Oracle and Docker

Oracle and Docker

• 1.
  BASEL | BERN| BRUGG | BUKAREST | DÜSSELDORF | FRANKFURT A.M. | FREIBURG I.BR. | GENF HAMBURG | KOPENHAGEN | LAUSANNE | MANNHEIM | MÜNCHEN | STUTTGART | WIEN | ZÜRICH www.oradba.ch@stefanoehrli Oracle and Docker Oracle Databases in Docker Container Stefan Oehrli
• 2.
  BASEL | BERN| BRUGG | BUKAREST | DÜSSELDORF | FRANKFURT A.M. | FREIBURG I.BR. | GENF HAMBURG | KOPENHAGEN | LAUSANNE | MANNHEIM | MÜNCHEN | STUTTGART | WIEN | ZÜRICH Stefan Oehrli Platform Architect, Trainer and Partner at Trivadis • Since 1997 active in various IT areas • Since 2008 with Trivadis AG • More than 20 years of experience in Oracle databases Focus: Protecting data and operating databases securely • Security assessments and reviews • Database security concepts and their implementation • Oracle Backup & Recovery concepts and troubleshooting • Oracle Enterprise User Security, Advanced Security, Database Vault, … • Oracle Directory Services Co-author of the book The Oracle DBA (Hanser, 2016/07) @stefanoehrli www.oradba.ch
• 3.
  Agenda 22.05.2019 SOUG Day- Oracle and Docker3 • Introduction • Docker images, container and volumes • Database image • Database container • Use cases • Licensing • Summary
• 4.
  Introduction 22.05.2019 SOUG Day- Oracle and Docker4
• 5.
  What is Docker? 22.05.2019SOUG Day - Oracle and Docker5 • One software container platform • Developed from Linux / Linux containers • Available... • ... for Linux, Mac OS and Windows • ... as Community Edition (CE) and Enterprise Edition (EE) • Part of the Linux Open Container Initiative (OCI) • Docker is not the only implementation of Linux containers • Core OS / Rkt, LXC Linux Containers, OpenVZ, Mesos Containerizer,... • Docker has the largest market share • Increase the interchangeability and reproducibility of objectives
• 6.
  Oracle support forDocker 22.05.2019 SOUG Day - Oracle and Docker6 • Various Oracle products are supported and certified for Docker • MOS Note 2216342.1 Oracle Support for Database Running on Docker • MOS Note 2017945.1 Support Information for Oracle WebLogic Server and Oracle Fusion Middleware Running in Docker Containers • Container Oracle Linux 7 / UEK4 Kernel or Red Hat Enterprise Linux 7 as base image • Oracle sources for images or official build sources • Oracle Docker Build Sources on GitHub https://github.com/oracle/docker-images • Oracle Container Registry https://container-registry.oracle.com • Oracle Container Engine and Registry https://developer.oracle.com/containers • Oracle auf Docker Hub https://hub.docker.com/publishers/oracle
• 7.
  What else aboutcontainers? 22.05.2019 SOUG Day - Oracle and Docker7 • There is no such thing as THE container. • Single Process / Service • No replacement for VMs • Small space requirement • Dealing with identities and sensitive data • Dealing with data persistent • Understanding how to build containers, but • ...not every container has to be adapted individually • ...use available and trusted container repositories Source: Volkswagen Advertising (June 2016)
• 8.
  Docker images, container andvolumes 22.05.2019 SOUG Day - Oracle and Docker8
• 9.
  Virtualization • Use ofcommon infrastructure • each VM is a "server • guest operating system • Software and libraries • uses • Redundancy • Effort for setting up the VMs 22.05.2019 SOUG Day - Oracle and Docker9
• 10.
  Docker container • Useof common infrastructure • a host operating system • Applications are "packaged • Only necessary libraries and software components • Use of existing images • Slim • Reproducible • Because automatically created • Docker Image are immutable 22.05.2019 SOUG Day - Oracle and Docker10
• 11.
  Docker components 22.05.2019 SOUGDay - Oracle and Docker11
• 12.
  Volumes • Docker Imageare immutable • Changes only in a new image • A container is based on an image • Top Layer read/write • No persistence over the lifetime of the container • Securing data persistence through volumes • Data is outside the container • Lifecycle… • New image • New container • current volume 22.05.2019 SOUG Day - Oracle and Docker12
• 13.
  Database image 22.05.2019 SOUGDay - Oracle and Docker13
• 14.
