This post is part of a series of blog posts on the Oracle Autonomous Database.
The Oracle Autonomous Database (ADB) isn’t really a product or service itself. Rather, it’s an umbrella term that refers to two underlying services: the Autonomous Data Warehouse (ADW) and the Autonomous Transaction Processing database (ATP). The Autonomous Data Warehouse was introduced first in 2017 and to add complexity to the discussion, is often (or was originally) referred to as ADWC where the final “C” in the acronym is for cloud. But for clarity, from this point forward, we’ll refer to the ADB offering as the combination of ATP and ADW.
The next logical question is: what’s the difference between ATP and ADW? The answer is pretty simple: they’re both built on common underlying technology and components but are tuned and optimized differently for different workloads.
The ADW has some Oracle database settings that are tuned for data warehouse workloads. And significantly, the underlying data is stored in the columnar format. Columnar data stores allow for effective reads of large amounts of data at the column level. They’re less effective for transient data and row updates or queries that process many or all table columns.
Not surprisingly, the ATP uses Oracle database settings that are tuned for Online Transaction Processing (OLTP) type workloads that might involve some small tables, reasonably frequent deletes and updates, etc. It uses the more traditional row storage format.
A key aspect of ADB that’s often overlooked is that it’s fundamentally built on known technologies and components. Specifically, Oracle Exadata hardware leveraging software features such as Pluggable Database (PDB) with lockdown profiles to provide tenant isolation and restrict the customer’s ability to see or reach outside of their individual PDB. And a recently announced dedicated version for customers requiring full isolation of the infrastructure.
One can think of the ADB philosophy this way: over recent years (or decades) Oracle has built an elaborate set of hardware and software components for running Oracle databases. Exadata is at the core as their highly performant and scalable hardware. On top of that, they have horizontal scaling and redundancy with Real Application Clusters (RAC) and high availability via Data Guard. Exadata also adds storage redundancy and scalability connected with a high speed Infiniband network and Exadata-specific software allowing this hardware footprint to be used to its maximum potential while ensuring that a “build-your-own” similar system isn’t truly an equivalent. Inside the database they have many “somewhat” automated tuning and query stabilization features. And true multi tenant capabilities through the Container Database (CDB) and pluggable Database (PDB) architecture with resource sharing and governing software to reduce the risk of nosy neighbors hijacking the entire system.
So essentially what Oracle did was package all of these (their most advanced technologies) together, manage them for you (the automation part), add a modest amount of new features, and just make you the customer a consumer of all of this. The customer gets a PDB in an Oracle container database, running on RAC (after a certain number of allocated CPUs), locked down for isolation and security, on an Exadata system that Oracle procured and maintains in their own data center, and with Oracle managing the entire stack. That essentially is ADB. Some are tuned for data warehouse workloads for ADW and others are tuned for OLTP workloads for ATP.
When you create an Autonomous Database, you can deploy it to one of two kinds of Exadata infrastructure:
–Shared: a simple and elastic choice. Oracle autonomously operates all aspects of the database life cycle from database placement to backup and updates.
–Dedicated: a private cloud in public cloud choice. A completely dedicated compute, storage, network and database service for only a single tenant, providing for the highest levels of security isolation and governance.
LIMITATIONS OF THE ORACLE AUTONOMOUS DATABASE
As would be expected with a managed service, there are a number of features and functionality that can’t be used or are limited. This includes things like:
• The ability to change encryption or disable TDE.
• No control over tablespaces.
• No ability to control database instance memory sizes and configurations.
• No control over database initialization parameters.
• Inability to use many Oracle features such as: Java in the Database
In addition, a small number of commands such as CREATE DATABASE LINK or ALTER TABLESPACE are restricted using PDB Lockdown Profiles. However, the service is evolving rapidly and new capabilities are being added regularly.
DO WE STILL NEED A DBA IN AN AUTONOMOUS WORLD?
Short answer: “YES”. While a lot of the general maintenance tasks such as backups, monitoring, checking log files, patching, and quite possibly tuning are offloaded to Oracle, there is still a lot that the DBA needs to do. Your DBAs are still needed to:
• Move your data in and out of ADB.
• Create long-term retention backups/exports as may be required for regulatory or business needs.
• Perform specialized restoration or duplication activities.
• Model and design application schemas.
• Design, implement, and enforce database security (controls).
• Tune and help developers write well-structured queries.
• Manage resource scale and monitor spend.
So there’s still a lot that the DBA is needed for, even in the ADB world. Some of the above may be minimal for commercial, packaged applications and more applicable with custom or in-house developed applications.
WHY WOULDN’T WE WANT TO MOVE INTO ADB?
ADB is an attractive offering for a lot of customers and specific use cases, but as with anything, there are a number of exceptions. Some reasons where ADB may not be a good fit:
• Applications with tight restrictions on the Oracle database release or version.
• Applications that require specialized (known as “one-off”) patches to fix specific problems.
