In Sammlung (en) In der gespeicherten
  1. Ingenieurwissenschaft
  2. Informatik
  3. Datenbank

IWR - CERN Indico

Werbung 
Forschungszentrum Karlsruhe
in der Helmholtz-Gemeinschaft
Oracle Network Configuration
Dr. Doris Wochele (Karlsruhe)
LCG 3D Database Administrator Workshop
Thursday 23 March 2006
Rutherford Appleton Laboratory / UK
Institut für Wissenschaftliches Rechnen
IWR
Ideen
werden
Realität
Presentation Overview












23.3.2006
Recapitulation Oracle NET architecture
Naming Methods
The Listener
Get connected ..
Listener Control Utility
init-Parameter, sqlnet.ora, tnsnames.ora
Failover and Load Balancing
Connection Manager and Directory Server Concepts
Troubleshooting, Trace and Logging
Security
Client Types
Easy Connect
D.Wochele
IWR
Ideen
werde
nRealität
Oracle Net Architecture
Oracle Net
► is NO transport protocol
► is a software component between server and client
► is using a network protocol (TCP/IP)
The Application can be
► oracle client
► JDBC OCI Client with oracle client
► JDBC Thin Client without oracle client
23.3.2006
D.Wochele
IWR
Ideen
werde
nRealität
Naming Methods
► Oracle Names  no longer supported
► Local Naming
– define DB-connection in local files (sqlnet.ora, tnsnames.ora) on DB and every
client
► Directory Naming
– Set up a central LDAP Server to store all connection information
► Easy Connect Naming
– Identify the DB-connection completely in the connection-string
► External Naming
– NIS-Service or DCE Environment -> who is using this?
Tools
► Oracle Net Manager
– configure naming method, profiles, listeners
– $ORACLE_HOME/bin/netmgr
► Oracle Net Configuration Assistant
– $ORACLE_HOME/bin/netca
– basic tool, runs after installation
► Virtual IP Configuration Assistant
–
–
23.3.2006
CRS tool runs under root
map virtual IP to nodes
D.Wochele
IWR
Ideen
werde
nRealität
The Listener
Listener Details
► Control utility to start/stop and configure the listener
$ORACLE_HOME/bin/lsnrctl
► Configuration file for listener
$ORACLE_HOME/network/admin/listener.ora
► Server listener process. Read the configuration file “listener.ora” for information's
as port numbers or SID’s
$ORACLE_HOME/bin/tnslsnr
Listener Modes
► Database
Access to a database service
► Executable
Access to operation system executables (used by oracle)
► PLSExtProc Method of PL/SQL packages to access operating system
executables
SID_LIST_LISTENER_RACLINUX1 =
Question: Are external procedures necessary?
(SID_LIST =
Can we delete this entries?
(SID_DESC =
(SID_NAME = PLSExtProc)
(ORACLE_HOME = /u01/app/oracle/product/10.2.0/db_1)
(PROGRAM = extproc)
)
Ideen
werde
)
IWR nRealität
23.3.2006
D.Wochele
listener.ora
Is a local DB-Configuration file for...
► connection protocol addresses
► (static defined) services to listen for
► control parameters
► to name the listeners
(in RAC: listener_name_nodename)
Question: Do we need this for OEM?
Some Parameters
► LOG_DIRECTORY_listener_name (FILE)
► TRACE_LEVEL_listener_name (DIRECTORY,FILE,..)
► QUEUESIZE (Number of concurrent requests default=5)
► RECV_BUF_SIZE
Port Numbers
► 1521
► 1522-1540
► 1630,[1830]
► 2483,[2484]
23.3.2006
older oracle standard port
used for listeners
default for connection manager, [cman-admin]
official registered for TNS listener, [with SSL]
D.Wochele
IWR
Ideen
werde
nRealität
Example listener.ora
LISTENER_RACLINUX1 =
(DESCRIPTION_LIST =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = raclinux1-vip.us.oracle.com)(PORT = 1521)))
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.203.11)(PORT = 1521))
)
)
)
LISTENER2_RACLINUX1 =
(DESCRIPTION_LIST =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = raclinux1-vip.us.oracle.com)(PORT = 1522))
)
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.203.11)(PORT = 1522))
)
)
)
Example: 2 instances, each with 1 listener on different ports on a single server
23.3.2006
D.Wochele
IWR
Ideen
werde
nRealität
Get Connected with Listener
is a process on DB-Server to handle connections
DB-registration (pmon registers himself to the listerers )
►
►
►
►
►
►
►
►
read init-parameter
looks for TNS_ADMIN variable or looks in $ORACLE_HOME/network/admin
read sqlnet.ora to detect profile settings
uses local tnsnames.ora to detect listeners
read cman.ora if existent
tries to register DB-Services to the LISTENERS
or/and tries to register on Connection Manager for a service
default registers to Port 1521 or default „LISTENER“
Client connection
►
►
►
►
client looks for connection parameter in local tnsnames.ora (or EZconnect)
client broadcasts a request for connection to a service
listener brokers the request and forwards it to the database
listener starts server-process and delivers the address (or the address of
the dispatcher) to the client
23.3.2006
D.Wochele
IWR
Ideen
werde
nRealität
Listener Control Utility
►
►
►
►
$ORACLE_HOME/bin/lsnrctl
lsnrctl STOP [ listener_name]
lsnrctl START [ listener_name]
lsnrctl STATUS [ listener_name]
– is it started?
