4 Right-click the database that you intend to patch and select Properties.

5 Write down the name of the template in the Base DB template text box for your reference when you createa base database virtual machine.

What to do next

You can create a base database virtual machine. See “Create a Base Database VM from an ExistingTemplate,” on page 55

Create a Base Database VM from an Existing TemplateYou create a base database VM to correspond with a base database template so you can make patches to anOracle database.

Prerequisites

You have identified the base database VM of the Oracle database you intend to patch.

Procedure



3 Click Base DB Templates in the left pane.

4 Right-click the Oracle template you identified previously and select Export to Base DBVM.

5 When the task completes, click Base DB Templates in the left pane.

The template will appear in the list. Depending on whether you selected the option Save the source DBVM(clone before converting) when you converted the base database VM to a template, the base VM mightalready be available.

What to do next

Apply a patch to the base database VM.

Apply a Patch to the Base Database Virtual MachineYou apply a patch to an Oracle database to update it to the latest release of the database software.

This procedure uses PSU 12419378 as an example.


VMware, Inc. 55

Prerequisites

Verify that a base database virtual machine of the Oracle database is available.

Configure the update chain.

Procedure

1 Connect to the Base DBVM console.

You can connect from the vSphere client or other SSH terminals.

2 Download the PSU 12419378 package from the Oracle Web site.

3 Upload p5880880_112000_Linux-x86-64.zip to the /tmp directory in the database virtual machine.

4 Upgrade the patch according to README.txt.

5 Apply PSU 12419378 according to README.html.

Refer to the patch post-installation instructions in the Patch Set Update README material.

6 Create a post upgrade script in this DBVM.

The file is located in /opt/aurora/agent2/plugin/vdd_linux_oracle_11/upgrade_script. Rename the filepostupgrade_script.

7 Set file privileges to 777 to make this file readable and executable.

8 Copy the script to the postupgrade_script file.

The following is a sample script to be executed.

#!/bin/bash

sqlplus / as sysdba << EOF

startup

@$ORACLE_HOME/rdbms/admin/catbundle.sql cpu apply

quit

EOF

You updated the base database virtual machine with PSU 12419378

What to do next

You can convert the base database virtual machine to a target database template. See “Convert a Base DBVMinto a Base DB Template,” on page 42.


Prerequisites


Procedure







56 VMware, Inc.


Option Action





7 Click OK.


What to do next

For Oracle and vFabric Postgres BDVMs, go to “Validate a Base DB Template,” on page 43. Template validationis optional. Validation is not supported for SQL Server.


Prerequisites


Procedure





What to do next




Prerequisites


Procedure






VMware, Inc. 57

5 Click OK.


What to do next


Enable a Base DB TemplateOrganization administrators enable a base DB template on the underlying resource bundles so thatorganization users can provision databases based on the base DB template. Only organization administratorsand users with Manage base DB templates privileges can enable, disable, and edit base DB templates.

Prerequisites

System administrators have assigned at least one base DB template to the resource bundles of the underlyingorganization.

Log in to Data Director as an organization administrator or as an administrator with privileges to enable baseDB templates.

Procedure


2 In the left pane, click Base DB Templates.

3 In the center pane, right-click a base DB template and select Enable on Resource Bundles.

4 Click Enable.

Wait for the base DB template to be enabled.

5 Click Close.

Configure an Oracle Update ChainYou configure an update chain to enable database users to update databases based on templates that complywith update policies.

Prerequisites

Verify that you have successfully converted a Base DBVM containing a patch to a new Base DB Template.

Procedure


2 Click Manage and Monitor.

3 Click Base DB Templates in the left pane.

4 Right-click Oracle 11g and select Properties.

5 Click the Update From tab, and click one Oracle 10 template.

6 Check the box for an Oracle 10g template and select dump-restore.

7 Click OK.

What to do next

Update the Oracle database. See “Updating Databases,” on page 100.


58 VMware, Inc.

Update a DatabaseYou can update a database to apply enhancements or software upgrades.

Prerequisites

Verify that the following conditions are met.

n The system administrator has built and converted a base DBVM with proper update scripts and binaryupdates, such as new third-party tools or database software upgrades.

n The system administrator has enabled the base DB template on the resource bundle where the targetdatabases exist, and properly configured the base DB templates update chain.

n You have appropriate privileges to access and update databases.

n You have existing databases that require the updates contained in the new base DB template.

Procedure

1 Log in to an organization as a user with database privileges.


3 On the Databases tab, right-click one or more databases and select Update.

The Update page shows the current base DB template and its version.

4 On the Update page, provide the following information.

Option Description

Update to The new template from which to update the database.

DB parameter group Database configuration parameters to apply to the updated database.

Keep existing values when possible If the new template does not require new database parameter values and youprefer to retain the current values, select the Keep existing values whenpossible check box.

Take a snapshot before starting theupgrade

Select whether to take a snapshot backup of the database before updating.The default is to take a snapshot backup.

Automatically cancel if update fails The task is canceled if the update fails.

Schedule Action Schedule the update for a specific date and time.

If you did not schedule the update, the database update proceeds immediately. If you scheduled the update,the database update proceeds at the specified date and time. A database can have only one pending updatetask.


VMware, Inc. 59


60 VMware, Inc.

Managing Organizations 5The basic component of Data Director is the organization. Data Director system administrators createorganizations, assign the initial organization administrator, and allocate resources to the organization.


n “Organization Structure,” on page 61

n “Operating Organizations,” on page 62

n “Managing Resources For Organizations,” on page 63

n “Managing Organization Users,” on page 64

n “Create a Data Director Organization,” on page 64

n “Bind a vCloud Director Organization to Data Director,” on page 65

Organization StructureThe structure of organizations depends on the user management mode: Global mode or By Organization mode.

User management mode is set by the system administrator during Data Director deployment and cannot bechanged.

Global Mode In Global mode, all users in the Data Director system are visible to allorganizations. Global mode is best for operating Data Director for a singleenterprise in which organizations represent business units or departmentswithin the enterprise. Organization administrators can see the global user listand grant access to any user to their organization.

Global mode does not support integration with VMware vCloud Director.

By Organization Mode In By Organization mode, Data Director operates as a service and eachorganization is a distinct enterprise. Organizations are not visible to each otherin By Organization mode. Each organization has its own distinct user list thatis not visible to any other organization. Users must either send a request toregister to an organization and be approved by the organization administrator,or the organization administrator can invite a user to join the organization.

By Organization mode supports integration with VMware vCloud Director. Ifintegration with VMware vCloud Director is enabled, you can provide accessto vCloud Director organizations by binding them to Data Director. ThevCloud Director organizations remain distinct from Data Directororganizations. vCloud Director organizations and users can be managed onlyfrom vCloud Director.

VMware, Inc. 61

Organizations contain one or more database groups (DBGs) that in turn contain one or more databases, asshown in the following figure.

Figure 5-1. Data Director Organization Structure

Organization names must be unique within Data Director. Organizations cannot be nested.

Organization roles, policies, and templates apply only within that organization. Resources allocated to anorganization are reserved for that organization and cannot be shared among multiple organizations, whetherin Global or By Organization mode. This restriction enhances security and ensures resource isolation amongorganizations.

See Chapter 2, “Managing Data Director Resources,” on page 15 for details about resource management inData Director.

Operating OrganizationsOrganization operations include system-level tasks such as creating and assigning resources to organizations,and organization-level tasks such as managing organization users, defining and granting roles, and creatingdatabase groups.

System administrators perform tasks such as the following.

n Create an organization. See “Create a Data Director Organization,” on page 64.

n If vCloud Director integration is enabled, bind vCloud Director organizations to Data Director. See “Binda vCloud Director Organization to Data Director,” on page 65.

n View all organizations within Data Director

n Create organization administrators

n Create database virtual machines (DBVMs) and convert them to base database templates

n Assign base database templates to resource bundles

n Allocate resources to organizations

n Revoke resource bundles from existing organizations

n Implement user authorization and authentication rules (security policies)

n Edit organization properties such as the organization name and description

n Delete disabled organizations


62 VMware, Inc.

By default, system administrators cannot access organizations. Organization administrators can grant accessto system administrators by modifying a security setting for their organization.

Organization administrators perform tasks such as the following.

n Manage organization users, roles, privileges, and permissions

n Create other organization administrators

n Grant access to the organization to existing users

n Enable base database templates for the organization

n Allocate organization resources to database groups

n Implement organization security and backup policies

n Define roles

n Define database configuration and database backup templates

n Monitor organization performance, resource usage, and alarms

Managing Resources For OrganizationsOrganizations get their resources from vSphere resource pools and from networking and storage resources.These resources are allocated to the organization by Data Director system administrators.

Organizations manage resource bundles on behalf of their database groups and databases. Resource bundlesare composed of vSphere resource pools (CPU and memory), storage, and networking resources, and providethe resources and base templates used to provision databases.

Resource pools initially created in vSphere are allocated to the Data Director system, where Data Directorsystem administrators use them to create resource bundles. System administrators allocate resource bundlesto organizations, and organization administrators can then assign resources to their database groups.

Figure 5-2. Resource Bundles, Organizations, and Database Groups

database backupdatabase database

resourcebundle

resourcebundle

Cloud

org org org

database group database grouptemplates

database database

resourcebundle

resourcebundle

Chapter 5 Managing Organizations

VMware, Inc. 63

One or more resource bundles can be assigned to an organization, but a resource bundle cannot be sharedacross organizations. This restriction provides resource isolation, enhances security, and helps to ensurecompliance with Oracle licensing requirements by enabling organizations with Oracle databases to use onlythe vSphere resources dedicated for Oracle use. Organizations do not compete for available resources and donot have access to each others' CPU, memory, storage, and network resources.

Storage resources are the datastores and allocation amounts for database data and backups. Network resourcesare the network or networks that are available to the resource bundle and that provide the network(s) fordatabases. Data Director system administrators can set up separate networks to provide database isolation.

Organization administrators can subdivide resource bundles across several database groups within theirorganization.

Databases draw their resources from their parent database groups, which draw their resources from theirparent organizations. Organizations draw their resources from the Data Director system.

Managing Organization UsersData Director organization administrators control user access, roles, permissions, and privileges within theirorganizations.

Organization administrators control which users can access their organizations and what those users can do.Only organization administrators can grant access to their organizations and assign roles to users within theirorganizations.

NOTE vCloud Director organizations and users can be managed only from vCloud Director. See the vCloudDirector documentation for details.

Users can belong to multiple organizations and can be granted multiple roles within those organizations ineither By Organization or Global mode systems.

n In a By Organization system, each organization has a distinct user list that is not visible to otherorganizations. To join an organization, users send a request to the organization administrator, or theorganization administrator can invite a user to join.

n In a Global system, the user list for the system is visible to all organizations. All users belong to allorganizations. Organization administrators grant roles to users to enable them to perform tasks in theorganization.

Organization administrators can grant any roles defined within their organizations to organization users. InBy Organization mode, the user must be on the organization's user list.

Organization administrators control what users can do in their organizations by defining roles, privileges, andpermissions within their organizations, then granting them to organization users. Roles are specific to theorganization in which they are created and are not visible to other organizations.

See Chapter 3, “Managing Users and Roles,” on page 27.

Create a Data Director OrganizationThe Data Director system administrator creates organizations to allow organization administratorsindependent management of their database groups and databases.

Prerequisites

n Resource bundle(s) must be created and available for allocation.

n You are logged in as a Data Director system administrator.

Procedure

1 With System selected, click Manage & Monitor.


64 VMware, Inc.

2 Click Organizations in the left pane.

3 Click the plus (+) icon to start the Create Organization wizard.

4 Click Create New Data Director Organization.

5 Enter the organization information.


Name and Description Specify a name and optional description and click Next.

Organization Administrator To create a new organization administrator user, perform the followingtasks.a Click Create a new user.b Specify the user name, password, first and last name, and optionally,

phone number.c Click Next.To use an existing user, perform the following tasks.a Click Choose an existing user.b Select the user from the list.c Click Next.

Resource Bundles You can assign resource bundles at any time after creating the organization.To skip the assign resource bundles step, click Assign resource bundleslater. To select a resource bundle now, click Choose an existing resourcebundle and select a resource bundle from the list. Click Finish.

The new organization appears in the Organizations list.

What to do next

Create resource bundles and assign them to the organization. See “Create a Resource Bundle,” on page 24.

Bind a vCloud Director Organization to Data DirectorData Director system administrators can integrate vCloud Director organizations and users with Data Directorby binding to the vCloud Director organizations.

Prerequisites

n vCloud Director integration is enabled.

n Resource bundle(s) are created and available for allocation.

n You are logged in as a Data Director system administrator.

Procedure

1 With System selected, click Manage & Monitor.

2 Click Organizations in the left pane.

3 Click the plus (+) icon to start the Create Organization wizard.

4 Click Bind to vCloud Director Organization.

Data Director connects to vCloud Director. This may take a minute.

5 Select a vCloud Director organization from the Organization drop down list and click Next.

Chapter 5 Managing Organizations

VMware, Inc. 65

6 Enter the appropriate information.


Organization Administrator Select the vCloud Director organization administrator.

Resource Bundles You can assign resource bundles at any time after binding the organization.To skip the assign resource bundles step, click Assign resource bundleslater. To select a resource bundle now, click Choose an existing resourcebundle and select a resource bundle from the list. Click Finish.

The vCloud Director organization appears in the Organizations list.

What to do next

Create resource bundles and assign them to the organization. See “Create a Resource Bundle,” on page 24.


66 VMware, Inc.

IP Whitelists 6Organization administrators and users with appropriate permissions can add a level of security to databaseconnection requests by creating IP whitelists and applying them to individual databases. By default, all userswith valid credentials can connect to a database. By applying one or more IP whitelists to a database, youensure that only connection requests from trusted IP addresses are accepted by that database.

Organization administrators and users with Manage IP Whitelists and Edit information and storagepermissions can create IP whitelists at either the organization level or the individual database level.Organization level IP whitelists, known as organization IP whitelists, can be applied to any database in thatorganization. Database level IP whitelists, known as custom IP whitelists, can be applied to a specific database.

IP whitelists contain one or more IP address ranges as well as one or more single IP addresses.

You can add, update, and apply IP whitelists during or after database creation.


n “Create an Organization IP Whitelist,” on page 67

n “Apply IP Whitelists to Databases,” on page 68

n “Create Custom IP Whitelists,” on page 68

Create an Organization IP WhitelistOrganization administrators and users with Manage IP Whitelists permission can create IP whitelists. IPwhitelists ensure that databases accept connections only from trusted IP addresses.

Procedure

1 Log in to Data Director as an organization administrator or as a user with Manage IP Whitelistspermissions.

2 Click the Organization Settings tab, and click Security.

3 Click the IP Whitelists tab, and click the plus (+) icon to start the Create IP Whitelist wizard.


Option Description

Name The unique name for the IP whitelist.

Description (Optional) A description for the IP whitelist.

IP Ranges Click the plus (+) icon to add IP addresses.n To add one IP address, select Single IP and enter the IP address.n To add a block of IP addresses, select IP Range and enter the beginning

and ending IP addresses of the IP address range.

VMware, Inc. 67

5 Click OK.

The IP whitelist appears in the IP Whitelist list.

Apply IP Whitelists to DatabasesYou can apply IP whitelists to a database to ensure that the database accepts connection requests only fromtrusted IP addresses.

Prerequisites

n Verify that your organization administrator or user with Manage IP Whitelist and Edit information andstorage permissions has created IP whitelists.

n Create a database to which you want to apply an IP whitelist.

Procedure

1 Log in to Data Director as an organization user with database management privileges.

2 Click the organization Manage & Monitor tab, and select your database group.

3 Click the Databases tab.

4 Right-click your database and select Properties.

5 Click the IP Whitelists tab.

6 Select Only allow connections from the selected IP whitelists.

7 Click the appropriate IP whitelist check box.

8 Click OK.

Data Director reconfigures the database to accept connections only from the selected IP whitelists' IP addresses.

Create Custom IP WhitelistsUsers with Manage IP Whitelist and database management privileges can create one or more custom IPwhitelists to apply to databases.

Prerequisites

Create a database to which you want to apply custom IP whitelists.

Procedure

1 Log in to your Data Director organization as a user with database management permissions.

2 Click your organization's Manage & Monitor tab, and select your database group.


4 Right-click your database and select Properties.

5 In the Properties window, click the IP Whitelists tab.

6 Select Only allow connections from the selected IP whitelists.

7 Click the plus (+) icon to start the Custom IP Whitelists wizard and enter the appropriate information.

Option Description

Name Enter a unique name for the custom IP whitelist.

Single IP Select to enter a single trusted IP address.


68 VMware, Inc.

Option Description

IP Range (Default) Enter a range of trusted IP addresses. Enter a beginning and endingIP address.

Description (Optional) A description of the custom IP whitelist.

8 Repeat Step 7 to continue adding custom IP whitelists.

9 Click OK.

Data Director reconfigures the database to accept connections from the custom IP whitelists' IP addresses.

What to do next

Click the IP Whitelists tab to modify or delete custom IP whitelists.

Chapter 6 IP Whitelists

VMware, Inc. 69


70 VMware, Inc.

Managing Database Groups 7Database groups contain sets of databases within organizations. Database groups allow organizationadministrators to provide the resources for operating and provisioning databases and to apply access andauthorization rules (security policies) to those databases. Grouping databases enables subdivision of resourcesfrom the organization's allocated resources.


n “Database Group Management Overview,” on page 71

n “Managing Resources for Database Groups,” on page 72

n “Storage Reservation,” on page 73

n “Database Groups and Security,” on page 73

n “Create a Database Group,” on page 73

Database Group Management OverviewOrganization administrators create database groups to enable efficient management of databases.Organization administrators also allocate the resources required to provision, operate, and control databasegroups.

The databases within a database group are usually related. For example, in Global user management mode,where organizations represent business units in a single enterprise, database groups can group databases fordepartments within the business unit. In By Organization user management mode, where each organizationrepresents a unique enterprise, database groups can group databases for business units within that enterprise.

Each database group can contain one or more databases. Databases must reside in one database group andcannot be divided among database groups.

Database groups must reside in one organization and cannot be nested.

The following figure shows the relationship between organizations and database groups.

VMware, Inc. 71

Figure 7-1. Database Groups in the Data Director Architecture

database backupdatabase database

resourcebundle

resourcebundle

Cloud

org org org

database group database grouptemplates

database database

resourcebundle

resourcebundle

Managing Resources for Database GroupsDatabase groups require CPU, memory, storage, and networking resources to enable database operation,provisioning, and backup. To provide database groups with the required resources, you allocate resourcebundles to their database groups.

Resource bundles consist of CPU, memory, storage, and networking resources. Multiple database groups inan organization can share the same resource bundle. The organization administrator can allocate part of theresource bundle to each database group, or assign a resource bundle exclusively to one database group.

Organization administrators assign resources when they create database groups and can add or expandresources as required. Each database group has exclusive use of its assigned resources to ensure resourceisolation. Resource isolation ensures that database groups and the databases that they contain do not competefor resources or have visibility into the resources of other organizations.

When organization administrators create database groups, they optionally specify how much unused CPUand memory to reserve for the database groups. The organization administrator also assigns the databasegroup's priority for distribution of unreserved resources. The priority options are high, medium, or low.

Organization administrators allocate storage for the database groups, and assign a storage reservation for thedatabase groups. The storage reservation determines the percentage of the total database storage allocationthat is initially committed to a database group. It is reserved even if the storage is not used yet. See “StorageReservation,” on page 73.

Because system administrators allocate resources to organizations and then organization administrators assignresources to database groups within organizations, each database must be contained within one databasegroup. You cannot split databases among database groups, and you cannot move a database to a differentdatabase group after the database is created.

Use the following guidelines to estimate the resources that you need for a database group.

n Calculate the storage allocation based on the expected number of databases that the database group willcontain, the amount of storage allocated for each of those databases, and room for growth.

(Number of DBs) X (Avg. storage for each DB) + (Room for growth)


72 VMware, Inc.

n Determine the size of the backup storage allocation to support the external backups for each database inthe database group plus the Point-in-Time Recovery allocation for each database.

Storage ReservationOrganization administrators use storage reservation to control whether they can allocate more storage than isavailable to databases in a database group. Administrators set a limit on how much storage can beoverallocated.

Storage reservation determines the percentage of the total database storage allocation that is initially committedto the database group. The storage is reserved, although it is not used yet.

For example, if the organization administrator sets database storage at 100GBs and storage reservation at 20%,a total of 500GBs is allocated for all databases in the database group. If a user then creates one database in thegroup, the single database can allocate up to 500GBs of data storage but commit 100GBs. If a user insteadcreates five databases in the group, each database can allocate up to 100GBs of data storage but can commit20GBs. You cannot add more databases to the group because all 100GBs are committed. For example, 500GBsare allocated, 100GBs are the capacity, and 400GBs are over allocated.

In practice, data storage is always less than the maximum 500GBs, because total allocation includes space foroverhead for the operating system, bin, snapshots, and so on.

Database Groups and SecurityRole-based access control and direct user permissions form the security policies that determine which userscan access particular database groups and the actions that the users can perform. Database groups inheritsecurity policies from their organizations.

Organization administrators define the security policies for their organization, including user roles,permissions, and privileges.

For example, an organization administrator creates a user role with permissions on database groups. Thesepermissions include create database, take database snapshots, and start or stop database. Those roles and theirassociated permissions apply to each database group within the organization, and to each database withineach database group.

Chapter 3, “Managing Users and Roles,” on page 27 discusses the Data Director security model and explainshow you can use roles for fine-grained permission management.

Create a Database GroupDatabase groups contain sets of databases within an organization. Database groups enable grouping relateddatabases and provide efficient use of resources needed to provision and operate databases.

Prerequisites

n Verify that at least one resource bundle is allocated to the database group's organization. See “Create aResource Bundle,” on page 24 if no resource bundle is available.

n Verify that at least one base DB template is enabled in the organization.

n Log in as an organization administrator or have permissions to create or modify database groups.

Procedure

1 Click the Manage & Monitor tab.

2 Click the Database Groups tab.

3 Click the plus (+) icon to create a database group.

Chapter 7 Managing Database Groups

VMware, Inc. 73

4 Specify the following information in the Create Database Group wizard.

Wizard page Action


Resource Bundle Select a resource bundle from the list and click Next.If no base DB template is enabled on the resource bundle, you must enableone.a Click Next, and select one or more base DB templates.b Click Enable.c When Status is refreshed to Enabled, click Next.

Enable Templates (Conditional) Select one or more base DB templates and click Enable. When Status isrefreshed to Enabled, click Next.

Resources Specify the resources for this database group.

Network Select the network from the drop-down menu.

CPU & Memory n Assign the priority (High, Medium, or Low).n (Optional) Select the Reserve resources for this

database group check box and enter thereservation amounts for CPU and memory.

Storage Enter the amount of database and backup storage toallocate to the database group, in gigabytes, in theDatabase Storage Allocation and Backup StorageAllocation text boxes.

Enter the percentage of database group storage toreserve for each of the database group's databases inthe Storage Reservation text box.

5 Click Finish.

The new database group appears in the database group list.

What to do next

Click the database group name to open the database group. You can view and edit its properties.


74 VMware, Inc.

Managing Database Templates 8Data Director database templates allow organization administrators to enable database templates, and tostandardize database creations and their backup policies. Database templates in Data Director also imposelimits on resource consumption. Database administrators can create and back up databases consistently byusing templates and can create, clone, and customize templates.


n “Introduction to Database Templates,” on page 75

n “Enable a Base DB Template,” on page 76

n “Create a DB Parameter Group,” on page 77

n “Create a Resource Template,” on page 77

n “Modify a Resource Template,” on page 78

n “Create a Backup Template,” on page 79

n “Modify a Backup Template,” on page 80

Introduction to Database TemplatesData Director includes database templates to help administrators streamline resource allocation andstandardize database setup and backup setup. Templates help database administrators to quickly provision adatabase and to select a backup process.

Data Director supports base DB templates, resource templates, and backup templates. Included with DataDirector are several optimized templates. When system administrators create an organization, they must assignbase DB templates to the organization. Data Director copies the system-defined templates, resource templates,and backup templates to the new organization. Organization administrators can modify only the resource andbackup template instances or configure new templates.

You can enable base DB templates, create DB parameter groups associated with base DB templates, and createresource templates and publish them immediately or publish them later. When a template is not published,you can view or manage it, but you cannot use it for provisioning or for other purposes.

Base DB TemplatesSystem administrators prepare base DB templates. The templates are not visible to organizations until systemadministrators assign them to the resource bundles of underlying organizations. When the base DB templatesbecome visible, organization administrators must enable them on the resource bundles before database userscan provision database from them.

VMware, Inc. 75

DB parameter groups are associated with base DB templates and contain the database configuration settingsused to provision database instances. DB parameter groups specify database configurations that vary from dbengines. For vFabric Postgres, this includes parameters such as connection, memory, IO, WAL, checkpoint,logging, and so on. When organization administrators enable a base DB template, they can use the default DBparameter group for the template. They can also create a new DB parameter group or copy from anothertemplate, so that database users can choose a parameter group based on actual need when provisioningdatabases.

Resource TemplatesDatabase Resource templates define the computing and storage resources for creating a database, the databaseparameter group, and the high availability settings.

Resource Settings When you create a template, you can specify the number of virtual CPUs,memory size, and recommended database storage allocation. You can enablehigh availability for the template and all corresponding databases. You can alsochoose the CPU and memory priority, which affects the allocation of resourcesfor all databases in the database group. The levels (high, medium, and low)give certain databases higher priority than other databases in the samedatabase group. The CPU reservation and Memory reservation text boxes letyou reserve resources for each database that you create from the template.

If you make changes to a template, databases that are already created from thetemplate are not affected.

You can create different templates for different situations. For example, you can define a resource template forengineering with a small memory size and have high availability disabled. You can define the resource templatefor QA with a larger memory size and with high availability enabled.

Backup TemplatesBackup templates define backup settings for databases. You can associate a backup template with a databasewhen you create the database, or you can associate a backup template with a database at a later time. See “Select a Database Backup Template,” on page 133.

You can use one of the predefined backup templates for consistency across your organization. See “BackupTemplate Settings,” on page 132.

