availabilityguard™ v7.0 deployment brief -...
TRANSCRIPT
2
2
Agenda
Brief Technology Overview
Deployment Architecture and Process
Deployment Requirements Overview
Q&A
2
3 3
Architecting IT to mitigate risks …
Implement HA: local redundancy
(tier-1 storage, SAN multipathing,
clustering, Virtualization/HA)
Setup DR: geographical
redundancy (replication, geo-
clustering, SRM, manual fail-over)
Critical
data loss
IT’s greatest nightmares:
Unplanned
(and prolonged)
downtime
Standard solution architecture:
4 4
Constant configuration changes in all layers of production environment…
• Some changes violate vendor best practices Downtime & Data Loss Risks
• Changes manually applied to HA and DR systems (not tested live)
• Some changes slip through the cracks… Downtime & Data Loss Risks
Best-Practice Alignment & Configuration Drift
Configuration of standby systems gets “out of sync”
Storage & Storage Services
SAN
Compute Hardware
Hypervisor & Private-Cloud Services
OS
Clustering
Database Software
App Server
Thousands of Vendor Best Practices practically impossible to follow
5 5
Transforming risk management
With AvailabilityGuard
Today
Exp
osu
re
Configuration gaps
between Prod/HA/DR
Time
Test / Audit
Exp
osu
re
Time
Configuration gaps
Test / Audit
6
The only solution – AvailabilityGuard™
Automatic daily verification of Production, HA & DR systems
Validates Compliance with Vendor Best Practices
Validates that HA systems are always fail-over ready
Validates that Production and DR are always in sync
Clear visibility into RPO, RTO and other DR metrics (actual vs. planned)
AvailabilityGuard™ helps make IT work – ALL THE TIME
7
7
AvailabilityGuard™ solution overview
Complete Production/HA/DR Scanning
Daily, Non-Intrusive, Agentless data collection
Servers (physical/virtual), Databases, Storage
Automatic Production/HA/DR Documentation
Automated, accurate, up-to-date
Discovers relationships between production and recovery systems
Risk Detection and Gap Analysis
Knowledge base of over 5,000 known risks
Risk tracking and measurement, actionable trouble tickets & reports
Complete & Effective HA/DR
All the Time
8 8
Availability Management
Data Protection
SAN best
practices
• I/O multi-pathing best
practices
• SAN security /
tampering prevention
Optimization
• Reclaimable storage
• Optimize replication
• Optimize I/O
• Optimize performance
• SAN best practices
Replication
• Data completeness
• Data consistency
• Process failures
Database best
practices
• Data corruption
• Performance
• DB vendor
recommendations
• Joint DB / storage
vendor
recommendations
Data protection
SLA
• RPO management
• Data retention
• Performance
• Location
• Insure protection of
critical assets
DR Data access
• Correct access to
shared storage (HA)
and replicas (DR)
• Redundancy and
performance
Clustering best
practices
• Consistent
configuration across
cluster nodes
• Vendor best practices
• Local / geo clustering
Host
configuration
• OS version / SPs /
patches
• Installed products /
versions
• Kernel parameters
• Network services Redundancy
• RAID level
• SAN Multi-pathing
• Network
• NIC / teaming
• DNS, LDAP, AD
• DB file configuration
App Server
• Load balancing
• Deployment best
practices
Virtualization
• Storage allocation
• Dependency mapping
Virtualization
best practices
• HA & DR
• Vendor best practices
AvailabilityGuard Gap Knowledgebase
18
18
Agenda
Brief Technology Overview
Deployment Architecture and Process
Deployment Requirements Overview
Q&A
19 19
Deployment architecture overview
Storage arrays
Servers
(physical or virtual)
DB2
Databases
Virtualization
All executed commands are strictly read-only
IE6+
• CLI proxy(ies) (Symmetrix / CLARiiON / VNX /
DS / XIV / 3PAR)
• SSH (V7000 / SVC / DataDomain / Isilon / RecoverPoint)
• HTTP (HDS / HP XP / VPLEX)
• ZAPI (NetApp Filer) WIN 2008 R2 • AG Software • Oracle DB
AG collectors (optional)
Querying meta-data tables/ views
• AIX VIO: HMC CLI
• VMware: vCenter API
• UNIX: OS Commands
21 21
