Running Oracle EBS in the cloud (OAUG Collaborate 18 edition)

Session ID:
Prepared by:
Remember to complete your evaluation for this session within the app!
10078
Running Oracle EBS
in the cloud
April 24th, 2018
Andrejs Prokopjevs, John Piwowar
Applications Database Consultants
Pythian
@aprokopjevs, @jpiwowar
1

About Andrejs
2
Apps DBA from Riga, Latvia.
Speaking SQL since 2001. In Oracle world since 2004.
Boiling Oracle EBS since 2006.
Conference speaker:
UKOUG, nlOUG, DOAG, OAUG Collaborate
UKOUG 2017 Speaker Award winner
Andrejs Prokopjevs
Lead Applications Database Consultant
At Pythian since 2011
@aprokopjevs
prokopjevs@pythian.com
https://www.pythian.com/blog/author/prokopjevs/

© 2017 Pythian. Confidential 3
About John
- Apps DBA since 2005
- With Pythian (Apps DBA, Technical Project Manager) since 2011

Systems currently
managed by Pythian
EXPERIENCED
Pythian experts
in 35 countries
GLOBAL
Millennia of experience
gathered and shared over
19 years
EXPERTS
11,800 2400
© The Pythian Group Inc., 2018 4

Agenda
• Certification basics.
• How to architect. Recommendations. AWS.
• Advanced configurations.
• R12.2.
• Microsoft Azure and Oracle Cloud review.
• Cloud deployment automation and the most common scenario - auto-scaling.
5
What is Oracle EBS?

What is cloud?
• It’s not just a hosting.
• Infrastructure-as-a-service (IaaS)
• Software-as-a-service (SaaS)
• Platform-as-a-service (PaaS)
• Public cloud, Private cloud, Hybrid cloud
8

What is cloud?
• Pros
• Hardware support and maintenance. This is your cloud service provider responsibility.
• Hardware pool. Workload is shared and distributed.
• Transparency. You run only what you need to run.
• "Pay per use" model.
• No termination fees.
• Cons
• Security
▪ Design of your network, its access, and security of the data is the main key point for success.
▪ Encryption
▪ Single Point of Disaster (AWS console). IAM and Root account protection.
• Possible network latency with cloud service provider.
9

Oracle E-Business Suite – Apps Tier
• SaaS or PaaS
• Ready solution. You don’t manage the software.
• NOT applicable for Apps Tier.
• IaaS
• Same as running it on local physical hardware.
• You are still in the The Captain role.
10

Oracle E-Business Suite – DB Tier
• AWS EC2
• Amazon RDS for Oracle (DBaaS) - NOT supported.
• Sorry, only IaaS deployment.
• MS Azure
• Only IaaS for Oracle, in general.
• Oracle Cloud
• Something special is there.
▪ Database Cloud Service
▪ Exadata Cloud Service
11

Licensing
• Licensing primary source:
• http://www.oracle.com/us/corporate/pricing/cloud-licensing-070579.pdf
• AWS EC2, MS Azure - Authorized Cloud Environments.
• Example for Standard Edition:
▪ Less than 4 vCPUs: counted as 1 socket = 1 processor licensed.
▪ More than 4 vCPUs: "closest vCPU multiple of 4" counted as number of sockets = number of processors
licensed.
▪ Azure - replace 4 vCPUs with 2 Azure CPU cores within your calculations.
• Example for Enterprise Edition:
▪ 2 vCPUs = 1 processor licensed.
▪ Azure - replace 2 vCPUs with 1 Azure CPU cores within your calculations.
• Licensing models
• Pay per use rates, included in cloud service provider pricing model (* not everything applies).
• BYOL (Bring Your Own License). Named User Plus licensing is possible.
12

Licensing – Oracle E-Business Suite
• DB tier requires Enterprise Edition.
• Pay per use model is available only on Oracle Cloud.
• For other IaaS based deployments – BYOL.
• Apps tier is separately licensed – BYOL.
• VMware – Sorry ! Nothing changed. You need to license the whole hardware pool.
• Cost efficiency: do your own calculations !
13

How to architect.
Recommendations.
14

Overview
• Our talk will be primarily based on ”wrong cloud” – Oracle Amazon EC2.
• Oracle E-Business Suite R12.1.
• Standard 1 Apps Tier & 1 DB Tier configuration.
• High level overview.
15