  • Deploy theDocker Build scripts e.g. https://github.com/oehrlis/docker • Docker environment e.g. Docker Desktop for Mac OS • Deploying Oracle Software • Oracle Database Enterprise Edition 18c (18.3.0.0) • Oracle Database Release Update 18.6.0.0.0 (Patch 29301631) • Oracle OJVM Release Update 18.6.0.0.190416 (Patch 29249584) • OPatch 12.2.0.1.17 for DB 18.x releases (APR 2019) (Patch 6880880) • Deploying the Docker Base Image docker pull oraclelinux:7-slim git clone https://github.com/oehrlis/docker Prerequisites 22.05.2019 SOUG Day - Oracle and Docker14
• 15.
  • Dockerfile usesMulti-Stage Build • Available from Docker 17.05 • Use of multiple FROM statements • Splitting the build process into several sections • Reduction of image size • software is part of the build context and is copied • Optional download of the software from a local web server • Start Docker Build with the command docker build cd docker/OracleDatabase/18.6.0.0 docker build -t oracle/database:18.6.0.0 . Build image 22.05.2019 SOUG Day - Oracle and Docker15
• 16.
  Dockerfile • Base image •Setting the environment • OS configuration of the basic image • Build image • Copying Oracle binaries and patch files • Installing the Oracle software • Installation of the Oracle Patch, Trivadis BasenvTM • Target image • Copying the software from the build image • Completion of the installation (root.sh scripts) • Definition of ports, volume and start script 22.05.2019 SOUG Day - Oracle and Docker16
• 17.
  Image build scripts 22.05.2019SOUG Day - Oracle and Docker17 Dockerfile uses different scripts for configuring the image • 00_setup_oradba_init.sh Installation of the latest OraDBA Init scripts • 01_setup_os_db.sh OS Setup Configuration • Users, create groups • Install YUM Software Packages • 10_setup_db_18.6.sh Installation of the Oracle Binaries • Oracle Basis Release • Release Updates and Oracle JVM Update • 20_setup_basenv.sh Installation of Trivadis BasEnvTM • 5n_xxxxx_database.sh Various scripts for configuring the container
• 18.
  Database container 22.05.2019 SOUGDay - Oracle and Docker18
• 19.
  • Control ofthe container log and status of the DB with docker logs -f tdb186s • Starting or instantiating an Oracle database container with docker run • specify host (--hostname) and container name (--name) • Volume for the database files • Oracle instance name as environment variable ORACLE_SID • Executing the container command CMD docker run --detach --hostname tdb186s --name tdb186s --volume /data/docker/volumes/tdb186s:/u01 -p 1521:1521 -p 5500:5500 -e ORACLE_SID=TDB186S oracle/database:18.6.0.0 Oracle database container 22.05.2019 SOUG Day - Oracle and Docker19
• 20.
  Procedure for containerstart 22.05.2019 SOUG Day - Oracle and Docker20
• 21.
  Container Scripts 22.05.2019 SOUGDay - Oracle and Docker21 • 50_run_database.sh checks the volume and starts the database with… • 50_start_database.sh If no database exists, the script • 52_create_database.sh is called • 50_start_database.sh starts the listener and the database instance • 52_create_database.sh creates a database with the dbca. Base parameters can be adjusted with environment variables • 55_config_database.sh checks whether configuration files (*.sh or *.sql) are present in the directory ${INSTANCE_INIT}/setup or ${INSTANCE_INIT}/startup respectively. • 55_check_database.sh is used for the health check of the Docker container and checks the status of the database instance
• 22.
  Container variables 22.05.2019 SOUGDay - Oracle and Docker22 Variable Purpose ORACLE_SID Oracle SID or database name. Default value is TDB186S CONTAINER Flag for creating an Oracle container database Default value is FALSE ORACLE_PDB Oracle PDB Name. Default value PDB1 ORACLE CHARACTERSET Oracle character set. Default value AL32UTF8 ORACLE_PWD Password for the SYS user. The default password is generated and stored in the admin directory INSTANCE_INIT Directory for the instance configuration files ORADBA_RSP Various variables for the adaptation of the dbca template
• 23.
  Completion of initialcontainer start 22.05.2019 SOUG Day - Oracle and Docker23 • At the first start, 50_run_database.sh creates a database. • Checking the output of 50_run_database.sh with docker logs tdb186s
• 24.
  Access to thedatabase container 22.05.2019 SOUG Day - Oracle and Docker24 • Access for applications via exported ports e.g. 1521 • Different whether on Windows, MacOS and Linux • Docker runs on Linux "native" only • Access via command line with docker exec and sqlplus, bash etc.
• 25.
