Oracle Fleet Management:

Nationwide Insurance and Financial Services Company's database teams discuss the importance of patching and upgrading Oracle databases for enhanced security. Learn about their strategies, constraints, results, and timelines. Understand the significance of implementing Critical Patch Updates for secure Oracle installations. Explore clustering technologies and database versions from 2014 to 2018.

• Oracle
• Fleet Management
• Database
• Patching
• Security

aciri Follow

Uploaded on Mar 06, 2025 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

Presentation Transcript

1. Oracle Fleet Management: Patch and Upgrade Your Databases Gary Henderson Vaithianathan Soundararajan

2. Nationwide Insurance and Financial Services Company Fortune 100 Company Contents Founded in 1925 43 Billion in Revenues* 221 Billion in Assets* 33,135 Employees* #53 on Fortune s "Best Companies to Work For" #27 in Computer World s "Best Places to Work in IT." *Fortune 500 Nationwide Database Teams

3. AGENDA Why Patch? Our Configuration Patching Alternatives Our Constraints Our Results How We Did It Our Timeline of Progress Summary Questions

4. SECURITY..SECURITY..SECURITY Center for Internet Security (CIS) 1 Oracle Database Installation and Patching Requirements One of the best ways to ensure secure Oracle security is to implement Critical Patch Updates (CPUs) as they come out, along with any applicable OS patches that will not interfere with system operations. 1.1 Ensure the Appropriate Version/Patches for Oracle Software Is Installed Profile Applicability: Level 1 - ...The Oracle installation version and patches should be the most recent that are compatible with the organization's operational needs. Rationale: Using the most recent Oracle database software, along with all applicable patches can help limit the possibilities for vulnerabilities in the software, the installation version and/or patches applied during setup should be established according to the needs of the organization. Ensure you are using a release that is covered by a level of support that includes the generation of Critical Patch Updates. https://workbench.cisecurity.org/files/2121/download/2346

5. Oracles Annual Release Roadmap Doc ID 742060.1

6. 2014 Clustering Technologies vs DB Versions 12.1.0.2 1% 11.2.0.4 1% RAC - MultiNode 17% 9.2.0.7 1% 11.2.0.3 36% Non-Clustered 34% 10.2.0.5 12% RAC 1 Node 17% 11.1.0.7 19% 11.2.0.2 30% Veritas 32%

7. 2016 Clustering Technologies vs DB Versions 10.2.0.5 1% Non-Clustered 14% RAC - MultiNode 16% 11.2.0.2 1% 11.1.0.7 6% 12.1.0.2 51% Veritas 10% 11.2.0.3 2% 11.2.0.4 39% RAC 1 Node 60%

8. 2018 Clustering Technologies vs DB Versions 18.3.0.0 1% Non-Clustered 9% RAC - MultiNode 12% 10.2.0.5 0% 11.2.0.4 9% 12.1.0.2 90% RAC 1 Node 79%

9. Patching Alternatives Cloud Provider applies Patches In place Challenging error recovery Longer Outage window All databases in the Home have to be patched together Rollback challenging Requires less storage than out of place options *no extra licensing Out of Place Unplug from old and plug into updated/pat ched May require double the memory resources *Multi-Tenant license required Out of Place Gold Image Homes/ Standardizati on Minimal Outage window *LifeCycle License Required? Out of Place Version 1: Switch Version 2: Db software maintenance Gold Image Homes / Standardizati on Minimal Outage window Utilizes OEM s deployment job system Scalable *LifeCycle License Required Cloud DBaaS Multi-tenancy OEM Fleet Maintenance Opatch Rapid Home Provisioning

10. Quarterly Patching Windows Switch/Update Using a team of three: DBA Db patcher DBA Clusterware patcher/Tester OEM - Administrator JANUARY m t w t f s s FEBRUARY m t w t f s s MARCH m t w t f s s 1 2 3 4 5 6 7 1 2 3 4 1 2 3 4 Each Quarter patch to previous quarter s PSU 8 9 10 11 12 13 14 5 6 7 8 9 10 11 5 6 7 8 9 10 11 15 16 17 18 19 20 21 12 13 14 15 16 17 18 12 13 14 15 16 17 18 Development patched during Wednesday window 22 23 24 25 26 27 28 19 20 21 22 23 24 25 19 20 21 22 23 24 25 29 30 31 26 27 28 26 27 28 29 30 31 Production patched during IRW window

