Anda di halaman 1dari 43

Application Upgrade Secrets: Avoid

Surprises While Making Database Changes


Jagan Athreya
Director, Product Management
The following is intended to outline our general
product direction. It is intended for information
purposes only, and may not be incorporated into any
contract. It is not a commitment to deliver any
material, code, or functionality, and should not be
relied upon in making purchasing decisions.
The development, release, and timing of any
features or functionality described for Oracle’s
products remains at the sole discretion of Oracle.
Agenda

• The Application Upgrade Lifecycle <Insert Picture Here>

• Tasks for Application DBAs


• Install and Test Database Software Upgrade
• Upgrade and Test Application and Dependent Programs
• Mask Sensitive Data in Non-Production Before Sharing
• Promote Software to Production
• Promote DB Changes from Test to Production
• Summary
Application Lifecycle – Upgrades

Upgrade STAGING

PRODUCTION
DEV

TEST

Share
Clone +
Mask
Upgrade Process
Scenario: Upgrade an application

Steps to upgrade an application


1. Install new database software
2. Apply database patches to bring it to certification
3. Copy from production to test
4. Install application software
5. Run test scripts
6. Identify changes to customizations
7. Upgrade custom database objects in schema
8. Upgrade dependent software – custom and standard
9. Re-run test script
10. Repeat until all standard and custom programs work
11. Perform volume / scalability tests
12. Identify performance regression
13. Tune application – rewrite SQL, create access structures…
14. Re-run performance tests
15. Repeat until all programs show acceptance performance
16. Update or create additional custom upgrade scripts
17. Repeat steps 1, 2, 4, 7 8, 13, 16 on Production
18. Cross your fingers and hope it all works when it goes live
The magnitude of the upgrade problem

Production
Staging

Test

Development Training
Cost of Application Upgrades

• AMR Research study on


application upgrades
• $1,839 per business user
• 1 man-week of labor per
business user

• Company with 5000 business


users will spend
• $9.2 million
• 20.7 man-years
to perform an upgrade

• Upgrade represents nearly ¼


of application lifecycle costs
Oracle’s Complete Enterprise Software Stack
Built-in & Integrated Manageability

• Leader in the complete


enterprise application
stack
• Built-in manageability
in every tier
• Integrated
manageability across
the entire stack
Oracle Enterprise Manager
Increases Business Efficiency

• Manage applications top-


down, from the business
perspective by understanding
user experiences and business
impact of IT issues

• Manage entire application


lifecycle to increase
business agility with
comprehensive application quality
management and compliance
solutions

• Reduce operational costs


through intelligent diagnostics and
automated IT processes
Agenda

• The Application Upgrade Lifecycle <Insert Picture Here>

• Tasks for Application DBAs


• Install and Test Database Software Upgrade
• Upgrade and Test Application and Dependent Programs
• Mask Sensitive Data in Non-Production Before Sharing
• Promote Software to Production
• Promote DB Changes from Test to Production
• Summary
Taxonomy of Database Changes

• Infrastructure change
• Hardware
• Operating system
• Storage system
• Database software change
• Software upgrade
• Software patch
• Database configuration changes
• Initialization parameters
• Optimizer version
• Application performance changes
• Access structure changes (INDEX, PARTITIONS)
Lifecycle of Change Management TEST

Test

Make Change Diagnose & Resolve


Problems

Set Up Test
Environments Promote Change

Identify Changes
Diagnose & Manage
Problems

PRODUCTION
Secret # 1: Testing Database Changes
using Real Application Testing
• Reduces risk of new
technology adoption through Deploy
higher testing quality
Test
Change
• Reduces time for effective
testing from weeks to days
Remediate

Business Agility through Superior Testing


Real Application Testing using
Database Replay

• Replay production database workload in test environment


• Identify, analyze and fix potential instabilities
• Apply changes to production

• Capture Workload in Production


• Capture full production workload with real load, timing & concurrency
characteristics
• Move the captured workload to test system
• Replay Workload in Test
• Make the desired changes in test system
• Replay workload with full production characteristics
• Analyze & Report
• Capture and Replay Reports
• AWR, ASH
Analysis & Reporting
Database Replay Workflow
Production (9.2.0.8) Test (11.1)
Clients
… Replay Clients

Mid-Tier
* No client/middle
tier setup

Storage
Storage

Analysis &
Capture Process Replay
Reporting
Real Application Testing with
SQL Performance Analyzer (SPA)
• Test impact of change on SQL query performance
• Capture SQL workload in production including statistics & bind variables
• Re-execute SQL queries in test environment
• Tune regressed SQL and seed SQL plans for production