#0: Important start note
• You are the Solution Architect.
• How you design it will be the way the system is going to run.
16

#1: Network
• Everything should start with a proper network design.
• Regions / Availability Zones
• Subnets
• Network interfaces
• Route tables
• Security
• Network ACLs
• Security Groups
• Internet Gateway
• Virtual Private Gateway
• IPSec VPN tunnel with your on-premise network
17
Amazon documentation reference:
http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Introduction.html

#1: Network
• IP address
• Private IP addresses – dynamic. Can’t be reserved and may change during instance restart.
• Public IP addresses – dynamic, but a static IP address can be assigned via Elastic IP feature.
▪ Note: Public IP traffic is routed through the public internet.
• DNS
• By default provided by Amazon.
• Each region has it’s own sub-domain. Automatically updated via internal DHCP.
▪ But contains Private IP address in the name space:
• ec2-10-10-10-1.eu-central-1.compute.amazonaws.com
• Route 53
▪ Configure your own DNS.
▪ Assign host and domain names to instances.
19

#2: Instances
• Instance – actual virtual machine
• Instance types
▪ General purpose
▪ Compute optimized
▪ Memory optimized
▪ Storage optimized
▪ Accelerated Computing
• It’s all about your “hardware” power and requirement
▪ vCPU, T2 instances with CPU credits / burst
▪ Memory
▪ GPU
▪ Storage
20
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html

#2: Instances
• Instance types #2
▪ On-Demand (default).
▪ Spot Instances – short term workload.
▪ Reserved Instances or Dedicated Hosts – long term resource pre-allocation.
• Mainly affects pricing
• AMIs (Amazon Machine Images)
▪ Image of the instance
▪ Public and Private repositories
• What AMI to use?
▪ EC2 standard: RHEL, SLES, Windows Server, “pay per use” licensing model.
▪ Public AMI repos: Oracle Linux, for example. Use for free, but don’t forget about ULN
licensing terms.
21

#2: Instances – Oracle E-Business Suite
• Example that can be used for Oracle E-Business Suite
• Apps Tier: m3.xlarge, 4 vCPU, 15 GB Memory.
• DB Tier: r3.4xlarge, 16 vCPU, 122 GB Memory.
• 122 GB RAM for Oracle EBS database?
▪ Sometimes memory size is not the primary criteria for instance type selection.
▪ Each instance type has different IOPS and IO throughput limits.
22

#3: Storage
• Storage types
• Amazon EBS (Elastic Block Store)
• Standard SAN-like disk volumes. Can be mounted to one EC2 instance at a time.
• SSD: gp2, io1. HDD: st1, sc1. Different throughput and IOPS limits.
• Amazon EC2 Instance Store (Ephemeral)
• Local disks.
• IMPORTANT: All data is lost once Instance is stopped or restarted. Ideal for temporary storage.
• Amazon EFS (Elastic File System)
• NAS analog from Amazon – NFS based. Still with a limited region availability.
• Amazon S3
• Object based storage module.
• By default used for storing AMIs and Amazon EBS disk snapshots.
23
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Storage.html

#3: Storage – Oracle E-Business Suite
• Apps Tier file system
▪ Elastic Block Store – standard option for single Apps Tier approach.
▪ Elastic File System is preferable if scale-out plans are there.
▪ Make your own “NAS server” instance, mount Amazon EBS disks, and export them via NFS.
▪ gp2 standard type is absolutely enough. Based on IO credits / burst.
▪ Cheap HDD based disks should be considered only for low IO workload targets (conc. log / out data, or
interfaces).
24

#3: Storage – Oracle E-Business Suite
• DB Tier
▪ Elastic Block Store. Local File-System or ASM.
▪ No universal recommendation on IOPS / throughput. You MUST test, benchmark, and evaluate your own
system performance per workload requirements.
▪ Hint: Database Smart Flash Cache feature can greatly improve your performance. Configure it on Instance
Store (Ephemeral) disks.
SQL> show parameter db_flash_cache
NAME TYPE VALUE
------------------------------------ ----------- ------------------------------
db_flash_cache_file string /dev/xvda1
db_flash_cache_size big integer 200G
SQL>
25