11. PATCHING RESULTS Tot Exec Time Window Time Windows Success % # Dbs (Hrs) (Hrs) 2016:Devl 31 100 693 98.15 38.35 2017:Devl 44 99 1080 160.67 52.77 2018:Devl 42 100 1575 183.56 48.14 2016:Production 12 98 340 44.36 18.34 2017:Production 12 100 706 79.38 20.85 2018:Production 10 99 1000 105.35 18.24 11

12. OEM Fleet Maintenance (EMCLI) Version 1: Switch Version 2: Db_Software_Maintenance (Update) createSoftwareImage SWITCH_DATABASE subscribeTarget SWITCH_GI checkApplicability performOperation DEPLOY_GI_SOFTWARE UPDATE_GI DEPLOY_DB_SOFTWARE UPDATE_DB DEPLOY_RAC_SOFTWARE UPDATE_RACDB DEPLOY_CDB ATTACH_CDB ROLLBACK_DB RACDB ..GI CLEANUP_SOFTWARE Fleet Reference: https://bit.ly/2S4FZsz

13. Software Standardization Advisor

14. DB Software Maintenance Create Gold Image/Version createSoftwareImage Prior Quarter When the old home is no longer used .. Remove it. CLEANUP_SOFTWARE Associate Target to Corresponding Image subscribeTarget One time (two weeks prior) Patch Database moving it from the old to the new patched home UPDATE_RACDB Deploy new Oracle Home DEPLOY_RAC_SOFTWARE Two Weeks prior

15. Gold Image Version Lineage/Swim Lanes 12.1 DB Standard RAC 12.1 DB Standard Stand-Alone 12.1 DB One-Off RAC 12.1 DB One-Off Stand-Alone 11.2 DB Standard RAC 12.1 Grid Standard RAC 12.1 Restart Standard Stand-Alone 11.2 DB Standard Stand-Alone Ver 1 180417 Ver 1 180417 Ver 1 180417 Ver 1 180417 Ver 1 180417 Ver 1 180417 Ver 1 180417 Ver 1 180417 Ver 2 180717 Ver 2 180717 Ver 2 180717 Ver 2 180717 Ver 2 180717 Ver 2 180717 Ver 2 180717 Ver 2 180717 Ver 3 1810?? Ver 3 1810?? Ver 3 1810?? Ver 3 1810?? Ver 3 1810?? Ver 3 1810?? Ver 3 1810?? Ver 3 1810??

16. Clus_server1 Clus_server2

17. Our Automation Leveraging Db Software Maintenance

18. PROGRESS CRAWL, WALK, RUN FLY 2014Gold Image Provision of Database Homes 2015RAC Clusterware Upgrade from 11.2 to 12.1 (60) Some Database upgrades 11.2.0.2/3 to 11.2.0.4 2016 Q1 & Q2 Mandate ALL DB homes OEM provisioned Mandate ALL RAC Clusters built with OEM Continue upgrades 11.2.0.4 & 12.1.0.2 Q3 & Q4 Patch 1033 databases using Switch Database 1786 databases patched using Switch Database 2017 2018 2575 databases patched (so far) All databases patched in 2nd quarter 3rd Quarter moved from Switch to DB_Software_Maintenance 18

19. SUMMARY: RECOGNITION: Missing Nationwide team member John Norman Harini Srinivasan Bharat Paliwal Martin Pena Saurabh B Jain Oracle OEM Product Team: Harmeet Kaur Paras Narang Karthika Thirumalasamy Oracle OEM Dev Team: Oracle Senior Enterprise Account Executive Oracle Key Account Director for Nationwide Joe Johnston Stephan Saade OTHER SESSIONS: Hands On Lab (HOL6350) Next-Generation Database Patching - Wedneday 11:15 OEM kiosks at the Demo Grounds (MGMT-WU2) Oracle Fleet Reference Manual: https://bit.ly/2S4FZsz QUESTIONS ??? 19