You can also clone and customize an existing template and associate the custom template with your database.You can customize frequency, start time, and retention for snapshots and for external backup. You can alsoenable and customize point-in-time recovery, and you can specify a backup label. See “Create a BackupTemplate,” on page 79.

Enable a Base DB TemplateOrganization administrators enable a base DB template on the underlying resource bundles so thatorganization users can provision databases based on the base DB template. Only organization administratorsand users with Manage base DB templates privileges can enable, disable, and edit base DB templates.

Prerequisites


Log in to Data Director as an organization administrator or as an administrator with privileges to enable baseDB templates.


76 VMware, Inc.

Procedure


2 In the left pane, click Base DB Templates.

3 In the center pane, right-click a base DB template and select Enable on Resource Bundles.

4 Click Enable.

Wait for the base DB template to be enabled.

5 Click Close.

Create a DB Parameter GroupOrganization administrators and users with Manage base DB templates privileges can configure the DBparameter group for base DB templates.

Prerequisites


You are logged in to Data Director as an organization administrator or as an administrator with privileges tocreate, edit, and delete DB parameter groups.

Procedure


2 In the left pane, click Base DB templates.

3 Right-click a base DB template in the table, and select Properties.

4 Click the DB Parameter Group tab.


6 Type a name and description for your parameter group.

7 Scroll through the parameters associated with the base DB templates, and select the Override box tooverride default values for individual parameters.

8 Click OK.

A DB parameter is created and associated to the base DB template.

Create a Resource TemplateYou can create a resource template by cloning a template or by configuring a new template. In both cases, youcan specify the resource settings and the database settings for the template.

Only organization administrators or users with Manage Resource Templates or Manage BackupTemplates privileges can create, edit, and delete templates.

Prerequisites

Log in to Data Director as an organization administrator or as an administrator with privileges to create andmodify templates.

Procedure


2 Click Templates, and click Resource Templates.

Chapter 8 Managing Database Templates

VMware, Inc. 77

3 Create a template or clone a template.

Creation Method Action

New template Click the green plus icon above the menu bar.

Clone Right-click an existing template and choose Clone.

4 In the Create Resource Template wizard, type a name and description.

5 Specify whether you want to publish the template, and click Next.

When a template is not published, you can view or manage it, but you cannot use it to create databases.

6 Enter resource settings for the template and click Finish.

Option Description

vCPUs Number of virtual CPUs the database virtual machine will use.

High availability Select Enable to protect the database with vSphere High Availability. See thevSphere Availability documentation.

Memory size Amount of memory the database virtual machine will use.

Recommended DB storageallocation

Specify recommended storage allocation for this database.

CPU and memory priority Select Automatic to allow the vCenter Server system to allocate CPU andmemory to the virtual machine. If you select another value, the CPU prioritydetermines how unreserved CPU and memory resources are assigned to thisdatabase as compared to other databases in this database group.

Explicitly reserve resources fordatabases created by this template

If selected, you can reserve resources for running databases. Reservationsguarantee that the database has the specified amount of CPU and memoryavailable.

CPU reservation Number of MHz to reserve for this database.

Memory reservation Number of MB to reserve for this database.

Modify a Resource TemplateIf the requirements for resources or other aspects of your environment change, you can modify existingresource templates. Databases that you create from the new template use the new settings.

Prerequisites

Log in to Data Director as an organization administrator or as an administrator with privileges to manageresource templates.

Procedure

1 In your organization, click the Organization Settings tab.

2 Click Resource Templates in the left pane.

3 Right-click the template that you want to modify, and perform one of the supported actions.

Action Description

Clone Creates a copy of this template. When you clone a template, the CreateDatabase Resource Template wizard opens, and you can configure theresource settings for the clone.

Delete Deletes the selected template.

Unpublish Disables provisioning and other capabilities for this template. When atemplate is not published, you can view or manage, but cannot be used forprovisioning or other purposes.


78 VMware, Inc.

Action Description

Edit Permissions Allows you to specify who can use this template, and what each user can do.You can change the permissions for an existing user, remove an existing user,and add a role. Users who can create a database from the template do notautomatically have permissions to modify the template.

Properties Allows you to modify the settings that you specified when you created thetemplate. See “Create a Resource Template,” on page 77 for a discussion ofthe properties you can change.

You can create databases with the new settings from the modified template. Databases that you previouslycreated from the template do not change.

Create a Backup TemplateBackup templates include frequently used backup settings. You can use one of the existing templates, cloneand customize a template, or create a template. You can then associate the backup template with a databasethat you create.

The system-defined backup templates use recommended settings for different situations. See “BackupTemplate Settings,” on page 132 for information about system-defined templates.

Prerequisites

Log in to Data Director as an organization administrator or as an administrator with Manage ResourceTemplates or Manage Backup Templates privileges.

Procedure


2 Click Backup Templates in the left pane.

3 Create a template or clone a template.

Creation Method Action

New template Click the green plus sign above the menu bar.

Clone Right-click one of the existing templates and select Clone.

4 In the Backup Template wizard, type a name and description for the template.

5 Specify whether you want to publish the template, and click Next.

When a template is not published, you can view or manage it, but you cannot use it to backup databases.

6 Specify the snapshot settings in the Backup Settings panel.

Option Action

Frequency Select one of the options from the menu. Select Never if you do not wantbackups for databases that use this backup template.

Start Time Select Automatic to allow the system to control the start time, or enter a starttime. The system initiates a backup within two minutes of the target starttime, depending on system load.

Retention Enter the number of hours or the number of copies to retain.


VMware, Inc. 79

7 Specify the external backup settings.

Option Action

Frequency Select one of the options from the menu. Select Never if you do not wantbackups for databases that use this backup template.

Start Time Select Automatic to allow the system to control the start time, or enter a starttime. The system initiates a backup within two minutes of the target starttime, depending on system load.

Retention Select a proper retention period from the options.

Extended retention Check the box to enable extended retention, then specify a retention value.

8 Select the general backup settings.

Option Action

Point-In-Time recovery Click to enable point-in-time recovery, and enter a value in RecommendedPITR storage allocation.Select Suspend database or Automatically adjust PITR retention if storageruns out.The start time for point-in-time recovery is right after point-in-time recoveryis enabled, when the system creates a baseline backup or snapshot. Youcannot remove the baseline backup. If you do, the start time for point-in-timerecovery changes.The time range for point-in-time recovery is from the time of your oldestautomatic backup to the present. The oldest backup can be an externalbackup or a snapshot. Backups with extended retention are not supportedas oldest backups.Point-in-time recovery consumes space in the backup storage area.Depending on database load and retention lengths, this feature might requirea significant amount of storage.

Backup label Type the first part of the name of the backup.Defaults to user-specified label-date_and_time-dbname. For your databasenamed db1, if you entered testbackup as the label and the backup starts at12:30:45 on May 30, 2011, the full name istestbackup-2013-05-30-12-30-45-db1.If you do not specify a label, the system uses snapshot-data_and_time-dbnameor backup-data_and_time-dbname.

9 Click Finish to finish creating the template.

What to do next

You can assign the template to databases.

Modify a Backup TemplateIf the requirements for backups in your environment change, you can modify existing backup templates.

Prerequisites

Log in to Data Director as an organization administrator or as an administrator with privileges to managebackup templates.

Procedure

1 In your organization, click the Organization Settings tab.

2 Click Backup Templates in the left pane.


80 VMware, Inc.

3 Right-click the template that you want to modify and perform one of the supported actions.

Action Description

Clone Creates a copy of this template. When you clone a template, the CreateBackup Template wizard opens and you can configure the backup settingsfor the clone.

Delete Deletes the selected template.

Unpublish Disables provisioning and other capabilities for this template. When atemplate is not published, you can view or manage it, but you cannot use itfor backup or other purpose.

Edit Permissions Lets you change the permissions for an existing user, to remove an existinguser, and to add a role.

Properties Lets you modify the settings you specified when you created the backuptemplate.

You can create databases with the new settings from the modified template. Databases that you created fromthe template do not change.


VMware, Inc. 81


82 VMware, Inc.

Managing Databases 9Database administrators and application developers manage database lifecycles from creation todecommissioning. Database administrators manage databases from a central management perspective.Application developers focus on how databases can help with application development as a service.


n “Database Lifecycle,” on page 83

n “Requirements for Creating Databases,” on page 85

n “Database Creation,” on page 86

n “Using Tags,” on page 96

n “Managing the Organization Catalog,” on page 97

n “Batch Operations and Scheduled Tasks,” on page 99

n “Updating Databases,” on page 100

n “Database Administration,” on page 101

Database LifecycleIn Data Director, database lifecycle includes preparing base database templates from database virtualmachines, database creation and resource allocation, managing the database schema and data, performingbackup and recovery tasks, ingesting databases into Data Director, and decommissioning databases. Systemadministrators, database administrators, and application developers perform the database lifecycle tasks.

For information about backup and recovery tasks, see Chapter 12, “Safeguarding Data,” on page 129.

Prepare base databasetemplates

Base database templates (base DB templates) reside at the Data Director systemlevel. They provide the virtual hardware, operating system, database software,and other required files and configuration information needed to createdatabases in Data Director. System administrators create database virtualmachines (DBVMs) at the system level, convert them to base DB templates,assign the base DB templates to one or more resource bundles, and assign the

VMware, Inc. 83

resource bundles to organizations. Organization administrators must enableat least one base database template in their organization resource bundle(s) toallow organization users to create databases. See Chapter 4, “Building DBVMsand Base DB Templates,” on page 37.

Create databases Create and allocate resources to a new database using base database templates,database resource templates, and parameter groups. Database resourcetemplates specify resource limits. Parameter groups specify sets of databaseparameters, such as maximum connections allowed, encoding, and checkpointtimeout. Application developers can perform do-it-yourself database creationusing the predefined base database templates, resource templates, andparameter groups. See “Requirements for Creating Databases,” on page 85.

Administrators can grant permissions to their users to create databases fromresource templates, but not allow users to modify the resource templates orchange the default resource allocations. This restriction provides resource limitenforcement and allows administrators to retain control of resource andsecurity policies. See Chapter 8, “Managing Database Templates,” on page 75.

Manage schema Manage vFabric Postgres database schemas and add data. You can createtables, designate primary and foreign keys and indexes, and create views,sequences, triggers, and other database entities.

NOTE Data Director supports managing schemas for vFabric Postgresdatabases only.

Backup and restore Safeguard your data by taking regular backups and testing your backups. SeeChapter 12, “Safeguarding Data,” on page 129.

Update database Choose the database version to update within Data Director to meet IT policiesor application requirements.

Clone Ensure access to consistent, yet isolated databases by cloning the database forspecific purposes such as development or quality assurance. See Chapter 10,“Cloning Databases,” on page 107.

Scale up Dynamically increase the database size as required during the development,test, and production phases.

Monitor performanceand usage

Use the Data Director user interface to monitor resource usages, recent alarms,tasks and events. See Chapter 13, “Monitoring the Data DirectorEnvironment,” on page 141.

Stop and restart thedatabase

Stop and restart, for example, to perform maintenance tasks.

Decommission thedatabase

Disable and then delete databases. Free up the resources when they are nolonger needed.

Add databases to theorganization catalog

Add any Data Director database to the organization catalog. Organizationusers can create databases using the catalog databases when they need adatabase with known characteristics and preloaded data, for example, fortesting SQL scripts or usage scenarios.


84 VMware, Inc.

Ingest externaldatabases into DataDirector

Ingest a backup of an external database into Data Director. You can ingest aone time clone, or you can refresh an existing database from an externaldatabase. Ingested databases are accessible only from the organizationdatabase catalog and can be refreshed only by an additional backup from thesource database. You cannot use ingested databases directly in Data Director.

Perform commonoperations and scheduletasks in batches

Perform common tasks and schedule database operations to run on multipledatabases in a database group, for example, run restart, stop, repair, enable,and add whitelists tasks, and schedule upgrade and backup operations onmultiple databases.

Every database requires an administrator account that can perform all schema management operations. Thisaccount is specific to the database and cannot log in to Data Director. You can add database owner accountsafter database creation. Data Director database users must log in with their database-specific credentials toview the database, its entities, and its data or to perform database management tasks.

Database administrators and application developers can manage databases only if they have appropriatepermissions and roles granted to them by the organization administrator. The administrator must grantpermissions and roles on the database group or on the database. These permissions and roles apply only withinthe organization in which they are granted.

Requirements for Creating DatabasesYou must have certain permissions to create databases, and you must calculate the storage needed for databaseand related data.

Permissions Required for Creating DatabasesTo create databases, you need Create Databases permission on the database group that will contain thedatabase, Use Templates permission on at least one database template, and permission to at least one resourcetemplate and one backup template.

It is useful to have the following permissions on the database group and on the database.

n Create snapshots.

n Create external backups.

n Delete snapshots, including editing their retention time.

n Clone the database.

n Recover the database from a backup or snapshot.

n Manage IP Whitelists

The organization administrator can create a role with these permissions and assign organization users to therole.

Calculating Database Storage AllocationDuring the database creation process, you specify database storage allocation, point-in-time recovery storageallocation, and the database group for the database. The database group provides the CPU, memory, storage,and network resources required to run the database. The storage and point-in-time recovery allocations specifyhow much of the database group's resources to use for this database. See “Storage Reservation,” on page 73.

When you calculate the amount of storage to allocate to the database, proceed as follows.

n Estimate how much data will be stored in the database.

n Consider the number of users and average expected number of transactions in a particular time periodand allow for the number to increase.

Chapter 9 Managing Databases

VMware, Inc. 85

n If you plan to enable point-in-time recovery, calculate additional storage to accommodate the point-in-time recovery write-ahead logs (WALs). The size of the allocation depends on the expected volume oftransactions on the database.

Every database requires a certain amount of storage overhead for the operating system, database software,swap space, log files, snapshots, and so on. The storage for overhead is explicitly allocated and does not countagainst database storage allocation. Database storage allocation is for the database schema and data only. Youmust have enough resources available to cover the database allocation and to cover any overhead.

Even if the database group has enough free space for creating a database, database creation does not finish ifyou do not have enough resources for the overhead. If the free space is less than the following calculation, DataDirector cannot create the database.

(storage allocation * storage reservation %) + overhead

Database Creator PermissionsAfter database creation finishes, the following permissions on the new database are granted to the databasecreator.

Edit information andstorage

Enables the database creator to edit database properties such as the name,description, and size of the database.

Manage IP whitelists Enables the database creator to assign IP whitelists to this database and to createcustom IP whitelists for this database.

Modify administratoraccounts

Enables the database creator to add or modify database users for this database.Database users are granted full permission on this database.

Start database and Stopdatabase

Enables the database creator to start and stop.

View properties Enables the database creator to view the database.

Edit settings Enables database creators to edit database parameters, database ingestion, andrefresh settings and SSL certificates.

Monitor status Enables database creators to monitor dashboards, events, tasks, reports, andlogs. You can also define, monitor, and acknowledge alarms.

Database CreationAs a DBA or application developer, you create databases to serve your project or application requirements.Data Director provides several methods for creating and provisioning databases.

n “Create an Empty vFabric Postgres or Oracle Database,” on page 87. Use a resource template to createan empty database. Use this method when developing a new application or the database characteristicsor data are not important to the current phase of your project.

n “Create a Database from a Catalog,” on page 89. Use this method when you require a database withknown characteristics and pre-loaded data. Catalog databases are read-only and cannot be modified orpowered on by users, though the data in the catalog database can be refreshed periodically from the sourcedatabase.

n Create a database by cloning an existing database. Use this method to create a database in a pristine state,with pre-loaded data and configuration settings, for testing and development purposes. See Chapter 10,“Cloning Databases,” on page 107.


86 VMware, Inc.

n “Ingest an External Database,” on page 93. Use this method to reproduce a state from a production orother type of environment. With ingestion, you can create a one-time clone, create a "golden clone", whichcannot be modified within Data Director, or refresh a database from an external database, also known asin-place refresh. A golden clone can be refreshed only by an additional backup from the source database.You can make clones of a golden clone within Data Director.

Create an Empty vFabric Postgres or Oracle DatabaseWhen you need an empty database for a new application, you can create it with a database resource template.The template is configured to allocate resources to the database.

Prerequisites

n Verify that you have access to the organization and database group in which to create the new database.

n Verify that you have Clone permission on the catalog database and Create databases permission on thedatabase group in which you create the database.

n Verify that you have Use template permission on at least one resource template, backup template.

Procedure

1 Navigate to the organization and to the database group in which to create the database.



4 Click the plus (+) icon to start the Create Database wizard.

5 View the summary, and click Finish.

Field Option

Creation Type Click Create new database.

Name and Description Type a name and, optionally, a description of the database.

Database Type Select a database type from the drop-down menu. For example, Oracle orvPostgres.

Base DB Template Select a base database template from which to create the database from thedrop-down menu. For example, Oracle 11.2.0.3

Database Group If you selected a database group, this field is filled in for you.

Resource template Select a database resource template from the drop-down menu. For example,tiny, giant, and so on.

Data disk allocation Select the data storage allocation for this database. The minimum is 1GB forvFabric Postgres and SQL Server, and 2GB for Oracle.

Parameter group Select a parameter group for the database or accept the default parametergroup. Parameter groups contain database configuration settings such ascheckpoint timeout, write-ahead log buffers, encoding, and shared buffers.

Backup template (Optional) Select a backup template from the drop-down menu. You canselect a backup template for specific purposes, such as development, or selectno backups (Disabled).

PITR disk allocation Select the number of gigabytes to allocate for point-in-time recoveryoperations. The minimum is 1GB.

Administrator user name Type an administrator account for the database. Each database requires anadministrator that can perform all schema management operations. Theadministrator account is specific to the database and cannot log in to DataDirector.

Password Type an owner account password.

Confirm password Confirm the owner account password.


VMware, Inc. 87

Field Option

Expiration Select a date and time at which the database expires. Then select an actionupon expiration, or no expiration.

Tags (Optional) Select one or more tags for this database. Use tags to filter the listof databases that you view in an organization's Databases tab, for example,all your customer relationship databases can have a tag called CRM.

Snapshot (Optional) Select the check box to take a snapshot backup of the databasewhen creation and provisioning finishes.

IP Whitelist Select Allow all connections to the database. Optionally, select Only allowconnections from selected IP whitelists (next page), and select anorganization IP whitelist or create a custom IP whitelist..

The database appears in the Databases List with a status of Creating. The process can take a few minutes. Thestatus changes to Running when creation finishes successfully.

What to do next

You can load the database data and use the database.

Create an Empty SQL Server DatabaseYou can create an empty SQL Server database for a new application with a database resource template. Thetemplate is configured to allocate resources to the database

Prerequisites




Procedure





5 Click Create new database, and provide the appropriate information.

Option Description

Name and description Type the NETBIOS name for the Windows machine and, optionally, adescription of the database.

Database type Select SQL Server.

Base DB template Select Template-sql server from the drop-down menu.

Database group Select a database group.

Resource template Select a resource template.

Data disk allocation Type a data storage allocation value for this database. The minimum is 1GBfor SQL Server.

Parameter group Select a parameter group for the database or accept the default parametergroup.

Domain To use Windows authentication, click Join machine to domain and type adomain name, user name, and password.To use mixed authentication, click Do not join domain.


88 VMware, Inc.

Option Description

Administrator If you joined the machine to a domain, type a domain user name for the SQLServer administration.If you did not join the machine to a domain, enter a password for the built-in SQL Server Administrator account, and a password for the Local WindowsAdministrator.

Options Click No expiration, or click Expires on and select an expiration date andtime and an action upon expiration.

Tags (Optional) Select one or more tags for this database. Use tags to filter the listof databases that you view in an organization's Databases tab. For example,you can tag all your customer relationship databases as CRM.

6 Confirm your selections, and click Finnish.

You have a running SQL Server instance.

What to do next

You can add the database data and begin to use the database.

Create a Database from a CatalogYou create a database from a catalog when your application requires a database with known characteristicsand data.

Prerequisites




Procedure





5 Select Create Database from the Catalog and click Next.

6 Select a database from the catalog, click Full clone or Linked clone, and click Next.

7 Enter the following information.

Option Action


Database type The database type is the same as the catalog database you selected.

Base DB template The database template is the same as the template for the catalog databaseyou selected.

Database group If you selected a database group, this text box is completed for you. ClickNext.

Resource template Click Clone from source database and, optionally, view the settings, or selecta database resource template from the drop-down menu. For example, tiny,giant, and so on.

DB storage allocation You cannot change this value when creating a database from the catalog.


VMware, Inc. 89

Option Action

Database parameters Click Clone from source database and, optionally edit the parameters, orselect a parameter group from the drop-down menu.

Backup template Click Clone from source database and, optionally, view the settings, or selecta backup template from the drop-down menu.

PITR disk allocation You cannot change this value when creating a database from the catalog.Click Next.

Post-clone Script Select an SQL script to run after database is created or, optionally, click theplus (+) icon to create a new script and name it as post-clone scripts. You canclick Edit to modify a script.

Expiration Select a date and time at which the database expires and select an action uponexpiration., or select no expiration.


IP whitelists Select Allow all connections to the database. Optionally, select Only allowconnections from selected IP whitelists (next page), and select anorganization IP whitelist or create a custom IP whitelist. Click Next.

8 View the summary to confirm your selections, and click Finish.

The database appears in the Databases List with the status Creating. The process can take a few minutes. Thestatus changes to Running when creation finishes successfully.

Requirements for Ingesting External DatabasesTo ingest a database is to take Oracle backup files, generated by the Oracle RMAN utility on an external, orsource, database, and restore them to a new, or target, database in Data Director.

The Oracle backup files are hosted on an NFS server for Data Director to consume. As the source databaseevolves, the refresh process can take incremental backup files from the source and apply them to target, so anychanges after ingestion can be synced to the target database, regularly or on demand.

You can use ingestion to reproduce a production environment, or to create a one-time clone or golden clone,or refresh an existing database in place.The imported database is a clone of a physical database that existsoutside of Data Director.

System RequirementsTo ingest an external database, you need the following versions of Oracle, and Linux.

n Oracle: 11g Release 2 Linux x86-64 Enterprise/Standard Edition.

n Oracle: 10g Release 2 Linux x86-64 Enterprise/Standard Edition.

n OS: Linux x86-64.

Backup Operation RequirementYou must comply with the following rules when backing up the source database.

n Turn on control file auto backup and use the default control file auto backup format for device type disk('%F').

n If the database is in archive log mode and open, you must include archive logs in the backup. For example,

backup INCREMENTAL LEVEL 0 database plus archivelog


90 VMware, Inc.

Otherwise, do not include an archive log in the backup. If the database is in nonarchive mode, the refreshfrom external database feature does not support point in time refresh. The absolute path of any controlfiles, data files, redo log files, or temporary files of source database cannot contain any space, tab, carriagereturn, asterisk, question mark, backslash, quote or line feed characters.

n The database must be included in the backup. You cannot back up only the archive logs.

n For golden clone ingestion and golden clone refresh, you must supply a LIST file containing informationabout the backup operation. See next section for the name convention and format of LIST file.

n For a one-time clone (in-place refresh), a full backup or one level 0 incremental backup plus severaloptional level 1 subsequent incremental backups is required. You can optionallly do several subsequentlevel 1 incremental backups (L0+nL1). For a point in time refresh, record the modify time so you can refreshto the specified time. For a golden clone, a level 0 incremental backup is required for ingestion, and a level0 or level 1 (either differential or cumulative) incremental backup is required for a refresh.

n You must have an spfile in the control file backup set if you do not specify a pfile.

n The database name must be the SID.

n If network speed is limited or the database is very large, the ingestion-refresh process can take a long time.If you use DHCP for the database virtual machine, ensure that the DHCP lease time is long enough so thatthe IP address does not change during the ingestion and refresh process.

Additional RequirementsYou must comply with the following additional requirements when backing up the source database.

n The NFS server must be accessible to the DB Access Network or the Internal Network when ingestion andrefresh is running, and the backup files, LIST file and pfile must be readable.

n You must allocate sufficient storage when ingesting, and estimate future expansion when ingesting agolden clone.

Supported Oracle FeaturesThe following Oracle features are supported.

n Backup set.

n Different block size for various data files.

n BLOB data type.

n Compressed backup.

Unsupported Oracle FeaturesThe following Oracle features are not supported.

n Image copy backup.

n External file.

n Encrypted backup.

n OEM (Oracle Enterprise Manager) is not supported on ingested database.


VMware, Inc. 91

File Based ConventionsDuring the ingestion and refresh process, coordinate your operations with external programs, such as thirdparty backup software, or with manual operations. Familiarize yourself with the backup files, and observethese file based conventions.

n Backup files for each ingestion or refresh operation should have their own directory. The directory shouldbe beneath the exported directory.

n For a golden clone ingestion and golden clone refresh, you must supply a LIST file that containsinformation about the backup. The naming convention for a LIST file is database.LIST, where database isthe name of the database. The content of the LIST file is a series of key-value pairs, as in this example LISTfile.

controlfile=o1 mf_s_774019590_71hv06jn_.bkp

pfile=sales.pfile

NOTE The level value, required in previous versions of Data Director, is no longer needed. The agentautomatically checks the bakup level during ingestion and refresh. The optional catalogstart propertyspecifies the location to load the backup files. This means the control file directory and the catalog start directorycan be different. The value of catalogstart is a directory relative to the LIST file. If no catalogstart is provided,the directory of the LIST file is used. When you upgrade from Data Director 2.0, make sure your old LIST fileworks as expected. Otherwise, provide a catalogstart value.

In this LIST file, the controlfile field specifies the control backup file in the backup set. The value is a filerelative to the LIST file. It can be in the same directory as the LIST file, or in another directory. Other backupfiles must be in the same directory as the control backup file.

The pfile field is optional.

To illustrate how to organize the LIST file, a pfile, and backup files, assume that you take a level 0 backup onSunday and a level 1 backup on all other days. In this case, you would create a backup directory with a LISTfile and a pfile in it, for example, sales.LIST and sales.pfile. Also in that directory, you would createsubdirectories for each day of the week, with a backup file, LIST file and pfile in each of them.

On Sunday, the sales.LIST file will look like this.

controlfile=Sun/o1_mf_s_774019590_7lhv06jn_.bkp

catalogstart=Sun

pfile=sales.pfile

level=0

NOTE For backwards compatibility, you can retain the level value, as shown for Sunday.

