1 / 38

Oracle Storage Cloud Service (OSCS)

Oracle Storage Cloud Service (OSCS). HOL. Rehan Iftikhar, Rob Palumbo Sridhar Ranganathan, Anshuman Mishra OOW 2014. Program Agenda. OSCS Conceptual Overview OSCS Demo Best Practices OSCS Lab Exercises Oracle Database Backup Service (ODBS). 1. 2. 3. 4. 5. OSCS Conceptual Overview

kohlert
Download Presentation

Oracle Storage Cloud Service (OSCS)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Oracle Storage Cloud Service (OSCS) HOL Rehan Iftikhar, Rob Palumbo Sridhar Ranganathan, Anshuman Mishra OOW 2014 Oracle Confidential – Internal/Restricted/Highly Restricted

  2. Oracle Confidential – Internal/Restricted/Highly Restricted

  3. Program Agenda OSCS Conceptual Overview OSCS Demo Best Practices OSCS Lab Exercises Oracle Database Backup Service (ODBS) 1 2 3 4 5

  4. OSCS Conceptual Overview OSCS Demo Best Practices OSCS Lab Exercises Oracle Database Backup Service (ODBS) 1 2 3 4 5 Oracle Confidential – Internal/Restricted/Highly Restricted

  5. Goals of Storage Cloud • Make existing use-cases for enterprise file storage more cost-effective, efficient, and reliable • Backup • Archive • Enable new use-cases for enterprise file storage • Global Collaboration • Global Availability • Global Distribution • Intelligent Tiering

  6. Storage in a Nutshell • Fundamental need for all workloads • Inherently complex to manage over time and at large scale • Disk failure • Power consumption • Floor space in data center • Network saturation • Upgrades & migration • Ultimately: An enterprise storage strategy is about mitigating risk

  7. Modern storage problems Unstructured data is growing exponentially • Scalability • Cost & Accounting • Vendor Lock-in

  8. Traditional enterprise storage Direct Attached Storage • Great for local workloads and latency sensitive environments • Challenges at scale • Disk sprawl • Isolated capacity • Devices scale independently Image source: http://www.apexmicrosystems.com/?page_id=518

  9. Traditional enterprise storage Local network based storage Network Attached Storage (NAS) Storage Area Network (SAN) Image source: http://www.apexmicrosystems.com/?page_id=518

  10. Traditional enterprise storage Local network based storage • Great at decoupling file and block storage from compute nodes • Challenges at scale • Complex to manage • Expensive & specialized hardware • Upfront large capital investment • Vendor Lock-in • Not easy to scale out

  11. Public Cloud Storage • All storage over the Internet • No onsite hardware to manage • Designed for unlimited scalability Image Source: http://docs.openstack.org/havana/install-guide/install/apt/content/example-object-storage-installation-architecture.html

  12. OSCS Conceptual Overview OSCS Demo Best Practices OSCS Lab Exercises Oracle Database Backup Service (ODBS) 1 2 3 4 5 Oracle Confidential – Internal/Restricted/Highly Restricted

  13. End-user Architecture Oracle Confidential – Internal/Restricted/Highly Restricted

  14. REST API Oracle Confidential – Internal/Restricted/Highly Restricted

  15. REST API Oracle Confidential – Internal/Restricted/Highly Restricted

  16. REST API Oracle Confidential – Internal/Restricted/Highly Restricted

  17. Java Library Oracle Confidential – Internal/Restricted/Highly Restricted

  18. OSCS Conceptual Overview OSCS Demo Best Practices OSCS Lab Exercises Oracle Database Backup Service (ODBS) 1 2 3 4 5 Oracle Confidential – Internal/Restricted/Highly Restricted

  19. Triple replication Self healing architecture MD5 checksum support HTTP status codes Data Integrity HTTP Request 896b7f2a00a 896b7f2a00a HTTP Response

  20. Data Integrity Best Practices • Include an MD5 checksum of your object’s data in ETag header • This will help detect any data corruption during transmission • Compare calculated checksum with the value returned by OSCS • This will verify that the Object was uploaded correctly • Check your HTTP Status Code • This is to determine if data was stored successfully • Use network aware backup solution • To automatically restart operations interrupted due to network failures MD5 Checksum Status Code: 201 Oracle Confidential – Internal/Restricted/Highly Restricted

  21. Data Consistency Try our Strong Consistency Flag • Default behavior is eventually consistent • Upon creating Objects are replicated to 3 machines within the data center • Since replication is not instant (synchronous) for a small window of time, Object may be in different state, across multiple machines • Similarly, upon update – in some cases, changes may not be immediately readable by all clients • Over time, all changes to all objects will eventually be replicated to all machines PUT Object Proxy Machine 1 Machine 2 Machine 3 Oracle Confidential – Internal/Restricted/Highly Restricted

  22. Data Consistency Best Practices • Strong Consistency (Traditional Filesystem) • Used by On Line Transaction Processing (OLTP) systems • Limits scalability and reduces availability on hardware faults • Eventual Consistency (Object Storage System) • Suitable for backup/log files and unstructured data • Ideal when scalability is critical for highly distributed infrastructures • Each approach has its own use cases and trade offs • Please identify which architecture is most appropriate for your data • OSCS offers best of both worlds • Our object storage service offers strong consistency via an optional flag Scalability Eventual Consistency Strong Consistency Oracle Confidential – Internal/Restricted/Highly Restricted

