Copyright 2014 Oracle and/or its affiliates. All rights reserved.



Similar documents
Introduction to Mobile Access Gateway Installation

Brocade Virtual Traffic Manager and Oracle Enterprise Manager 12c Release 2 Deployment Guide

vsphere Upgrade vsphere 6.0 EN

Web Application Firewall

Introduction to the Mobile Access Gateway

Laptop Backup - Administrator Guide (Windows)

DESLock+ Basic Setup Guide Version 1.20, rev: June 9th 2014

Centrify Cloud Connector Deployment Guide

NSi Mobile Installation Guide. Version 6.2

Adatbázis hibrid felhő - egyszerűbb, mint gondolná

Oracle Database Cloud Services OGh DBA & Middleware Day

Stealth OpenVPN and SSH Tunneling Over HTTPS

Data Collection and Analysis: Get End-to-End Security with Cisco Connected Analytics for Network Deployment

Oracle Enterprise Manager 12c

Installing and Configuring vcloud Connector

Oracle public Database and Java Cloud for Trials

Lifecycle Manager Installation and Configuration Guide

SSL VPN Server Guide Access Manager 3.1 SP5 January 2013

Introduction to the EIS Guide

An Oracle White Paper June, Provisioning & Patching Oracle Database using Enterprise Manager 12c.

A Guide to New Features in Propalms OneGate 4.0

An Oracle White Paper June Enterprise Manager Cloud Control 12c Disaster Recovery with Storage Replication

When your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work.

vsphere Upgrade Update 1 ESXi 6.0 vcenter Server 6.0 EN

Getting Started with Attunity CloudBeam for Azure SQL Data Warehouse BYOL

OPAS Prerequisites. Prepared By: This document contains the prerequisites and requirements for setting up OPAS.

Aerohive Networks Inc. Free Bonjour Gateway FAQ

Setup Guide: Server-side synchronization for CRM Online and Exchange Server

Implementing Microsoft Azure Infrastructure Solutions

Configuration Guide BES12. Version 12.1

Automated Deployment of Oracle RAC Using Enterprise Manager Provisioning Pack

SSL VPN Server Guide. Access Manager 3.2 SP2. June 2013

Course 20533: Implementing Microsoft Azure Infrastructure Solutions

An Oracle White Paper September Oracle WebLogic Server 12c on Microsoft Windows Azure

Configuration Guide. BlackBerry Enterprise Service 12. Version 12.0

Installation Guide Supplement

Configuration Guide BES12. Version 12.2


Owner of the content within this article is Written by Marc Grote

WhatsUp Gold v16.3 Installation and Configuration Guide

Application Note. Onsight Connect Network Requirements v6.3

Forward proxy server vs reverse proxy server

IOUG Virtualization SIG - Online Symposium Kai Yu Oracle Solutions Engineering, Dell Inc.

Implementing Microsoft Azure Infrastructure Solutions 20533B; 5 Days, Instructor-led

Installing and Configuring vcenter Multi-Hypervisor Manager

Course 20533B: Implementing Microsoft Azure Infrastructure Solutions

NEFSIS DEDICATED SERVER

Administration Guide for SAP HANA Smart Data Integration and SAP HANA Smart Data Quality

Installation Guide. Version 2.1. on Oracle Java Cloud Service

MaaS360 Mobile Enterprise Gateway

Guide to the LBaaS plugin ver for Fuel

IBM. Vulnerability scanning and best practices

An Oracle White Paper May, Deploying a Highly Available Enterprise Manager 12c Cloud Control

CDH installation & Application Test Report

Administering Jive for Outlook

MaaS360 Mobile Enterprise Gateway

Cisco Hybrid Cloud Solution: Deploy an E-Business Application with Cisco Intercloud Fabric for Business Reference Architecture

Installation and Configuration Guide for Windows and Linux

OnCommand Performance Manager 1.1

Secure Messaging Server Console... 2

SOA Software API Gateway Appliance 7.1.x Administration Guide

PZVM1 Administration Guide. V1.1 February 2014 Alain Ganuchaud. Page 1/27

Web based training for field technicians can be arranged by calling These Documents are required for a successful install:

CrashPlan Security SECURITY CONTEXT TECHNOLOGY

Deployment for Network Proxy in Simpana Environment

Installation and Configuration Guide for Windows and Linux

STERLING SECURE PROXY. Raj Kumar Integration Management, Inc.