On Monday, the sales.LIST file will look like this.

controlfile=Mon/o1_mf_s_774002607_7lhbfhrm_.bkp

catalogstart=Mon

pfile=sales.pfile

level=1

Ensure that the level information in the LIST file is correct. Information at the wrong level will result in failureof the refresh process. If you retain the level value for backwards compatibility, set it as shown for Monday.

In the directory containing the backup files, a LOCK file is generated during the ingestion and refresh processesto coordinate the operation with external programs. The LOCK file uses the same naming convention as theLIST file. If the LOCK exists at the beginning of an ingestion or refresh process, the process aborts.


92 VMware, Inc.

Ingest an External DatabaseYou ingest a database to reproduce a production environment and create a one-time (golden) clone. Theimported database is a clone of a physical database that exists outside of Data Director.

Prerequisites


n Verify that you have Ingest databases permission on the database group in which you create the newdatabase.

n Verify that you have Use template permission on at least one resource template and backup template.

Procedure

1 Configure the Database Refresh Profile on page 93The database refresh profile determines how, and how often, to refresh database data.

2 Configure the Ingestion Process Settings on page 94The ingestion process settings specify the source of the database to ingest, the ingestion schedule, andthe maximum network bandwidth the ingestion process can use.

3 Enter General Database Information on page 95Specify general information about the database, including name, database type and template, parametergroup, Point-In-Time Recovery allocation, and whether to take a snapshot backup after database creationcompletes.

4 Refresh a Data Director Database from an External Database on page 95You can refresh a database in Data Director from an external backup database. This is also known as anin-place refresh.

Configure the Database Refresh ProfileThe database refresh profile determines how, and how often, to refresh database data.

Procedure


a Click the Manage & Monitor tab.

b Click the Databases tab.

c Click the plus (+) icon to start the Create Database wizard.

d Select Ingest external database and click Next.

2 Select One-time clone or Golden clone in catalog.

Option Description

One-time clone One-time clones are not linked to the source database. After the database isingested, it is open and running, and you can modify data as required. Youcan also refresh it froman external database by performing an in-placerefresh, but the original database will be removed.

Golden clone in catalog A golden clone, once ingested, is marked as a catalog database and the virtualmachine is powered off. You cannot use it directly but must provision adatabase from it. You can then refresh the target database from the sourcedatabase manually, or by scheduling incremental backups at regularintervals.


VMware, Inc. 93

3 (Optional) If you selectGolden clone in catalog, you can select Take a snapshot before refreshing, andselect Automatic refresh and specify a refresh frequency and start time.

What to do next

Click Next to configure Ingestion Process Settings or click Back to make changes.

Configure the Ingestion Process SettingsThe ingestion process settings specify the source of the database to ingest, the ingestion schedule, and themaximum network bandwidth the ingestion process can use.

You can ingest an external database from backup files that reside in NFS shared storage.

Prerequisites

Complete the refresh profile configuration settings.

Procedure

1 (Optional) If you selected One-time clone in the Refresh Profile, enter the following information.

Field Option

NFS share name (Required) NFS share containing the RMAN backup of the source database.

Catalog start Root folder that contains the RMAN backup set. This is the relative path toNFS Share. All backups under this directory are used for ingestion andrefresh. For example, if the daily backups for a database are stored under aspecific folder in the NFS share, catalog start should point to it.

Control file (Required) Relative path to NFS Share. This is the control file used to restorethe database. It is a control file backup that includes a copy of the control fileand spfile.

Optional pfile Custom pfile.

Refresh point Select Most recent backup or specify a point in time for the ingestion. For apoint in time ingestion, the backup set under the catalog start directory mustinclude a level 1 incremental backup.

2 In the Scheduling Window section, select Run this action now to ingest the external database

immediately, or specify the ingestion start date and time.

3 Specify the maximum network bandwidth the ingestion process can use.

4 (Optional) If you selected Golden clone in catalog, enter the backup storage information, including theNFS share name and relative path.

Data Director checks the specified NFS information to verify that the NFS server is accessible.

What to do next

Click Next to enter general database information.


94 VMware, Inc.

Enter General Database InformationSpecify general information about the database, including name, database type and template, parameter group,Point-In-Time Recovery allocation, and whether to take a snapshot backup after database creation completes.

Procedure


Field Option


Database Type Select a database type from the drop-down menu. For example, Oracle orvFabric Postgres.

Base DB Template Select a base database template from which to create the database from thedrop-down menu. For example, Oracle 11.2.0.3

Database Group If you selected a database group, this field is filled in for you.

Resource template Select a database resource template from the drop-down menu. For example,tiny, giant, and so on.

Data disk allocation Select the data storage allocation for this database. The minimum is 1GB forvFabric Postgres and 2GB for Oracle.

Backup template (Optional) Select a backup template from the drop-down menu. You canselect a backup template for specific purposes, such as development, or selectno backups (Disabled).

PITR disk allocation Select the number of gigabytes to allocate for point-in-time recoveryoperations. The minimum is 1GB.

Expiration Select a date and time at which the database expires. Then select an actionupon expiration, or no expiration.


Snapshot (Optional) Select the check box to take a snapshot backup of the databasewhen creation and provisioning finishes.

IP Whitelist Select Allow all connections to the database. Optionally, select Only allowconnections from selected IP whitelists (next page), and select anorganization IP whitelist or create a custom IP whitelist..

2 On the Summary page, review the database information.

3 Click Finish to ingest the database.

If the ingested database is a one-time clone, the database appears in the databases list with a status of Creating.The status changes to Running when the database is created. The process can take a few minutes. If the ingesteddatabase is a golden clone, the database is added to the organization catalog with a status of Creating. Thestatus changes to Ready when the database is created.

Refresh a Data Director Database from an External DatabaseYou can refresh a database in Data Director from an external backup database. This is also known as an in-place refresh.

Prerequisites

Verify that you have Create database permissions on the group.

Procedure

1 Click the Manage and Monitor tab in your organization.


VMware, Inc. 95

2 Right-click a database and select Refresh.


Field Option

NFS share name (Required) NFS share containing the RMAN backup of the source database.

Catalog start Root folder that contains the RMAN backup set. This is the relative path toNFS Share. All backups under this directory are used for ingestion andrefresh. For example, if the daily backups for a database are stored under aspecific folder in the NFS share, catalog start should point to it.

Control file (Required) Relative path to NFS Share. This is the control file used to restorethe database. It is a control file backup that includes a copy of the control fileand spfile.

Optional pfile Custom pfile.

Refresh point Select Most recent backup or specify a point in time for the ingestion. For apoint in time ingestion, the backup set under the catalog start directory mustinclude a level 1 incremental backup.

4 Click Refresh.

The database is refreshed, the original database is removed, and the database name (SID) of new databasebecomes the database name (SID) of the external backup database.

Using TagsTags are text labels that users create and associate with databases. Users can create tags on any databases thatare visible to them. Tags provide a simple way to search for databases in a particular database group ororganization.

Users can see only the tags that they create.

Tags enable filtering on the list of databases that appear in an organization under theDatabases tab. Forexample, a user can create a tag called HR and associate the tag with all of the HR databases in an organization.When that user views the Databases tab, filtering on the HR tag displays only the databases with that tag.

You can associate a tag with a database during database creation. See “Create an Empty vFabric Postgres orOracle Database,” on page 87. You can also associate tags with an existing database.

Create a TagTags provide a simple way to search for databases in a database group or organization.

Procedure

1 Log in to Data Director as an organization administrator.


3 Click the Tags tab.


5 Type the name of the tag in the Create Tag dialog box and click OK.


96 VMware, Inc.

Associate a Tag with an Existing DatabaseTags support searches for databases. You can associate a tag with a database to help with searches for databases.

Procedure

1 Log in to Data Director as an organization administrator or as a user with Edit information and storagepermission.



4 Right-click a database to display the Actions menu and select Properties.

5 Click the General tab, select a tag in the Tags field, and click Edit.

6 Click the check box for the tag or tags to associate with the database and click OK.

Managing the Organization CatalogOrganization administrators can add Data Director databases to the organization catalog. Organization userscreate databases from the catalog when they need a database with known characteristics and preloaded data,for example, when they test SQL scripts or usage scenarios.

Users cannot directly modify databases in the catalog and databases cannot power on. Organizationadministrators can remove catalog databases when the databases are no longer needed.

Add a database to the organization catalog in one of the following ways.

n Select a database from a database group's Databases tab.

n Add a database using the organization's Catalog tab.

As part of the cataloging process, you choose whether to clone the database and add the clone to the catalogor move the database into the catalog.

n Clone the database to allow refreshing the catalog database from the source database. You can create afull clone or a linked clone.

n Move the database when you want to preserve the database in its current state with its current data.

Add a Database to the CatalogYou can add an existing Data Director database to the database group catalog, and use the catalog database tocreate other databases with known characteristics and preloaded data. You cannot directly modify or poweron catalog databases.

Prerequisites

Verify that you have Create catalog items and Clone privileges at the organization or database group level.

Procedure

1 Log in to Data Director.

2 On the organization Manage and Monitor tab, select the database group.

3 Click Databases.

4 Right-click the database and select Add to Catalog.


VMware, Inc. 97

5 In the Add Databases to Catalog window, enter the following information.

Option Description

Source Database The default is the database that you selected . To add a different database tothe catalog, click Edit and select a database from the list.

Name Type a name for the catalog database. The default is the name of the databasethat you entered earlier.

Description (Optional) Type a description of the catalog database.

Add Action To allow refreshing the catalog database from the source database, selectClone source to catalog, and then select Full Clone or Linked Clone. Todisallow refreshing to the catalog database, select Move Source to Catalog.You can move only a stopped database to the catalog.

6 Click OK.

The database is added to the database group catalog with the status Ready. You can now use it to createdatabases.

Add a Database to the Catalog Using the Catalog TabYou can add a database to the organization catalog, then create other databases from it.

Prerequisites

Verify that you have organization privileges.

Procedure

1 Click the organization Manage and Monitor tab and click the Catalog tab.


3 In the Add Databases to Catalog window, enter the following information.

Option Description

Source Database The default is the database that you selected . To add a different database tothe catalog, click Edit and select a database from the list.

Name Type a name for the catalog database. The default is the name of the databasethat you entered earlier.

Description (Optional) Type a description of the catalog database.

Add Action To allow refreshing the catalog database from the source database, selectClone source to catalog, and then select Full Clone or Linked Clone. Todisallow refreshing to the catalog database, select Move Source to Catalog.You can move only a stopped database to the catalog.

4 Click OK.

The database is added to the database group catalog with the status Ready. You can now use it to createdatabases.

Remove a Database From the Organization CatalogOrganization administrators can remove a database from the organization catalog, for example, when thedatabase becomes obsolete.

Prerequisites

Verify that you have organization and database privileges.


98 VMware, Inc.

Procedure

1 Log in as an organization administrator or user with organization and database privileges.

2 In the organization Manage & Monitor tab, select Catalog.

3 Right-click the database and select Delete.

The database is removed from the organization catalog.

Batch Operations and Scheduled TasksYou can run common database operations in batches, schedule common database operations to run in batcheson multiple databases, and schedule an operation to run on a single database at a particular time.

n Batch operations start immediately and operate on multiple databases.

n Scheduled batch operations start at a time that you specify and operate on multiple databases.

n Scheduled operations start at a time that you specify and operate on a single database.

Batch operations and batch scheduled operations let you quickly perform the same action on multipledatabases. Scheduling operations singly or in batches allows you to run long or CPU-intensive processes atoptimum times for the system load.

You can perform batch processing with the following operations and tasks.

n Start, stop, and restart databases.

n Add databases to Favorites.

n Schedule external and snapshot backups.

n Batch recover databases from last state.

n Perform updates.

n Enable-Disable databases.

You can schedule a start time window for each task, but the order in which tasks run is not guaranteed. Youcannot schedule operations on a recurring basis.

Run Basic Batch OperationsOrganization administrators and users with appropriate privileges can select multiple databases, and then runan operation on the selected databases.

Prerequisites

Verify that you have appropriate database operations and management privileges for the operations that youplan to perform.

Procedure


2 In the Manage & Monitor tab, select the database group.

3 In the Databases tab, select the databases on which to run an operation.

4 Right-click the selected database or databases and select the operation.

5 Perform actions as appropriate for the selected operation.

The operation runs on each of the selected databases.


VMware, Inc. 99

Schedule ActionsOrganization administrators and users with appropriate privileges can schedule actions to run on one or moredatabases.

Prerequisites

Verify that you have appropriate database operations and management privileges for the tasks that you planto schedule.

Procedure


2 In the Manage & Monitor tab, select the database group.

3 In the Databases tab, select one or more databases for which to schedule an operation.

4 Right-click the selected database or databases, select Schedule Action, and select the task.

5 Enter the schedule information in the scheduling window.

The operation runs on the selected database or databases at the scheduled time.

Updating DatabasesUpdate Data Director databases to use features available in the latest release of your database software(upgrade) or to incorporate enhancements to a database virtual machine (DBVM) or to its third-party tools.

Users with database permissions can update databases from the database group's Databases tab. You can takea snapshot of the database before proceeding with an update, and you can choose to automatically cancel it ifthe update fails.

Updates apply enhancements to a DBVM that are not necessarily database software upgrades. For example,you can create a base DB template from an existing version and add third-party tools to the new base DBtemplate. You can apply the new base DB template to multiple databases by performing a batch update.

System administrators can define an update chain from one database template to another to allow databaseusers to perform updates. System administrators also can indicate how to update databases. Database updatemodes include In-place update and Dump-restore update.

Update a DatabaseYou can update a database to apply enhancements or software upgrades.

Prerequisites

Verify that the following conditions are met.

n The system administrator has built and converted a base DBVM with proper update scripts and binaryupdates, such as new third-party tools or database software upgrades.

n The system administrator has enabled the base DB template on the resource bundle where the targetdatabases exist, and properly configured the base DB templates update chain.

n You have appropriate privileges to access and update databases.

n You have existing databases that require the updates contained in the new base DB template.

Procedure

1 Log in to an organization as a user with database privileges.


100 VMware, Inc.


3 On the Databases tab, right-click one or more databases and select Update.

The Update page shows the current base DB template and its version.

4 On the Update page, provide the following information.

Option Description

Update to The new template from which to update the database.

DB parameter group Database configuration parameters to apply to the updated database.

Keep existing values when possible If the new template does not require new database parameter values and youprefer to retain the current values, select the Keep existing values whenpossible check box.

Take a snapshot before starting theupgrade

Select whether to take a snapshot backup of the database before updating.The default is to take a snapshot backup.

Automatically cancel if update fails The task is canceled if the update fails.

Schedule Action Schedule the update for a specific date and time.

If you did not schedule the update, the database update proceeds immediately. If you scheduled the update,the database update proceeds at the specified date and time. A database can have only one pending updatetask.

Database AdministrationDatabase administration involves performing routine maintenance for vFabric Postgres databases to ensureefficient use of resources and to achieve optimum database performance. Users with appropriate roles andpermissions perform administrative tasks from the Data Director user interface.

Database administration tasks include the following.

n Manage database properties to tune database performance.

n Monitor database statistics such as resource utilization and database performance.

n Manage database backup and restore operations.

See Chapter 12, “Safeguarding Data,” on page 129 for information about backing up and restoring data. See Chapter 8, “Managing Database Templates,” on page 75 for information about managing databaseconfiguration templates and database backup templates.


VMware, Inc. 101

Managing Database PropertiesDBAs and application developers with appropriate privileges manage database properties, such as storageallocation, database name, backup and resource templates, and database parameter groups.

Database properties and settings control how the database operates. You can manage and adjust certainsettings, such as resource allocation, database connection limits, and whether and how often to performautomatic tasks. You can view, but cannot change, database properties such as the UUID and connection string.

General General properties include basic information about the database. You cannotchange the database name, connection string, or the UUID. See “Edit GeneralDatabase Properties,” on page 102 in this chapter. If you have Manageadministrator accounts privileges, you can configure OS remote access settingsor add a database administrator account.

Resources Database resource properties include the number of vCPUs, memory size,priority, reservation, and so on. If you have Edit resource settings privilegeson the database, you can modify resource settings, or click Edit to select aresource template. See “Edit Database Resource Settings,” on page 103in thischapter. See also Chapter 8, “Managing Database Templates,” on page 75.

Parameters Parameters include database engine aware settings. If you have Edit Settingsprivileges on the database, you can modify parameters or choose from availableparameter groups. See Chapter 8, “Managing Database Templates,” onpage 75

Backup When you create a database, you choose a backup template. If you have Editbackup settings privileges on the database, you can edit backup settings andselect a template. See “Edit Database Backup Settings,” on page 104 in thischapter. See also Chapter 8, “Managing Database Templates,” on page 75.

Cloning With Clone Administration privileges, you can define clone access policy forthe database and specify post-clone scripts. See Chapter 10, “CloningDatabases,” on page 107.

SSL With Edit Settings privileges, you can import key files, load certificates, andregenerate keys. See Chapter 18, “Managing SSL Keys and Certificates,” onpage 181.

IP Whitelists With Manage IP whitelists privileges, you can edit connections to the databaseby allowing all connections or allowing connections only from selected IPwhitelists. You can create custom IP whitelists or select an organization IPwhitelist. See Chapter 6, “IP Whitelists,” on page 67.

Automatic Refresh For cloned databases, you can set the schedule to automatically refresh thedatabase to the latest state of the source database. See “Clone a Database,” onpage 109.

Edit General Database PropertiesGeneral database properties include the database name, its UUID, connection string, storage allocation, itsversion, and database owner account. You can view and change the values for some of these properties. Youcannot change the database name, UUID, or connection string.

Prerequisites

n You are logged in to your organization as a database administrator or application developer with EditInformation and Storage privileges on the database.


102 VMware, Inc.

n You have Manage Administrator Accounts privileges and can add administrator accounts and configureOS remote access.

n Verify that the database is running.

Procedure

1 In the organization, click the Manage and Monitor tab and select the database group.

2 Right-click the database name, and select Properties.

3 Click the General tab and view the properties.

4 To ensure that the IP address assigned to a DBVM is not released back to the IP pool when you restart theDBVM, check Use static IP address.

The DBVM retains the same IP address after it is shut down and restarted.

5 change the data disk allocation for the database or point-in-time recovery disk allocation, enter new valuesin the appropriate text boxes.

6 Add or change tags for the database.

a Click Edit next to the Tags text box.

b Enter tags, one per line.

c Click OK.

7 To enable remote desktop access or to reset an administrator password, click OS Access Settings.

a Click Enable RDP to enable remote desktop access.

For SQL Server click Enable remote desktop access, for Linux click Enable remote OS consoleaccess.

b Click Reset password for administrator and type and confirm a new password.

c Click OK.

8 To add a database administrator account, click Add Administrator Account.

a Type the administrator user name and password .

b Type the password in the Confirm password text box.

c Click OK to accept the new account.

9 Click OK to accept your changes.

Edit Database Resource SettingsWhen your database expands or when usage patterns change, you can adjust database configuration settingsto improve performance, provide more storage, and so on.

Prerequisites

Verify the following items.

n You are logged in to your organization as a DBA or application developer with Edit resource settingsprivileges on the database.

n You have Use template permission to at least one resource template.

n You have Edit settings permission on the database.

n The database is running.


VMware, Inc. 103

Procedure

1 On the organization Manage and Monitor tab, select the database group.


3 Click the Resources tab and view the current settings, using the scroll bar as necessary.

4 Click Edit.

5 To change a resource setting, click the corresponding check box in the Override column and modify thevalue.

A restart icon appears next to resources that require a restart of the database to take effect.

6 When you finish, click OK to close the Edit Resource Settings dialog box and click OK again.

7 If you changed settings that require a database restart, click Yes when prompted.

Edit Database Backup SettingsAs your database use or backup requirements change, you can adjust the database backup settings to suitcurrent use patterns and database recovery requirements.

Prerequisites


n You are logged in to your organization as a DBA or application developer with Edit backup settingsprivileges on the database.

n The database is running.

Procedure

1 On the organization Manage & Monitor tab, select the database group.


3 Click the Backup tab and view the current backup settings, using the scroll bar as necessary.

4 Click Edit.

5 Click the backup template to modify.

6 Select the check box in the Override column and select new values to modify the backup template settings.

7 When you finish, click OK and click OK again.

8 Click OK to close the Properties dialog box.

Monitor Database Group and Database StatisticsMonitoring database statistics helps you to ensure that your databases run efficiently. You can use the statisticsto identify and troubleshoot problem areas, such as low resources, that might affect the ability to meet servicegoals. You monitor database statistics by viewing resource use and performance data.

Data Director keeps statistics for database groups and for the databases in those groups. You must have Viewproperties and Monitor status permissions on the organization, database group, or database. With thesepermissions you can monitor statistics, alarms, tasks and events, get reports, and view permissions.


104 VMware, Inc.

Monitor Database Group StatisticsYou can view resource use, allocation, alarms, tasks and events, get reports, view permissions, and view astatistics breakdown for databases in the database group. Monitoring database group statistics helps to ensurethat your database groups run efficiently, and lets you identify and troubleshoot problems that can affectperformance, such as resource availability.

Prerequisites

Verify that you are logged in to the organization as an organization administrator or user with Viewproperties and Monitor status permissions on the database group to monitor.

Procedure

1 On your organization Manage and Monitor tab, click the database group in the left pane.

2 Click the appropriate tab to view the database group statistics you want.

Option Description

Dashboard tab View graphical representations of resource usage statistics for the databasegroup.

Alarms tab View triggered alarms.

Tasks & Events tab View tasks, events, and their status.

Reports tab View summary reports and time interval reports.


4 Click the database to select it.

5 Click the drop-down menu next to View, and select the statistics you want.

Monitor Database StatisticsYou can view statistics and access your database activity logs.

Prerequisites


n You are logged in to the organization as an organization administrator or user with View properties andMonitor status permissions on the database to monitor.

n You are on your organization Manage and Monitor tab.

Procedure

1 Click the database group that contains the database to monitor.

2 Click the Databases tab, and click the database statistics you want.

Option Description

Dashboard tab View graphical representations of resource usage statistics for the databasegroup.

Alarms tab View triggered alarms.

Tasks & Events tab View tasks, events, and their status.

Reports tab View summary reports and time interval reports.

Permissions tab View roles, assign roles, or grant permissions.

3 Click the Dashboard tab to view database statistics.


VMware, Inc. 105


106 VMware, Inc.

Cloning Databases 10In Data Director, you can clone a database. You have a choice of cloning operations that include full databaseclone, linked database clone, and schema only clone. You can customize the clone's database settings andbackup settings during clone creation.


n “Clone Types,” on page 107

n “Cloning Customizations,” on page 109

n “Clone a Database,” on page 109

n “Managing Post-Clone Scripts,” on page 113

n “Managing a Cloned Database Refresh,” on page 117

Clone TypesData Director allows you to clone databases and supports several clone types with different contents, storagerequirements, and performance characteristics.

You can create different types of clones depending on whether you need schema only, schema and data, fulldatabase clones, or clones that take advantage of the linked clone technology. You can also create a clone thatincludes neither schema nor data but includes resource settings, database parameters, and backup settings.

Schema Only Clone and Schema and Data CloneIf you create a schema only clone, none of the data in your database is cloned. If you create a schema and dataclone, the complete set of schema and data is included in the clone. In that case, you might have to run a scriptover the clone to remove confidential data.

NOTE Linked clone technology for Oracle databases currently is not supported.

You can also clone only the configuration. In that case, the clone includes neither the schema nor the data.

Full Database Clones and Linked Database ClonesWhen administrators clone a database they can choose a full database clone or a linked database clone.

Full Database Clones A full database clone is a complete copy of the source database. Full clonesallow you to isolate the source and the clone. The isolation might be useful, forexample, if the source database cannot tolerate any performance degradation.Creating a full clone is typically more time consuming than creating a linkedclone.

VMware, Inc. 107

Figure 10-1. Full Database Clone

staging

productionfull databaseclone

Linked Clones Linked clones are two or more databases that share storage. The linked clonetechnology supports efficient sharing of duplicate data. Linked clones use deltadisk backings. A delta disk backing is a virtual disk file that is located on topof a standard virtual disk backing file. When one of the databases writes to disk,the data is written to that database's delta disk. When one of the databases readsfrom disk, the read process first checks the delta disk. If the data is not in thedelta disk, the database retrieves the information from the parent disk.

You can create a linked clone from a snapshot or from the current running pointbut not from an earlier backup or from a specific point in the past. If you uselinked clones, the clone and the source database cannot change data disk size.

Figure 10-2. Linked Database Clone

dev QA perf

staginglinked database

clones

Choosing a Full Clone or a Linked CloneTo choose the clone type most appropriate for your situation, consider these points:

n Full clones take longer to create than linked clones.

n Linked clones are much faster to create.

n Linked clones do not support storage isolation. Running several linked clones can affect the performanceof both the source database and the linked clones.

VMware best practice is to first create a full clone of a production database to use as a staging clone, then createlinked clones of the production system full clone, the staging system in the illustration. In this scenario,potential performance degradation affects only the staging system clone and not the production database.


108 VMware, Inc.

Figure 10-3. Using a Full Clone as a Staging Clone

dev QA perf

staging

productionfull databaseclone

linked databaseclones

Cloning CustomizationsYou can customize a clone when you create it. You can specify new resource settings, database parametersettings, and backup settings for the clone, choose the clone point, set an immediate backup, and set anexpiration date for the clone.

When you clone an existing database, you can customize the clone to suit your needs. For example, start witha staging database that requires frequent backups, a sizable storage allocation, and point-in-time recovery. Fordevelopers, you can create a clone of the staging database that uses a development backup template.

The cloning process also allows you to choose the clone point, which is the point in time at which the clone iscreated from the source database. You have the following choices.

n Clone the current state of the source database.

n Clone the source database as it was at a certain point in time. You can specify the date and time for thisoperation.

n Clone one of the backups of the source database.

Clone a DatabaseYou clone a database to create an exact copy, which you can use for testing or other purposes. When you beginthe create process, you need the clone type and clone customization information.