Client Client Client


… Production Test

Middle Tier Re-execute SQL Queries

Capture SQL
… … Use SQL Tuning
Oracle DB Advisor to tune
regression

Storage
Complete Change Test automation in
EM Grid Control 10.2.0.5

1. Capture workload in Production 4. Transfer Replay files to Test DB


2. Create Test DB from Production 5. Apply changes to Test DB
DB Backup 6. Replay Workload on Test
3. Roll forward Test DB to pre-replay 7. Analyze and Remediate
Production using Archive Logs
Agenda

• The Application Upgrade Lifecycle <Insert Picture Here>

• Tasks for Application DBAs


• Install and Test Database Software Upgrade
• Upgrade and Test Application and Dependent Programs
• Mask Sensitive Data in Non-Production Before Sharing
• Promote Software to Production
• Promote DB Changes from Test to Production
• Summary
Mapping Application Dependencies

HR OE IX
DEPT
EMP ORDERS SALES PRODUCT PRICE

Sales Force Online


Automation Catalog

Data
Warehouse
Vendor releases application upgrades

Upgrade
What is impacted
Patch
• Data loader programs
Version 11.5.10 Version 12
• Application customizations
What has changed
• TABLES • Integration with other
• INDEXES applications
• PACKAGES
• PROCEDURES
• MATERIALED VIEWS
• TABLESPACES
• init.ora
Accelerate Planning – Dependency mapping

Customization: Dependent Objects


Invoice Check Printing Module
• PO_VENDORS table
• AP_CHECKS_PKG package
What is an Application Baseline?

• Capture information on
all schema objects for an HR OE IX
application EMP
DEPT
ORDERS SALES PRODUCT PRICE
• Tables, Views, Indexes
• Procedures, Packages,
Triggers
• Users, init.ora
• Capture scope
• Database
• Schema
• Objects Base
• Version each baseline Base line
Base line 3
line 1 2
Secret #2: Map dependencies and
track changes affecting dependencies
Customization: Steps
Invoice Check Printing Module 1. Create Baseline based on
Dependencies: dependencies
• PO_VENDORS table 2. Upgrade application
(EBusiness Suite 11.5.09 to
• AP_CHECKS_PKG package &
11.5.10)
package body
3. Compare upgraded
application schema with
baseline
4. Identify changes
• Upgrade customization
modules if affected.
• Do NOTHING if unaffected
Comparison workflow

Baseline Baseline
• Compare Modes
• Baselines to Baselines
• Baselines to Database
• Database to Database
• Compare Scope
Baseline Prod
• Schemas
• Object types (Tables, Index
etc)
• Non Schema Objects (Users,
Grants, Profiles etc)
• Storage Parameters (Table Prod
spaces, extent size etc) Prod
Comparison of dependencies –
before and after the application upgrade
Agenda

• The Application Upgrade Lifecycle <Insert Picture Here>

• Tasks for Application DBAs


• Install and Test Database Software Upgrade
• Upgrade and Test Application and Dependent Programs
• Mask Sensitive Data in Non-Production Before Sharing
• Promote Software to Production
• Promote DB Changes from Test to Production
• Summary
Sensitive Data is Highly Regulated
Non-Production Use Risks Compliance and Penalties

• Regulations restrict use of sensitive data and mandate


access control (who, where, how, and why)
• Payment Card Industry Data Security Standard (PCI DSS) 6.3.4
• Graham-Leach-Bliley Act (GLBA) and Sarbanes-Oxley Act (SOX)
• Health Insurance Portability and Accountability Act (HIPAA)
• Communications Act (Title 47,222)
• 90% fail compliance, facing fines and remediation costs
• Non-production environments more vulnerable to breaches
• Non-production breaches must be disclosed
• Database Security Breach Notification Act (California SB 1386)
• $239/record
• Up to $35M/breach
• And that’s if the data doesn’t end up on the Internet…
Secret #3: Mask sensitive data before Testing
using the Data Masking Pack

Production Development and Testing


Database Database
LAST_NAME SSN SALARY LAST_NAME SSN SALARY

AGUILAR 203-33-3234 40,000 ANSKEKSL 111—23-1111 40,000

BENSON 323-22-2943 60,000 BKJHHEIEDK 111-34-1345 60,000

Features
• Automatic database referential integrity if masking primary keys
• Implicit – database enforced
• Explicit – application enforced
• Data mask format library
• Preview sample data before masking
• Application masking templates
• Define once - execute many
Data Masking Pack
De-Identifying Sensitive Data

