Upload
justis
View
52
Download
0
Tags:
Embed Size (px)
DESCRIPTION
Oracle Storage Cloud Service (OSCS). HOL. Rehan Iftikhar, Rob Palumbo Sridhar Ranganathan, Anshuman Mishra OOW 2014. Program Agenda. OSCS Conceptual Overview OSCS Demo Best Practices OSCS Lab Exercises Oracle Database Backup Service (ODBS). 1. 2. 3. 4. 5. OSCS Conceptual Overview - PowerPoint PPT Presentation
Citation preview
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Oracle Storage Cloud Service (OSCS)HOL
Rehan Iftikhar, Rob PalumboSridhar Ranganathan, Anshuman MishraOOW 2014
Oracle Confidential – Internal/Restricted/Highly Restricted
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Safe Harbor StatementThe following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.
Oracle Confidential – Internal/Restricted/Highly Restricted 3
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Program Agenda
OSCS Conceptual Overview
OSCS Demo
Best Practices
OSCS Lab Exercises
Oracle Database Backup Service (ODBS)
1
2
3
4
5
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
OSCS Conceptual Overview
OSCS Demo
Best Practices
OSCS Lab Exercises
Oracle Database Backup Service (ODBS)
1
2
3
4
5
Oracle Confidential – Internal/Restricted/Highly Restricted 5
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Goals of Storage Cloud
1. Make existing use-cases for enterprise file storage more cost-effective, efficient, and reliable– Backup– Archive
2. Enable new use-cases for enterprise file storage– Global Collaboration– Global Availability– Global Distribution– Intelligent Tiering
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Storage in a Nutshell
• Fundamental need for all workloads• Inherently complex to manage over time and at large scale
– Disk failure– Power consumption– Floor space in data center– Network saturation– Upgrades & migration
• Ultimately: An enterprise storage strategy is about mitigating risk
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Modern storage problemsUnstructured data is growing exponentially
• Scalability• Cost & Accounting• Vendor Lock-in
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Traditional enterprise storageDirect Attached Storage
• Great for local workloads and latency sensitive environments
• Challenges at scale• Disk sprawl• Isolated capacity• Devices scale
independently
Image source: http://www.apexmicrosystems.com/?page_id=518
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Traditional enterprise storageLocal network based storage
Network Attached Storage (NAS) Storage Area Network (SAN)
Image source: http://www.apexmicrosystems.com/?page_id=518
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Traditional enterprise storage
• Great at decoupling file and block storage from compute nodes• Challenges at scale
– Complex to manage– Expensive & specialized hardware– Upfront large capital investment– Vendor Lock-in– Not easy to scale out
Local network based storage
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Public Cloud Storage
• All storage over the Internet
• No onsite hardware to manage
• Designed for unlimited scalability
Image Source: http://docs.openstack.org/havana/install-guide/install/apt/content/example-object-storage-installation-architecture.html
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
OSCS Conceptual Overview
OSCS Demo
Best Practices
OSCS Lab Exercises
Oracle Database Backup Service (ODBS)
1
2
3
4
5
Oracle Confidential – Internal/Restricted/Highly Restricted 13
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
End-user Architecture
Oracle Confidential – Internal/Restricted/Highly Restricted 14
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
REST API
Oracle Confidential – Internal/Restricted/Highly Restricted 15
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
REST API
Oracle Confidential – Internal/Restricted/Highly Restricted 16
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
REST API
Oracle Confidential – Internal/Restricted/Highly Restricted 17
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Java Library
Oracle Confidential – Internal/Restricted/Highly Restricted 18
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
OSCS Conceptual Overview
OSCS Demo
Best Practices
OSCS Lab Exercises
Oracle Database Backup Service (ODBS)
1
2
3
4
5
Oracle Confidential – Internal/Restricted/Highly Restricted 19
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Data Integrity
20
896b7f2a00a
896b7f2a00a
HTTP Request
HTTP Response
• Triple replication
• Self healing architecture
• MD5 checksum support
• HTTP status codes
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Data Integrity Best Practices
Oracle Confidential – Internal/Restricted/Highly Restricted 21
• Include an MD5 checksum of your object’s data in ETag header
• This will help detect any data corruption during transmission
• Compare calculated checksum with the value returned by OSCS
• This will verify that the Object was uploaded correctly
• Check your HTTP Status Code
• This is to determine if data was stored successfully
• Use network aware backup solution
• To automatically restart operations interrupted due to network failures
MD5 Checksum
Status Code: 201
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Data Consistency
Oracle Confidential – Internal/Restricted/Highly Restricted 22
Machine 2
Machine 3
Machine 1Proxy
PUT Object
• Default behavior is eventually consistent
• Upon creating Objects are replicated to 3 machines within the data center
• Since replication is not instant (synchronous) for a small window of time, Object may be in different state, across multiple machines
• Similarly, upon update – in some cases, changes may not be immediately readable by all clients
• Over time, all changes to all objects will eventually be replicated to all machines
Try our Strong
Consistency Flag
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Data Consistency Best Practices
Oracle Confidential – Internal/Restricted/Highly Restricted 23
Scalability
Eventual Consistency
Strong Consistency
• Strong Consistency (Traditional Filesystem)
• Used by On Line Transaction Processing (OLTP) systems
• Limits scalability and reduces availability on hardware faults
• Eventual Consistency (Object Storage System)
• Suitable for backup/log files and unstructured data
• Ideal when scalability is critical for highly distributed infrastructures
• Each approach has its own use cases and trade offs
• Please identify which architecture is most appropriate for your data
• OSCS offers best of both worlds
• Our object storage service offers strong consistency via an optional flag
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Network Best Practices
Oracle Confidential – Internal/Restricted/Highly Restricted 24
• Building in re-try logic
• It is possible for operations to fail because of network outage