#4: IOPS
• Most difficult part to understand.
• IOPS / Throughput depends not only on Instance and
Storage type, but also on the size of the volume.
• Provisioned IO (io1) volumes are not always the most
efficient option for IO intensive workload.
▪ Larger “gp2” volumes can provide similar or better IO performance
than smaller “io1”. And for less cost.
▪ Can experiment putting multiple gp2 into LVM drives.
• Wrong type chosen can be a big problem.
▪ Example: cheap HDD “sc1”.
• IOPS size:
▪ SSD (gp2, io1) - 16KiB.
▪ HDD (st1, sc1) - 1 MiB.
• Oracle Database: multiblock reads
▪ DB IOPS <> EC2 IOPS !!! 26

#4: IOPS
• Classical reaction reading IOPS related
docs for different areas (EC2, EBS,
RDS).
• Experiment, Benchmark
• Find better setup that will suit your
requirement and budget.
27

#5: Backup / Recovery
• EC2 provides EBS storage snapshot feature only
▪ Apps tier: Make snapshots for Apps Base file system.
▪ DB tier:
• Setup RMAN on dedicated volumes. Make periodic snapshots.
• Elastic File System (NAS).
• S3 sync for backup sets, but requires complex scripting effort.
▪ Can be automated via CLI.
28
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-creating-snapshot.html

#6: Monitoring
• CloudWatch
• https://aws.amazon.com/cloudwatch/
• Free:
• Very limited.
• Paid:
• Complete monitoring solution for the instances.
• Alarms. SWS / SNS integration.
• Not versed for Oracle.
• You can use your own custom monitoring. Setup EM agents.
29

#7: Amazon RDS
• You can still use RDS for Oracle service for other integrated components.
• Oracle Fusion Middleware 12c
• Not supported with Oracle Fusion Middleware 11g, but with some “tweaks” you can still get
your Metadata Repository loaded into the RDS instance.
▪ Main challenge: no SYSDBA access. Replaced with ORACLE_MASTER and RDS PL/SQL API.
▪ Doable, but not certified and not supported.
• Example:
• Identity and Access Management for Single Sign-On, or BI.
30

#1: Oracle RAC
• NOT supported.
• No shared storage.
• No multicast support for interconnect.
• But… non-official solutions.
• Deploying Scalable Oracle RAC on Amazon EC2
▪ https://aws.amazon.com/articles/7455908317389540
▪ Became an official guide by Amazon.
• Do your own interconnect via OpenVPN.
• Flashgrid VSAN solution.
• Try to adopt Amazon EFS (NFS).
• Complex and not recommended.
32

#2: Apps Multi-Tier / PCP
• No limits.
• Shared file-system can be implemented via EFS or your own NFS solution.
• Elastic Load Balancing (LBaaS)
• Has all requirements to front-end Oracle E-Business Suite.
▪ Sticky session
▪ SSL
33
https://docs.aws.amazon.com/elasticloadbalancing/latest/userguide/what-is-load-balancing.html?icmpid=docs_elbv2_console

#3: External Tier
• Similar to standard Apps Multi-Tier deployment.
• DMZ network restrictions can be implemented via a dedicated VPC security group.
34

#4: SSL
• Native SSL – same as on-premise.
• SSL termination via ELB (LBaaS).
• AWS Certificate Manager is available to maintain and provision the certificates.
35

#5: Integrations
• EC2:
• No ready SaaS / PaaS solutions certified and ready out-of-the-box for Oracle EBS.
• Hybrid cloud deployment
• Evaluate your network latency with target availability zone.
• For heavy data exchange processes and systems integrated it might be a good idea to move
them along with your Oracle E-Business Suite on the same side.
• Examples:
• BI, ETL.
• Or adjust your expectations and SLA.
36

#6: Disaster Recovery
• IaaS – similar “on-premise” approach.
• No automation.
• Availability zones. Regions.
• For initial clone, EC2 EBS volume snapshots are transferable.
• RDS for Oracle (DBaaS) – built-in and automated feature.
• But between Availability Zones, not Regions.
37

#7: Encryption
• Applications level: implement TDE.
• Storage level: implement encryption at rest for EC2 EBS volumes.
38