Prerequisites

Log in to Data Director as an administrator or as a user with Clone and Create database privileges in the targetdatabase group.

Procedure

1 Configure the Clone Type on page 110The clone type allows you to specify which data are cloned. You can also choose custom configurationsettings and backup settings for the clone.

Chapter 10 Cloning Databases

VMware, Inc. 109

2 Configure the General Clone Settings on page 111The general settings allow you to specify the name of the clone, a description, and to assign the clone toa database group. You can assign a database group only if the clone is not a linked clone.

3 Enter the Clone Configuration Settings on page 111When you clone a database, you can configure the resource settings, database parameters, and backupsettings for the clone.

4 Configure the Clone Options Settings on page 112You can configure an expiration date and time for the clone, post clone scripts, and tags for the clone.Post-clone scripts perform common tasks on newly-cloned databases, such as removing sensitivecustomer data.

5 Configuring IP Whitelists Settings for the Clone on page 113You create IP whitelists to specify trusted IP addresses from which the clone accepts connection requests.

6 Review the Clone Configuration Summary on page 113The Summary panel lets you review the clone configuration before creating the clone.

Configure the Clone TypeThe clone type allows you to specify which data are cloned. You can also choose custom configuration settingsand backup settings for the clone.

As part of the cloning process, you decide whether to create a full clone or a linked clone. See “CloneTypes,” on page 107 for a discussion of the differences.

The available options for the clone point depend on the type of clone. For a clone of only database settings,clone points are not supported.

The following table summarizes the available clone point options.

Table 10-1. Clone Point Options

Clone Type Now Specific Point In Time Snapshot Backup

Full Yes Yes Yes Yes

Linked Yes No Yes No

Schema only Yes No No No

If you create a schema only clone, the database must be powered on. If you clone from a backup, see Chapter 12,“Safeguarding Data,” on page 129.

Prerequisites

Log in to Data Director as an administrator or as a user with Clone Database privileges.

Procedure

1 Right-click an existing database and select Clone to start the Clone Database wizard.

2 In the Clone Type panel, select the data to clone and the type of cloning process to use.

Option Description

Clone schema and data Clones both the database schema and all data. If you clone both schema anddata, you can select a full clone or a linked clone.

Clone schema only Clones the database schema. Does not clone the data.

Do not clone schema or data Clones only the resource, database parameters, and database backupsettings. Does not clone the schema, and does not clone the data.


110 VMware, Inc.

3 Specify the point from which to create the clone.

Option Description

Now Creates the clone using the current state of the source database.

Specific point in time Creates the clone at the specific date and time that you specify.

Select a backup Uses the backup that you specify to create the clone.

4 Click Next to continue to the General panel.

What to do next

Specify the general settings for the clone, or click Back to return to the Clone Type panel for modifications.

Configure the General Clone SettingsThe general settings allow you to specify the name of the clone, a description, and to assign the clone to adatabase group. You can assign a database group only if the clone is not a linked clone.

Prerequisites

Complete the Clone Type panel of the Clone Database wizard described in “Configure the Clone Type,” onpage 110.

Procedure

1 In the General panel, specify a name for the clone database, or leave the default.

2 Type a description of the clone database.

3 If you did not specify a linked clone, select a database group for the clone database.

4 Click Next to continue to the Configuration panel.

What to do next

Specify the settings in the Configuration panel, or click Back to return to the Clone Type panel for modifications.

Enter the Clone Configuration SettingsWhen you clone a database, you can configure the resource settings, database parameters, and backup settingsfor the clone.

Prerequisites

Complete the Clone Type and General panels of the Clone Database wizard.

Procedure

1 Select the resource settings to use for the clone.

Option Description

Clone from source database Uses the current database settings of the source database. Click Edit tomodify the resource settings.

Use resource template Allows you to select one of the available resource templates. Select Customfrom the drop-down menu to override one or more values of the existingtemplate.


VMware, Inc. 111

2 Select the database parameter group settings to use for the clone.

Option Description

Clone from source database Uses the database parameter group settings of the source database. ClickEdit to modify the source settings.

Use parameter group Allows you to select one of the available database parameter groups. SelectCustom from the drop-down menu to override one or more values of theexisting database parameter group.

3 Select the backup settings to use for the clone.

Option Description

Clone from source database Uses the backup settings of the source database. Click Edit to modify thesource settings.

Use backup template Allows you to select one of the available templates. Select Custom to overrideone or more values of the existing template.

What to do next

Specify the settings in the Security Groups panel, or click Back to return to the General panel for modifications.

Configure the Clone Options SettingsYou can configure an expiration date and time for the clone, post clone scripts, and tags for the clone. Post-clone scripts perform common tasks on newly-cloned databases, such as removing sensitive customer data.

Prerequisites

Review the tasks in post clone scripts. See “Managing Post-Clone Scripts,” on page 113

Review how tags support a mechanism for finding multiple databases that share the same tag. See “UsingTags,” on page 96.

Procedure

1 Specify a post clone script for the clone.

2 Specify the expiration settings for the clone.

3 Select tags for the clone.

4 Select whether to use IP whitelists with the clone.

Option Description

Allow all connections to thedatabase

All connection requests that contain valid credentials are allowed.

Only allow connections from theselected IP whitelists

Only connection requests from specified IP addresses are allowed.

What to do next

Review the settings in the Summary panel, and click Back to modify your selections. If you selected Only allowconnections from the selected IP whitelists, click Next to select an IP whitelist or create a custom IP whitelist.


112 VMware, Inc.

Configuring IP Whitelists Settings for the CloneYou create IP whitelists to specify trusted IP addresses from which the clone accepts connection requests.

Prerequisites

Review information about IP Whitelists. See Chapter 6, “IP Whitelists,” on page 67.

Procedure

1 (Optional) In your organization, click IP Whitelists, and select IP whitelists to use for the clone.

2 (Optional) Click Custom IP Whitelists, and click the plus (+) icon to create IP whitelists for the clone.

What to do next

Review the settings in the Summary panel, or click Back to modify your settings.

Review the Clone Configuration SummaryThe Summary panel lets you review the clone configuration before creating the clone.

Procedure

1 In the Summary panel of the Clone Database wizard, review the clone configuration settings, and clickBack to make changes.

2 Click Finish to complete clone setup.

Data Director creates a clone of the current database using the settings you specify.

What to do next

Monitor the creation progress in the task bar on the right, or check the database list for the database group toverify that the clone was created.

Managing Post-Clone ScriptsUsers with the Clone Administration privilege can designate SQL scripts to run on newly cloned databases.Post-clone scripts automate common tasks such as removing sensitive user data or adding, updating, orremoving tables.

Data Director does not provide out-of-the-box SQL scripts. You develop, test, and maintain post-clone SQLscripts.

You can associate multiple post-clone scripts with a database, but only one of the database's associated post-clone scripts can be active. The active (default) post-clone script runs immediately following the clone databaseoperation. Users with the Clone Administration privilege can choose which post-clone script to run after aparticular clone operation.

Users with the Clone Administration privilege can choose a post-clone script failure action.

n Delete the cloned database if the post-clone script fails and log an error, or

n Allow the clone operation to finish and log a warning.

Users who do not have the Clone Administration privilege might not know that a post-clone script isassociated with a database unless an error occurs. These users cannot choose the script to run, and cannotchoose a post-clone script failure action. If the database has a default post-clone script, that script runsautomatically. If the post-clone script fails, the clone is deleted. The user receives a notice that the clone failedbecause the post-clone script failed. The user is instructed to check with the database owner for details.


VMware, Inc. 113

When a post-clone script fails, Data Director logs an error event or a warning event against the source database.

n If a user without the Clone Administration privilege attempts the clone operation or the cloneadministrator chooses to delete the clone if the post-clone script fails, the event is logged as an error.

n If a clone administrator attempts the clone operation and chooses to allow the clone operation to finish ifthe post-clone script fails, the event is logged as a warning.

The event contains information about the operation that failed and the user who attempted the clone operation.Users with the View and Monitor privilege on the source database can view the event.

n Author a Post-Clone Script on page 114Organization administrators and users with Clone Administration privileges can author a SQL scriptto run as the last step in the clone database process.

n Add an Existing Post-Clone Script to a Database on page 115Organization administrators and users with Clone Administration privileges can designate a SQL scriptto run after a database is cloned by adding a SQL script to a database's cloning properties.

n Edit a Post-Clone Script on page 115Organization administrators or users with Clone Administration privileges can edit post-clone scripts,for example, when there are updates to database schema.

n Save Post-Clone Scripts to an External Location on page 116Organization administrators and users with Clone Administration privileges can save post-clone SQLscripts to a location outside Data Director.

n Choose the Default Post-Clone Script on page 117You can associate multiple post-clone scripts with a database, but only one can be active. Organizationadministrators and users with Clone Administration privileges can choose one post-clone script as theactive (default) script.

n Delete a Post-Clone Script on page 117Users with Clone Administration privileges can delete post-clone scripts, for example, when the scriptsbecome obsolete. You cannot delete active scripts.

Author a Post-Clone ScriptOrganization administrators and users with Clone Administration privileges can author a SQL script to runas the last step in the clone database process.

Prerequisites

Verify that you have Clone Administration privileges on the database to which you are adding a post-clonescript.

Procedure

1 Log in to Data Director as an organization administrator or user with Clone Administration privileges.

2 In your organization click the Manage and Monitor tab, and select the database group.

3 In the Databases tab, right-click the database and select Properties.

4 In the Properties window, click the Cloning tab.

5 In the Post-Clone Scripts section, click the plus (+) icon and enter the appropriate information.

Option Description

Name A unique name for the script.

Description (Optional) A description of the script.


114 VMware, Inc.

6 Type SQL statements in the text box.

7 Click OK.

The script appears in the list of scripts on the Cloning tab.

Add an Existing Post-Clone Script to a DatabaseOrganization administrators and users with Clone Administration privileges can designate a SQL script torun after a database is cloned by adding a SQL script to a database's cloning properties.

Prerequisites


Procedure






Option Description



6 Select Open and browse to an existing SQL script.

7 Select the script.

Its contents appear in the text box.

8 Click OK.


What to do next

Optionally, select a default post-clone script from the Default Script drop-down menu.

Edit a Post-Clone ScriptOrganization administrators or users with Clone Administration privileges can edit post-clone scripts, forexample, when there are updates to database schema.

Prerequisites


Procedure




4 Click the Cloning tab.


VMware, Inc. 115


Option Description



6 Select Open and browse to an existing SQL script.

7 Select the script.

Its contents appear in the text box.

8 Edit the script.

9 Click OK.


What to do next

Optionally select a default post-clone script from the Default Script drop-down menu.

Save Post-Clone Scripts to an External LocationOrganization administrators and users with Clone Administration privileges can save post-clone SQL scriptsto a location outside Data Director.

You can reuse post-clone scripts that you save outside Data Director. See “Add an Existing Post-Clone Scriptto a Database,” on page 115.

Prerequisites


Procedure






Option Description



6 Click Save and browse to the location.

7 (Optional) Rename the script.

8 Click Save again.


116 VMware, Inc.

Choose the Default Post-Clone ScriptYou can associate multiple post-clone scripts with a database, but only one can be active. Organizationadministrators and users with Clone Administration privileges can choose one post-clone script as the active(default) script.

Prerequisites


Procedure





5 Select the default script from the Default Script drop-down menu.

6 Click OK.

Delete a Post-Clone ScriptUsers with Clone Administration privileges can delete post-clone scripts, for example, when the scriptsbecome obsolete. You cannot delete active scripts.

Prerequisites


Procedure





5 Right-click the post-clone script and select Delete.

6

7 Click OK to delete the post-clone script or click Cancel to keep it.

8 Click OK.

Managing a Cloned Database RefreshYou can refresh a cloned database manually, or configure an automatic refresh profile. Refresh is supportedonly for certain clone types.

Users with Clone permission on the source database and Recover permission on the cloned database canrefresh a cloned database.


VMware, Inc. 117

The database or catalog a database is cloned from is the source of a cloned database. If the source is deleted,the cloned database becomes a regular database. When you refresh a cloned database, Data Director performsthe following processes.

1 The schema and data is fetched from the source.

2 A post-clone script is run on the schema and data.

3 The schema and data generated by the post-clone script is applied to the cloned database.

The table shows the clone types you can refresh.

Table 10-2. Clone Refresh Support Summary

Clone Type Refresh Support

Full database clone Yes

Linked database clone Yes

Schema only clone No

No schema and data clone No

Refresh a Cloned Database ManuallyYou can update your test or development environment clone to be current with the physical database in yourproduction environment by refreshing it manually.

Prerequisites

Verify that you have Clone permission on the source database and Recover permission on the cloned database.

Verify that the source has not been deleted.

Procedure

1 Log in to Data Director as an organization administrator or user with the requisite privileges.

2 In your organization, click Manage and Monitor and select the database group.

3 On the Databases tab, right-click the database and select Refresh.

4 Click Refresh from clone source.

5 Select Refresh to current source database or Refresh to a snapshot of the source database.

If the source database has no snapshots, the second option is not available.

6 Click Refresh.

The cloned database refreshes.

Configure an Automatic Refresh Profile for Cloned DatabasesYou can configure an automatic refresh profile to keep your test or development environment clone currentwith the physical database in your production environment

Prerequisites

Verify that you have Clone permission on the source database and Edit settings permission on the cloneddatabase.

Verify that the source has not been deleted.


118 VMware, Inc.

Procedure

1 Log in to Data Director as an organization administrator or user with the requisite privileges.

2 In your organization, click Manage and Monitor and select a database group.

3 On the Databases tab, right-click the database and select Properties.

4 Click the Automatic refresh tab.

5 Click the Automatic refresh checkbox, and select a refresh frequency and start time.

6 Click Apply.

7 Click OK.


VMware, Inc. 119


120 VMware, Inc.

Managing Database Entities 11Managing database entities includes managing schemas and tables, and performing SQL management tasks.

To manage database entities, you need view database permissions on the database. Your organizationadministrator can create a role that has the necessary permissions, and the administrator can grant that role toyou.

Permissions that you have on the organization apply to all database groups and databases in the organization.Permissions on a database group apply to all databases in the database group.

Data Director supports the following types of management tasks.

Database EntityManagement

Database entity management includes creating, replacing, updating, anddeleting database entities. These database entities include schemas, tables,views, indexes, functions, sequences, triggers, constraints, and users.

SQL Management SQL management tasks include SQL profiling, query plan analysis, runningad-hoc queries or SQL scripts.


n “Database Entity Management,” on page 121

n “SQL Management,” on page 126

Database Entity ManagementAdministrators perform database entity management tasks to ensure the effective and efficient operation ofdatabases.

You can manage database entities from the Database tab. Managing database entities includes vacuuming andanalyzing databases, and creating, altering, dropping, and browsing database entities such as the following.

n Schemas

n Tables

n Views

n Columns

n Indexes

n Sequences

n Constraints (primary, foreign, and unique key)

n Users and roles

Data Director lists schema objects in the left pane. You manage individual objects from the middle pane.

VMware, Inc. 121

View Database EntitiesYou can view database groups and databases in your organization, and the entities and objects of runningdatabases.

Prerequisites

Verify that you have Organization management privileges, or View properties permissions to view databasesin the organization.

Procedure


2 If you have Organization management privileges, click the Manage and Monitor tab to view yourdatabase groups and databases.

If you do not have Organization management privileges, a list of database groups is displayed in the rightpane.

3 Expand a database group in the left pane.

4 Double-click a database in the middle pane

5 Click the Console tab.

If it is an Oracle database, the Oracle Enterprise Manager (OEM) opens in a new browser window. If it isa Postgres database, the database opens in a new tab next to your organization tab.

6 If prompted, log in to the database

7 Expand entity icons in the left pane and select them to view details.

The object appears in the middle pane, and you can perform management tasks.

What to do next

Manage database entities.

Vacuum Analyze a DatabaseYou can use Vacuum Analyze to discover and reclaim storage occupied by dead tuples. Tuples you delete orthat are made obsolete when you update the database, remain in their table until you perform a Vaccum action.

You should use Vaccum periodically, particularly on frequently updated tables, to keep the databaseperforming well. Analyze collects statistics about the contents of tables and stores the results. The query plannerhelps you determine the most efficient execution plan for queries. You can perform Vacuum and Analyze ona database or a table.

Prerequisites

Verify that a database exists.

Log in to Data Director as a user with database privileges.

Procedure


2 Click your database group.

3 Double-click your database to select it.

4 Click Console to open the database in a new tab.

5 Right-click your database in the left pane and select Vacuum Analyze Database.


122 VMware, Inc.

6 To perform the Vacuum and Analyze operations, click OK.

7 (Optional) To perform the Vacuum operation, uncheck the Analyze checkbox and click OK.

To include the Full or Freeze operations with the Vacuum operation, check those checkboxes.

8 (Optional) To perform the Analyze operation, uncheck the Vacuum checkbox and click OK.

Create a SchemaAfter you create a database, you set up its entities, starting with the database schema. You create schemas fromthe database tab.

You create database schemas from the database tab next to your organization

Prerequisites

n Verify that a database exists in which you can create a schema.

n Log in to Data Director as a user with database privileges.

n Click Console to open the database in a new tab.

Procedure

1 Right-click Schemas in the left pane and select Create Schema.

2 Enter the schema information.

3 Click OK.

Data Director creates the database schema.

What to do next

Create schema entities such as tables, triggers, users, and so on.

Create a Table for Schema DataAfter you create a schema, you create tables to contain the schema's data.

Prerequisites

You are a database administrator or application developer setting up a database.

You created a database and a schema, and are in the Console.

Procedure

1 In the left pane, click the Schemas arrow to expand it.

2 Right-click the schema and select Create > Table.

3 Type the table name, fill factor, and comment.

4 Click Next.

5 Click Add to add a column.

a Type the column name, and select the column type..

Depending on the column type, you can specify a length or precision, a default value for the column,and add a comment.

b If users must enter a value for the column, select the Not Null check box.

c If the column is a primary key, select the Primary Key check box.

Chapter 11 Managing Database Entities

VMware, Inc. 123

6 (Optional) In Constraints, select the type of constraint, Foreign key, Unique, or Check, that applies to thenew column.

You can create foreign key constraints only if the schema has more than one table.

a Click Create.

b Enter the conditions for the constraint, and click OK.

c Click Next to continue, or click Finish to create the table.

7 (Optional) In the Auto Vacuum Settings, select settings for removing stale data from your table,

The default settings work well for most environments. For information about autovacuum, see thedocumentation on the Postgres.org site for Postgres databases, or the documentation on the Oracle.comsite for Oracle databases.

8 Click Finish to create the table.

Data Director creates the table.

Create a ViewA view is a subset of related table data. For example, if you have a table that contains the locations of allcorporate offices throughout the world, you can create a view of all the offices in Europe, in California, orBrazil.

Prerequisites

Verify that the table on which to create the view exists.

Procedure


2 Right-click the schema and select Create > View.

3 Enter the view properties.

a Type a unique name in the Name text box.

If the name is case-sensitive, select the Case sensitive check box.

b (Optional) To restrict who can modify the view, select an owner for the view definition from the drop-down menu.

c Enter a SQL query to define the view.

For example, if you are creating a view of your office_locations table named China Offices, you mightenter a query similar to the following to select all the office locations in China.

select office_name, addr1, addr2, addr3 from office_locations where country="China"

4 Click OK.

The view appears in the left pane under the Views icon.

What to do next

Examine the data in the view. See “Examine View Data,” on page 125.


124 VMware, Inc.

Examine View DataA view is a subset of related table data. After you create a view, you can examine the data in the view.

Prerequisites

Verify that a view is available. See “Create a View,” on page 124.

Procedure


2 Click the arrow next to the schema to expand it.

3 Select Views in the left pane.

All views under the schema appear in the list in the middle pane.

4 Right-click a view and select Open.

The view appears in the left pane.

5 Click the View Data tab.

Create a ConstraintConstraints let you reduce data entry errors by verifying data before inserting the data into a table.

You create constraints when you create a table, or you can add them later.

n

Enter SQL fragments to define a constraint.

Prerequisites

n You are logged in to your organization as an organization administrator or user with database privileges.

n The database Console is open.

n The table on which to create the constraint exists.

n You expanded the schema in the left pane, and selected Tables.

Procedure

1 Click the table to select it, and click the gear icon.

2 Select Create > Constraint.

3 Select a constraint to create.

Constraint Type Description

Check Limits the values or value range that can be inserted in a column.

Unique Ensures that a column or set of columns is unique.

Primary key Uniquely identifies each row in a table. You can have only one primary keyper table.

Foreign key Points to a primary key in another table.

4 Complete the dialog and click OK.

Data Director creates the constraint.


VMware, Inc. 125

Example: Create a Check ConstraintA check constraint evaluates to a Boolean value. Use Check constraints to determine whether a value enteredfor a column meets a specific truth-type requirement. For example, suppose that you create a column that mustbe a positive integer, such as a product price. You can create a Check constraint to return TRUE when the productprice is greater than 0, and to return FALSE when the product price is less than 0. The Check constraint ensuresthat if a user tries to enter a negative product price, the data entry operation fails with a SQL error.

1 Click a table to select it.

2 Click the gear icon, and select Create > Constraint.

3 Select Check Constraint.

1 Type a name for the constraint, such as check_positive_price.

2 Enter the constraint in the Check text box.

3 (Optional) Enter a comment that describes the constraint.

4 Click OK.

Data Director creates the constraint.

SQL ManagementManaging SQL includes developing and testing SQL queries and monitoring and tuning query performance.You must have appropriate permissions on the schema and database to develop and manage SQL queries. Youcan manage SQL from the schema page.

Enter and Run a SQL QueryCreate and modify SQL queries.

Prerequisites

You are logged in to Data Director as a user with appropriate privileges on the database or schema.

Procedure


2 Right-click a database and select Open vPostgres Console.

3 Click Enter SQL.

4 Enter a query in the Entry pane.

You can type or modify a SQL query, test the query, and analyze the query's execution plan before runningit.

n Type the query in the entry pane.

n Click Open to open a SQL script file.

5 Click Execute to run the query.

If the query runs successfully, data appears in the Output pane.


126 VMware, Inc.

View a Query PlanViewing a SQL query execution plan lets you analyze query run time and cost to ensure that your queries runas efficiently as possible.

Prerequisites

n You are logged in to Data Director as a user with appropriate privileges on the database or schema.

n You know how to enter and run a SQL query. See “Enter and Run a SQL Query,” on page 126.

Procedure


2 Right-click a database and select Open vPostgres Console.

3 Expand Schemas in the left pane.

4 Select a schema and click Enter SQL.

5 Enter a SQL query in the entry pane, or click Open to open a SQL script file.

6 Click Execute to run the query.

7 Click Explain to view the query plan, runtime, and CPU cost.

What to do next

Adjust the SQL query, rerun, and reexamine the query plan to tune performance.


VMware, Inc. 127


128 VMware, Inc.

Safeguarding Data 12Data Director provides several options for managing backups and recovering databases.

Taking regular backups of your databases is essential to safeguarding your data. Data Director tracks andstores changes for each database on a virtual disk associated with that database. Back up your database tocapture the changes, preserves the database, and enables recovering the database and restoring its data aftera failure. You can also restore the database to its state at a particular time and replay changes to troubleshoota problem.

Data Director offers the following features for safeguarding data:

n Manual and automated external and snapshot backups.

n Database recovery from external and snapshot backups.

n Point-in-time recovery

You can define backup retention time and storage allocation. You can use one of the predefined backuptemplates or create custom backup templates to ensure consistent backups of your databases and to enforceresource limitations.


n “Backup Strategies,” on page 130

n “Backup Types,” on page 130

n “Backup Template Settings,” on page 132

n “Preconfigured Backup Templates,” on page 133

n “Select a Database Backup Template,” on page 133

n “Schedule Regular Database Backups,” on page 134

n “Recover a Database,” on page 135

n “Import Backups,” on page 136

n “Use VMware Data Recovery to Back Up Data Director,” on page 136

n “Database End of Life and Backups,” on page 138

n “Perform Point-in-time Recovery of Management Server Database,” on page 139

n “Add Pre-Action and Post-Action Scripts to the DBVM for Selected Agents,” on page 139

VMware, Inc. 129

Backup StrategiesBackup strategies center on your business requirements for protecting your data. Database backup strategiesvary according to business requirements and the database environment, such as production, development, orQA.

For example, for a production database with a high transaction volume and business rules that require thehighest possible database resiliency, you might define the following backups:

n Take full external backups twice a day.

n Take database snapshots every hour.

n Enable point-in-time recovery to keep a continuous log of all transactions as they occur on the runningdatabase.

n Retain your full backups for a month or more.

If your business rules state that you must preserve every transaction, you can specify that the database mustshut down if the point-in-time recovery's write-ahead log runs out of space. For a development database wheredata loss is not a concern, you might take full external backups every week with daily snapshot backups andpoint-in-time recovery disabled.

You can initiate backups manually (one-time backups) or automatically (recurring backups). Backup methodsare snapshots and external (full database backup). You can enable point-in-time recovery. Depending on yourbusiness rules, you can set up automated backups and use a combination of backup methods to safeguarddata.

You set up automated backups by attaching a database backup template to your database. Backup templatescontain backup and recovery settings. You can select a database backup template during database creation orattach a template at a later time. You can also attach a different backup template at any time. If you havesufficient privileges, you can modify the template settings or create custom backup templates. The backupprocess picks up the latest settings the next time it runs. The modified settings do not affect backups that arein progress.

Using database backup templates ensures that you can take consistent database backups, meet recovery goals,and enforce your business rules. Data Director provides preconfigured database backup templates that providea range of backup and recovery settings. If you are not sure how much storage your backups will require, startwith the most conservative settings. You cannot decrease the backup storage allocation, but you can increaseit. Monitor the database activity and the backup size until you have a good idea of the workload and backupspace needed, and then adjust the storage amount.

Backup TypesYou manage backups and recover data using Data Director snapshot backups, external backups, and point-in-time recovery.

n External Backups on page 131External backups are full copies of the database saved to a datastore separate from the database. Thissection describes the pros and cons of using external backups.

n Snapshot Backups on page 131Snapshot backups capture the changes to the database after the snapshot is taken. Snapshots initially useless storage than external backup files and take just a few minutes regardless of database size.

n Point-In-Time Recovery on page 131If point-in-time recovery (PITR) is enabled, a write-ahead log (WAL) continuously records every changemade to the database while the database is running. In the event of a failure, you can replay the WAL torestore the database to its state at a point in time within the retention period of the database backups.