– where is the log or trace file?
► lsnrctl SERVICES
– what services are up/used?
– Is the load balanced ?
23.3.2006
D.Wochele
IWR
Ideen
werde
nRealität
INIT Parameter
► SERVICE_NAMES
– list of possible client connection names
– default is global_dbname (DB_NAME+DB_DOMAIN)
Question: should we predefined common service names like atlas_geom,
atlas_calib?
► INSTANCE_NAME (= SID)
– set to identify the database instance to access.
– used by OEM or in administrative tools
► LOCAL_LISTENER
– identifies the listener for the local server instances for pmon register
process
– not necessary if Port 1521 is used (?) - i suggest to set it anyway!
► REMOTE_LISTENER
– identifies listeners on other instances (node 2 of RAC) for pmon
registration
– identifies global list of listeners
– needed to ensure failover
23.3.2006
D.Wochele
IWR
Ideen
werde
nRealität
sqlnet.ora
Is a profile for...
► default domain to append to unqualified service names or net service names
► order of naming methods
► logging, tracing, routing
► security, access control
Example: NAMES.DIRECTORY_PATH= (TNSNAMES)
Parameter (can mostly be overwritten by client)
► SEND_BUF_SIZE, RECV_BUF_SIZE
– default 16k
– buffer size <Byte> = (network bandwidth <bit/sec> / 8) x (roundtrip time <msec> /
1000)
use an average „ping time“ as roundtrip time
– set in sqlnet.ora for all connections
– mostly only the receive buffer is set in the client connection string
► SQLNET.SEND_TIMEOUT
–
limits the send-data-process from db
► SQLNET.RECV_TIMEOUT
–
limits the send-data-process from client
► USE_DEDICATED_SERVER
–
23.3.2006
appends (SERVER=dedicated) to the connect data for a connect descriptor.
D.Wochele
IWR
Ideen
werde
nRealität
tnsnames.ora
Is a local connection-configuration file
► contains net service names mapped to connect descriptors
net_service_name=
(DESCRIPTION=
(ADDRESS=( protocol_address_information))
(CONNECT_DATA=
(SERVICE_NAME=service_name)))
some parameters
► SERVER=DEDICATED vs.SHARED
– as streams-user or admin use only DEDICATED
– as a short-time connection (like a web server) use SHARED.
– be sure not to use SHARED for fast sequences of SQL‘s
Question: What are the requirements of the experiment services?
► Use explicit service_name
(do not use GLOBAL_DBNAME) in RAC
23.3.2006
D.Wochele
IWR
Ideen
werde
nRealität
Example Server tnsnames.ora – Listeners
LISTENER_RACDB1 =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = raclinux1-vip.us.oracle.com)(PORT = 1521))
(ADDRESS = (PROTOCOL = TCP)(HOST = raclinux1-vip.us.oracle.com)(PORT = 1522))
)
LISTENER_RACDB2 =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = raclinux1-vip.us.oracle.com)(PORT = 1522))
(ADDRESS = (PROTOCOL = TCP)(HOST = raclinux1-vip.us.oracle.com)(PORT = 1521))
)
Question: You find often the real IP in addition here? Why?
LISTENERS_RACDB =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.203.11)(PORT = 1521))
(ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.203.11)(PORT = 1522))
(ADDRESS = (PROTOCOL = TCP)(HOST = raclinux1-vip.us.oracle.com)(PORT = 1522))
(ADDRESS = (PROTOCOL = TCP)(HOST = raclinux1-vip.us.oracle.com)(PORT = 1521))
)
init-Parameter
racdb1.local_listener
= LISTENER_RACDB1
racdb1.remote_listener = LISTENER_RACDB2
Question: Is RACDB the „remote“ ?
