Database Reference
In-Depth Information
CONSIDeratIONS FOr aUtOMatION
the above processes involve quite a few manual steps. automating those could prove to be a difficult task. the
situation looks a little brighter if you have enterprise manager, which allows you to create a standby database
from an existing primary. the process is controlled via jobs in the enterprise manager repository.
to enable the creation of a standby database you need to use the graphical user interface, at the time of this
writing there did not seem to be an option for emcli to automatically create a standby database.
Creating a Data Guard Broker configuration
After the standby databases have physically been created, they need to be aware of their primary database. While the
following steps can all be performed on the SQL*Plus command line, this requires additional skill and knowledge.
The Data Guard Broker puts an abstraction layer between the SQL commands necessary to modify the initialization
parameters and the sequence of commands to be executed during role transitions. A switchover for example can be
simplified to:
DGMGRL> switchover to
standbydatabase;
There is an undeniable elegance in this approach. First- or second-line support should be able to execute the
above statement after appropriate signoff. Should there be a problem during the switchover the operator can escalate
to the level-two support to investigate.
If you intend to script the Broker configuration—maybe as part of the standard deploy mechanism—you could use
the secure external password store to store credentials. This way the sensitive passwords do not need to be in the script.
The following examples use the secure password store extensively. The wallets were created on each host in the Data
Guard configuration. All wallets are created in
/home/oracle/tns_admin
. To ensure that the wallet works as expected,
create a symbolic link for
tnsnames.ora
from
$ORACLE_HOME/network/admin
to
~/tns_admin
and export the environment
variable TNS_ADMIN to point to
~/tns_admin
. Wallets can cause a security problem which is why you should create the
wallet as explained in My Oracle Support note 1114500.1 using the
-auto_login_local
flag and
orapki
:
[oracle@server1 tns_admin]$ orapki wallet create -wallet . -auto_login_local
Oracle PKI Tool : Version 12.1.0.1
Copyright (c) 2004, 2012, Oracle and/or its affiliates. All rights reserved.
Enter password:
Enter password again:
Please note that the password must pass a simple validation. If the password does not satisfy these criteria
an error is raised. Passwords must “have a minimum length of eight characters and contain alphabetic characters
combined with numbers or special characters” as orapki will tell you.
[oracle@server1 tns_admin]$ mkstore -wrl . -createCredential
tnsName
sys
sysPWD
Oracle Secret Store Tool : Version 12.1.0.1
Copyright (c) 2004, 2012, Oracle and/or its affiliates. All rights reserved.
Enter wallet password:
Create credential oracle.security.client.connect_string1
Search WWH ::
Custom Search