Another area of enhancements in the 184.108.40.206 release of Enterprise Manager is Database Lifecycle Management, commonly known as DBLM. There have been enhancements and improvements right across the DBLM functionality, but for this blog I’d like to focus on the three areas that are arguably the most important from a customer’s perspective:
- Patching enhancements
- Compliance framework enhancements
- Database upgrade automation enhancements
Obviously, these areas have all been part of Enterprise Manager for quite some time, so this release has rounded out the coverage and capabilities we’ve already had in these areas. Let’s look at each of these in turn.
From a patching perspective, we’ve had patching capabilities for databases (and other objects) for a long time in Enterprise Manager. This release now has complete support for all the various types of database deployments – single instance, Real Application Clusters (RAC) and Data Guard environments – using the DBLM capabilities of Enterprise Manager. That means we now have support for a variety of configuration combinations for standby environments – single instance databases on both ends, RAC databases on both ends, RAC primary / single instance standby – and you can patch those environments one database at a time, or using mass deployments.
As you can see from the table below, this can be done both in place or out of place, with the single exception that out of place patching is not supported for single instance HA with single instance standby. The table also shows the versions that this is supported for:
Compliance Framework Enhancements
The compliance framework area within DBLM is another area that has been very popular with our customers, and like the patching enhancements, the 220.127.116.11 improvements in this area are designed to round out our existing capabilities. We now have out of the box a compliance check for a framework which is not actually an Oracle framework, but one which nevertheless is very important particularly to our Federal Government customers. That framework is the Security Technical Implementation Guide, more commonly referred to as STIG – no, not the Top Gear character for those that are familiar with that television show! 🙂 The STIG standard is one that our US Federal customers have to validate their initial and ongoing database deployments against, but the security checks and requirements that make up this standard can be equally useful to other customers as well. It’s very quick to see your current compliance score, as you can select the framework and see your score both as an overall total as well as being able to drill into more details, as shown in the screenshot below:
To enable this framework, there is a new check or rule called an agent side rule which formalizes the integration between configuration extensions and compliance rules. What this really means is that it is much faster and simpler to develop and manage custom compliance standards. We have married configuration extensions and compliance rules together so their lifecycles can be managed as one, which means both you can implement new compliance content more quickly and the load on the OMS has been reduced.
In addition to these features, there are a number of reporting or housekeeping capabilities added to the product in the area of compliance frameworks as well:
- Manual check rules – these allow you to check operations that can’t be automated, which every organization has e.g. is the data center door locked. You can now enter these sorts of checks into the product, and they will trip a violation that a user must manually attest the fact they have addressed the issue. That clearing can be done permanently, or until some future date (for example, till the next time the audit will occur)
- Manual violation suppression – sometimes the situation can arise where a violation occurs that you don’t have the time to immediately address. Users now have the ability to temporarily or permanently suppress the violation, which means that Enterprise Manager will still actually track the violation, but they will no longer negatively impact the score calculation
Database Upgrade Automation Enhancements
As Oracle Database 12c becomes more popular, database upgrade capabilities are also being more and more important to customers. The 18.104.22.168 release provides support for Grid Infrastructure and Database upgrades, both major version upgrade from 10.2+ to 22.214.171.124/4 and 126.96.36.199 database versions as well as minor version upgrades from 11.2 to 188.8.131.52 or .4.
Mass upgrades of databases within a cluster are now also supported. This can now be completely orchestrated, including the ability to provide placement to distribute the upgrade load across the cluster, the capability to switch back your Grid Infrastructure home, and rollback databases in case of failures.
Database upgrade is now also integrated with the popular database prerequisite checkers such as CVU, RACCheck and the pre-upgrade tool as well as (awful term alert) best practices (end awful term alert). The latest versions of these checkers get automatically downloaded into the software library so you can make use of them.
So again, a whole raft of improvements across the DBLM functionality in Enterprise Manager 184.108.40.206!