130 VMware, Inc.

External BackupsExternal backups are full copies of the database saved to a datastore separate from the database. This sectiondescribes the pros and cons of using external backups.

External backups use about the same amount of storage as the database itself. Because they reside on a separatedisk from the database, external backups provide resiliency and benefits such as the following.

n External backups protect against data loss due to failure of the primary data storage device.

n External backup storage is more cost effective than using the primary data storage for backups.

n You can extend the data disk as needed.

The following are points to consider about using external backups.

n External backups can take a long time. Large amounts of data must be copied across devices.

n Each backup uses the full size of the data disk on the backup storage device.

Snapshot BackupsSnapshot backups capture the changes to the database after the snapshot is taken. Snapshots initially use lessstorage than external backup files and take just a few minutes regardless of database size.

Snapshot backups are stored in files called delta files or delta disks on the same data store as the database.

The following are points to consider about using Snapshot backups.

n Because snapshots reside on the same data store as the database, they do not protect against data loss dueto failure of the data storage.

n As the database changes, the changes require more and more space on the virtual disk. That space isgenerally more expensive than backup storage.

n The recovery process from snapshots is not faster than the recovery process from an external backup.

n If you have snapshots, you cannot extend the data disk.

Point-In-Time RecoveryIf point-in-time recovery (PITR) is enabled, a write-ahead log (WAL) continuously records every change madeto the database while the database is running. In the event of a failure, you can replay the WAL to restore thedatabase to its state at a point in time within the retention period of the database backups.

The WAL logs are archived and are subject to a retention period that you set. The time range for point-in-timerecovery is from the time of your oldest backup to the present. The oldest backup can be an external backupor a snapshot.

By default, PITR is disabled. If you enable PITR, consider the following points.

n Because every change to the database is recorded, PITR requires additional storage. Depending on howlarge your database is and how many transactions occur during the WAL archive retention time, theamount of storage needed can be large.

n PITR has a performance impact on the database and on Data Director as a whole. The impact depends onthe size of the database and the volume of database activity.

Start with a conservative storage allocation. You cannot decrease the storage allocation, but you can increaseit. Monitor the size of the PITR logs until you understand the workload and storage needed, and adjust thestorage amount.

You can specify whether to suspend the database or automatically increase the log retention period if PITRruns out of space.

Chapter 12 Safeguarding Data

VMware, Inc. 131

When you enable PITR, Data Director creates a baseline external backup. The default retention period isforever. You can change the baseline backup's retention period from the database Properties dialog box'sBackup tab.

Backup Template SettingsData Director backup templates contain backup settings that use a combination of methods to safeguard data,provide consistent database backups, and enforce limits on resource consumption. You can use the defaultbackup template settings or adjust the settings to suit your business requirements.

Each database backup template contains settings for snapshot backups, external backups, and point-in-timerecovery.

External Backup Settings

Frequency How often to take backups. Settings are every 12 hours, daily, weekly, monthly,or never.

Start time Automatic means the system controls the backup start time. If you specify astart time, each external backup will be initiated within two hours of the targetstart time depending on system load.

Retention How long to keep the external backup. Retention time settings are 1 day, 1week, 2 weeks, 1 month, 6 months, or 1 year.

Snapshot Backup Settings

Frequency How often to take backups. Settings are every 4, 8, 12, or 24 hours, or never.

Start time Automatic means the system controls the backup start time. If you specify astart time, each snapshot backup will be initiated within 10 minutes of the targetstart time depending on system load.

Retention Select how long to keep the snapshot backup, or select how many copies ofsnapshot backups to keep.

n You can retain snapshot backups for 4, 8, 12, 24, or 48 hours.

n The number of copies of snapshot backups that you can keep variesaccording to the Frequency setting. You can keep from one copy up to asmany copies of snapshot backups as are taken in a 24-hour period.

Table 12-1. Snapshot Backup Copies to Keep per Backup Frequency Setting

Take Snapshot BackupsEvery.... Copies to Keep

4 hours 1-12 copies

8 hours 1-6 copies

12 hours 1-4 copies

24 hours 1-2 copies


132 VMware, Inc.

Point-In-Time Recovery (PITR) Settings

Enabled or disabled Enable point-in-time recovery to continuously record each change to thedatabase in a write-ahead log (WAL) while the database is running. In the eventof a failure, you can replay the WAL to restore the database to its state at a pointin time within the retention period of the database backups.

Recommended point-in-time recovery storageallocation

The recommended storage amount is based on the database size and storageallocation. You can accept the recommendation or enter a different amount.

If storage runs out Select whether to suspend the database or adjust the point-in-time WALretention period.

Backup LabelThe backup label can be any text that helps you identify the backup. The format is backup label-yyyy:mm:dd:hh:mm:ss-dbname.

Preconfigured Backup TemplatesThe preconfigured backup templates enable you to standardize your database backups and enforce resourcelimitations. Organization administrators and organization users with sufficient privileges can modify thetemplates' default settings or create custom backup templates.

For more information, see Chapter 8, “Managing Database Templates,” on page 75.

Data Director includes the following preconfigured backup templates. Each template has system-controlledstart times.

Disabled. No backups are taken.

Development. Schedules snapshot backups every 24 hours and external backups each week.PITR is disabled.

Auto. Schedules snapshot backups every 12 hours with retention period of 24 hoursand external backups each day. External backup retention time is 1 month. PITRis enabled. If PITR storage runs out, the available PITR timeline is adjusted andthe oldest archived WAL segments are deleted automatically.

Standard. Same settings as Auto. If PITR storage runs out, the database is suspended.

Maximum. Schedules snapshots every 4 hours with retention period of 48 hours, andexternal backups taken every 12 hours with retention time of 1 month. PITR isenabled. If PITR storage runs out, the database is suspended.

Select a Database Backup TemplateYou can associate a backup template with your database as part of database creation, or you can select a backuptemplate later. Databases must be associated with a backup template to enable scheduling regular backups.

See “Preconfigured Backup Templates,” on page 133 and “Backup Template Settings,” on page 132 forinformation on the settings in the preconfigured templates.

Prerequisites

Log in to your organization as a user with at least the following privileges.

n Use Templates


VMware, Inc. 133

n Create Snapshots

n Create External Backups

Procedure

1 Navigate to your database's Properties window.

a In your organization, click the Manage & Monitor tab.

b Select your database group, and click the down arrow to display the list of databases.

c Right-click your database name and select Properties.

2 Click the Backup tab, and click Edit.

3 Click the name of the backup template to associate it with your database.

What to do next

Schedule regular database backups in the Details - Current Backup Configuration pane.

Schedule Regular Database BackupsTo set up an automated schedule of backups of your database, you can specify the backup settings in thedatabase's Properties window. You protect your data when you set up an automated database backupschedule.

Prerequisites

Verify that your database is associated with a database backup template. See “Select a Database BackupTemplate,” on page 133.

Log in to your organization as a user with at least the following privileges.

n Use Templates

n Create Snapshots


n Use Template

Procedure

1 Navigate to your database's Properties window.

a Click the Manage & Monitor tab.

b Select your database group, and click the down arrow to display the list of databases.

c Right-click your database name, and select Properties.

2 Click the Backup tab and click Edit.

3 To view the backup templates' configuration settings, click the backup template's name in the BackupTemplates pane.

The backup template configuration settings appear in the Details pane, and <Current BackupConfiguration> is replaced with the name of the template. If you have the Manage Backup Templatesprivilege, you can override the template settings.

a Select the check box in the Override column.

b Adjust the settings for each type of backup.


134 VMware, Inc.

c (Optional) Enable or disable point-in-time recovery.

d (Optional) Specify a backup label.

4 Review your backup settings and click OK to confirm.

What to do next

To view a list of backups and the status of each backup, open the database by double-clicking the databasename in the Manage & Monitor tab. Click the Backup & Recovery tab in the middle pane. The list of databasebackups appears in the Backup List section.

To review the backup schedule, click the Backup Schedule link.

To take a one-time manual backup, right-click the database name in the navigation pane and select TakeManual Backup.

Recover a DatabaseYour ability to recover databases depends on scheduling regular backups. You can recover databases frombackups taken using Data Director or from external backups taken using utilities such as VMware Virtual DataRecovery (VDR).

Regularly scheduled backups ensure that you can recover your databases and restore your data in the eventof system failure or data corruption. See “Schedule Regular Database Backups,” on page 134.

The recovered database is a full copy that is independent from any previously taken snapshot backup or clonedatabase. A side-effect of this process is that you have a database that can be resized. Databases with snapshotbackups or linked clones cannot be resized.

Prerequisites

Log in to Data Director as a user with appropriate privileges.

n Create Snapshots


n Delete Snapshots

n Delete External Backups

n Recover

Procedure

1 In Data Director, select the organization and click the Manage & Monitor tab.

2 In the navigation pane, select your database group, and click the down arrow to show the list of databases.

3 Right-click your database name and select Recover.

4 In the Recover dialog, select recovery options, depending on your setup.

5 Click OK to start the recovery process.

The database is unavailable while the recovery operation is in progress.

Data Director takes a complete backup of your restored database after database recovery finishes. This post-restore backup becomes your baseline backup.


VMware, Inc. 135

Import BackupsIf the retention period of a backup set has expired, the backup set is no longer in the Data Director backupstorage archive. Data Director has no record of such a backup set and does not recognize it. To use an expiredbackup set, you must import it into Data Director and associate it with a database.

For example, suppose that you archive backup sets to tape just before they expire as part of your disasterrecovery policies. You can later restore the archived backup sets from tape to your active system. Use the importbackups feature to locate and import the backup sets, and use the imported backup sets to restore yourdatabase. The imported backup sets have a retention policy of Forever.

You can use the import database backup feature with a VMware backup solution such as VDR to implementan extended backup and restore solution. See “Use VMware Data Recovery to Back Up Data Director,” onpage 136.

Prerequisites

Log in to Data Director as a user with the appropriate privileges.

n Create Snapshots


n Delete Snapshots

n Delete External Backups

n Recover

Procedure

1 In Data Director, click the organization's tab and in the navigation pane, expand the relevant databasegroup to view the databases.

2 Right-click the database for which to import the backup, and select Import Backups.

3 Select the backup to import from the list and click OK.

The imported backup appears in the list of database backups when the import finishes.

Use VMware Data Recovery to Back Up Data DirectorData Director installs on VMware vSphere as a virtual appliance. You can use any VMware virtual machinebackup technology to assure recovery of your Data Director virtual appliance in case of catastrophic failure.One of the choices for backups is the extended backup process supported by the VMware Data Recovery (VDR)appliance.

The Data Director virtual appliance consists of two virtual machines.

n Management Server performs all management operations.

n DB Name Server provides the DB Name Service, a single entry point for all databases.

Use VDR to take regular backups of the Management Server and DB Name Server virtual machines. You canthen use VDR to restore the Data Director virtual appliance if a catastrophic failure occurs. See “Take ExternalBackups with VMware Data Recovery,” on page 137.

VDR is available as an appliance for VMware vSphere and operates on vSphere resources. See the vSphereDocumentation Center for VMware Data Recovery documentation.


136 VMware, Inc.

Install and Connect to the VMware Data Recovery (VDR) ApplianceThe VDR appliance is an optional appliance that may not be installed in your vSphere system. Verify the VDRappliance installation, install the appliance if necessary, and then connect to VDR.

You plan to take external backups of the Data Director virtual machines using VDR.

Procedure

1 Log in to vSphere Client as an administrator.

2 Verify that VDR is installed.

a Click Home.

b Check the Solutions and Applications section for the VMware Data Recovery icon.

If VDR is not installed, follow the instructions in the vSphere Documentation Center. You must install theclient plugin and the appliance.

3 Connect to the VDR appliance.

a Click Home.

b In the Solutions and Applications section, click the VMware Data Recovery icon.

c In the Welcome page, click Connect to connect to VDR.

Take External Backups with VMware Data RecoveryYou can use VMware Data Recovery (VDR) to take external backups of your Data Director virtual machines.

Prerequisites

Log in to the vSphere Client with administrator privileges and connect to the vCenter Server system whereyou installed VDR.

Procedure

1 On the VMware Data Recovery main page, click the VDR Backup tab and click New.

2 Enter a unique name for the backup in the Name text box and click Next.

3 Select the backup datastore associated with the database group's resource bundle.

4 Select a backup storage location for your backup from the list of storage devices and click Next

5 In the calender, select or deselect days and hours during which the backup can run and click Next.

6 Select the retention period for the backup and click Next.

7 Review the backup settings and click Finish to start the backup.

The backup begins. The process can take some time to complete. When the process finishes, you can see thebackup virtual machine in your database group's backup resource pool.

Restore a VMware Data Recovery BackupBefore you can import a VMware Data Recovery (VDR) backup, you must restore the backup in vSphere Client.

Prerequisites

Log in to the vSphere Client with administrator privileges and connect to the vCenter Server system whereyou installed VDR.


VMware, Inc. 137

Procedure

1 In vSphere Client, connect to VDR and click the VDR Restore tab.

2 Click the Restore link.

3 Select the database backup to restore.

a Expand your database group's resource pool.

b Expand the Backup resource pool.

c Select the check box next to the backup to be restored.

d Click Next.

4 Click through the inventory list to select the location for the restored backup (the datastore of the virtualmachine and the data.vmdk file that you want to restore), and click Next.

5 Review the restore settings, and click Restore.

The restore begins. The process can take some time to complete. When the process finishes, you can see therestored backup virtual machine in the vSphere inventory.

Import VMware Data Recovery BackupsAfter you restore a VMware Data Recovery backup, you can import that backup into Data Director.

Prerequisites

Restore a VDR backup.

Procedure

1 In vSphere Client, power off the backup virtual machine.

2 Log into Data Director as an organization user with database backup and restore privileges for the databasethat you want to restore.

3 In the Manage & Monitor tab, expand the database group, then select the database to restore.

4 Right-click the database name and select Import Backups.

5 Select the backup to import.

Data Director imports the backup.

Database End of Life and BackupsWhen you decommission and delete a database, you decide whether to retain its backup files. The decision isbased on your site's policies and whether you might need the database in the future.

When you delete a database, you can retain all external backups. The backups expire at the end of the normalretention period. It is good practice to take a final backup of a database and specify the final backup's retentionperiod before you delete a database. If you retain the external backups, the snapshots and the executableinstance of the database are deleted. If the deleted database had point-in-time recovery enabled, all the archivedwrite-ahead log (WAL) segments are deleted as well. This means that the only way to recover the database isby using the external backups. You cannot recover the database using snapshots or point-in-time recovery.

If you do not retain the external backups, the database and its associated backups, snapshots, and WALs aredeleted. In addition, the database resources are released, and the database cannot be restored.


138 VMware, Inc.

Perform Point-in-time Recovery of Management Server DatabaseYou can perform a point-in-time recover of the Management Server database if you determine that the databaseis corrupted.

Prerequisites

n Verify that VMware Data Recovery (VDR) is deployed with vCenter and set up with the vSphere client.

n Verify that regular backups are being performed on the Data Director vApp using VDR.

n Before starting point-in-time recovery on the Management Server database, take a full backup of the DataDirector vApp. If the target time you choose for your point-in-time recovery results in recovery failure,you can restore the management server to this backup and perform a point-in-time recovery with an earliertarget time.

Procedure

1 In the vSphere client, shut down the Management Server virtual machine.

2 Restore only the database disk (management_server_2.vmdk) from a backup using VDR.

3 Select Edit Settings > Options > vApp Options > Properties, and select the vAppManagement server recovery flag.

4 Turn on the Management server.

5 Open the console and log in as aurora, or log in from root as su aurora, and type the following command.

/opt/aurora/sbin/recover_cmsdb.sh

6 Enter a target time stamp when prompted.

The time must be after the time of the VDR backup that you use to restore the Central Management Server(CMS).

7 When the recover finishes, shut down the vApp of Data Director.

8 Deselect the management server recovery flag on the Management Server.

9 Check the Management Server network cards connection in the virtual machine settings, and connect themmanually if necessary.

10 Turn on the Data Director vApp.

Add Pre-Action and Post-Action Scripts to the DBVM for SelectedAgents

You can add pre-action and post-action scripts in the DBVM for selected agents (APIs). You can create scriptsto create, clone, and restore databases, and to take snapshots and create backups.

The following types of scripts are supported.

n Post-action scripts to create, clone, and restore databases.

n Pre-action and post-action scripts to take snapshots and create backups of databases.

Prerequisites

Log in to the database virtual machine to which you need to add scripts.


VMware, Inc. 139

Procedure

1 Create a pre-action or post-action script in the following format.

u Pre-action script.

pre_${lower_class_name}_${lower_method_name}

u Post-action script.

post_${lower_class_name}_${lower_method_name}

u For a post-action script to create a database, the script name must be post_dbctl_createdb.

u For a post-action script to restore, clone, repair, and import a database, the script name ispost_dbctl_recover.

u For a pre-action script to take a snapshot or perform an external backup of a database, the script nameis pre_dbctl_startbackup.

u For a post-action script to take a snapshot or perform an external backup of a database, the scriptname is post_dbctl_stopbackup.

2 Put the scripts in the following folder in the DBVM.

${AgentHome}/plugin/${ACTIVATED_PLUGIN}/user_script/

3 Set execute permissions on the script for the user agent.


140 VMware, Inc.

Monitoring the Data DirectorEnvironment 13

System administrators can examine resource usage, monitor events and alarms, view and download reportsabout their environment, and create diagnostic packages for individual databases and for the system itself.Organization administrators can examine resource use for the different database groups and databases, andcan view and monitor events and alarms for their organization.


n “Explore Monitoring Customization and Filtering,” on page 141

n “Monitoring for System Administrators,” on page 142

n “Monitoring for Organization Administrators,” on page 146

n “Explore Database Monitoring,” on page 150

n “Working with Alarms,” on page 151

n “About aurora_mon Configuration,” on page 153

n “aurora_mon Configuration Parameters,” on page 154

Explore Monitoring Customization and FilteringCustomize your monitoring setup to find information quickly. Some of the customization and filtering tasksare the same for system administrators and organization administrators.

You can explore how to optimize screen areas and how to find information by using filters. Filtering is notsupported in all panels.

Prerequisites

Log in to Data Director as the system administrator or as an organization administrator.

Procedure

1 Click the Manage & Monitor tab and click Reports.

2 Click Summary Reports or Time Interval Reports and view the icons above the filter options.

Icon Description

The gear-shaped Action icon lets you choose an action. Available actionsdiffer for different panels. For example, the Reports panel lets you downloadall reports or download the selected reports.

The blue Reload icon lets you redisplay the current page.

VMware, Inc. 141

3 Explore the Filter box in the upper right.

a Type a search keyword to search the current items.

The search result includes the currently displayed items and the list of available items.

b To select the columns to filter on, click the down-triangle..

c Clear the boxes for columns that you do not want to search, and click OK.

4 To view a panel, select an action.

Action Action

To reduce a panel Click the down-facing triangle to reduce the panel to its title.

To expand and shrink a panel Click the expand icon to expand a panel, and click the shrink icon toreturn the panel to its original size and position.

To close a panel Click the close icon ( ).

To open a closed panel Click the Customize button in the dashboard's top right to select the panel'scheck box.

5 Collapse the side bar with the right-facing triangles and expand it with the left-facing triangles .

The sidebar contains a panel for Tasks and a panel for Alarms, showing the latest tasks and alarms.

What to do next

For system administrators, see “Monitoring for System Administrators,” on page 142. For organizationadministrators, see “Monitoring for Organization Administrators,” on page 146.

Monitoring for System AdministratorsThe vFabric Data Director interface includes a set of monitoring and diagnostic tools for system administrators.Administrators can see system health information; explore how organizations use resources; view system-levelevents, alarms, and reports; and generate diagnostic packages for individual databases and for the systemitself.

The information Data Director displays for system administrators differs from the information available toorganization administrators. System administrators can use the following resources for monitoring overallsystem health.

Dashboard Tab In the Dashboard tab, system administrators can see system health informationand a system overview. Overview information includes the number of users,number of resource bundles, and number of organizations. Administrators canalso see the total CPU and memory capacity and the total database storage andbackup storage allocation for this instance of vFabric Data Director. Thedashboard includes information about the top five consumers of resources.Administrators can customize the Dashboard to change the sampling and toadd or remove the information displayed. See “Explore System DashboardCustomizations,” on page 143.

Manage & Monitor Tab In the Manage & Monitor tab, system administrators can view alarms anddefine new alarm rules, view tasks and events, and configure, display, anddownload reports. System administrators can display reports for theorganization or for a resource bundle and filter the sampling interval, timerange, and other fields. See “Explore Monitoring Customizations for SystemAdministrators,” on page 144.


142 VMware, Inc.

System Settings Tab In the System Settings tab, system administrators can create a diagnosticpackage for one or more databases and for the system itself. Diagnosticspackages provide valuable information for VMware Support.

Tasks and Alarms SideBar

The tasks and alarms side bar, in the right panel of the main page by default,displays recent tasks and alarms. The Manage & Monitor tab includes moredetails about tasks and alarms.

Explore System Dashboard CustomizationsExploring system dashboard customizations allows you to see available options. You can customize thedashboard to suit your needs.

The dashboard available to system administrators differs from the dashboard available to organizationadministrators. See “Explore Organization Administrator Dashboard,” on page 148 if you are an organizationadministrator.

Prerequisites

Log in to Data Director as a system administrator privileges.

Procedure

1 Click the Dashboard tab.

2 Click the link for Organization Stats or Resource Bundle Stats.

n Click Organization Stats to evaluate resource usage for the top five organizations.

n Click Resource Bundle Stats to evaluate resource usage for the top five resource bundles.

3 Review the Overview panel.

The panel displays information about all items in the system, such as the total CPU and memory capacity,database storage, and backup storage allocation. You can click the Organization, Resource bundles,System administrators, and All users object icons to open them.

4 Review the System Health panel below the Overview panel.

You can view the status of the different servers, systems, and networks in the System Health panel.

n A green icon indicates no problems exist.

n A yellow icon warns of potential problems.

n A red icon indicates that a problem exists. vSphere services such as HA remedy the problem butcertain tasks cannot be performed while the icon is red.

n An icon appears gray when the status of an item cannot be detected or is unknown.

5 View the Top 5 CPU Usage panel.

You can customize the view to show information for 24 hours, 3 days, or 1 week.

6 To see the organization for which the information is displayed, click the name of the organization in theDashboard.

7 Change the sampling value from the Sampling drop-down menu.

Option Description

Average Average value for the sampling period.

Minimum Minimum value for the sampling period.

Maximum Maximum value for the sampling period.

Chapter 13 Monitoring the Data Director Environment

VMware, Inc. 143

What to do next

Customize the dashboard to meet your needs.

Explore Monitoring Customizations for System AdministratorsExplore monitoring customizations to learn about available options. You can then customize the Manage andMonitor tab.

The system administrator Manage and Monitor tab differs from the organization administrator Manage andMonitor tab. See “Explore Monitoring Customizations for Organization Administrators,” on page 148 if youare an organization administrator.

Prerequisites

Log in to vFabric Data Director with system administrator privileges.

Procedure

1 Click the Manage & Monitor tab in the Data Director client.

2 Click Organizations to display all organizations and the resource allocation for each organization.

You can click an organization name to display details about the organization.

3 Click Alarms in the left panel, and click a tab.

Option Description

Triggered Alarms Includes alarm severity, description, definition, and the target object. Right-click the alarm item and select Acknowledge. Your user name appears in theAcknowledged By column.

Definitions Includes the trigger type (event or performance), the alarm name and alarmtrigger, where the alarm was define, the object the alarm is monitoring, whodefined the alarm, and the alarm status. You can create custom alarm rulesfrom this tab. See “Create a Custom Alarm,” on page 151.

4 Click Tasks and Events in the panel on the left, and click either Tasks or Events.

Option Description

Tasks Tasks are scheduled system activities requested by the system or a user, forexample, Create database and Repair database. A task can succeed or fail.Click a task to display information about the task in the Task Details panelA task can have no one or more related events, or none. For certain tasks, aright-button menu allows you to cancel or retry the task.

Events Events are records of user actions or system actions. For example, the systemlogs when a user logs in to Data Director, or when a database is repaired.Select the Hide Info Eventscheck box to limit the choices to events of typeerror and warning.Click an event to display information about it in the Events Details panel.An event can have no related tasks, or one related task.

5 Click Reports, and click Summary Reports or Time Interval Reports.


144 VMware, Inc.

6 Use the filter options to customize what the system displays.

The customization steps depend on the report type.

Report type Action

Summary Report a Select Resource bundle or Organization from the Type drop-downmenu and click Choose.

b Select a resource bundle or organization. By default, all objects areselected.

c Select a time range, or click Customize to configure a custom time range.d Select Compute and Network or Storage.e Click the Filter button to filter the report.f Click the Action icon and select Download Report to download the

report.

Time Interval Reports a Select Resource bundle or Organization from the Type drop-downmenu and click Choose.

b Select a resource bundle or organization.c Select a sampling interval.d Select a time range or click Custom Time Range to configure a custom

time range.e Select Compute and Network or Storage to focus the report.f Select the sampling mechanism from the Sampling drop-down menu.g Click the Filter button to filter the report.h Click the Action icon and select Download Report to download the

report.

7 Click Resource Bundles or Datastore Usage to display all resource panels or all data stores andcorresponding usage information.

What to do next

Customize the Manage and Monitor options, or customize and download reports.

Create, Download, and Delete Diagnostics PackagesDiagnostic packages are requested by VMware Support to help resolve a problem. System administrators cancreate diagnostics packages, download them for analysis, and delete them to save storage space.

Prerequisites

Log in to Data Director with system administrator privileges.

Procedure

1 Click the System Settings tab and click Diagnostics.

By default, the diagnostics page is empty. Diagnostic packages are created on demand.

2 Click the green plus sign and select Create.

3 Provide information about the diagnostics package and click OK.

Option Action

Database Click Add and select the database for which you want to generate adiagnostics package.