What is different with R12.2?
• Everything that is related to R12.1.
• ADOP
• Private IP addresses
▪ Number of FND tables must contain valid IP addresses of all nodes.
▪ EC2 Instance restart might change the private IP – it must be updated.
• Validation of the /etc/hosts
▪ Same private IP addresses – hosts file has to enlist them, and with required format.
• You can setup a custom OS service
▪ Run during instance startup to update hosts file and FND table with $(hostname -I) value.
▪ Any other node dependencies via AWS CLI.
• IOPS / IO throughput planning is important
▪ ADOP fs_clone and file system synchronization management through online cycles.
▪ DB workload handling edition objects.
▪ Example: “fs_clone force=yes” run duration on 220 GB standard gp2 volume: 42 minutes.
40

Microsoft Azure
• IaaS only.
• In respect to Oracle E-Business Suite it has all main analogs available.
• Virtual Network, Load Balancing, Storage, Site Recovery.
• Linux Virtual Machine support.
• Important note: compute limits.
• Main disadvantage comparing EC2 and Azure was the compute option availability. EC2
provided more powerful capacity options. Almost 10 times.
• Things are getting changed.
▪ 20 vCPU max quota (30 West Europe region). But can be extended via support request.
▪ 100+ GB RAM.
▪ Enough storage options.
42

Oracle Public Cloud
• Completely based on Oracle’s own stack.
• IaaS
• With PaaS support for DB Tier:
• Database Cloud Service
• Exadata Cloud Service
• RAC support !!!
• “Lift and Shift” – “one-button” your on-premise
instance migration to cloud.
• Easy multi-node provisioning for Oracle EBS.
• Quick deployment for rapid development
needs.
44

Oracle Public Cloud – Management
• EBS Cloud Admin Tool central management.
• Provisioning.
• Vertical scaling.
• Cloning.
• OpenWorld 2017 roadmap announcement:
• Managed Oracle EBS environment via GUI console or CLI.
• Full scaled and managed Backup / Restore for Oracle EBS instance.
• Automated provisioning and cloning, with post provisioning custom framework support.
• Managed horizontal scaling.
• Automated DMZ and External application configuration.
• Automated DB tier PSU patching.
• Fully automated DR creation and failover.
• GUI management portal is coming !!!
45

Oracle Public Cloud – Integrations
• Oracle EBS is really bound to Oracle’s own
products for integrations.
• With other cloud service providers it’s IaaS
based setup – you do everything on your own.
• Integrations Cloud Service
• Examples:
▪ SOA cloud service is supported.
▪ Identity cloud service is NOT supported there yet.
46

Oracle Public Cloud – EBS or SaaS Applications
• There is an ongoing shift to SaaS based Applications.
• Limited modules are implemented. Still in active development.
• Oracle’s vision for Hybrid co-existence (options in R12.2).
• Oracle E-Business Suite is still on the radar.
• Roadmap, at least, till 2030. R12.3 (or maybe R18.1 ) is on the way (~2020).
• Recommendation: Do not rush!
• Implement, Test, Evaluate, Compare costs, Migrate.
47
Getting Started with Oracle E-Business Suite on Oracle Cloud (Doc ID 2066260.1)
https://www.facebook.com/groups/EBS.SysAdmin/
https://twitter.com/Oracle_EBS

Cloud deployment
automation.
Auto-scaling.
48

What is Vertical scaling?
• Increase of the compute resources of a
particular instance
• Change instance type with more RAM,
more compute power.
• Might dramatically increase your cost.
• Still has limits. 
• In respect to Oracle EBS
• JVM memory heap size increase.
• JVM process / server count increase.
• Downtime
49

What is Horizontal scaling?
• Increase of the compute resources by
adding more compute instances
• Add more nodes
• Flexibility
• In respect to Oracle EBS
• Add more apps tiers.
• No Downtime
50

What if we want to automate it?
• Business case:
• We would like to automatically add web nodes on-demand, if existing stack is overloaded.
• Auto-Scaling group is created
• Minimum, maximum, and desired node count parameters
• Scaling plans – when and how to scale. Specific time, or can be based on CloudWatch
monitoring. Rules for scaling in.
• Launch configurations / Instance configuration. Image to create new instance from.
• Automatically adds your new created node into the Elastic Load Balancer configuration.
51
Documentation
https://aws.amazon.com/documentation/autoscaling/

