By Erik Benner, Mythics, Inc. | Simon Pane, Editor

DevOps automation is often associated only with tools that work with Virtual Machines at the hypervisor or operating system level. Automation is a key technique used to differentiate the DevOps model from the traditional operational model and it can be expanded to work beyond the VMs. In Oracle VM (OVM) environments, much of the automation is provided via Enterprise Manager, but there are other options. In March of 2017, Oracle released Oracle Database Enterprise Edition 12.2 for on-premises clients. This new database version included many new features for the DBA, as well as a few tools that enable DevOps type of automation practices to be driven by the Database Administrator.

One of these new abilities is a feature called “VM Manager Agent for Grid Infrastructure”. This new ability that is built into Oracle Clusterware allows it to add virtual machines as a Clusterware resources, managed through the RESTful API interface built into the Oracle VM Manager. This enables the Clusterware to manage a VM as a Clusterware resource, without requiring any interaction with the VM guest OS, effectively turning the VM into a black box to the DBA. An example use case is stopping and starting a VM running Oracle Database Firewall by using Oracle Clusterware.

While a great production use is managing Oracle Audit Vault and Database Firewall VMs on an Oracle Private Cloud Appliance (PCA,) for this article, an example use case will be controlling a Swingbench VM. As a note, before registering an Oracle VM Manager with the Oracle Clusterware, make sure that your Clusterware is patched for BUG 25742704.

Before getting started, there are a few required prerequisites:

• Install and configure an Oracle VM System version 3.4 or higher. If you are running on an Oracle PCA this is the same OVM that the PCA uses.
• Build a virtual machine to test with.  The example in this article uses a VM named “swingbench”.
• Install Oracle Clusterware 12.2 on a separate server.  This is normally done when you build a RAC system. The sample uses the Clusterware that is part of a RAC install.

Setup is a straight forward task, with just a few steps.  Summarizing the steps at the high level:

• Export the Certificate Authority key from the Oracle VM Manager (OVMM)
• Create a temporary wallet on the Clusterware server
• Register the Oracle VM Manger with the Oracle Clusterware
• Create the VM resource to be managed

To export the CA Certificate, the ovmkeytool.sh script is used with the “export ca” option. This is done from the Oracle VM Manager server. The script can be found in the /u01/app/oracle/ovm-manager-3/ovm_upgrade/bin directory. Since the key will need to be imported into Clusterware, first save the key to a file.

[root@ovmm bin]# cd /u01/app/oracle/ovm-manager 3/ovm_upgrade/bin [root@ovmm bin]# ./ovmkeytool.sh exportca > /tmp/ovmm.crt

Mar 16, 2017 4:17:19 PM oracle.security.jps.JpsStartup start INFO: Jps initializing.

Mar 16, 2017 4:17:20 PM oracle.security.jps.JpsStartup start

INFO: Jps started. [root@ovmm bin]#

Once the key is exported (into /tmp/ovmm.crt in this example), it must be copied to the system running the Oracle Clusterware 12.2. This can be another database server running Oracle Clusterware through either a RAC or Grid Infrastructure installation.  The rest of the commands are executed form that server.

The first step that is performed from the Clusterware system is to store the Oracle VM Manager (OVMM) credentials into a temporary keystore. Log into the Clusterware server as root and create the temporary wallet file using orapki.

[root@db122a ~]# /u01/app/oracle/product/12.2.0/dbhome_1/bin/orapki  wallet create -wallet /tmp/ovmm_wallet -auto_login_only

Oracle PKI Tool : Version 12.2.0.1.0

Copyright (c) 2004, 2016, Oracle and/or its affiliates. All rights reserved.

Operation is successfully completed.

Next, import the certificate from the OVMM server into the wallet.

[root@db122a ~]# /u01/app/oracle/product/12.2.0/dbhome_1/bin/orapki wallet add -wallet /tmp/ovmm_wallet -trusted_cert -cert /tmp/ovmm.crt -auto_login_only

Oracle PKI Tool : Version 12.2.0.1.0

Copyright (c) 2004, 2016, Oracle and/or its affiliates. All rights reserved.

Finally, register the OVMM server with the Oracle Clusterware using srvctl. The username required in the command is the OVMM user, which is by default “admin”.  The “ovmmhost” is the name of the OVMM server.and the “ovmmport” is the port used for the Web Services API (WSAPI) which by default is “7002”. (Note: The host name should be the same as the name in the certificate.)

[root@db122a ~]# cd /u01/app/12.2.0.1/grid/bin

[root@db122a bin]# ./srvctl add ovmm -wallet /tmp/ovmm_wallet/cwallet.sso -username admin -ovmmhost ovmm -ovmmport 7002

Enter the Oracle VM Manager password:

Finally, we can display the configuration of the OVMM server and double-check that the Host and Port are correct.

[root@db122a bin]# ./srvctl config ovmm Oracle VM Manager Username: admin

Oracle VM Manager Host: ovmm Oracle VM Manager Port: 7002 [root@db122a bin]#

If the host name is incorrect, you can use the modify option to change it:

[root@db122c trace]# srvctl modify ovmm -ovmmhost ovmm

You can also update the username, which will automatically force the password to be updated;

[root@db122c trace]# srvctl modify ovmm -username admin Enter the Oracle VM Manager password:

Next, we need to add a resource. For this example, a resource name “swingbench” will be added, that manages the Swingbench VM.  It can be added using the following command;

srvctl add vm -name swingbench -vm “swingbench”

NOTE: Even if the resource is already up and running, Clusterware will not update the “status” until the resource status is changed by the Clusterware.

Hence we can start and stop the VM, using srvctl.  And use the status option to check the known state.

[root@db122c trace]# srvctl stop vm -name swingbench [root@db122c trace]# srvctl status vm -name swingbench

Virtual machine “swingbench” of VM resource “swingbench” is not running. [root@db122c trace]# srvctl start vm -name swingbench

[root@db122c trace]# srvctl status vm -name swingbench

Virtual machine “swingbench” of VM resource “swingbench” is running on node db122c.

Finally, we can add the resource to a Clusterware Resource Group (CRG) as you would with any other resource. Cluster Resource Groups allows the administrator to manage and monitor a group of resources as a single entity. Often with Flex Clusters, the CRG will contain the databases, application servers, and even NFS shares used by an application.

This is just one of the new features in the Oracle Database 12.2 Clusterware, and shows how Oracle is integrating the technologies across the entire stack.

Interested in learning more about Oracle VM, and what can be done with it? Check out the new Oracle Press book, “Oracle VM 3 Cloud Implementation and Administration Guide” which is now available to order from Amazon.