• Applications should re-try failed operations when network gets restored
• Storage Service in not a CDN
• Customers can use their own 3rd party Content Deliver Networks
• Performance over Wide Area Networks
• Assess how quickly you want data to restore from the backup
• quick or near-instant recovery, consider a local storage solution
• If network connectivity is limited or unreliable, backing up to, and restoring from, the cloud may not be an efficient approach
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Atomicity
Oracle Confidential – Internal/Restricted/Highly Restricted 25
All Nothing
• Atomicity is by definition - All or Nothing
• If one part of the transaction fails, the entire transaction fails
• Atomic operations keep things simple
• However, the longer transaction takes – more likely that transaction may fail
• What if you were allowed to
• Divide your transaction into segments
• Make each transaction segment individually addressable
• Retry a failed segment instead of retrying the entire transaction
• Retrieve consolidated result back from the system
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Dynamic Large Object
Oracle Confidential – Internal/Restricted/Highly Restricted26
1
prefix_segment_d
prefix_segment_c
prefix_segment_b
prefix_segment_a
25 GB
prefix_segment_e
Container Name + Common Prefix
4
File is segmented in < 5GB segments• All segments share a common prefix • Lexicographically sort in correct order• All segments are stored in same container• Manifest = Container name + Common prefix
A request is made to get the manifest object
prefix_segment_c
prefix_segment_d
prefix_segment_e
prefix_segment_b
Container Nam
e + Comm
on Prefix
OSCS sequentially concatenate all
segment objects together to
produce an object equivalent of the original file that was greater than
5GB
Client gets the original file that was segmented into chunks
prefix_segment_a
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
DLO Best Practices
Oracle Confidential – Internal/Restricted/Highly Restricted 27
• Use a common prefix in the object names
• So that they sort in a order in which they should be concatenated
• You must upload all segments to the same container
• This will verify that the Object was uploaded correctly
• If possible, keep manifest in a separate container
• This is useful in keep container listings clean
• Its best to upload all the segments before uploading manifest
• With this method, the full object is not available for downloading until the upload is complete
prefix_segment_c
prefix_segment_d
prefix_segment_e
prefix_segment_b
Container Nam
e + Comm
on Prefixprefix_segment_a
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Data Security
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Encryption solves the problem• Encrypted data is non-readable to unauthorized parties
• Enables secure shipment of data to your Oracle Storage Cloud
• Supports time-based expiration of encrypted data
• Provides protection from information loss by keeping data encrypted both at rest and during the transit
Authentication
Role Based Access
Access Control Lists
HTTPS
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
It’s All About the Keys
• Encryption keys determine the functional output of a given encryption algorithm
• Keys convert the data into cyphertext and are used to convert the data back to a readable form (cleartext)
• Keys must be ‘strong’• Randomly and securely generated• Securely managed• The longer the key length, the more secure the encryption method
• Lose the keys and you lose the data!
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Key Management Best Practices Keys must be always available
• Key Replication, Backup/recovery Keys must be secure
• Proper access control Key management system must scale economically
• Easy-to-use administration interface Key management system must be easy to manage & use
• Easy-to-use administration interface Key management system must be openly architected
• Wide range of environments and client-end points, Standard protocols Key management system must offer auditing/reporting tools
• Key lifecycle, policy compliance, alerts
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
OSCS Conceptual Overview
OSCS Demo
Best Practices
Oracle Database Backup Service (ODBS)
Lab Exercises
1
2
3
4
Oracle Confidential – Internal/Restricted/Highly Restricted 32
4
5
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Oracle Database Backup-as-a-ServiceOffsite Backups with Simple and Low Cost Cloud Backup
Data Center
Backup on-premise or Cloud Databases to Oracle Database Backup Service hosted in Oracle Public Cloud
Cost effective, scalable cloud storage for database backups
End-to-end enterprise-grade data encryption, compression and protection
• Clients: Data is always encrypted with keys kept locally at client, optionally compressed, and securely transmitted
• Cloud: Encrypted data is protected with 3-way mirroring on every write
Backup on-premise or Cloud Databases to Oracle Database Backup Service hosted in Oracle Public Cloud
Cost effective, scalable cloud storage for database backups
End-to-end enterprise-grade data encryption, compression and protection
• Clients: Data is always encrypted with keys kept locally at client, optionally compressed, and securely transmitted
• Cloud: Encrypted data is protected with 3-way mirroring on every write
DBaaS (Oracle Public Cloud)
Oracle Public Cloud
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
• Download and install the RMAN SBT module from OTN
• Backups streamed to Oracle Cloud using SBT (Tape) library
• Seamless integration with the Recovery Manager (RMAN)
• Use regular RMAN commands with no new commands to learn
• RMAN encryption for backups enforced - keys kept locally to client
• Securely transmitted to the cloud over HTTPS
Oracle Database Cloud Backup Module
Oracle Database Cloud Backup
Module
Database, FRA
RMAN
WAN (HTTPS)
Oracle Database Backup Service
Encryption & Optional Compression
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Support MatrixClient Databases
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
OSCS Conceptual Overview
OSCS Demo
Best Practices
Oracle Database Backup Service (ODBS)
Lab Exercises
1
2
3
Oracle Confidential – Internal/Restricted/Highly Restricted 36
5
4
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
Lab Exercises
Data Integrity
File Segmentation
Client-side Encryption
RMAN backup & recovery
Oracle Confidential – Internal/Restricted/Highly Restricted 37
• Download Lab Guide @ http://bit.ly/oow14hol• Extract to /home/oracle
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |
• Oracle Storage Cloud Service– [email protected]– [email protected]
• Oracle Database Backup Service– [email protected]
Questions/Comments
Oracle Confidential – Internal/Restricted/Highly Restricted 38