• Databases requiring very specific initialization parameter or tablespace settings.
• Applications that rely on some more advanced Oracle features such as Oracle Spatial or OLAP, for example.
• Workflows that involve logical replication of data (a subset of the entire database) out of the source database using tools such as Oracle GoldenGate.
• Businesses with a high expectation of performance consistency.
To expand on that last point: the mantra of “faster is better” isn’t always true. In the database world, sometimes “consistent” is more important than “fastest”.
Oracle Cloud Infrastructure
- OCI Region – HA Building Blocks
- Multiple fault de-correlated, completely independent data centres
- Region: Has Data Centres (Availability Domain 1, Availability Domain 2, Availability Domain 3)
- Grouping of hardware and infrastructure within an Availability Domain: Fault Domain
- AD1: FD1, FD2, FD3
- Predictable low latency and high speed, encrypted interconnect between ADs
An Autonomous Database is placed on an Exadata System based on region. Placement is invisible to customers except for the region (for Shared). ADB storage is on Exadata Storage Servers directly attached to the Exadata system. Connections to ADB run through connection managers attached to OCI network infrastructure.
Object Storage: Automatic backups (dedicated OCI Storage, cannot be accessed by database users), User backups (user created OCI storage), Staging (flat files, dump files).
Oracle Autonomous Database Attributes
Automates database and infrastructure management, monitoring, tuning
Protects from both external attacks and malicious internal users
Protects from all downtime during planned maintenance
Allows customers to focus on business goals and not technology.
* Rapid provisioning (create mission critical scale-out database in minutes)
* Self scaling
* Automatic tuning (physical schema tuning is not recommended)
* Automatic indexing
Performance resources are allocated proportionally to number of CPUs chosen.
Tables do not need to be partitioned or configured for in-memory. Indexes do not need to be created. Compression does not need to be specified. Machine Learning optimizes database for each workload. Continuously optimizes memory, data formats, indexes, parallelism, and plans for each workload.
ADB autonomously and continuously monitors overall system performance. Scaling up autonomously expands CPU-IO resources by up to 3x. Scaling is an online operation with no downtime to the database or applications.
Backups are scheduled on a nightly basis to OCI Object Storage. Retention time is 60 days by default.
Full stack patching once a quarter, in a rolling fashion across nodes of cluster for availability.
* Encryption by default (Transparent Data Encryption is automatically configured)
* Self Patching
* Separation of Duties
Protects from both external and malicious internal threats.
Monitors threats, applies security updates online, stops admin snooping with DB Vault, encrypts all data.
All connections use certificate based authentication and SSL.
Encrypted key stored in a wallet on both the client and the server.
Encryption both for Data at Rest (TDE) & Data in Motion (TLS 1.2).
Database backups are also encrypted.
“Admin” is the default database user and the only privileged user. All other users need to be created and granted privileges. Outside OS calls are not allowed.
“Break glass” function to enable Cloud Operations access. Well-defined procedure (with customer approval) for Oracle Cloud Operations to access the system for exceptional scenarios.
In the cloud, security is a shared responsibility.
Security managed by Oracle:
- Network security and monitoring
- OS and platform security
- Database patches and upgrades
- Administrative separation of duties
- Data encryption by default
Security managed by Customer:
- Ongoing security assessments
- Users & privileges
- Sensitive data recovery
- Data protection
- Actively auditing
- Data Masking and redaction
ADB leverages Oracle Unified Audit to capture security-relevant activity
- Login failures
- Changes to users, including creation of new accounts, grants, privileges, or roles
- Changes to database structures
Oracle Data Safe is a unified control center for your Oracle databases which helps you understand the sensitivity of your data, evaluate risks to data, mask sensitive data, implement and monitor security controls, assess user security, monitor user activity, and address data security compliance requirements.
* Self-healing hardware
* Self-healing software
Recovers automatically from any failure and protects from downtime. 99.95% Service Level Objective
Database Infrastructure for ADB is provided by Exadata. Exadata provides advanced predictive failure capabilities. Unique detection of server failures without a long timeout avoids system hangs. Unique sub-second redirection of IOs around sick devices avoid database hangs.
Exadata environment continuously monitors for failing devices.
e.g. Automatically detects change in disk latency
–> Failing disk is automatically taken offline and database activities redirected to mirror
–> ASM automatically rebalances data off of failing disk to create additional mirror
–> DevOps is notified and fail drive is replaced
–> ASM automatically detects new disk and rebalances data to create additional mirror
Self-healing software: Uses Oracle’s 40 years of experience to build machine learning models. Applies machine learning algorithms and Oracle’s best practices to fully automate database operations. Uses pattern recognition to determine if it’s a known problem.
Cluster Verification Utility, EXAchk, Trace File Analyzer, Memory Guard, etc.
Maximum Availability Architecture: RAC Database, redundant compute, networking, triple mirrored storage, backup