Application Note. Onsight TeamLink And Firewall Detect v6.3

Administrator Guide. v 11

1Y0-250 Implementing Citrix NetScaler 10 for App and Desktop Solutions Practice Exam

Expert Oracle Enterprise

INTRODUCTION TO CLOUD MANAGEMENT

Application Discovery Manager User s Guide vcenter Application Discovery Manager 6.2.1

DEPLOYMENT GUIDE Version 1.0. Deploying the BIG-IP Edge Gateway for Layered Security and Acceleration Services

System Monitoring Plug-in for Microsoft SQL Server User s Guide Release for Windows

Configuration Guide. BES12 Cloud

How To Install An Org Vm Server On A Virtual Box On An Ubuntu (Orchestra) On A Windows Box On A Microsoft Zephyrus (Orroster) 2.5 (Orner)

Smart Business Architecture for Midsize Networks Network Management Deployment Guide

Clustered Data ONTAP 8.3

DESlock+ Basic Setup Guide ENTERPRISE SERVER ESSENTIAL/STANDARD/PRO

F-Secure Messaging Security Gateway. Deployment Guide

Cloud Computing: What IT Professionals Need to Know

Setup Database as a Service using EM12c

Contents. Getting Set Up Contents 2

Preparing for GO!Enterprise MDM On-Demand Service

VMware vsphere Data Protection

Introduction to the Secure Gateway (SEG)

How To Configure An Orgaa Cloud Control On A Bigip (Cloud Control) On An Orga Cloud Control (Oms) On A Microsoft Cloud Control 2.5 (Cloud) On Microsoft Powerbook (Cloudcontrol) On The

FortyCloud Installation Guide. Installing FortyCloud Gateways Using AMIs (AWS Billing)

Table of Contents. Using the plug- in Pure Storage Flash Array Home Page... 11

Design and Implement a Self- Service Enabled Private Cloud with Oracle Enterprise Manager 12c

Secure Web Appliance. Reverse Proxy

OMU350 Operations Manager 9.x on UNIX/Linux Advanced Administration

Oracle Cloud E

Configuring IPSec VPN Tunnel between NetScreen Remote Client and RN300

App Orchestration Setup Checklist

Backup Exec Private Cloud Services. Planning and Deployment Guide

RSA Authentication Manager 8.1 Virtual Appliance Getting Started

Introduction to Directory Services

vsphere Replication for Disaster Recovery to Cloud

Transcription:

Management Overview, Architecture and Deployment Akanksha Sheoran

Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle s products remains at the sole discretion of Oracle.

Agenda 1 2 3 4 5 6 Setting up Management Management Architecture Understanding Gateway Understanding Agent High Availability Architecture Documentation 3

Setting up Management Prerequisite Tenant Admin has signed up for Database and/or Java Cloud Service Tenant Admin has the public IP address to reach the VM hosting the service(s) Tenant Admin has the SSH keys for communicating to respective service(s) Corporate firewall has been set up to communicate with Oracle Cloud Enterprise Manager 12cRel5 has been installed Action Configure proxy within EM to match corporate settings Setup SSH Credentials as named credentials Deploy Gateway Agent Deploy Hybrid Agent on the VM Reconfigure the Hybrid Cloud Gateway, if needed Results On premise EM can now manage the Cloud instances 4