  Access to thedatabase container 22.05.2019 SOUG Day - Oracle and Docker25 • Access for applications via exported ports e.g. 1521 • Different whether on Windows, MacOS and Linux • Docker runs on Linux "native" only • Access via command line with docker exec and sqlplus, bash etc.
• 26.
  Use cases 22.05.2019 SOUGDay - Oracle and Docker26
• 27.
  Use Cases 22.05.2019 SOUGDay - Oracle and Docker27 • Oracle databases in containers can also be used in a microservice environment • Corresponding build and configuration scripts must be developed individually • Real Application Cluster (RAC) for test and development officially supported • Oracle example on GitHub https://github.com/oracle/docker-images • Use of Oracle Container • Docker container contains single-PDB • PDB can be plugged/unplugged relatively easily • Using Docker Compose • No manual docker commands • Link container • Establishment of a private network
• 28.
  • Shutting downeither by stop or down • down will remove the container • stop just stops the service / container • Define all parameter, volumes, network etc. in a YAML file • Default name is docker-compose.yml • Can contain multiple containers • Started and managed via docker-compose command or regular docker command • Start the container in background / detach docker-compose up -d docker-compose down Docker compose 22.05.2019 SOUG Day - Oracle and Docker28
• 29.
  • Example docker-compose.ymlfile for tdb186s • YAML, watches out for the correct whitespace characters tdb186s: image: ${DOCKER_USER}/${DOCKER_REPO}:18.6.0.0 container_name: tdb186s hostname: tdb186s restart: unless-stopped network_mode: bridge volumes: - ${DOCKER_VOLUME_BASE}/tdb186s:/u01 - ./config:/u01/config ports: - "1521" environment: CONTAINER: 'FALSE’ INSTANCE_INIT: /u01/config ORACLE_SID: TDB186S Docker compose file 22.05.2019 SOUG Day - Oracle and Docker29
• 30.
  Oracle Enterprise UserSecurity • Oracle Database Container • Demo Schema with VPD • Oracle Unified Directory Container • Directory with EUS suffix • Initial start of containers • Creating the DB / Directory • Registration of the DB • Configuration of EUS • Available on GitHub • https://github.com/oehrlis/docker/tre e/master/samples/eus 22.05.2019 SOUG Day - Oracle and Docker30
• 31.
  Oracle DB andDocker best practice 22.05.2019 SOUG Day - Oracle and Docker31 • Always use the latest Docker version at least Docker CE 17.03 • btrfs is the recommended storage driver alternative overlay2 • Use latest images and build files • Use data containers or volumes to ensure persistence • Container are not VM’s • Patching, HA, B&R and Security work differently • Basically there is no reason to login to the container
• 32.
  Licensing 22.05.2019 SOUG Day- Oracle and Docker32
• 33.
  Licensing - Docker 22.05.2019SOUG Day - Oracle and Docker33 • Docker Desktop • Docker application for Mac or Windows • Available as community and new enterprise version • Docker Engine • Available for different Linux distributions • Community and enterprise version available • Docker Enterprise • Complete container platform based on Docker Engine • Additional components like support, trusted registry, orchestration, security etc. Source: https://www.docker.com/products
• 34.
  Licensing - Oracle 22.05.2019SOUG Day - Oracle and Docker34 Oracle Software • Docker allows to limit resources like CPU, Memory, etc. • Limitation not applicable in the context of Oracle licensing! • CPU cores of the Docker hosts determine the required licenses • Analogous challenge to virtualization Possible solutions • Using Oracle Express Edition 18c in the Docker Environment • Oracle ULA (Unlimited License Agreement) • Development of a dedicated docker infrastructure for Oracle software Source: Oracle Inc.
• 35.
  Summary 22.05.2019 SOUG Day- Oracle and Docker35
• 36.
  Summary • Oracle databasescan be set up easily and quickly in containers. • Docker based databases are not suited for high io performance. • Use of Docker volumes is mandatory to ensures data persistence. • The development of clear use cases and suitable architecture is a prerequisite. • As with virtualization, licensing remains one of the major challenges. 22.05.2019 SOUG Day - Oracle and Docker36
• 37.
  BASEL | BERN| BRUGG | BUKAREST | DÜSSELDORF | FRANKFURT A.M. | FREIBURG I.BR. | GENF HAMBURG | KOPENHAGEN | LAUSANNE | MANNHEIM | MÜNCHEN | STUTTGART | WIEN | ZÜRICH Question and answers… Stefan Oehrli Solution Manager / Trivadis Partner Tel.: +41 58 459 55 55 stefan.oehrli@trivadis.com @stefanoehrli www.oradba.ch https://url.oradba.ch/SOUG1905