Include system diagnostics Select the check box to include system diagnostics. You can select just thesystem diagnostics without selecting a database.

Time range Select a time range from the drop-down menu. The diagnostic package appears in the Diagnostics panel.


VMware, Inc. 145

4 To download the package, select Download from the Actions menu, and specify the download location.

5 To delete a package, right-click the package and select Delete.

What to do next

Send the diagnostic package to VMware Support for analysis.

Understanding Cluster AlarmsThe vSphere Cluster on which Data Director is installed must meet several configuration requirements. If therequirements are not met, or if a compatible cluster is modified to no longer be compatible, Data Directordisplays one or more alarms.

When you create a resource bundle, you can use resource pools only if the cluster in which you create theresource pools is compatible with Data Director. See the vFabric Data Director Installation Guide for initial clustersetup. After installation, you can customize the cluster. Only certain customizations are compatible with DataDirector.

Data Director requires the following settings and generates an alarm if you change them.

n vSphere DRS and vSphere HA are enabled.

CAUTION If you disable vSphere DRS, all resource pools in your environment become unusable. You mustrecreate the resource pools.

n Host monitoring is enabled

n VM Monitoring is set to Virtual Machine and vApp Monitoring.

n Default VM Restart Priority is enabled.

Data Director also generates an alarm if you make the following changes to the cluster.

n Admission control for the cluster is disabled.

n The cluster's default virtual machine monitoring settings are too low.

n Heartbeat failure time less than 30 seconds.

n Minimum uptime less than 120 seconds.

n Maximum number of resets less than 3.

n Time window for maximum number of resets less than 3600 seconds (1 hour).

If you encounter a cluster-related alarm, contact the vSphere system administrator and share this informationto resolve the problem.

Monitoring for Organization AdministratorsThe vFabric Data Director interface allows organization administrators to view CPU and memory utilizationacross the organization and to view database storage breakdown and utilization. Administrators can alsomonitor the databases and database groups, see events and alarms, create alarms, and generate and downloadreports.

The information that Data Director displays for organization administrators differs from the informationavailable to system administrators. The panel on the left displays a hierarchy.

n Organizations are the top level.

n Expand an organization to display its database groups.

n Expand a database group to display its databases.


146 VMware, Inc.

When you select an item in the hierarchy, the right panel displays information about it if you have permissionto view the information.

Organization administrators use the following tabs and panels to monitor the organization.

Dashboard Tab In the Dashboard tab, you can customize resource usage informationdisplayed, close any of the panels, and click Customize to include the panel inthe dashboard again. See “Explore Monitoring Customizations forOrganization Administrators,” on page 148.

Manage and Monitor Tab In the Manage & Monitor tab, you can select tabs to manage and monitor partsof the organization.

Table 13-1. Manage and Monitor Tab

Tab Description

Databases tab View existing databases and theirattribute or status. Create databases.

Database Groups tab View existing database groups and theirattributes. Create database groups.

Catalog tab View existing database catalogs and theirattributes. Create database catalogs.

Alarms tab Includes a Triggered Alarms tab listing allalarms triggered so far, and aDefinitions tab listing system alarms forcertain events. Administrators can createcustom alarm ruless, which are thenincluded in the Alarms panes. See “Createa Custom Alarm,” on page 151.

Tasks and Events tab Allows you to display information aboutall tasks and information about all events.Check the Hide Info Events box to displayevents only of type warning and critical.You can .

Tags tab Users can create tags and use them to tagthe databases. Tags categorize databasesand make search easier.

Reports tab Allows organization administrators tocustomize the reports pane and to createand download custom reports.

Permissions tab Allows organization administrators toview currently defined users and rolesand the privileges granted to a selectedrole.

Which alarms, events, and tasks the system displays depends on the currentselection in the left panel. For example, with a database group selected, clickingthe Events tab displays events in that database group and its databases.

Tasks and Alarms SideBar

The Tasks and Alarms side bar, in the right panel of each tab, displays recenttasks and unacknowledged alarms. “Explore Monitoring Customization andFiltering,” on page 141 explains how you can collapse and expand the side bar.


VMware, Inc. 147

Explore Organization Administrator DashboardExploring organization administrator dashboard customizations lets you see available options. You cancustomize the dashboard to suit your needs.

The organization administrator dashboard differs from the system administrator dashboard. See “ExploreSystem Dashboard Customizations,” on page 143 if you are a system administrator.

You can use the main dashboard to monitor the organization and its database groups. See “Explore DatabaseMonitoring,” on page 150.

Prerequisites

Log in to Data Director as a user with organization administrator privileges.

Procedure

1 Click the Dashboard tab.

2 Explore the Resource Bundles panel.

The panel displays information about each resource bundle that has been assigned to the organization .

3 Explore one of the panels that includes lines or histogram bars.

a Customize the view to show information for a period of time.

b Move the cursor along a histogram bar or line to view information at any point.

What to do next

Customize the dashboard to meet your needs.

Explore Monitoring Customizations for Organization AdministratorsOrganization administrators can customize the monitoring pane to view information relevant for their currentneeds.

Prerequisites

Log in to Data Director with organization administrator privileges.

Procedure

1 Click the Manage and Monitor tab in the Data Director client.

2 In the left panel, select the item you want to monitor.

Option Description

Selecting a database group Displays resource information for that database group.

Selecting a database Displays resource information for that database.

3 Click the Databases tab and select Database list.

Option Description

Database list Displays information about each database in the organization. You can select a database and add it to Favorites.


148 VMware, Inc.

4 Click the Dashboard tab to display the Organization Resource Usage dashboard.

You can customize the dashboard by clicking the Customize button, or customize individual panels onthe dashboard. By default, the following information is included.

Panel Description

Resource Bundles Displays the databases, associated resource bundles, currently allocatedCPU and memory reservations, and currently allocated and free storage.This panel allows administrators to evaluate whether they have additionalresources to allocate to a new or existing database group or database.

CPU Utilization, Memory Utilization Displays the CPU and memory utilization, allowing the administrator to seeusage and usage patterns. The view can be set to display the last 1 hour, 24hours, 3 days, or 1 week.

Database Storage Breakdown,Backup Storage Breakdown

Bar charts that show the current state of storage and backup storage,including storage that is allocated, storage that is used, and storage that isallocated but not used. Placing the cursor inside a field of the bar chartdisplays information about that field.

Database Storage Usage, BackupStorage Usage

Area charts that show storage usage over the selected amount of time (1 hour,24 hours, 3 days, or 1 week). Placing the cursor over a line displaysinformation about that area.

5 Click Tasks and Events, and click either Tasks or Events.

Option Description

Tasks Tasks are scheduled system activities requested by the system or a user, forexample, Create database and Repair database. A task can succeed or fail.The Tasks tab includes information about the target and the user whoinitiated the task.

Events Events are records of user actions or system actions. For example, the systemlogs when a user logs in to Data Director, or when a database is repaired.Events can be of type info, error, or warning. Check the Hide Info Eventsbox to display events only of type warning and critical.

6 In the Reports, click Summary Reports, and customize the pane by using the filter options.

a Select Database or Database Group from the Type drop-down menu, and click Choose to select adatabase or database group.

By default, all objects are selected. You can select one or more object.

b Select a time range or click Customize to configure a custom time range.

c Select Compute and Network or Storage to focus the report on networking or storage information.

d Select the sampling mechanism from the Sampling drop-down menu.

e Click the Filter button to filter the report.

Click the Action icon and select Download to download the report.

Customizing the pane does not customize the report itself.

7 In the Reports tab, click Time Interval Reports, and customize the pane by using the filter options.

a Select Organization, Database Group or Database from the Type drop-down menu, and clickChoose to select the object you want to generate a report for.

You can select more than one object.

b Select a sampling interval.

c Select a time range or click Customize to configure a custom time range.

d Select Compute and Network or Storage to focus the report on networking or storage information.


VMware, Inc. 149

e Click the Filter button to filter the report.

f Click the Action icon to download the report.

What to do next

To monitor specific databases, see “Explore Database Monitoring,” on page 150.

Explore Database MonitoringThe main organization dashboard allows administrators and other privileged users to monitor the organizationand its database groups. Administrators can also monitor databases from the Manage and Monitor tab.

Database information provided by Data Director allows administrators to check whether a database is in use,check on the backup status of the database, see errors and alarms, and check resource allocation. Databaseadministrators might find that backups or other tasks do not finish and can alert the organization administrator,who can allocate more resources. Organization administrators can allocate or remove resources, schedulebackups, and perform other database-specific tasks.

Review tasks administrators can perform on databases but not on database groups and organization. For ageneral exploration of managing and monitoring for organization administrators, see “Explore MonitoringCustomizations for Organization Administrators,” on page 148.

Prerequisites

Log in to Data Director with monitor privileges on the database. You do not need login privileges on a databaseto monitor the database.

Procedure


2 Open the organization and the database group, and select a database.

The right panel displays database information.

3 Click the Dashboard tab to examine the Overview panel.

The information includes details about the database contents, external backups and snapshots, recentalarms, and any clones that administrators might have created for the database.

4 Click Resource Usage to view and customize resource usage information.

5 Click Database Stats to display database information.

The kind of information displayed is spcific to the type of database, is updated in real time.

6 Click Custom, and click the Customize button to create a custom dashboard for this database.

7 Click the Logs tab to view logs of the database.

The database must be running to view logs. You can show the next or previous 100 lines, search the log,and add a filter to search only the specified columns in the log. Filters can be added only if the databaseis running.

8 To download the diagnostics file of a database, click the gear icon and choose Download File.

9 Use the Alarms tab to view or define alarms, and the Tasks & Events tabs to view tasks and events.

The information in the tabs is more detailed than the information in the side bar.

What to do next

Manage databases as discussed in Chapter 9, “Managing Databases,” on page 83.


150 VMware, Inc.

Working with AlarmsData Director displays system-defined alarms to system administrators and organization administrators. DataDirector also allows administrators to create custom alarm ruless and to delete or disable alarm rules.

Create a Custom AlarmCustom alarms allow you to display information in the Alarms panel or to send email if certain conditions aremet. For each alarm, you can specify a name and description and a trigger.

You can create a custom alarm rule for the items below the selected item in the hierarchy. For example, if youcreate an alarm at the organization level, you can monitor the organization, the database groups, and databases.If you create an alarm at the database group level, you can monitor databases or the database group.

Prerequisites

Verify that you have permissions to create alarms for the object.

Procedure

1 In the System tab, cick Manage and Monitor and click Alarms in the left pane.

2 Click Definitions, and click the plus sign to start the Create Alarm Definition wizard.

3 Type a name and description.

4 (Optional) Change the status to Disabled so that the alarm is not enable immediately and click Next.

5 Select the trigger, which is defined by the following options, and click Next.

Option Description

Object type The object to monitor. The alarm is triggered when trigger conditions on themonitored object are reached.

Trigger type Select Performance to trigger an alarm when the object moves beyond aspecified warning or critical threshold. Select Event to trigger an alarm whenan object-relative event occurs.

Trigger Select from the available options. Options differ depending on the triggertype (Performance or Event).

Severity For event alarms only. Select Warning to have a yellow warning iconassociated with the alarm. Select Critical to have a red critical icon associatedwith the alarm. The icon appears in all displays.

Condition For performance triggers, specifies whether the alarm is triggered when thevalue is below the current threshold or above the current threshold. Forexample, you might want a warning if database storage usage is more than(above) a specified number.

Tthreshold Threshold at which you want warning actions to take place. You can specifydifferent actions for warning and critical threshold problems.

Repetition frequency Available only for performance alarms. When the condition that triggers thealarm remains true, a second alarm is generated based on the repetitionfrequency. If alarm actions such as sending an email are specified, the actionsare performed again.

6 Select Send email to send an email when the alarm is triggered.

The email is sent only if the SMTP parameters were set correctly during Data Director setup. Verify yourSMTP setting in System Settings > Monitoring.

7 Click Finish to complete definition of the alarm.


VMware, Inc. 151

The alarm appears in the Alarms panel when it is triggered even if you leave Do nothing selected. If you selectSend email, an email is sent.

Example: Custom Alarm that Monitors Resource BundlesThe following example illustrates how you can create a custom alarm that monitors resource bundles. Thealarm sends an email when free space is below a certain threshold.

Log in as the system administrator and

1 Select the System tab.


3 Click Alarms in the left pane.

4 Click the Definitions tab.

5 Click the green plus icon.

6 Type a name and description and click Next.

7 Select the following trigger parameters.

Field Value

Object Type Resource Bundle

Trigger Type Performance

Trigger Database storage usage percentage

Condition Above

Warning Threshold 80%

Critical Threshold 90%

When you complete the alarm, the result is a yellow (warning) alarm in the Alarms pane when free space dropsbelow 20% and a red (critical) alarm when free space drops below 10%.

What to do next

You can disable or delete alarms. See “Delete or Disable an Alarm,” on page 152.

See “Explore Monitoring Customizations for System Administrators,” on page 144 for information aboutviewing and acknowledging alarms.

Delete or Disable an AlarmAdministrators can delete or disable an alarm rule if is is not useful. You can delete or disable system-definedalarms and custom alarms. If you disable an alarm, you can enable it again. If you delete an alarm rule, it ispermanently removed from the system.

Prerequisites

Log in to Data Director as a user with permissions to delete alarms at the level where you want to delete them.A user who has monitor privileges on the object the alarm is monitoring can update or delete the alarm.


152 VMware, Inc.

Procedure

1 Open the Alarm Definitions table.

n If you are a system administrator, click the Manage and Monitor tab, click Alarms, and clickDefinitions.

n If you are an organization administrator, click the organization or click the resource group that youwant to delete and alarm for, click the Alarms tab, and click Definitions.

2 Disable or delete an alarm rule.

n To delete an alarm, right-click that alarm and select Delete.

n To disable an alarm, right-click that alarm and select Disable.

About aurora_mon ConfigurationAurora_mon is an in-guest application monitoring agent that integrates with vSphere HA. You useaurora_mon to monitor the state of applications and services.

Within Data Director, you use aurora_mon to monitor the services and resources of components of DataDirector.

For the Central Management Server (CMS), you use aurora_mon to monitor the state of the followingapplications and services:

n Tomcat running the CMS

n CMS Postgres DB

n DHCP client daemon (dhcpcd)

n Amount of disk space for mount points, with specified thresholds. When the threshold is exceeded (forexample, 80% of the data disk), an alarm is generated.

For the DB Nameserver virtual machine, you use aurora_mon to monitor the state of the following applicationsand services:

n LDAP

n DHCP client daemon (dhcpcd)


For the DB virtual machines, you use aurora_mon to monitor the state of the following applications andservices:

n DB (Postgres and Oracle)

n DBVM Updater

n Archive maintenance

n aurora agent

n Stats daemon (Postgres only)

n DHCP client daemon (dhcpcd), and network connectivity (by pinging the gateway)

n IP Whitelist logging daemon


The complete set of applications and services aurora_mon monitors is definedin /opt/aurora/ha/etc/aurora_mon_conf.d/*.conf.


VMware, Inc. 153

At the highest level, you configure parameters to enable aurora_mon to start, stop, and monitor applications.You specify the start, stop, and monitor commands as shell scripts or operating system executable files thataurora_mon can invoke. Application developers can implement these commands according to the needs oftheir environment. Other parameters enable you to specify how often to monitor an application and whataction to take. See “aurora_mon Configuration Parameters,” on page 154 for a description of aurora_monconfiguration parameters.

aurora_mon Configuration ParametersYou use aurora_mon parameters to configure aurora_mon to start, stop, and monitor applications, and tospecify how often to monitor an application and what action to take. You specify configuration parameters askey-value pairs.

Configuration GuidelinesUse caution when modifying parameters. Do not modify the name and desc parameters, and do not modify theapp_priority parameter as it represents start order dependencies between various applications. Take asnapshot backup of the virtual machine before modifying parameters, in case you need to revert.

Parameters you might find it useful to modify include the following.

n heartbeat_period

n heartbeat_fail_action

n heartbeat_ignore_fail_count

n app_restart_retry_count

After you modify a parameter, you must stop and restart aurora_mon for your changes to take effect.

Table 13-2. Aurora_mon Parameters

Parameter Description

name (required) Name of the application. A short representative name that can contain thefollowing characters: a-z, A-Z 0-9, _(underscore),–(dash), and no whitespaces.You use this name to invoke commands on aurora_mon for this application.

descr (required) A longer but concise description of the application. The description is displayedin the CMS UI.

app_priority (optional, defaults to 0) A number from 0 to 99 that represents the global start/stop priority of theapplication in relation to other applications being monitored by aurora_mon.Applications are started and stopped in priority order (0 being the highestpriority, 99 being the lowest). An application with a lower priority is startedonly after all applications with a higher priority have been started. Applicationsare stopped in the reverse order. All lower priority applications are stoppedbefore an applications with a higher priority is stopped. If a priority is notspecified, it defaults to 0 (highest priority).

app_start_cmd (required) Command you use, such as any program, script, or executable file, to start theapplication. The start command is successful if the command exits with a zeroexit code. If the command does not complete in 300 seconds it is forciblyterminated.Stdout/stderr can be captured by the aurora_mon daemon if required(through –o and -e options of the aurora_mon daemon), otherwise it isredirected to /dev/null). To run the command as a specified user, you musthave an su –c wrapper or have set the setuid bit of the application.If you do not require a start command, you can use a command that exits witha zero exit code, for example /bin/true. An example of this is where theapplication is monitoring the amount of disk space on a mount point. There isno application to start.


154 VMware, Inc.

Table 13-2. Aurora_mon Parameters (Continued)

Parameter Description

app_stop_cmd (required) Command you use, such as any program, script, or executable file, to stop theapplication. You use this command typically during system shutdown or whenrestarting applications. The stop command is successful if it exits with a zeroexit code. The command must shut down the application cleanly (remove allprocesses, files, locks, and so on) so that a subsequent start command executeswithout problems. If the command does not complete in 300 seconds, it isforcibly terminated.If required, you can use the -o and –e options to have the aurora_mon daemoncapture stdout/stderr, otherwise it is redirected to /dev/null. To run thecommand as a specified user, you must have an su –c wrapper or have set thesetuid bit of the application.If you do not require a stop command, you can use a command that exits witha zero exit code, for example /bin/true. An example of this is where theapplication is monitoring the amount of disk space on a mount point. There isapplication to stop.

heartbeat_check_cmd (required) Command (any program, script, or executable) to check, the aliveness of theapplication. The ping is successful (the application is considered alive) if thecommand exits with zero exit code.If required, you can use the -o and –e options to have the aurora_mon daemoncapture stdout/stderr, otherwise it is redirected to /dev/null. To run thecommand as a specified user, you must have an su –c wrapper or have set thesetuid bit of the application.

heartbeat_period (optional, defaults to30)

The time in seconds between each heartbeat ping (heart_check_cmd is issuedevery heartbeat_period seconds). The value can be between 1 second and 600seconds, and defaults to 30 seconds if not specified. A new heart_beatcommand is not issued until the previous command finishes.

heartbeat_ignore_fail_count(optional, defaults to 0)

Specifies the number of consecutive heartbeat_check_cmd failures, afterwhich the application is considered to have failed. For example, ifheartbeat_ignore_fail_count is 3, the application is considered to havefailed after a fourth consecutive heartbeat_check_cmd executes. The first threefailures are ignored. This reduces the possibility of a false positive due tointermittent application problems or transient network problems that cause theheartbeat_check_cmd to fail.

app_restart_retry_count (optional,defaults to 3);app_restart_retry_freq (optional,defaults to 10 minutes)

The number of times aurora_mon attempts to restart an application after afailure, and the period of time that elapses before aurora_mon attempts to restartthe application. For example, if app_restart_retry_count is 3 andapp_restart_retry _freq is 10 minutes, aurora_mon makes three attemptsto restart the application and waits 10 minutes before trying again.

heartbeat_fail_action (optional,defaults to RESTART_APP)

The action taken when an application is considered to have failed (afterheartbeat_ignore_fail_count consecutive heartbeat_check_cmdfailures). The following values are acceptable:n JUST ALERT. Send alert only.n RESTART_APP. Restart the application (attempt

app_restart_retry_count times, and wait app_restart_retry_freqtime before you try again.

n RESTART_VM. Restarts the virtual machine by stopping the virtual machineapp monitoring SDK heartbeat to the underlying VMware HA service. TheHA virtual machine properties of the cluster determine the virtual machinerestart interval and counts.

n RESTART_APP_THEN_VM. Attempts to restart the applicationapp_restart_retry_count times. If the command fails to restart theapplication, it resets the virtual machine using the Guest and HAApplication Monitoring SDK.


VMware, Inc. 155

Manage the aurora_mon Monitoring AgentYou can stop, start, and verify the status of the aurora_mon monitoring agent.

Prerequisites

Refer to “aurora_mon Configuration Parameters,” on page 154 before modifying parameters.

Procedure

1 In vSphere, navigate to the Data Director vApp.

2 Select the Management Server, and click the Console tab.

3 Press the Enter key on your keyboard to activate the console and log in as root.

4 To stop aurora_mon, type service aurora_mon stop.

5 To start aurora_mon type service aurora_mon start.

6 To verify the status of the aurora_mon agent, type service aurora_mon status.

Result: When the following output appears, aurora_mon is functioning correctly.

Checking status of HA App Monitor . . .

HA App Monitor running (pid=5242).

Command completed successfully.

Modify aurora_mon Monitoring Agent ParametersYou can modify aurora_mon monitoring agent parameters if the default settings are not suitable for yourenvironment or administrative policies.

Prerequisites

Refer to “aurora_mon Configuration Parameters,” on page 154 before modifying parameters.

Procedure

1 In vSphere, navigate to the Data Director vApp.

2 Select the Management Server, and click the Console tab.

3 Press the Enter key on your keyboard to activate the console and log in as root.

4 Change to the /opt/aurora/ha/etc/aurora_mon_conf.d directory, and list the contents of the directory.

Change to the aurora_mon directory and list the contents of the directory.

localhost:~# cd /opt/aurora/ha/etc/aurora_mon_conf.d

localhost:~ localhost:~# cd /opt/aurora/ha/etc/aurora_mon_conf.d # ls

mon_data_disk_1st_thresh.conf mon_root_disk_1st_thresh.conf

mon_data_disk_2nd_thresh.conf mon_root_disk_2nd_thresh.conf

mon_dbg_disk.conf mon_tomcat.conf

mon_dhcpcd.conf sample.conf

mon_mgmt_adb.conf

5 Use a text editor and open a file.

For example, open mon_data_disk_1st_thresh.conf with the vi editor.

localhost:~ /opt/aurora/ha/etc/aurora_mon_conf.d

# vi mon_data_disk_1st_thresh.conf

[data_disk_usage_1st_thresh]


156 VMware, Inc.

name=management_server_data_disk_usage_80_perc

descr=Data disk usage monitor (1st threshold)

heartbeat_check_cmd=opt/aurora/ha/bin/mon_disk_space.sh -m

/opt/aurora/data -t 80

heartbeat_period_300

heartbeat_fail_action=JUST ALERT

heartbeat_ignore_fail_count=0

app_start_cmd=/bin/true

app_stop_cmd=/bin/true

app_priority=99

~

~

~

"mon_data_disk_1st_thresh.conf" [readonly] 10L, 352C 5,2 ALL

6 Change the value of a key-value pair.

For example, change the value of the heartbeat_period parameter from 300 seconds to 200 hundredseconds.

heartbeat_period=200

The time between each ping issued by the heart_check_cmd is changed to 200 seconds.

7 Save and close the file.

You must stop and restart aurora_mon for your change to take effect.

8 Type service aurora_mon stop to stop aurora_mon.

9 Type service aurora_mon start to restart aurora_mon.

What to do next

See “Manage the aurora_mon Monitoring Agent,” on page 156.


VMware, Inc. 157


158 VMware, Inc.

Managing Licenses 14Data Director offers evaluation and permanent product licenses. System administrators have fine-grainedcontrol of licenses and license assignment using the Data Director System Settings tab's Licensing pane.


n “License Management Overview,” on page 159

n “Counting Data Director Licenses,” on page 161

n “About Evaluation Licenses,” on page 161

n “Add License Keys,” on page 162

n “View License Information,” on page 162

n “View License Usage Information,” on page 163

n “Change the vFabric Postgres Database Usage Type,” on page 163

n “Remove License Keys,” on page 164

License Management OverviewSystem administrators manage Data Director product licenses from the Licensing pane of the Data DirectorSystem Settings tab.

Table 14-1. License Types and Descriptions

License Type Description

Evaluation Evaluation licenses let you use Data Director for a limited period of time atno cost. The evaluation product is fully functional, but support is notavailable.

Permanent Permanent licenses provide full product functionality and never expire.Support and Subscription (SnS) licenses are required for all permanentsoftware licenses.When you buy permanent licenses, they replace evaluation licenses you have.After you upgrade to permanent licenses, only your permanent licensesappear in the Licensing pane. After you add a permanent license, you can nolonger add evaluation licenses.

VMware, Inc. 159

The following are the vFabric Postgres database usage types.

vFabric Postgres Non-Production Use License

For internal development, quality assurance, proof of concept, or other testingpurposes.

vFabric PostgresProduction Use License

Includes use of vFabric Postgres databases in any manner other than Non-Production Use.

You can change the vFabric Postgres database usage type at any time.

You cannot remove the last remaining permanent or evaluation license.

Data Director will not accept a version 1.0 license key. When upgrading to Data Director 2.5, all existing DataDirector 1.0 license keys are removed. You must use a license key from Data Director 2.0 or the most currentrelease.

Data Director accepts vFabric Postgres 9.0 production license keys and vFabric Postgres 9.1 production licensekeys. You can mix and match them. For example, you can install a vFabric Postgres 9.0 license key and use itfor vFabric Postgres 9.1 production database.

Data Director does not require a vFabric Postgres license key for vFabric Postgres nonproduction use. Allexisting vFabric Postgres Non-Production Use license keys are removed during the upgrade process.

Data Director supports Oracle and Microsoft SQL Server databases, however, Data Director does not installOracle or Microsoft license keys. To manage license keys from these vendors, use the Oracle or Microsoftmanagement tools and follow their license policiy.