23.3.2006
D.Wochele
IWR
Ideen
werde
nRealität
Example Server and Client tnsnames.ora – Services
RACDB1 =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = raclinux1-vip.us.oracle.com)(PORT = 1522))
(ADDRESS = (PROTOCOL = TCP)(HOST = raclinux1-vip.us.oracle.com)(PORT = 1521))
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = RACDB)
(INSTANCE_NAME = RACDB1)
)
)
RACDB =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = raclinux1-vip.us.oracle.com)(PORT = 1521))
(ADDRESS = (PROTOCOL = TCP)(HOST = raclinux1-vip.us.oracle.com)(PORT = 1522))
(LOAD_BALANCE = yes)
(FAILOVER = false)
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = RACDB)
)
init-Parameter
)
service_names = RACDB, list of service names
23.3.2006
D.Wochele
IWR
Ideen
werde
nRealität
RAC Failover an Load Balancing
Failover and load balancing are set in the connection parameters
Failover (Instance1 (I1) died)
► all new connects go to I2 and reestablishes client connections on I2
► no restore of session parameters or program variables
► all selects are re-executed on I2
► active transactions are rolled back
► DDL were canceled
► parameter (type, method, retries) for client TAF in tnsnames.ora
► see v$session for TAF status
► server side TAF policy (you do not have to encode TAF on the client
connection string)
Load Balancing
► shared server config.: balanced select of dispatchers
► dedicated server config. : balanced select of listeners
Cluster Interconnect
► not stable over cross-over CAT5 Cable  network switch
► CRS does not support a redundant Cluster Interconnect (with 2 network
cards or IP-addresses)
Question: What services should be run in shared/dedicated mode
Ideen
with or without TAF or LB?
werde
23.3.2006
D.Wochele
IWR
nRealität
Connection in a Private Network
node 1
public network
private network
IP1
VIP1
SAN
PIP1
VIP1,VIP
IP1, IP2 ?
network switch
PIP2
VIP2
IP2
Database:
Services A,B,C
Flash Rec Area
node 2
23.3.2006
D.Wochele
IWR
Ideen
werde
nRealität
OCM Oracle Connection Manager
►
►
►
►
►
►
act as a TNS-proxy with access-control
additional installation
cmctl
$TNS_ADMIN/cman.ora
DB register with init-parameter REMOTE_LISTENER=proxy
tnsnames.ora
SOURCE_ROUTE=yes
proxy=(PROTOCOL=TCP)(HOST=lcgdbka1.fzk.de)(PORT=1541)
CMAN_KA=
(CONFIGURATION=
(ADRESS=(PROTOCOL=TCP)(HOST=lcgdbka1.fzk.de)(PORT=1541)
(RULE_LIST=
(RULE=(SRC=141.52.*)(DST=DB1.gridka.de)(SRV=*) (ACT=ACCEPT))
(PARAMETER_LIST=
(MAX_GATEWAY_PROCESSES=12)
(MIN_GATEWAY_PROCESSES=2)
(REMOTE_ADMIN=YES)
)
Question: Does cman fully support load balancing and failover?
)
23.3.2006
D.Wochele
IWR
Ideen
werde
nRealität
Connection in a Private Network
node 1
public network
private network
IP1
VIP1
SAN
PIP1
CMAN (IPxxxx)
NIC1
NIC2
network switch
Proxy
CMAN
PIP2
VIP2
IP2
Database:
Services A,B,C
Flash Rec Area
node 2
23.3.2006
D.Wochele
IWR
Ideen
werde
nRealität
Directory Server
► LDAP compliant directory server
► central repository for
– network information
– user policies
– user authentication and security
► ldap.ora on db-servers
and clients
assets and drawbacks
► a typical bottleneck!
► no distribution of client
config files
Question :
Is this a possible concept?