Project timeline (basic deployment)
21
kickoff Implementation Executive
Presentation
Preparation Deployment Summary
Report
Implementation completion
Few Hours (per admin)
2 days 1 Week
Target Systems List Deployment Worksheet AG Server Storage proxy(ies) UNIX accounts sudo / pbrun / etc. Windows accounts Database accounts Firewall adjustments Change controls
Day 1: AG Installation Day 1-3: AG Scan Configuration Day 1-3: Full Scan Day 1-3: Review Scan Day 1-3: Administration and
Configuration training
Deployment summary report
Ticket details Summary presentation
Review / Training
1-3 Days
AG System overview sessions w/ relevant personnel
AG UI review Tickets Review Capture information
Project completion (handover)
The customer Continuity Continuity + The Customer Continuity
23
23
Agenda
Brief Technology Overview
AvailabilityGuard Deployment Overview
Deployment Requirements Overview
Q&A
24 24
The AvailabilityGuard™ server
• Can be VM with reserved resources
• Local administrator rights required (domain user preferred, but not mandatory)
• Oracle 11g standard / enterprise edition installed locally /w AG (license not included with AG)
• Domain member – preferred
• English Edition of Windows, latest Windows update is recommended
# of scanned hosts
CPU / Cores RAM Free Disk Space
OS Type
< 100 2 Intel / AMD (4 recommended)
8 GB 80 GB Windows 2008 R2 64-bit
100 – 500 2 Intel / AMD (4 recommended)
16 GB 100 GB Windows 2008 R2 64-bit
500 – 1000 4 Intel / AMD 32 GB 120 GB Windows 2008 R2 64-bit
> 1000 Specific sizing required Windows 2008 R2 64-bit
24
27 27
Scanning Storage Systems Type Requirements Connection
EMC Symmetrix
• Name of Unix server(s) w/ SYMCLI + user account • Sudo for several read-only commands
SSH / 22
EMC VPLEX • Name/IP of VPLEX management server(s) + user account HTTPS / 443
EMC CLARiiON
• Name of server(s) w/ NAVICLI + user account • Individual IP, username and password per array
SSH / 22
EMC RecoverPoint
• Name/IP of one RPA per RecoverPoint installation • User account with view permissions (the predefined monitor user can be used)
SSH / 22
EMC Isilon (NAS)
• Name/IP of each Isilon System • A user account with permission to run read-only isi commands
SSH / 22
HDS / HP XP • HDS - Name of HiCommand / CommandView server(s) + user with “View only” rights • HP XP - Name of CommandView / HiCommand server(s) + user with “View only” rights
HTTP / 2001
HP 3PAR • Name/IP + user with “Read only” rights SSH / 22
NetApp • Two data collection methods are available: • #1: File name/IP + user account* with read-only privileges required for each filer • #2: User account* with read-only privileges required for DFM * can be AD account
HTTP / 80 HTTPS / 443
Note - continued in the next slide
28 28
Scanning Storage Systems (continued)
Type Requirements Connection
IBM DS 6 / 8K • Name of server(s) w/ DSCLI + user account • Individual IP, username and password per array
SSH / 22
IBM SVC / V7000 • Name/IP of SVC arrays + read-only user account SSH / 22
IBM XIV • Name of server(s) w/ XCLI + user account
• Individual IP, username and password per array
SSH / 22
IBM DS 4 / 5K • Name of server(s) w/ SMCLI + user account • Only if not defined in the SMCLI config - Individual IP, user and password per array
SSH / 22
30 30
Scanning Servers (OS)
Type Requirements Connection
All OS • Existence of one or more of: • EMC - ‘inq’, ‘syminq’, PowerPath • HDS/HP XP – HDLM (Unix/Linux), ‘inqraid’ • NetApp - snapdrive, ‘sanlun’ (Unix/Linux), dsmcli (Windows) • IBM DS - datapath, pcmpath • XIV - HAK CLI
UNIX / Linux • Non-privileged local/domain user account • “sudo” or similar / root privileges required for a small number of read-only
commands
SSH (22)
Windows • Non-privileged domain user • Local administrator rights on each scanned host (used for read-only WMI
queries and read-only commands)
• WMI (All TCP, UDP 135-9) • WinRM (80/5985 and 445)
• Server list can be imported from EMC Control Center, HiCommand, vSphere, HMC, Excel, etc.