Enterprise Manager Deployment Architecture Explained 1. Convert any On-Premise EM target agent as Gateway 1. Forwards communication received from Hybrid agent through local proxy to on-premise OMS 2. Agent is deployed using SSH push mechanism from On-Premise EM 1. On-premise OMS initiates requests to Hybrid Agent using HTTP tunneling over SSH 2. Agent communicates back to the on-premise OMS via a local proxy that routes requests back to on-premise OMS through a SSH tunnel 3. The Agent-OMS communication path is created by the Gateway On-premise EM OMS 12.1.0.5 Private Cloud HTTPS Gateway Secure encrypted SSH connection HTTPS Port 1748 Gateway Proxy Oracle PaaS Agent

On Premise OMS to Agent Communication 1. OMS communicates via Gateway over SSH, using an EMCTL dispatcher on the Oracle Cloud In the hybrid case, instead of doing it directly over HTTP/S the framework is doing it over SSH using a dispatcher on the PaaS side 2. The EMCTL dispatcher forwards communication from the OMS to the Hybrid Agent, and streams the responses from the Agent back to the on-premise On-premise EM OMS 12.1.0.5 Private Cloud HTTPS Gateway Secure encrypted SSH connection Emctl Dispatcher TMClient over HTTPS HTTPS Oracle PaaS Agent 3. The emctl dispatcher process stays alive for the duration of the session 4. The SSH connection is always initiated by the Gateway

Agent to On-Premise OMS Communication 1. Agent can't make direct calls to the On-Premise OMS The bridge is created by Gateway using SSH tunneling to the Oracle Cloud side The SSH bridge presents fake OMS endpoints to the hybrid agent and it is only used to communication from the hybrid agent to the OMS At any given time, there is a single bridge to any given Agent Bridge is used to send requests form the Oracle Cloud to the OMS (not reverse ) HTTPS Private Cloud EM OMS OMS End Points Gateway SSH Secure encrypted SSH connection Local Fake OMS End Points Gateway Proxy HTTPS Oracle PaaS Agent 2. Gateway Proxy works by getting HTTPS requests from Hybrid Agent and streams the request to the Gateway over SSH

Gateway Agent Criteria for choosing Gateway direct SSH connect to OC or through corporate proxy Recommendation: Multiple Gateway s to achieve scalable and highly available monitoring Hard disk space requirement same as regular EM Agent Simple Registration and de-registration mechanisms Register any agent as a Step1: Run emcli command from On-Premises OMS home : emcli register_hybridgateway_agents -agent_list='<list of EM agents names separated by space> Deregister Gateway back to EM Agent: Step 1: Run the emcli : emcli deregister_hybridgateway_agent -hybridgateway_agent_list="<hybrid_cloud_gateway_agents>" External proxy that supports SSH tunneling (for example, SOCK4, SOCK5, HTTP) Oracle Confidential Internal/Restricted/Highly Restricted 8

Gateway Agent Q : How do i verify if my existing 12.1.0.5 agent is a Gateway or not? Ans: Verify if agents is successfully registered as Gateway byi. Open the $EMSTATE/sysman/emd/targets.xml ii. Check for property name and value entry for hybridgateway in target.xml <Property NAME="Type" VALUE="hybridgateway"/> The oracle_hybridcloud_connection is a new target type that represents the bridge between a agent and the On-Premise OMS Q : How do i find out all Hybrid Gateway Agents for all Hybrid Agents? Ans: Create config search using SQL select target_name,agent_name from MGMT$AGENTS_MONITORING_TARGETS where target_type='oracle_hybridcloud_connection' 9

Agent Pre-requisites: Configure at least one Gateway Agent SSH port (default 22) must be open on Oracle Cloud virtual host Gateway Proxy default port 1748, or at least one port in the range 1830 to 1848 is free on Oracle Cloud virtual host Set up named credential that uses SSH private key authentication The Agent install user has sudo privileges to run the root.sh script Mass Agent deployment through Agent Push UI and EMCLI (no other agent deployment supported) Track able and Resume-able in case of failures 10