What if we want to automate it?
• New node startup from AMI
• We can put a custom first-boot shell script which will handle certain actions (cloud-init).
• Pricing for Auto-Scaling
• It is free.
• You pay only standard rates running your additional EC2 compute resources.
• Limits
52

Oracle E-Business Suite - Challenge
• Oracle E-Business Suite is very tight on it’s internal configuration repository
• FND tables, like FND_NODES
• Nightmare with R12.2 and ADOP.
• Scaling with a new node.
• Find the best combination of pairs file to minimize post manual correction of the context file
and instance configuration for “perl adclonectx.pl addnode”.
• Manually generate the required context file and feed it into adclonectx.pl.
• Node deletion
• R12.1: Downtime, setup_clean, re-run of all autoconfigs on each node in 2 rounds.
• R12.2: supports Abandoned node state, supports node deletion***
53

Adding a new Web Node
• OS setup
• Software, kernel, limit configuration can come from created private AMI image.
• Hostname: We need to set a unique hostname on the server, DNS, update /etc/hosts.
• Mount the Apps Base storage layer.
• Apps setup
• Generate new context file / perl adclonectx.pl addnode.
• Run AutoConfig on all existing nodes. Or, at least, “generatetns” step.
• Reload Apps TNS listeners on all existing nodes.
• Optional: any custom post configuration.
• Service restart on new created node.
• Elastic Load Balancer
• Will enable the node once the TCP socket ping succeeds.
54

Removing a Web Node
• Instance termination
• Elastic Load Balancer – automatic drop of the removed instance
• Apps setup - Master node to trigger the node deletion process.
• R12.1
▪ No process of node deletion without a complete downtime and setup_clean process.
▪ Concurrent Service Managers configured for new node can be just disabled from back-end.
▪ OAM dashboard – sorry, you can’t avoid the red status there.
▪ File system cleanup.
• R12.2
▪ Abandon the node.
▪ “perl $AD_TOP/patch/115/bin/adProvisionEBS.pl ebs-delete-node”
▪ “txkSetAppsConf.pl -configoption=removeMS”
▪ File system cleanup.
55

Re-use of a removed Web Node
• Node remove is very costly. Re-use of the existing configuration can be easy.
• R12.1
• Easy. But we should not delete the INST_TOP then.
• Re-enable the Concurrent Service Managers.
• Just launch the instance, configure the OS part, and restart the services.
• R12.2
• Abandoned node – only a complete delete / add process.
• Required even if we do not delete the node and do not delete the file system content.
• We can’t allow to delete an instance without Abandoned node state – affects ADOP.
56

Periodic housekeeping
• Once you have a downtime window, it’s worth to go through “setup_clean” process
to have everything re-registered clean and drop the garbage.
• R12.2: Cleanup of the FND OAM and ADOP session system tables.
57

R12.2 ADOP considerations
• Scaling automation and ADOP online patch cycle – how safe it is?
• Scale out: process creates a new node for RUN file system. PATCH – fs_clone requirement.
Conflict if a cycle is already opened.
• Scale in: abandoned node state is safe to complete the cycle.
• Cutover: likely a failure is expected.
• CloudWatch doesn’t know anything about what’s going on in Oracle EBS.
• During ADOP open cycle or maintenance window Auto Scale group, probably,
should be completely disabled.
58

Summary
• Oracle EBS implementation on cloud is more less straightforward.
• Mostly IaaS. Oracle Public Cloud offers PaaS for Oracle Database and other
integrations, like SOA.
• IO performance is the main bottleneck risk. Good design, evaluation of estimates
and testing are required to confirm the requirements.
• Security is an extra overhead and highly important.
• Cost efficiency is a subject of detailed evaluation and calculation.
• Auto-scaling – interesting, possible, but still is a manually controlled process.
59

Session ID:
Remember to complete your evaluation for this session within the app!
10078
Thank you
Q & A
60

Running Oracle EBS in the cloud (OAUG Collaborate 18 edition)

Running Oracle EBS in the cloud (OAUG Collaborate 18 edition)

More Related Content

Running Oracle EBS in the cloud (OAUG Collaborate 18 edition)