31 31
Scanning Virtualization Platforms
Type Requirements Connection
VMware • Name/IP of vCenter servers + Windows user account with the Read-Only role • Access to ESX servers is NOT required • Virtual machines - See requirements for standard Linux / Windows
SOAP / 443
AIX VIO • Name/IP of HMC servers + read-only user account • User account with read-only privileges for VIO and LPARS • Either a restricted user (rksh) or a regular user
SSH / 22
Solaris Zones • See requirements for standard UNIX • Global and private zones should be scanned
SSH / 22
HP nPar / vPar • See requirements for standard UNIX
SSH / 22
Solaris LDOM • See requirements for standard UNIX
SSH / 22
32 32
Scanning Databases
Type Requirements Connection
ALL • Authenticating and connecting directly to the instance via JDBC • User should be granted limited read-only privileges for meta-data tables and views • Databases, virtual IPs and ports are automatically discovered during host scan
Oracle • Two data collection methods are available: • #1: Local read-only user required on each instance • #2: An OEM user with a ‘view any target’ privilege (EM_ALL_VIEWER in OEM 12)
JDBC / 1521
MS-SQL • Local read-only user required on each instance; or • Windows authentication
JDBC / 1433
IBM UDB • Local read-only user required on each instance
JDBC / 5000
Sybase • Local read-only user required on each instance
JDBC / 50000
32
32
37 37
For Networks with a Firewall Source Destination Port / Protocol Description Desktop of potential AG users AG Server 8080 / http Access to AG web UI
AG Server HDS HiCommand / HP CommandView 2001 / http Connecting to HDS/HP mgmt consoles
AG Server HP 3PAR 22 / ssh Connecting to HP 3PAR
AG Server NetApp filers / DFM 80, 443 / http, https Connecting to filers
AG Server Unix servers 22 / ssh Connecting to Unix servers
AG Server HMC Server 22 / ssh Connecting to HMC Servers
AG Server SVC Arrays 22 / ssh Connecting to SVC Arrays
AG Server EMC RPA 22 / ssh Connection to EMC RecoverPoint
AG Server EMC Isilon System 22 / ssh Connection to EMC Isilon
AG Server EMC VPLEX 443 / https Connection to EMC VPLEX
AG Server Windows servers All tcp, udp 135-9 / wmi Connecting to Windows servers
AG Server Windows servers 80/5985, 445 (default) / WinRM Connecting to Windows servers
AG Server Zerto Virtual Manager 9669 / HTTPS Connecting to Zerto Virtual Manager
AG Server Oracle instances / OEM ip/vip 1521 (default) / jdbc Connecting Oracle
AG Server SQL Server instances ip/vip 1433 (default) / jdbc Connecting MS-SQL
AG Server IBM DB2/UDB databases ip/vip 50000 (default) / jdbc Connecting DB2/UDB
AG Server Sybase instances ip/vip 5000 (default) / jdbc Connecting Sybase
AG Server vCenter / vSphere 443 / soap Connecting vCenter
AG Server SRM 9007 / SOAP Connecting SRM (discovered from VC)
AG Server Mail server 25 (default) /smtp Sending emails from AvailabilityGuard
AG Server EMC Control Center server 1521 / jdbc or 1575 /jdbc-ssl Connecting to ECC RAMBDB views
AG Server http://www.continuitysoftware.com
ftp://drivehq.com
80 (default) / http
20-22 (default) / ftp
Automatic update
AG Server Active directory LDAP host 389 (default) Optional, if using active directory for users
AG Server Oracle GoldenGate Monitor 1521 (default) / JDBC Connecting to Oracle GoldenGate Monitor
37
37
• Protocols mentioned above are commonly already used by IT (permitted)
39 39
Summary
Initial deployment requirements
• AvailabilityGuard™ server
• Identify target systems (checklist)
• Allocate target system credentials
• Configure access control (Sudo, PowerBroker, etc.)
• Verify the existence of software tools on servers
• Verify network access
Detailed information
• AvailabilityGuard™ 7.0 Deployment Requirements Guide
• AvailabilityGuard™ 7.0 User Guide
40
40
Agenda
Brief Technology Overview
AvailabilityGuard Deployment Overview
Deployment Requirements Walkthrough
Q&A
49 49
Support matrix
Operating System
• Solaris 8+ • HPUX 11.0+ • AIX 4+ • Linux RedHat AS 3+ • Linux SuSE 8+ • Windows 2000+ • VMware vSphere 3+
Storage
• EMC Symmetrix, VNX, RecoverPoint, DataDomain, Isilon, VPLEX
• NetApp Filers – All • HDS AMS series (500 & 1000), USP
(TagmaStore, USP V/VM, VSP) • IBM DS 6xxx, 8xxx, XIV, SVC, V7000 • HP XP, 3PAR
Volume Management
• All supported OS VMs • Veritas Volume Manager • LVM 2, ASM, ZFS, …
Databases
• Oracle 8.1.7+ • MS SQL Server 2000 SP3+ • Sybase 12.5+ • DB2 UDB 8.1+
Multi-Pathing
• EMC PowerPath, Veritas DMP, HP (PVLinks, HPDM ), Linux MPIO, AIX MPIO, SDD, HDS HDLM, Netapp DSM, …
Clustering
• Veritas Cluster Server • VMware HA / FT / SRM • IBM PowerHA (HA/CMP) • Oracle RAC & CRS • Microsoft Cluster Server • HP MC/SG, PolyServe • Sun Cluster • NetApp cluster (cDOT)
• EMC TimeFinder, SRDF, EMC MirrorView, SnapView, RecoverPoint
• NetApp SnapMirror, SnapShots, SnapVault
• HDS TrueCopy, ShadowImage, UniversalReplicator, TrueShadow
• IBM FlashCopy, FlashCopy/SE, Metro Mirror, Global Mirror, Global Copy
• HP 3PAR Remote Copy, Virtual Copy • Oracle DataGuard, GoldenGate • VVR • Zerto Virutal Replication
Replication
Application Servers
• IBM WebSphere • Oracle WebLogic • Apache Tomcat