Table 14-2. License Key Requirements

Database type Data Director license key Database license key

vFabric Postgres Non-Production Use Apply license to Data Director. No license key needed.

vFabric Postgres Production Use Apply license to Data Director. Apply license to Data Director.

Oracle Apply license to Data Director. Follow Oracle policy.

SQL Server Apply license to Data Director. Apply license to Data Director.

Purchasing vFabric Developer SupportYou can optionally purchase vFabric Developer Support for Production Use and Non-Production UsevFabric Postgres databases.

Data Director requires SnS licenses. vFabric Postgres: Production Use databases also require SnS licenses.

n Basic SnS licenses provide weekday support for test, development, and noncritical deployments.

n Production SnS licenses provide focused, 24-hour support for production environments.

See the VMware Support Offerings Web site for details about the SnS licensing options. Manage your SnSlicenses through standard VMware support processes.

For details about your licensing arrangement, contact your VMware representative.

Roles and License Management TasksSystem administrators and organization administrators have licensing privileges by default, and can grant theView and Manage Licenses privilege to users. For example, an organization administrator can grant the Viewand Manage Licenses privilege to a database user. The database user can then view database licenseinformation and change the database usage type.

Organization administrators can view only their organization's license information.

Only system administrators can add and remove licenses.


160 VMware, Inc.

The license management tasks that you can perform depend on your role.

Table 14-3. License tasks

Task System Administrator Organization Administrator

View licenses Yes Yes

Add licenses Yes No

Remove Licenses Yes No

Change database usage type Yes Yes

View license usage summary Yes Organization usage only

View license usage per database yes Organization usage only

Counting Data Director LicensesYou count Data Director licenses according to the number of database virtual machines (DBVMs) andvFabric Postgres databases in use. If you use more licenses than you have purchased, you can purchaseadditional licenses or change how licenses are used.

n Data Director supports up to 32 vCPUs.

n Data Director requires one license per database virtual machine-vCPU pair, regardless of the databasetype and whether the virtual machine is powered on or off.

n Backup database virtual machines do not count towards your license total.

A vFabric Postgres production-use virtual machine requires one license for each virtual machine-vCPUs pair.For example, a four-vCPU vFabric Postgres production-use virtual machine requires two licenses.

Table 14-4. Licenses Required for a Single vFabric Postgres Virtual Machine

Number of vCPUs for a Virtual Machine Number of Licenses

1-2 1

4 2

. . . . . .

32 16

You can view Data Director and vFabric Postgres license usage in the Licensing pane of the Data DirectorSystem Settings tab.

About Evaluation LicensesEvaluation licenses offer full use of Data Director and vFabric Postgres databases at no cost for a limited periodof time (usually 90 days).

When you use the evaluation version of Data Director, a message appears when you log in that shows howmany days remain in the evaluation period. When the evaluation period expires the following functionalitybecomes unavailable.

n Backup

n Clone database

n Create database

n Import database

n Repair database

Chapter 14 Managing Licenses

VMware, Inc. 161

n Restart database

n Restore database

n Start database

You can upgrade evaluation licenses to permanent ones. When you purchase permanent licenses, VMwareissues one permanent license key per SKU. As a Data Director system administrator, you add the permanentlicense key(s) in the Manage & Monitor tab's Licensing pane. See “Add License Keys,” on page 162.

Adding permanent licenses upgrades your evaluation licenses to permanent ones.

n Permanent licenses replace the evaluation licenses.

n Only permanent licenses appear in the license list.

Add License KeysYou can use Data Director only if enough licenses are available. System administrators add license keys in theLicensing pane of the System Settings tab.

Prerequisites

n Obtain license keys for your Data Director products from your VMware representative.

n Log in to Data Director as a system administrator.

Procedure

1 Click the System Settings tab.

2 In the left pane, expand Other Settings and click Licensing.

3 In the License Keys section, click the plus (+) icon.

4 Enter product license keys in the License keys text box (one per line), and click Add License Keys.

5 (Optional) Enter a label for your license keys in the Optional label for license keys text box.

6 Click OK.

The licenses appear in the license key list.

View License InformationYou can view information about your Data Director and vFabric Postgres licenses in the Licensing pane of theSystem Settings tab. The information helps you determine whether you need additional licenses if you increasethe size of your Data Director installation.

You can monitor product license usage and assignments. What you view depends on whether you are a systemadministrator, organization administrator, or organization user with the View and Manage Licenses privilege.

Procedure

1 Log in to Data Director and click the System Settings tab.



162 VMware, Inc.

3 View the license information.

User Description

System administrator If you are a system administrator, view license information as follows.n Click the Licensing tab to view your product license and license key

information.n Click the Usage tab to view database license usage.

Other users If you are an organization administrator or a user with the View and ManageLicenses privilege, view license information as follows.n View your license usage in the Summary section of the Licensing pane.n View your databases and their usage types in the Databases section of

the Licensing pane.

View License Usage InformationYou can view license usage information about your Data Director and vFabric Postgres in the Licensing paneof the System Settings tab. The information helps you determine license usage for all or specific organizations,and over various time periods or during a period you specify.

You can view the license usage for each database, by vCPU number, or by database type.

What you can view depends on whether you are a system administrator, organization administrator, ororganization user with the View and Manage Licenses privilege.

Procedure

1 Log in to Data Director, and click the System Settings tab.

2 In the left pane, expand Other Settings and click Licensing

3 Click the Usage tab.

4 If you are a system administrator, you can select a specific organization from the organization drop-downmenu.

5 In the Summary section, select a time period from the drop-down menu, or specify a range.

Usage information for your selection appears. Usage information also appears for licenses currently inuse.

6 View license usage summary for organizations, database groups, database types, and license types in theDatabases section.

Change the vFabric Postgres Database Usage TypeYou can designate databases for Production Use or Non-Production Use. The default database usage type isNon-Production Use. You can change the database usage type at any time from the Licensing pane of yourorganization's System Settings tab.

n Use Non-Production Use databases for application development and testing purposes.

n Use Production Use databases for real-time, production applications.

Prerequisites

n Log in to Data Director as an organization administrator or as a user with manage licensing privileges.

Procedure



Chapter 14 Managing Licenses

VMware, Inc. 163

3 In the Databases section, select the database that you want to change.

You can select multiple databases to change their usage types in one operation.

4 Right-click, and select the usage type.

5 Click Yes to confirm the change.

The updates appear in the Type column and the Summary pane.

Remove License KeysTo reallocate licenses in the Data Director environment, system administrators can remove license keys in theLicensing pane of the System Settings tab.

Procedure

1 Log in to Data Director as a system administrator and click the System Settings tab.


3 In the License Keys section, click the license you want to remove.

4 Right-click the license, and click Remove.

5 Click Yes to remove the license.

The license no longer appears in the license keys list.


164 VMware, Inc.

IP Pool Management 15Data Director supports DHCP and IP pool options for network configuration. An IP pool consists of blocks ofIP addresses that Data Director can allocate to virtual machines on the Internal Network or DB Access Network.Data Director system administrators manage IP pools from the Network pane of the System Settings tab.

Data Director networks are generally configured during installation. System administrators and users withResource management privileges can make changes later, but you should consider the following points.

n Ensure that the IP addresses in the IP pool are free, and that they remain free for IP pool use.

n Networks with the same name (port group) share the same IP pool and must constitute a real subnet.

n Changes to the DB Access Network take effect when you restart the databases. See “Batch Operations andScheduled Tasks,” on page 99.

n Changes to the Internal Network take effect immediately.

n Switching IP allocation policy between IP pool and DHCP requires that there is no DBVM or there is noDBVM running, otherwise the switching operation will fail.

System administrators perform the following IP pool management tasks.

n Add, edit, and delete IP pool for specific Data Director networks.

n Reconfigure the Internal Network to use the IP pool network option.

n Reconfigure the DB Access Network to use the IP pool network option.


n “Add an IP Pool,” on page 165

n “Edit IP Pool,” on page 166

n “Delete an IP Pool,” on page 166

Add an IP PoolData Director system administrators and users with Manage Resource and Manage System Settings privilegescan expand the IP addresses available to the Internal and DB Access networks by adding IP pool.

Prerequisites

n Verify that your Data Director networks are configured to use IP pool.

n Guarantee that the IP addresses are free.

Procedure

1 Log in to Data Director as a system administrator or as a user with Resource Management privileges.

VMware, Inc. 165

2 In the System Settings tab, expand Other Settings and select Network.

3 Click the IP Pool tab.

4 Click the plus (+) icon to start the Create IP Pool wizard.

5 In the Network page, select the ESXi cluster and network for the IP pool, and click Next.

6 In the Edit IP Pool page, enter the Netmask and Gateway IP addresses.

7 (Optional) In the Edit IP Pool page, enter the IP addresses for DNS servers 1 and 2.

8 Click the plus (+) icon to start the Add IP Block wizard and enter the following information.

Option Description

Single IP To add one IP address, select Single IP and enter the IP address.

IP Block To add a block of IP addresses, select IP Block and enter the first and last IPaddresses for the IP address block.

9 Click OK.

10 Click Finish.

The IP pool is available and appears in the IP Pool list.

Edit IP PoolData Director system administrators and users with Manage Resource and Manage System Settings privilegescan modify the IP pool available to the Internal and DB Access networks.

Prerequisites

n Verify that your Data Director networks are configured to use IP pool.

n Guarantee that the IP addresses to add to an existing IP pool are free.

Procedure

1 Log in to Data Director as a system administrator or as a user with Manage Resource and Manage SystemSettings privileges.



4 Right-click an IP pool and select Edit IP Pool.

5 Modify the IP pool as required and click OK.

The IP pool appears in the IP Pool list.

Delete an IP PoolData Director system administrators and users with Resource Management privileges can remove an IP poolthat is no longer needed by the Internal or DB Access Networks.

Prerequisites

All IP address blocks of IP pool to be deleted must be free. If the IP pool to be deleted is usd by the DB AccessNetwork, switch to DHCP before deleting.

Procedure

1 Log in to Data Director as a system administrator or as a user with Resource management privileges.


166 VMware, Inc.



4 Right-click an IP pool and select Remove IP Pool.

5 At the prompt, click Yes.

Data Director removes the IP pool.

What to do next

Restart the databases that were assigned to the deleted IP pool.

Chapter 15 IP Pool Management

VMware, Inc. 167


168 VMware, Inc.

VMware vCloud Director Integration 16If vCloud Director integration is enabled for Data Director, Data Director system administrators can importvCloud Director organizations and their users into Data Director and allow operations on vCloud Directororganizations through the Data Director user interface.

If the System Health panel of your system dashboard shows vCloud Director Connectivity status, vCloudDirector integration is enabled.

Consider the following points.

n Only one vCloud Director instance can be associated with Data Director.

n Allow access to vCloud Director organizations by importing them into (binding them to) Data Director.See “Bind a vCloud Director Organization to Data Director,” on page 65.

n Importing a vCloud Director organization into Data Director also imports the organization's users. Bydefault, the vCloud Director users have no permissions in Data Director. Data Director organizationadministrators must grant permissions to the vCloud Director users to enable them to operate in DataDirector. See Chapter 3, “Managing Users and Roles,” on page 27.

n vCloud Director organizations and users are managed in vCloud Director. You cannot update vCloudDirector user information such as user names, passwords, and email addresses in Data Director.

n Imported vCloud Director organizations cannot access vCloud Director resources. Data Director systemadministrators must assign Data Director resource bundles to imported vCloud Director organizations.See “Managing Resources For Organizations,” on page 63.

n Imported vCloud Director organizations appear in the Organizations window with a Managed By valueof vCloud Director.

n Data Director system administrators can add organization administrators for imported vCloud Directororganizations. See “Add a vCloud Director Organization Administrator,” on page 171.

n Organization administrators for vCloud Director organizations can add and invite users to their importedvCloud Director organization in Data Director. Imported vCloud Director organization users can accessonly the bound vCloud Director organization they belong to in Data Director. They cannot be added orinvited to an original Data Director organization See “Add Users to Your Organization,” on page 33.


n “Enable vCloud Director Integration in Setup,” on page 170

n “Enable vCloud Director Integration after Setup,” on page 170

n “Edit or Disable vCloud Director Integration,” on page 171

n “Add a vCloud Director Organization Administrator,” on page 171

VMware, Inc. 169

Enable vCloud Director Integration in SetupData Director system administrators can enable vCloud Director integration during system setup.

Prerequisites

n Verify that the Data Director vApp is deployed but not set up.

n You must know the FQDN of the Management Server.

n See the VMware vFrabric Data Director Installation Guide for information about the setup wizard.

Procedure

1 In vSphere, start the setup wizard by typing the following URL into a Web browser.

https://FQDN/datadirector

2 In the User Management Mode step, select By Organization.

3 Click Enable vCloud Integration.

4 In the vCloud Director Integration window, enter the following information.

Option Description

vCloud Director URL The URL address of vCloud Director that will be integrated into DataDirector. The URL can be an IP address or a host name.

Administrator user name Administrator user name of the vCloud Director.

Administrator password Password for the administrator of vCloud Director.

5 Click OK.

The information about integrated vCloud Director appears under the By Organization option.

Enable vCloud Director Integration after SetupData Director system administrators can enable vCloud Director integration after the system is set up.

Prerequisites

n Data Director is set up with user management mode set to By Organization.

n vCloud Director integration was not enabled during setup.

Procedure


2 In the System tab, select System Settings.

3 Click General.

4 In the vCloud Director Integration section, cick Enable vCloud director Integration.


Option Description

vCloud Director URL URL address of vCloud Director that will be integrated to Data Director. TheURL can be an IP address or host name.

Administrator user name Administrator user name of the vCloud Director.

Administrator password Password of the administrator of vCloud Director.


170 VMware, Inc.

6 Click OK.

The vCloud Director Integration section of the General page indicates that vCloud Director is integrated.

Edit or Disable vCloud Director IntegrationData Director system administrators can edit vCloud Director integration information, or disable vCloudintegration.

Prerequisites

vCloud Director integration is enabled.

Procedure

1 In the System tab, select System Settings.

2 Select General.

3 In the vCloud Director Integration section, click Edit.

4 In the vCloud Director Integration window, edit the information.

5 Click OK.

The vCloud Director Integration section in the General panel indicates that vCloud Director is integratedwith Data Director.

6 To disable vCloud Director integration, click the Disable button and click Yes to confirm.

Add a vCloud Director Organization AdministratorData Director system administrators can add organization administrators to imported vCloud Directororganizations.

Prerequisites

Import a vCloud Director organization to Data Director.

Procedure


2 In the System tab, click Manage & Monitor.

3 Click Organizations.

4 Right-click the imported vCloud Director organization and select Properties.

5 Click Add.

6 Select Create a new Data Director user or select Choose an existing user.


Option Description

User name Enter a valid email address for the administrator user login.

Password Enter a password.

Confirm Re-enter the password to confirm it.

Account enabled Check the box to enable the administrator login immediately.

First name Enter the administrator user first name.

Last name Enter the administrator user last name.

Phone (Optional) Enter the administrator phone number.

Chapter 16 VMware vCloud Director Integration

VMware, Inc. 171

8 Click OK.

The organization administrator user name appears in the Organization Administrators list.

9 Click OK to exit.


172 VMware, Inc.

Reconfiguring Data Director Networks 17During installation, you set up the networks that carry the different types of Data Director network traffic.

Data Director has the following types of network traffic.

n Web Console Network

n vCenter Network

n DB Name Service Network

n Internal Network

n DB Access Network

You can reconfigure Data Director networks to improve throughput, for example, or provide better isolationfor certain types of traffic, or change network adapter configurations due to changes in your networkingenvironments. Depending on what network configuration you modify, you make the change through thevSphere Client or in the Data Director Web Console, or both. This chapter provides detailed instructions tomake network configuration changes.


n “Change the vCenter IP Address,” on page 173

n “Reconfigure the Web Console Network Mapping or Network Adapter,” on page 174

n “Reconfigure the vCenter Network Mapping,” on page 175

n “Reconfigure the vCenter Network Adapter Settings,” on page 175

n “Reconfigure the DB Name Service Network or DB Name Service Network Adapter,” on page 176

n “Reconfigure the Internal Network or Internal Network Adapter Mapping,” on page 177

n “Verify Network Settings in Data Director,” on page 178

n “Reconfigure the Database Access Network Used by a Database Group,” on page 178

n “Modify IP Pool Settings,” on page 179

Change the vCenter IP AddressAt certain times in the vCenter Server lifecycle, you might need to change the vCenter Server IP address. Tochange the IP address, you power off the Data Director vApp. If you update the vCenter Server IP addresswhile Data Director is running, Data Director cannot communicate with the vCenter Server system.

Procedure

1 Log in to vSphere Client as an administrator.

VMware, Inc. 173

2 Right-click the Data Director vApp and select Power Off.

3 Select Administration > vCenter Server Settings.

4 Click Runtime Settings.

5 Update the IP address in the Managed IP Address field.

6 Remove the vCenter Extension Service and add it back.

a Right-click the Management Server virtual machine, select Edit Settings, and click the vServices tab.

b Select vCenter Extension Installation and click Edit.

c Select <No Provider>.

d Click OK and click OK again to exit.

e Select the Management Server virtual machine .

f Click Edit Settings, and click the vServices tab.

g Select vCenter Extension vService as the provider.

h Click OK and click OK again to exit.

7 Turn on the Data Director vApp.

The Data Director vApp communicates with the vCenter Server system by using the updated vCenter ServerIP address.

Reconfigure the Web Console Network Mapping or Network AdapterDuring installation, you configure the Web Console Network mapping and the Web Console Network adapter.You can later reconfigure the Web Console Network mapping by editing the network settings of theManagement Server virtual machine in vSphere Client.

Prerequisites

Review the information about network settings in Data Director in the vFabric Data Director Installation Guide.

Procedure

1 Log in to the vSphere Client as an administrator, and select Inventory > Hosts and Clusters.

2 Select and expand the Data Director vApp.

3 Right-click the Management Server virtual machine, and select Power > Power Off.

4 Reconfigure the vSphere network that the Web Console Network maps to.

a In the vSphere Client, right-click the Management Server and select Edit Settings.

b Click the Hardware tab, and click Network adapter 1.

c Select Network Connection > Network Label.

d Select the appropriate network and click OK.

5 Reconfigure the Web Console Network Adapter.

a In the vSphere Client, right-click the Management Server and select Edit Settings.

b Click the Options tab.

c Select vApp Options > Properties.


174 VMware, Inc.

d Change the settings for FQDN, static IP address, netmask, DNS Server 1, or DNS Server 2, asappropriate.

e Click OK.

6 Right-click the Management Server virtual machine, and select Power > Power On.

What to do next

Verify the settings from the Data Director UI. See “Verify Network Settings in Data Director,” on page 178.

Reconfigure the vCenter Network MappingYou can reconfigure the network mapping for the vCenter Network by editing the settings for the ManagementServer and DB Name Server virtual machines in vSphere Client.

Prerequisites


Procedure

1 Log in to the vSphere Client as an administrator and select Inventory > Hosts and Clusters.

2 Right-click the Data Director vApp and select Power > Power Off.

3 Select and expand the Data Director vApp, and right-click the Management Server virtual machine.

4 Right-click the Management Server and select Edit Settings.

5 Reconfigure the vSphere network for the vCenter Network.

a Select the Hardware tab, and click Network Adapter.

b In the drop-down menu in the Network Connection > Network Label field, select the appropriatenetwork and click OK.

6 Right-click the Management Server virtual machine and click Power > Power On.

7 Repeat the process for the DB Name Server virtual machine.

What to do next

Verify the changes in Data Director. See “Verify Network Settings in Data Director,” on page 178.

Reconfigure the vCenter Network Adapter SettingsDuring installation, you specify the vCenter Network Adapter settings. You can later reconfigure the vCenterNetwork Adapter settings by editing the settings in Data Director.

Prerequisites


Procedure


2 Click the System tab, and select System Settings.

3 Expand Other Settings, and click Network.

Chapter 17 Reconfiguring Data Director Networks

VMware, Inc. 175

4 If necessary, enable or disable DHCP or Static IP for the network used as the vCenter network.

a Click Edit.

b Select or deselect the DHCPcheck box to enable or disable DHCP.

If the vCenter network and the Web console network map to the same network, you cannot disablethe existing IP allocation scheme (DHCP or static IP). You can enable a new IP allocation scheme forthe network used as vCenter network.

c Select or deselect the Static IPcheck box to enable or disable static IP, and enter the netmask if staticIP is enabled.

If the vCenter network and the Web console network map to the same network, you cannot disablethe existing IP allocation scheme (DHCP or static IP). You can enable a new IP allocation scheme forthe network used as vCenter network.

d Click OK.

5 To modify the vCenter network adapter settings for the Management Server-vCenter Network Adapteror DB Name Server-vCenter Network Adapter, in the Network Adapters section, click the DHCP button,or click the Static IP button and enter an FQDN.

6 Click Next.

7 Click Yes to confirm your selection.

Changes take effect immediately.

8 Click Next

9 Click Finish to complete the configuration.

10 Verify the IP address change in the vSphere Client.

a Log in to vSphere Client as an administrator.

b Select the Management Server virtual machine.

c Click the Summary tab, and examine the IP Addresses line.

d Click View all to check all IP addresses.

Reconfigure the DB Name Service Network or DB Name ServiceNetwork Adapter

During installation, you configure the DB Name Service Network and the DB Name Service Network Adapter.You can later reconfigure the DB Name Service Network or the DB Name Service Network Adapter by editingthe settings in the Data Director UI.

Prerequisites


Procedure



3 Expand Other Settings and click Network.

4 In the Network tab, click Edit Network Settings.

5 Click Next to skip vCenter Network setup.


176 VMware, Inc.

6 To reconfigure the DB Name Service Network mapping, select the appropriate network mapping in theDB Name Service Network drop-down menu, and click Next.

7 Click Edit next to the network name to enable or disable DHCP or static IP on a network.

a Select the DHCP check box to enable DHCP.

b Select the Static IP check box and enter a netmask to enable static IP.

c Click OK.

8 To change the DB Name Server network adapter setting, select DHCP or Static IP and enter an FQDN.

If you select static IP, enter the IP address.

9 Click Finish to commit your changes.

Reconfigure the Internal Network or Internal Network Adapter MappingYou can reconfigure the Internal Network or the Internal Network Adapter by editing the settings in the DataDirector UI. You can change Internal Network and Internal Network Adapter settings only when all databasevirtual machines are powered down.

Prerequisites


Procedure

1 Log in to Data Director as an administrator, and turn off all database virtual machines (DBVMs) bypowering down all databases.



4 Click Edit Network Settings.

5 Click Next to skip vCenter Network setup.

6 To reconfigure the Internal Network mapping, select the network mapping in the Internal Network drop-down menu and click Next.

7 To enable or disable DHCP, Static IP, or IP Pool addressing for the network, click Edit next to the networkname.

Option Description

DHCP Check the DHCP box to enable DHCP.

Static IP Check the Static IP box to enable static IP, and enter the netmask.

IP Pool Check the IP Pool box to enable IP Pool addressing. Enabling IP Pooladdressing enables Static IP. If no IP address range is configured, click thegreen plus icon and add and IP address range.

8 Click OK.


VMware, Inc. 177

9 To modify the internal network adapter settings for the Management Server - Internal Network Adapter,or the DB Name Server - Internal Network Adapter, select one of the following options.

Option Description

DHCP Check the DHCP box to enable DHCP, and enter a FQDN.

Satic IP Check the Static IP box to enable static IP addressing, and enter the IPaddress and an FQDN.

IP Pool Check the IP Pool box to enable IP pools If DHCP and IP Pool are both enabled, select one for the DBVM Servers–DB Internal Network Adapters,and one for the Management Server - Internal Network Adapter.

10 Click Finish to accept your changes.

11 Turn on all the DBVMs by powering on all the databases.

12 Log in to vSphere Client as an administrator, and verify the network settings.

a Right-click the DB Name Server virtual machine and select Edit Settings.

b Click Network Adapter 2.

The Network Adapter 2 Network label matches the change you made.

Verify Network Settings in Data DirectorAfter you reconfigure the network mapping or adapter in the vSphere Client, verify the changes in DataDirector. You must go through the complete Network Settings workflow to confirm that all settings are correct.If you test the network setup in Data Director without confirming the settings, the test fails.

You might have to reenter the network information in the Data Director UI if vCenter Server settings and DataDirector settings do not match.

Prerequisites

You modified network settings in vSphere.

Procedure


2 Click the System tab, and click System Settings.

3 Expand Other Settings and click Network.

4 Click Edit Network Settings.

5 Verify your network settings, and update the settings as necessary.

6 Click Finish.

7 Click Test Network Setup to verify that the network is in sync with the vCenter Server system.

Reconfigure the Database Access Network Used by a Database GroupYou can reconfigure the Database Access Network used by a database group from the Data Director UserInterface.

Procedure

1 In Data Director, power off all the database virtual machines (DBVMs) by powering down all databases.

2 Log into Data Director as a system administrator.


178 VMware, Inc.

3 If the new vSphere network to be used as the database access network is not in the resource bundle usedby the DBG, add the network to the Resource Bundle.

a Click the System tab, and click Manage and Monitor.

b Click Resource Bundles.

c Right-click the resource bundle, and select Properties.

d Click the Network tab, and click Edit.

e Find the network to add to the resource bundle, and click DHCP or IP Pool.

f If you select IP Pool but IP Pool has not been configured for this vSphere network, click Edit next tothe IP Pool and provide a netmask, a gateway and, optionally, DNS servers 1 and 2, and add at leastone IP address range.

g Click OK.

h Click OK in the Edit Networks window.

i Click OK in the Properties window.

4 Click the appropriate Organization tab, and click Manage and Monitor.

5 Right-click the database group and select Properties.

6 In the Network section, select an available vSphere network from the DB access network drop-downmenu to be used for the database group.

7 Click OK to submit the change.

Modify IP Pool SettingsYou can modify an IP Pool after you set it up. You can add or remove IP address ranges. You can also changethe gateway and DNS settings, but only if no IP addresses in the pool are in use.