  23. Network Best Practices • Building in re-try logic • It is possible for operations to fail because of network outage • Applications should re-try failed operations when network gets restored • Storage Service in not a CDN • Customers can use their own 3rd party Content Deliver Networks • Performance over Wide Area Networks • Assess how quickly you want data to restore from the backup • quick or near-instant recovery, consider a local storage solution • If network connectivity is limited or unreliable, backing up to, and restoring from, the cloud may not be an efficient approach Oracle Confidential – Internal/Restricted/Highly Restricted

  24. Atomicity • Atomicity is by definition - All or Nothing • If one part of the transaction fails, the entire transaction fails • Atomic operations keep things simple • However, the longer transaction takes – more likely that transaction may fail • What if you were allowed to • Divide your transaction into segments • Make each transaction segment individually addressable • Retry a failed segment instead of retrying the entire transaction • Retrieve consolidated result back from the system All Nothing Oracle Confidential – Internal/Restricted/Highly Restricted

  25. Dynamic Large Object • File is segmented in < 5GB segments • All segments share a common prefix • Lexicographically sort in correct order • All segments are stored in same container • Manifest = Container name + Common prefix Container Name + Common Prefix prefix_segment_e prefix_segment_d prefix_segment_a 1 4 prefix_segment_c OSCS sequentially concatenate all segment objects together to produce an object equivalent of the original file that was greater than 5GB 3 2 A request is made to get the manifest object prefix_segment_b prefix_segment_b prefix_segment_a prefix_segment_c Container Name + Common Prefix 25 GB prefix_segment_d prefix_segment_e Client gets the original file that was segmented into chunks Oracle Confidential – Internal/Restricted/Highly Restricted

  26. DLO Best Practices • Use a common prefix in the object names • So that they sort in a order in which they should be concatenated • You must upload all segments to the same container • This will verify that the Object was uploaded correctly • If possible, keep manifest in a separate container • This is useful in keep container listings clean • Its best to upload all the segments before uploading manifest • With this method, the full object is not available for downloading until the upload is complete prefix_segment_a prefix_segment_b prefix_segment_c Container Name + Common Prefix prefix_segment_d prefix_segment_e Oracle Confidential – Internal/Restricted/Highly Restricted

  27. Data Security

  28. Encryption solves the problem • Encrypted data is non-readable to unauthorized parties • Enables secure shipment of data to your Oracle Storage Cloud • Supports time-based expiration of encrypted data • Provides protection from information loss by keeping data encrypted both at rest and during the transit Authentication Role Based Access Access Control Lists HTTPS

  29. It’s All About the Keys • Encryption keys determine the functional output of a given encryption algorithm • Keys convert the data into cyphertext and are used to convert the data back to a readable form (cleartext) • Keys must be ‘strong’ • Randomly and securely generated • Securely managed • The longer the key length, the more secure the encryption method • Lose the keys and you lose the data!

  30. Key Management Best Practices • Keys must be always available • Key Replication, Backup/recovery • Keys must be secure • Proper access control • Key management system must scale economically • Easy-to-use administration interface • Key management system must be easy to manage & use • Easy-to-use administration interface • Key management system must be openly architected • Wide range of environments and client-end points, Standard protocols • Key management system must offer auditing/reportingtools • Key lifecycle, policy compliance, alerts

  31. OSCS Conceptual Overview OSCS Demo Best Practices Oracle Database Backup Service (ODBS) Lab Exercises 1 2 3 4 4 5 Oracle Confidential – Internal/Restricted/Highly Restricted

  32. Oracle Database Backup-as-a-Service Offsite Backups with Simple and Low Cost Cloud Backup DBaaS (Oracle Public Cloud) • Backup on-premise or Cloud Databases to Oracle Database Backup Service hosted in Oracle Public Cloud • Cost effective, scalable cloud storage for database backups • End-to-end enterprise-grade data encryption, compression and protection • Clients: Data is always encrypted with keys kept locally at client, optionally compressed, and securely transmitted • Cloud: Encrypted data is protected with 3-way mirroring on every write Data Center Oracle Public Cloud

  33. Oracle Database Cloud Backup Module • Download and install the RMAN SBT module from OTN • Backups streamed to Oracle Cloud using SBT (Tape) library • Seamless integration with the Recovery Manager (RMAN) • Use regular RMAN commands with no new commands to learn • RMAN encryption for backups enforced - keys kept locally to client • Securely transmitted to the cloud over HTTPS Oracle Database Backup Service Database, FRA Oracle Database Cloud Backup Module RMAN WAN (HTTPS) Encryption & Optional Compression

  34. Support Matrix Client Databases

  35. OSCS Conceptual Overview OSCS Demo Best Practices Oracle Database Backup Service (ODBS) Lab Exercises 1 2 3 4 5 Oracle Confidential – Internal/Restricted/Highly Restricted

  36. Lab Exercises • Download Lab Guide @ http://bit.ly/oow14hol • Extract to /home/oracle Data Integrity File Segmentation Client-side Encryption RMAN backup & recovery Oracle Confidential – Internal/Restricted/Highly Restricted

  37. Questions/Comments • Oracle Storage Cloud Service • rehan.iftikhar@oracle.com • anshuman.mishra@oracle.com • Oracle Database Backup Service • sridhar.ranganathan@oracle.com Oracle Confidential – Internal/Restricted/Highly Restricted

More Related