23.3.2006
D.Wochele
IWR
Ideen
werde
nRealität
Oracle Net Troubleshooting
► ping hostname_node1[2]
► check network cards and connection
–
–
–
–
–
–
►
►
►
►
ifconfig
ethtool
iperf
netstat
tcpdump
ethereal
tnsping service_name from server_node1[2]
tnsping service_name from client
lsnrctl services
sqlplus scott@service_name
23.3.2006
D.Wochele
IWR
Ideen
werde
nRealität
Trace and Logging
Sqlnet.log
► pmon registration to listener
tail -f listener.log --> 01-MAR-2006 16:11:46 *
service_update * RACDB1 * 0
Listener Log
► Set LOG_STATUS=ON (default=OFF)
► $ORACLE_HOME/network/admin/<SID>.log is default
► Contains listener commands
► Only client connects, no further information
Listener Trace
► much load, capture all NET-traffic
► for debugging only
23.3.2006
D.Wochele
IWR
Ideen
werde
nRealität
Security
Listener
► in 10g listener runs under OS authentication, listener password only
necessary to restrict remote control
► password accessible in listener.ora, protect by file-rights
► Set ADMIN_RESTRICTIONS_listener_name=ON allow no remote
parameter changes (only listener.ora)
#----ADDED BY TNSLSNR 13-MAR-2006 17:33:29--PASSWORDS_LISTENER_RACLINUX1 = 1DF5C2FD0FE9CFA2
SAVE_CONFIG_ON_STOP_LISTENER_RACLINUX1 = ON
LOGGING_LISTENER_RACLINUX1 = ON
#-------------------------------------------
► delete extproc–entry in listener.ora to prevent program-routines to act as
oracle-user ?
SQLNET
► using Certificate Authority for PKI ?
(Oracle Advanced Security supports CyberSafe, RADIUS, Kerberos, SSL,
Windows NT native authentication (NTS))
► using checksums ? (SQLNET.CRYPTO_CHECKSUM_SERVER)
► using encryption? (SQLNET.ENCRYPTION_SERVER)
23.3.2006
D.Wochele
IWR
Ideen
werde
nRealität
Client Types
► full client
► instant client
– installation involves copying a small number of files.
– less client-side requirements
– no loss of functionality or performance for applications deployed in
Instant Client mode.
– it is simple to package applications
– configuration files are read
(set TNS_ADMIN or $ORACLE_HOME to find them)
url="jdbc:oracle:oci:@//example.com:5521:bjava21"
url="jdbc:oracle:oci:@(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)
(HOST=dlsun242) (PORT=5521))
(CONNECT_DATA=(SERVICE_NAME=bjava21)))"
23.3.2006
D.Wochele
IWR
Ideen
werde
nRealität
Easy Connect
► CONNECT
username/ password@ host[: port][/ service_name][/ instance_name]
► no LDAP, no tnsnames.ora
► SQLNET.ora
– NAMES.DIRECTORY_PATH=(EZCONNECT)
► only client have to be 10g (you can connect to 9i)
► EZConnect Alias
– Client name resolution for service-name
(e.g. 141.52.167.211 cgcl1.fzk.de)
• DNS
• /etc/hosts
Examples:
connect scott/[email protected]:1521/service
JDBC:connect scott/tiger@//orcl.fzk.de:1521/service
► Easy Connect provides NO Failover or Load Balancing!
23.3.2006
D.Wochele
IWR
Ideen
werde
nRealität
Zugehörige Unterlagen
Online Casino Gratis Kostenlos Online Casino Spielen Ohne
Online Casino Gratis Kostenlos Online Casino Spielen Ohne
Oracle Forms
Oracle Forms
How Mokia Uses Oracle Spatial to Create the NAVTEQ Map
How Mokia Uses Oracle Spatial to Create the NAVTEQ Map
Java Cloud Service
Java Cloud Service
OWB
OWB
What is Data Mining? - Oracle Data Warehouse Community Seite
What is Data Mining? - Oracle Data Warehouse Community Seite
Development Tools
Development Tools
container database
container database
Top Five Ways Swiss Mobiliar Improved Business
Top Five Ways Swiss Mobiliar Improved Business
IBM Power Systems for Oracle Database 11g Release 2
IBM Power Systems for Oracle Database 11g Release 2
Apache + ORDS Quickstart für Produkionsumgebungen
Apache + ORDS Quickstart für Produkionsumgebungen
12c SQL Pattern Matching – wann werde ich das benutzen?
12c SQL Pattern Matching – wann werde ich das benutzen?
Integrated Environment for Functional Testing and Security
Integrated Environment for Functional Testing and Security
Using Oracle GoldenGate 12c for Oracle Database
Using Oracle GoldenGate 12c for Oracle Database
(Microsoft PowerPoint - JavaFX \226 Die neue UI Technologie im JDK
(Microsoft PowerPoint - JavaFX \226 Die neue UI Technologie im JDK
TheSaffaGeek vRA Firewall ports
TheSaffaGeek vRA Firewall ports
Microsoft Azure - elearning.fh
Microsoft Azure - elearning.fh
Migrating an OWB Workspace
Migrating an OWB Workspace
Using the XML Parser for Java
Using the XML Parser for Java
Herunterladen
Werbung