Procedure


2 Click the System tab, and click System Settings.


4 Click the IP Pools tab.

5 Right-click an IP pool and select Edit IP Pool.

6 Click the green plus icon and add an IP address range not in use, and click OK.

7 To remove an IP address range, right-click the address range and click Delete.

You cannot delete an IP range that includes one or more addresses used by either the Management Server-Internal Network Adapter or the DB Name Server-Internal Network Adapter. You should reconfigurethose network adapters to use other addresses (possibly a Static IP address assignment instead of IP Pool).“Reconfigure the Internal Network or Internal Network Adapter Mapping,” on page 177

You can request deletion of an IP range that is assigned. The status for the IP range changes toReleasing but the IP addresses continue to be in use until the virtual machines using them are turned off.

You can also modify the Gateway and DNS server settings, but only if no IP addresses in the IP Pool arein use, that is, no IP Range has the Status Assigned.

8 Click OK.


VMware, Inc. 179


180 VMware, Inc.

Managing SSL Keys and Certificates 18Data Director enables the Secure Sockets Layer (SSL) protocol for all components, including the ManagementServer, the DB Name Server, and the DBVM. SSL secures both internal communications among componentsand communications from customers who access the database externally.

By default, Data Director generates an SSL key and certificate for all components. System administrators canreplace the automatically generated key and certificate with a custom key and certificate. When you apply acustom key and certificate, you cannot use the key and certificate that Data Director generated.

All key certificate pairs have a period of validity. The automatically generated pair expires after five years. Toensure continued security of data and communications, system administrators must update certificates beforethey expire.

Data Director currently supports only RSA keys and X509-formatted certificates. Supported keystore typesinclude JKS, JCEKS, and PCKS12.


n “Regenerate Management Server Key and Certificate,” on page 181

n “Import Management Server Key and Certificate,” on page 182

n “Edit Management Server Certificate,” on page 183

n “Regenerate DB Name Server Key and Certificate,” on page 183

n “Import DB Name Server Key and Certificate,” on page 184

n “Edit DB Name Server Certificate,” on page 184

n “Regenerate DBVM Key and Certificate,” on page 185

n “Import DBVM Key and Certificate,” on page 185

n “Edit DBVM Certificate,” on page 186

Regenerate Management Server Key and CertificateSystem administrators can regenerate the Management Server SSL key and certificate before it expires, toensure continuous security of communications.

Prerequisites

Verify that no custom key and certificate has been applied to the Management Server.

Procedure

1 Click System Settings.

2 Expand Other Settings and click Security.

VMware, Inc. 181

3 Right-click Management Server and select Regenerate.

A warning advises you that you must restart the Management Server to apply the new key after yourregenerate it.

4 Click OK.

Progress of the renewal of the automatically generated key and certificate for the Management Server,and of update tasks that distribute the Management Server root certificate authority (CA) to the DBVMs,appears in the right panel.

5 When the update process finishes, restart the Management Server virtual machine to apply the updatedkey and certificate.

A new key and certificate, valid for five years, is applied.

Import Management Server Key and CertificateSystem administrators can import a custom Management Server SSL key and certificate to replace the key andcertificate automatically generated by Data Director.

Prerequisites

Verify that you have a custom SSL key and certificate available.

Procedure



3 Right-click Management Server and select Import.

A warning advises you that the Management Server cannot access databases until you restart the server.After you restart the management server, the Edit Certificate option appears when you right-click on it.

4 Click OK.

5 Select a keystore type, and type a keystore password, a key alias, and a key password.

6 Click Browse and navigate to your custom keystore file.

7 Click Next, and click the Custom Certificates tab.

The text box shows the certificate chain automatically imported from the key store for the selected key.

8 Verify that the certificate chain is in the correct sequence, including the root certificate authority (CA) andall intermediate CAs if there are any, with the root CA at the bottom of the certificate list.

If the certificate chain in the key store does not fulfill the requirements, use the Upload, Delete, down,and up buttons to customize the certificate chain. Only the DER encoded certificate is supported.

9 Click Finish to import the custom key and certificate.

Progress of the custom certificate configuration for the management server, and of tasks that distributethe Management Server root CA to the DBVMs, appears in the right panel.

10 When the update processes finish, restart the Management Server virtual machine to apply the updatedkey and certificate.

The custom key and certificate is applied.


182 VMware, Inc.

Edit Management Server CertificateSystem administrators can edit a custom Management Server SSL key and certificate to replace the certiticatebefore it expires.

Prerequisites

Verify that a custom key and certificate is applied to the Management Server.

Procedure



3 Under SSL Configuration, right-click Management Server and select Edit Certificate.

A warning advises you to restart the management server after applying a new key. Any operations afteryou change the key can put the Management Server in an inconsistent state.

4 Click OK.

5 (Optional) Use the Upload, Delete, down and up buttons to edit the certificate chain.

6 Click OK.

Progress of the custom certificate configuration for the Management Server and of tasks that distributethe Management Server root CA to the DBVMs, appears in the right panel.

The new certificate is applied.

Regenerate DB Name Server Key and CertificateSystem administrators can regenerate the DB Name Server SSL key and certificate before it expires, to ensurecontinuous security of communications.

Prerequisites

Verify that no custom key and certificate has ever been applied to the DB Name Server.

Procedure



3 Right-click DB Name Server and select Regenerate.

A warning advises you that the DB name server will restart after the new key assignment finishes.

4 Click OK.

Progress of renewal of the automatically generated key and certificate for the DB Name Server, and oftasks that distribute the DB Name Server root certificate authority (CA) to the DBVMs, appears in the rightpanel.

A new key and certificate, valid for five years, is generated.

Chapter 18 Managing SSL Keys and Certificates

VMware, Inc. 183

Import DB Name Server Key and CertificateSystem administrators can import a custom DB Name Server SSL key and certificate to replace the key andcertificate automatically generated by Data Director.

Prerequisites


Procedure



3 In the SSL Configuration section, right-click DB Name Server and select Import.

A warning advises you that the DB Name Server automatically restarts after the new key assignmentcompletes.

4 Click OK.

5 In the Import window, select a keystore type, and type a keystore password, a key alias, and a keypassword.


7 Click Next and select the Custom Certificates tab.

The text box shows the certificate chain automatically imported from the key store for the selected key.

8 Verify that the certificate chain is complete and in the correct sequence, including the root certificateauthority (CA) and all intermediate CAs, with the root CA at the bottom of the certificate list.

If the certificate chain in the key store does not fulfill the requirements, use the Upload, Delete, down,and up buttons to customize it. Only the DER encoded certificate is supported.


Progress of custom certificate configuration for the DB Name Server, and of tasks that distribute the DBName Server root certificate authority (CA) to the DBVMs, appear in the right panel.

The custom key and certificate pair is applied.

Edit DB Name Server CertificateSystem administrators can edit a custom DB Name Server SSL key and certificate to replace the certiticatebefore it expires.

Prerequisites

Verify that a custom key and certificate has been applied to the DB Name Server.

Procedure



3 Under SSL Configuration, right-click the DB Name Server and select Edit Certificate.

A warning advises you that the DB Name Server restarts automatically after the new key assignmentfinishes.

4 Click OK.


184 VMware, Inc.

5 (Optional) Use the Upload, Delete, down, and up buttons to edit the certificate chain.

6 Click OK.

Progress of the custom certificate configuration for the DB Name Server, and of tasks that distribute theDB Name Server root CA to the DBVMs, appears in the right panel.


Regenerate DBVM Key and CertificateOrganization administrators can regenerate a DBVM key and certificate before it expires, to ensure continuoussecurity of communications. You can update a DBVM key and certificate after you provision the database. Fora vFabric Postgres database, you apply the SSL key and certificate to the DBVM, and to vFabric Postgres. Foran Oracle database, you apply the key and certificate only to the DBVM.

Prerequisites

Verify that no custom key and certificate has ever been applied to the DBVM.

Procedure



3 Right-click a database and select Properties.

4 Click the SSL tab, and click the Regenerate button.

A warning advises you that the database server restarts after the new key assignment finishes.

5 Click OK.

Progress of renewal of the automatically generated key and certificate update task appears in the rightpanel.

A new key and certificate, valid for five years, is generated.

Import DBVM Key and CertificateOrganization administrators can update a custom DBVM SSL key and certificate to replace the key andcertificate automatically generated by Data Director. You can update a DBVM key and certificate after thedatabase is provisioned. For a vFabric Postgres database, you apply the SSL key and certificate to the DBVM,and to vFabric Postgres. For an Oracle database, you apply the key and certificate only to the DBVM.

Prerequisites


Procedure

1 Click Manage and Monitor in your organization, and select a database group.


3 Right-click a database and select Properties.

4 Click the SSL tab, and click the Import button.

A warning advises you that the database server restarts automatically after the new key assignmentfinishes.

5 Click OK.

Chapter 18 Managing SSL Keys and Certificates

VMware, Inc. 185

6 Select a keystore type, and type a keystore password, a key alias, and a key password.


8 Click Next and click the Custom Certificates tab.

The text box shows the certificate chain imported from the key store for the selected key.

9 Verify that the certificate chain is complete and in the correct sequence, including the root certificateauthority (CA) and all intermediate CAs, with the root CA at the bottom of the certificate list.

If the certificate chain in the key store does not fulfill the requirements, use the Upload, Delete, down,and up buttons to customize the certificate chain. Only the DER encoded certificate is supported.


Progress of the custom key and certificate configuration for the DBVM appears in the right panel.

The custom key and certificate pair is applied.

Edit DBVM CertificateSystem administrators can edit a custom DBVM SSL key and certificate to replace the certiticate before itexpires.

Prerequisites

Verify that a custom key and certificate is applied to the DBVM.

Procedure



3 Under SSL Configuration, right-click the DBVM and select Edit Certificate.

A warning advises you that the DBVM restarts automatically after you edit the certificate.

4 Click OK.

5 (Optional) Use the Upload, Delete, down and up buttons to edit the certificate chain.

6 Click OK.

Progress of the custom certificate configuration for the DBVM appears in the right panel.



186 VMware, Inc.

Data Director Troubleshooting 19Troubleshooting information helps you when you encounter problems with your Data Director environment.See the Release Notes for discussions of known issues and for corresponding workarounds.


n “vCenter Server Stops Responding,” on page 187

n “Resource Bundles Become Unusable Because DRS Is Disabled,” on page 188

n “Missing Resource Pool,” on page 188

n “Troubleshooting for SSL Communication,” on page 189

n “Database Cannot Be Connected Using the JDBC Connection String,” on page 189

vCenter Server Stops RespondingA Lost vCenter Session alarm appears and vCenter Server is unavailable.

Problem

An alarm in the Data Director interface states the following:

Lost VCenter Session

In the System Health panel, vCenter Connectivity is associated with a red failure icon.

When you check the vCenter Server system event log, you see the following message:

The transaction log for database 'VIM_VCDB' is full. To find out

why space in the log cannot be reused, see the log_reuse_wait_desc

column in sys.databases

For more information, see Help and Support Center at http://url.

Cause

The SQL server that manages the vCenter Server database provides capabilities for recovering the database toany point in time since the last full backup. If no backups exist, the transaction log grows indefinitely or reachesthe maximum allowed limit and stops. See VMware Knowledge Base article 1003980 for backgroundinformation and solution.

Solution

Configure regular backups for the vCenter Server database or use simple recovery mode (no point-in-timerecovery).

VMware, Inc. 187

Resource Bundles Become Unusable Because DRS Is DisabledWhen a vSphere administrator disables DRS for the cluster that Data Director uses, all resource pools becomeunavailable.

Problem

If a vSphere administrators disables DRS functionality for the Data Director cluster from the vSphere Client,all resource pools become unavailable and the installation is unusable. Resource bundles, database groups,and storage and backup storage no longer work properly.

Renabling the cluster for DRS does not resolve the issue. No automated way for recovering from the situationexists.

Cause

vCenter Server supports resource pools only for clusters that have DRS enabled.

Solution

1 Reenable DRS for the cluster.

2 Delete all resource bundles and database groups that use the affected cluster.

3 Recreate the resource pools in vSphere, and recreate the resource bundles and database groups in DataDirector.

4 Import each database virtual machine into Data Director.

Missing Resource PoolWhen you create a resource bundle, the resource pool you want to use is not included in the list of resourcepools.

Problem

When you create a resource bundle you assign a resource pool that encapsulates the CPU and memoryresources. The resource pool you want to use is not available in the list of resource pools to choose from.

Cause

Data Director includes only resource pools that are compatible with Data Director resource bundles. A resourcepool must meet a set of criteria to be included in the list. If the criteria are not met, the resource pool is notincluded in the list of available resource pools.

The resource pool must meet the following requirements:

n Resource pool is not already in use by Data Director.

n CPU limit and CPU reservation must be the same.

n Memory limit and memory reservation must be the same.

n The resource pool has no child resource pools.

n The resource pool has no child virtual machines.

n The cluster configuration for the resource pool is compatible with Data Director.

Solution

1 To display the resource pool, uncheck Show only compatible clusters and RPs.

If the resource pool is displayed but is dimmed, it is incompatible.


188 VMware, Inc.

2 In Data Director, verify that the resource pool is not in use by Data Director by checking the resourcebundle list.

3 In the vSphere Client, verify that the resource pool meets the requirements.

n Resource pool settings are correct (limit equal to reservation, expandable checked, and so on.

n The resource pool is empty.

n The parent resource pool uses compatible vSphere HA and vSphere DRS settings. See “PerformAdvanced Cluster Configuration,” on page 26.

4 Ensure that the resource pool is included in a cluster that Data Director can access.

Data Director can access all clusters in the same vCenter Server data center but cannot access clusters ina different data center.

Troubleshooting for SSL CommunicationAfter updating the certificate, communication fails between the Management Server and the database and acertificate error occurs .

Problem

If communication fails between the Management server and the database, you must resynchronize thecertificates.

Cause

There is a certificate mismatch between the Management server and the database.

Solution

1 Restart the Management Server virtual machine after updating the key and certificate for it.

2 If the problem still exists, manually restart the DBVM.

a Right-click your database, and select Power > Stop.

b Wait for the DBVM stop task to finish, and the database has a Stoppedstatus.

c Right-click your database, and select Power > Start.

NOTE Power > Start will not restart the DBVM.

3 If the problems still exists, update the DBVM key or certificate manually.

4 If the problem still exists, repair the database virtual machine manually.

a Right-click your database and select Backup and Recovery > Recover Database from Last State.

A message warns that the database will not be accessible during the recovery.

b Click OK.

c Wait for the repair task to finish.

Database Cannot Be Connected Using the JDBC Connection StringWhen you connect to a database that uses the JDBC provided by Data Director, the connection fails.

Problem

vFabric Data Director provides a JDBC connection string for external applications to connect to its manageddatabases. Under rare conditions, connecting to a database using the JDBC connecting string can fail.

Chapter 19 Data Director Troubleshooting

VMware, Inc. 189

Cause

Several conditions can cause the problem.

n DB Name Server is powered off.

n Database server is powered off.

n Database service is stopped by management tools bypassing vFabric Data Director.

n Database IP Whitelist is configured incorrectly.

Solution

1 Verify that the DB Name Server status in System Health is green.

If the status is not green, ask the vSphere administrator to power on the DB Name Server.

2 Open the database in vFabric Data Director and check whether there is a Power State mismatch alarm.

If a mismatch alarm exists, repair the alarm. This action will power on the database server.

3 Connect the database through IP with the management tools that you use, and check the database status.

4 Open the database Properties dialog box and examine the IP Whitelist settings for the database.

The client machine must be in the IP Whitelist of the database.


190 VMware, Inc.

Index

AACID properties 13add catalog database 97add custom IP whitelists 68Add database owner account 102add databases to the catalog 97add IP pools 165add organization administrator to vCloud Director

organizations 171add post-clone scripts 115add pre-action and post-action scripts 139adding databases to organization catalogs 97adding users 33administer SQL 126Administration tab 142, 146alarms

custom 151database 105delete 152disabling 152

Alarms side bar 141analyze SQL query plan 127apply security groups to databases 68assign base DB template to resource bundle 43,

48, 57assign IP whitelist to databases 68associate post-clone script with a database 115aurora mon monitoring agent, modifying

parameters 156aurora_mon configuration 153aurora_mon configuration parameters 154aurora_mon monitoring agent, managing 156authentication 27, 28, 64author post-clone script 114authorization 27auto-vacuum 102, 123auto-vacuum settings 103automatic refresh profile for cloned

databases 118

Bbackup settings, for clone 110backup strategies 130backup template, creating 79backup template settings 132

backup template, selecting 133backup templates, modifying 80backups, monitoring 105base database virtual machines, apply a

patch 55base DB template, validating 43, 48, 57base DB templates

assign to resource bundles 43, 48, 57enabling 58, 76

basic database properties 102batch operations 99batch scheduled tasks 100bind vCloud Director organizations 65blank DBVM 37build a blank database virtual machine 44build SLES and Oracle base DBVM 40by organization mode 61By Organization user management mode 10

CCatalog tab use 98change basic database properties 102change database configuration settings 103change database usage type 163change the vCenter IP address 173choose default post-clone script 117clone a database 109clone configuration settings 111clone configuration summary 113clone database 86clone type 110clone types 107cloned database, refresh manually 118cloned databases

automatic refresh profile 118refresh 117

clones, configuring IP Whitelists for 113cloning

backup settings 110customization 109database configuration settings 110

cloning databases 107cluster alarms 146cluster configuration 26, 146configuration templates 75configure auto-vacuum 123

VMware, Inc. 191

configure clone options settings 112configure clone settings 111configure database refresh profile 93configure DB parameter group 77configure Oracle update chain 58configure tags for a clone 112connect to VDR 137constraint creation 125convert base DBVM to base DB template 42, 47,

56Create base database VM from template 55create base DBVM 41create check constraints 123create column constraints 123create constraints 125create database from catalog 86, 89create database schemas 123create databases 85, 87create DB parameter group 77create empty database 86, 88create foreign key 123create golden clone 93create IP whitelists 67create post-clone script in Data Director 114create SQL queries 126create system resource pool 21create tags 96create unique constraints 123create views 124creating users 33custom alarms 151custom kickstart file, repackage 45customizations 143customize cloning 109customize monitoring 148

Ddashboard, organization administrator 148Dashboard 142, 146Data Director

clone a database 109supported databases 12system architecture 9system hierarchy 10user management modes 10

Data Director administration 11database activity logs 105database administration 101database backup settings, changing 104database backup template 75database backups 129database calculator 103

database configuration settings, for clone 110database configuration template 75, 77database configuration templates 75database creation types 86database creator permissions 85database end of life 138database entities, managing 121database entities,managing 121database entity management 121database group, assign resource bundle 25database group privileges 31database groups

and resource management 72creating 73resource assignment 17resource isolation 72security 73

database IP whitelist 67database lifecycle 83database management 83, 121database performance statistics, monitoring 104database privileges 31database properties 102database property settings 103database recovery 129database resource allocation 104database resource settings, configure 103database schemas 123database settings, templates 77database storage allocation 85database tags 102database template, modifying 78database templates 75database version 104database VMDK 37database,connectingusing JDBC string 189databases

creating 87diagnostics package 142monitoring 150recover 135resource assignment 17

DB Access Networks 16DB Name Service Network reconfiguration 176DB parameter group, configure 77DBVM

blank 37building custom templates 44

DBVM OVA files, deploy 39DBVM template 37dedicated Oracle cluster 18define custom IP whitelists 68


192 VMware, Inc.

delete custom IP whitelists 68delete IP pools 166delete post-clone scripts 117deleting alarms 152deploy base database VM 44deploy DBVM template OVA files 39DHCP 16diagnostic packages 142diagnostics package 145disabling alarms 152downloadable DBVM OVA files 39DRS 18, 188dump-restore update 52

Eedit custom IP whitelists 68edit database backup settings 104edit DB name server SSL certificate 184edit DBVM SSL certificate 186edit IP pools 166edit management server SSL certificate 183Edit or disable vCloud Director integration 171edit post-clone scripts 115empty SQL Server database 88enable vCloud Director integration after

setup 170enable vCloud Director integration in setup 170encryption 28enter general database information 95evaluation licenses 159, 161Expandable Reservation setting 18external backup 131external backups, VDR 137

Ffiltering 96, 141filtering customization 141foreign key 123full clone 110full database clone 107

Ggeneral clone settings 111global mode 61Global user management mode 10golden clone

create 86, 93use case 86

grant direct permission 34grant permission 34

Iidentify target DBVM 55implementing security 27import backup sets 136import DB name server SSL key and

certificate 184import DBVM SSL key and certificate 185import management server SSL key and

certificate 182import VDR backup 138in place update 52in-place refresh 95ingest external database, requirements 90ingest external databases 93ingestion process settings 94initialize virtual machine 46install Linux on a blank virtual machine 45install Oracle 11g R2 software 47install Oracle into a base DBVM in vSphere 41install OS and DB software in a blank DBVM 49internal network, reconfigure 177internal network adapter mapping,

reconfigure 177IP address range 67IP pool management 165ip whitelists, for a clone 113IP whitelists, create 67

Kkickstart file

repackage 45requirements 49

Llicense, evaluation 161license counting 161license management 159licenses, view usage information 163lifecycle of database 83Limit setting 18linked clone 110linked database clone 107Linux, install on a blank virtual machine 45Linux ISO Image, repackage 45

MManage & Monitor 20, 22Manage & Monitor tab 142, 144, 146manage aurora_mon 156manage database backup settings 104manage database entities 121manage database settings 102manage DBVMs and base DB templates 37

Index

VMware, Inc. 193

manage SSL keys and certificates 181Management Server database, point-in-time

recovery 139managing cloned databases 117managing databases 83managing organizations 61modes

by organization 61global 61

modify aurora_mon 156modify IP Pool settings 179modify security settings 34modify SQL queries 126monitor customizations 144monitor database performance 104monitor database resource use 104monitor resource usage 22monitoring 142, 146monitoring customization 141monitoring Data Director environment 141monitoring organizations 146

Nnetwork reconfiguration 173non-production use license 159

OOracle database support in Data Director 13Oracle license issues and Data Director 18organization administrator, vFabric Data

Director 30organization dashboard 148organization operations 62organization permissions 32organization privileges 31, 32organization resources 63organization security settings 34organization user access 64organization user authentication 64organization-level operations 11organization, create 64organizations

monitoring 146resource assignment 17

OS/agent VMDK 37

Ppassword encryption 28patches for base database virtual machines 55permanent licenses 159permissions, propagation of 32PITR 130

point-in-time recovery 131, 138point-in-time recovery of Management Server

database 139point-in-time-recovery 130post-clone script management 113post-clone scripts 113preconfigured backup templates 133privilege propagation 32privileges

database 31database groups 31organization 31system 31template management 31

Processes and Locks tab 150production use license 159propagation

permissions 32roles 32

propagation of privileges 32provision databases 85

Qquery plan 127

Rreconfigure database access network 178reconfigure internal network 177reconfigure internal network adapter

mapping 177recover databases 135recovery 129refresh a cloned database 117refresh cloned database, manually 118refresh from an external database 95regenerate DB Name Server SSL key and

certificate 183regenerate DBVM SSL key and certificate 185regenerate management server SSL key and

certificate 181remove a database from the catalog 98remove license keys 164repackage custom kickstart file 45repackage Linux ISO Image 45reports, database statistics 105Reservation setting 18resource bundles

assigning 25creating 24

resource isolation 72resource management 15resource management and database groups 72


194 VMware, Inc.

resource pools, missing 188resource settings, templates 77resource template, modifying 78resources

monitor usage 22physical and virtual 15viewing 20

resources for database groups 72restore VDR backup 137RHEL and Oracle Database templates 44role-based access control 27, 29roles

add to an organization 33propagation of 32

run basic batch operations 99run batch database operations 99

Ssafeguarding data 129save post-clone scripts to external location 116schedule backups 134schedule database operations 99schedule tasks in batches 99schema 123schema data, creating tables for 123schema only clone 107, 110search filters 96search tags 96security, database groups 73security model 27security policies 27security policy 27security settings 34select active post-clone script 117self-service database provisioning 9snapshot backups 130, 131SQL management 126SQL management tasks 121SQL query 126SQL query management 126SQL query plan 127SQL Server, create empty database 88SSL

edit DB name server certificate 184import DB name server key and

certificate 184import DBVM key and certificate 185import management server key and

certificate 182regenerate DB Name Server key and

certificate 183

regenerate DBVM key and certificate 185regenerate management server key and

certificate 181SSL communication, troubleshooting 189SSL key and certificate, troubleshooting 189SSL keys and certificates, managing 181SSL,edit DBVM certicate 186SSL,edit management server certificate 183storage reservation 73supported vCPUs 161system architecture for Data Director 9system dashboard 143system privileges 31system resource bundle 15, 17system resource bundle, creating 22system-level operations 11

Ttables, creating for schema data 123tagging databases 102tags

creating 96using 96

tasks and events, database 105Tasks side bar 141template management privileges 31templates

database settings 77resource settings 77RHEL and Oracle Database 44

test network setup 178troubleshooting 187

Uupdate an Oracle database 54update chain management 52update database procedure 59, 100update database version 102update databases 100update DBVMs 100update mode 52upgrade database 102upgrade databases 100upgrade DBVMs 100upgrade scripts for Oracle 52user access 64user authentication 64user logins 29user management 27user management modes 10user permissions 34users, adding 33

Index

VMware, Inc. 195

Vvacuum analyze a database 122vacuum configuration 103validate base DB templates 43, 48, 57vCenter network adapter reconfiguration 175vCenter Network mapping reconfiguration 175vCenter Server IP address 173vCenter Server troubleshooting 187vCloud Director 171vCloud Director integration

edit or disable 171enable after setup 170

vCloud Director integration,enable in setup 170VDR

external backups 137import backup 138restore backup 137

VDR for Data Director vApp backup 136verify network settings 178verify VDR installation 137vFabric Data Director

components 10organization administrator 30

vFabric Postgres, database administration 13vFabric Postgres update chain 53view data, examining 125view database entities 122view database group statistics 105view database permissions 105view database statistics 105view license information 162view SQL query plan 127views, creating 124VMDK

database 37OS/agent 37

vSphere DRS 18, 188

WWALs 85web console network reconfiguration 174


196 VMware, Inc.

VMware vFabric Data Director Administrator and …...VMware vFabric Data Director Administrator and...

Documents

Transcript of VMware vFabric Data Director Administrator and …...VMware vFabric Data Director Administrator and...