Production Development and Testing


Database Database
LAST_NAME SSN SALARY LAST_NAME SSN SALARY

AGUILAR 203-33-3234 40,000 ANSKEKSL 111—23-1111 40,000

BENSON 323-22-2943 60,000 BKJHHEIEDK 111-34-1345 60,000

Benefits
 Eliminate risk of moving sensitive data to dev & test environments
 Share data with partners without exposing sensitive data
 No impact on production database
 Leverage Masking templates for common data types
 Mask related columns in the same way
Agenda

<Insert Picture Here>


• The Application Upgrade Lifecycle
• Tasks for Application DBAs
• Install and Test Database Software Upgrade
• Upgrade and Test Application and Dependent Programs
• Mask Sensitive Data in Non-Production Before Sharing
• Promote Software to Production
• Promote DB Changes from Test to Production
• Summary
EM-based Provisioning: Software
Lifecycle Automation
EM-based Database Provisioning
Proven, Error-free software deployment

• Functionality/Capability
• Gold image based cloning of software bits
• Image can be pre-patched to any level
• Image is sourced from the host itself or from the Software Library
• Optionally performs post cloning configuration eg: database
creation
• Several homes can be cloned in parallel
• Database cloning is also supported
• Database cloning uses fast,proven RMAN technology
• Benefits
• Reduce possibility of errors and improve reliability
• Faster provisioning through automation
Agenda

<Insert Picture Here>


• The Application Upgrade Lifecycle
• Tasks for Application DBAs
• Install and Test Database Software Upgrade
• Upgrade and Test Application and Dependent Programs
• Mask Sensitive Data in Non-Production Before Sharing
• Promote Software to Production
• Promote DB Changes from Test to Production
• Summary
Secure schema change propagation
Init.ora User Tablespace
• Capture changes in
Constraint Grant Synonym
development
Table Index Partition
• Promote changes from Testing
to Staging to Production Trigger Package Function
• Reduce the risk of Reporting
unauthorized changes
• Audit changes across
environments to ensure Production
compliance

Dev Staging Training


Synchronization

• Synchronization modes Baseline


• Unattended Synchronize Prod
Dev
• Interactive Synchronize Prod
• Synchronize source can be
baseline or database CM Compare
Processor
• Synchronize target is always a
database
• Interactive Mode Compare Results
• Specify scope (schemas, object
types to sync) Script generator
• View Comparison results
• Exclude objects from sync
Script
• Generate a script and impact report
• Execute Synchronization script
Execute Script
Identify unwanted application changes
- Security

• Malicious SQL
• Index
• Unauthorized Access Control
changes • Tables
• PL/SQL objects
Secret # 4: Promote final changes to Production
DB

• Capture Baseline on Test DB


• Initiate interactive synchronization
with Production using above
Baseline
• Review change list
• Edit and finalize change list
• Generate change script
• Execute upgrade changes on
Production
Promote seed data from Test to Production
using Streams-based replication of Tables

• Identify TABLES containing


seed data
• Setup a one-time Streams-
based replication process
• Select and add tables for
Replication
• Add additional subset criteria
to remove “test” data added to
the seed tables.
• Perform replication
• Disable Replication
Agenda

<Insert Picture Here>


• The Application Upgrade Lifecycle
• Tasks for Application DBAs
• Install and Test Database Software Upgrade
• Upgrade and Test Application and Dependent Programs
• Mask Sensitive Data in Non-Production Before Sharing
• Promote Software to Production
• Promote DB Changes from Test to Production
• Summary
European Railroad company
 Manage distribution of application schema upgrades to
Challenge 176 remote servers
 Proactive detect unwanted changes causing problems

 Synchronize capabilities used to propagate application


Solution upgrades from master server
Approach  Comparison capabilities used to perform daily schema health
checks and detect variances

 Reduced errors by automating the application upgrades process


 Accelerated new application deployments by rolling out changes
to all servers simultaneously
Benefit
Upgrade Nirvana
Scenario: Upgrade an application the DBA 2.0 way
Traditional way to upgrade an application The DBA 2.0 way
1. Install new database software 1. Automate testing of DB
2. Apply database patches to bring it to certification changes
3. Copy from production to test 2. Map dependencies &
4. Install application software track changes
5. Run test scripts 3. Mask sensitive data
6. Identify changes to customizations
4. Provision Production
7. Upgrade custom database objects in schema
software
8. Upgrade dependent software – custom and standard
5. Promote DB changes
9. Re-run test script
from Test to Production
10. Repeat until all standard and custom programs work
11. Perform volume / scalability tests
12. Identify performance regression
13. Tune application – rewrite SQL, create access structures…
14. Re-run performance tests
15. Repeat until all programs show acceptance performance
16. Update or create additional custom upgrade scripts
17. Repeat steps 1, 2, 4, 7 8, 13, 16 on Production
18. Cross your fingers and hope it all works when it goes live

Anda mungkin juga menyukai