Ch 20: Oracle Secure Backup

Download Report

Transcript Ch 20: Oracle Secure Backup 

CHAPTER 20
Oracle Secure Backup
Introduction to Oracle Secure Backup
• Backing up to tape is often a business requirement.
• To this end, Oracle provides a centralized tape backup
solution, Oracle Secure Backup (OSB).
• This tool is a full-feature enterprise backup management
system that automates the tape backup and restore of
operating system files.
• OSB can also be configured as a media management
layer with RMAN.
OSB Editions
• Oracle Secure Backup Express
• Oracle Secure Backup
OSB Features
• Backup and restore of database files in a Real Application
•
•
•
•
•
•
•
•
Clusters (RAC) environments
Integrated with Oracle Enterprise Manager Grid Control (with
Oracle Database 10g Release 2 or higher)
Supports multiple tape drives
Encrypted tape backups
Fibre-attached device support
Fast backup compression (with Oracle Database 11g Release
1 or higher)
RMAN medium level compression (with Oracle Database 11g
Release 2 or higher)
Networked backup of distributed hosts and tape devices
Automated cartridge system library software (ACSLS) and
automated rotation of tapes between multiple locations
(vaulting)
OSB Administrative Domain and Servers
• An administrative domain is collection of servers (hosts)
that you manage as a single group for backup and restore
operations.
• Within an OSB administrative domain, each server can be
assigned one or more of the following roles:
• Administrative (admin) server
• Media server
• Client server (or client host)
OSB Interfaces
There are four tools you can use to run and manage OSB
backup and restore tasks:
• Enterprise Manager database control and grid control
• Oracle Secure Backup Web tool
• Oracle Secure Backup command line tool (obtool)
• Recover Manager command line tool (rman)
OSB Users and Classes
• An Oracle Secure Backup user is an account defined
•
•
•
•
within an OSB administrative domain.
These users are separate from operating system users.
OSB user information is stored in the OSB administrative
domain server.
You are required to enter a username and password when
accessing OSB through its interfaces such as obtool or
OSB Web tool.
An OSB class is a set of privileges and rights granted to a
user.
Each user can be assigned to only one OSB class. OSB
classes help maintain a consistent user experience
across all servers in an administrative domain.
OSB Daemons
• Schedule daemon runs only on the administrative server and
•
•
•
•
•
•
manages the scheduled backups.
Index daemon runs only on the administrative server and manages
the backup catalog for each client.
Apache web server daemon runs only on the administrative server
and services the OSB web tool.
Service Daemon runs on the administrative, media, and client
servers. On the administrative server, it runs jobs as requested by the
schedule daemon. When running on the media or client server, it
allows for remote administration of the host.
Network data management protocol (NDMP) daemon runs on the
administrative, media, and client servers; it provides data
communication between servers in the administrative domain.
Robot Daemon runs only on the media server and helps manage
communication to tape devices.
Proxy Daemon runs only on the client server and verifies user
access for SBT backup and restore operations.
Download and Installation
To perform the OSB installation, you must logon as root.
If the uncompress utility is not available, create a link.
Go to the staging directory, and unzip the zip file that you
downloaded from OTN.
4. If the OSB home directory does not exist, create the directory.
5. Go to the OSB home directory and run the setup script.
6. Since you are not modifying the obparameters file, accept the
default parameters by pressing the Enter key.
7. Press the Enter key to proceed with running the installob.
8. Press Enter to proceed with the OSB installation.
9. If OSB is already installed and you are performing an OSB
upgrade, enter yes to retain the previous configuration.
10. Press Enter to accept the default value a, which is to configure the
server as the administrative server, media server, and client.
11. Enter the password twice for the admin user.
12. Enter the email address for the admin user.
1.
2.
3.
Command-line Access to OSB
• obtool is the utility that provides command line access to
OSB
$ obtool
$ obtool -u apress_oracle
ob> id
ob> help topics
Configuring Users and Classes
• When OSB is installed, the default user account created
is named admin, which has all of the privileges relating to
OSB. For security reasons, create separate OSB user
accounts to access the different environments, such as
production, test, and development.
• Also, assign specific classes (or roles) to these users,
such as admin, operator, oracle, user, and reader. Monitor
them to limit their rights to modify OSB administrative
domain configurations and perform backup and restore
operations.
• Limiting rights ensures that a particular OSB user can
back up the test database, but has no rights to, say,
restore the production database.
Configuring Media Families
• The media family classifies and defines the characteristics
of the tape volume, such as the volume ID, volume
expiration, and write window.
• The volume ID, which is used by OSB to uniquely identify
the tape volume, consists of the name of the media family
affixed with a six-digit sequence number generated by
OSB.
• For example, if the name of the media family is
APRESS_BACKUP, then the first volume ID is
APRESS_BACKUP-000001, the second is
APRESS_BACKUP-000002, and so on.
Configuring Database Backup Storage
Selector
• The default media family for RMAN backup is RMAN-
DEFAULT.
• To use a different media family when running RMAN
backup, create a database backup storage selector using
the mkssel command.
Database Backup
• There are two ways to configure RMAN for a backup to
tape:
• Allocating a channel
• Configuring a channel
RMAN> configure channel device type sbt_tape
parms
'ENV=(OB_MEDIA_FAMILY=APRESS_RMAN)';
RMAN> backup device type sbt_tape database;
Database Restore
• For RMAN restore and recover, you have to allocate an
RMAN channel for SBT_TAPE. In the following example,
the RMAN channel for SBT_TAPE is allocated inside the
run{} block:
•
RMAN> run {
allocate channel t1 type sbt_tape;
restore database;
recover database;
}
Configuring Backup Windows
• The backup window defines the range of time the
scheduled backups are allowed to run.
• The default backup window is daily 00:00 to 24:00. If
there is no backup window defined, the scheduled
backups are not going to run at all.
• For production servers, you may want the backups to run
daily only between 1 a.m. and 5 a.m. when there is
minimal database traffic.
Configuring Backup Schedules and
Triggers
• The backup schedule defines what data to backup, where
to store the backup, and how the backup runs, while the
triggers define when a backup is scheduled to run.
• For what data to backup, set the specific datasets.
• For where to store the backup, set the specific tape
drives.
• If no specific tape drive is selected, then any available
tape drive will be used.
Listing Jobs
• To display the jobs that are still running, issue lsjob
command with the --active or -a option.
• For other job states, use --complete or -c option for
completed jobs, --pending or -p for pending jobs, -inputrequest or -i for jobs currently requesting input, and -all or -A to display all jobs regardless of the job state.
• For example, to list active jobs:
ob> lsjob --active
Summary
• Many business environments require that database
backups be stored on tape.
• OSB is an Oracle product that provides the functionality to
backup files to tape.
• OSB can be integrated with RMAN to enable backups of
database files directly to tape.