Agent Deployment process is orchestrated into 3 phases : Phase 1 [ On Agent Host] a. Using SSH deploys the agent in software only mode b. Configure the agent using emctl deploy agent c. Creates instance home and configure the proxy url of the agent instead of repos url Phase 2 [ On-Premise OMS ] a. Create an oracle_hybridcloud_connection target with the SSH credentials that were provided by the user while deploying agent in Phase1 b. Save the oracle_hybridcloud_connection target to the given Gateway Oracle Confidential Internal/Restricted/Highly Restricted 11

Agent Deployment under the cover Phase 3 [On Agent Host] a) Secures the agent using emctl secure agent b) Deploys plug-ins using AgentPluginDeploy.pl c) Update plug-in inventory on the OMS using emctl update_inventory plugin d) Start the agent using emctl start agent e) Discover Host and Targets with following steps: i. Runs command: emctl config agent addinternaltargets dump ii. Copy this dump to the OMS iii. Create the host/agent target on the OMS iv. Create an association between the agent oracle_emd instance to the oracle_hybridcloud_connection instance v. Save the targets to the agent f) Run root.sh to set the setuid bits on the nmo binaries Oracle Confidential Internal/Restricted/Highly Restricted 12

Gateway High Availability DMZ INTRANET Oracle PaaS Private Cloud On-Premise EM OMS 12.1.0.5 Port 3872 Port 3872 Gateway Primary Gateway Secondary in Passive mode Associate Multiple Gateways for Hybrid Agents Secure encrypted SSH connection (directly or through HTTP proxy) Port 1748 HTTPS Port 1748 HTTPS Gateway Proxy Current Connection Inactive connection Agent First Gateway deployed is considered as Primary and subsequent ones are Secondary (passive mode) When Primary goes down, one of the secondary takes over and starts the Proxy. If this secondary also goes down, next secondary takes over, and so on. Oracle Confidential Internal/Restricted/Highly Restricted 13

Gateway High Availability Deploy Hybrid Gateway as Primary : emcli register_hybridgateway_agents -agent_list='<list of EM agents names separated by space> Deploy Hybrid Gateway as Secondary : emcli_install_location>/bin/emcli add_hybridgateway_for_hybrid_agent -hybrid_agent_name='<list of hybrid cloud agents> Once the Primary Gateway goes down the next time when it come up, it will be Secondary You can have multiple Primary Gateways for different set of Hybrid Agents Oracle Confidential Internal/Restricted/Highly Restricted 14

Gateway and Hybrid Agent Lifecycle Disassociate Gateway (to move to a new host) Single Gateway Decommission the Hybrid agents from the EM console and run the emcli emcli delete_hybridgateway_for_hybrid_agent -hybrid_agent_name=<hybrid_cloud_agent> - hybridgateway_agent_list=<hybrid_cloud_gateway_agents_to_disassociate> Multiple Gateway Stop the Gateway and Hybrid agents will get switched to new Master Gateway. You can also run the EMCLI that will cause the OMS to switch the Master to one of the Slave Gateways emcli delete_hybridgateway_for_hybrid_agent -hybrid_agent_name="hybrid_agent_name" - hybridgateway_agent_list="master_gateway_agent" Decommissioning Agents (Historical Data cleanup) From Home page of the Agent Agent menu Target Setup Agent Decommission Use Enterprise Manager based Patch Plan to patch multiple Gateways and Hybrid Agent 15

Documentation Management Chapter in EM Admin Guide http://docs.oracle.com/cd/e24628_01/doc.121/e24473/hybrid-cloud.htm#emadm15141 FAQ http://docs.oracle.com/cd/e24628_01/doc.121/e24473/hybrid-cloud.htm#cihefcff Video : Oracle Cloud service creation to Gateway, Hybrid Agent deployment https://apexapps.oracle.com/pls/apex/f?p=44785:24:0::no:24:p24_content_id,p24_prev_page:11435,29 Resource Page on em.us https://stbeehive.oracle.com/teamcollab/wiki/ent-mgr:em12c+r5+resource+page This PPT will be uploaded to em.us Oracle Confidential Internal/Restricted/Highly Restricted 16

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information