by Porus Homi Havewala
Oracle Enterprise Manager 18.104.22.168 has been available since June 2015. From this release onwards, you could use an on-premises Enterprise Manager OMS (Oracle Management Service) to install hybrid cloud agents on Oracle Public Cloud (OPC) database servers and WebLogic servers; via an Enterprise Manager Hybrid Gateway mechanism.
This was the first time this was possible in Enterprise Manager, and it opened up an entirely new world of hybrid cloud management. You could now use an on-premises Enterprise Manager to effectively deep-manage Oracle databases both on-premises and on the Oracle cloud. You could compare detailed database, WLS, and server configurations and apply compliance standards equally. You could also clone Oracle 12c PDBs and Java applications from on-premises to a cloud CDB or WLS, and back again – all via the on-premises Enterprise Manager console.
The most powerful feature of Enterprise Manager from this release onwards is that it can manage the hybrid cloud from a single management interface. So you can have your databases and WLS servers that are on-premises in the company, as well as your Oracle public cloud (OPC)-based databases and WLS servers all managed via one central on-premises Enterprise Manager Installation. A single pane of glass, as it were.
Normal Enterprise Manager agents are installed on your on-premises servers, and special hybrid cloud agents installed (via the push mechanism of Enterprise Manager) on your cloud servers. The hybrid cloud agents work through a Hybrid Gateway - this is one of your on-premises Enterprise Manager agents that has been designated as such. The Hybrid Gateway actually works as a specialized SSH tunnel of sorts.
Once the hybrid cloud agents start talking to the OMS, you as the Database Administrator are able to see all your databases and WLS servers either on-premises or on the cloud – and clone PDBs and Java applications easily to and fro from the cloud via Enterprise Manager.
Besides this, you can also use the other features of the Enterprise Manager packs, such as Diagnostics, Tuning, Database Lifecycle Management (DBLM) and so on in the hybrid cloud. For example, as part of DBLM, you can perform configuration comparisons between on-premises and cloud databases or WLS servers or host servers, and also compliance checks. In this way you can make sure your entire enterprise cloud – son-premises as well as public cloud – is strictly compliant to standards, and adheres to configuration guidelines with controlled configuration deviations.
But why would you want to use a hybrid cloud in the first place? Well, to start with, many clients may not want to use the public database cloud for all their databases. They may keep their critical databases on-premises, and have some test or development databases in the cloud, or perhaps they would agree to place some non-critical databases on the cloud. So in this scenario, they would have a number of local on-premises databases and at the same time a few public cloud databases. This is what is known as a hybrid cloud – multiple databases running on-premises as well as in the public cloud.
In this article series, we will look at the steps for setting up the Oracle hybrid cloud via the latest version = Enterprise Manager Cloud Control 13c. We will follow the pre-steps, and then install a Hybrid Cloud Agent via the Enterprise Manager Hybrid Gateway. Next, we will go through the steps of configuration management and comparisons for the hybrid cloud, and finally we will test out the cloning of PDBs to the cloud.
Pre-setup steps for the hybrid cloud include setting up one of your OMS agents as the Hybrid Gateway agent, creating SSH keys for the OMS server, and creating a Named Credential with SSH key credentials for the hybrid cloud.
Pre-setup Steps for Hybrid Cloud
For the hybrid cloud capability, the following pre-steps are required on your Oracle Enterprise Manager installation. We will execute these one by one.
Pre-setup Step 1
First, register any agent in your Enterprise Manager local (on-premises) installation as the Hybrid Gateway agent. Preferably choose an agent which is not your main OMS server agent; e.g., the agent could be on one of your target servers which is not too heavily loaded with monitoring and managing its own targets.
The Enterprise Manager Command Line Interface (EM CLI) is used for the purpose of registering the Hybrid Gateway Agent. Login in as the Oracle UNIX user, and move to where EM CLI is installed on your target server. Login first to EM CLI as sysman, and then issue the register command as shown below. The host name is x’ed out for privacy reasons.
./emcli login -username=sysman ./emcli register_hybridgateway_agent -hybridgateway_agent_list='xxxxx.sainath.com:3872'
This registers the agent as a Hybrid Gateway Agent. There are ways to register an additional agent as a slave or secondary agent that can take over the monitoring if the master or primary gateway agent goes down, but for now we will only set up one agent since this is an example run.
An important point to note is that if you have a lot of cloud database servers, you should make it a point not to use only one gateway agent to communicate to all of these. Instead, set up multiple gateway agents to talk to different cloud servers.
For example, one gateway agent can be used to talk to 5-10 cloud servers, another gateway agent can be used to talk to other cloud servers, and so on. The architecture in this case is very important and needs to be set up in a well-planned manner.
This relationship between which gateway agent talks to which hybrid cloud agent is set up when the hybrid agent is installed on each cloud server, as we will see later on. When installing the agent on one or multiple servers, you select the gateway agent to use.
Pre-setup Step 2
The next step is to generate SSH keys for the OMS Server. Login to the OMS host as the Oracle UNIX user, and type:
ssh-keygen -b 2048 -t rsa Enter passphrase
Importantly, you should not use a passphrase; just press enter. The SSH keys you generate will be used in an Enterprise Manager Named Credential that we will create in the next step, and a passphrase is not supported for use with SSH keys in Named Credentials.
The ssh-regkey utility generates two files in the .ssh sub-directory under the Oracle Unix user’s home, as seen below:
We will continue the pre-setup steps in the next part of this article series. After that, we will set up the credentials and then proceed to installation of the cloud agent.