Oracle RMAN 11g Backup and Recovery (55 page)

118
Part II: Setup Principles and Practices

Oracle

Oracle Secure

Oracle

Secure Backup

Backup clients

Secure Backup

administrative

media server

server

NAS

appliance

Linux

Unix

NDMP

Backup

Restore

OB

Linux

Oracle

Tape

Secure

library

Backup

catalog

Recovery

Manager

Oracle

Control flow

database

OB

Windows

Recovery

Manager

Oracle

database

FIGURE 5-2
OSB administrative domain

Enterprise Manager

Database Control

Oracle Secure Backup

administrative server,

media server, and client

Web

b o

browser

Linux

Recovery

Tape

Manager

Backup

Restore

Oracle

Tape

database

Offsite

library

storage

FIGURE 5-3
OSB administrative domain with a single host

Chapter 5: Oracle Secure Backup
119

Oracle Secure Backup Daemons

An administrative domain uses seven types of OSB daemons:

■
Service daemon
This daemon runs on the administrative server, media server, and client. Access to OSB configuration data on the administrative server is provided by the service daemon. It also runs jobs requested by the schedule daemon. On a media server or a client, the daemon handles membership in an administrative domain.

■
Schedule daemon
This runs only on the administrative server. It is the OSB scheduler.

■
Index daemon
This daemon runs only on the administrative server, to manage the backup catalog. It starts when a backup is completed or the catalog is accessed for restore or browsing operations.

■
Apache web server daemon
This runs only on the administrative server and provides the Web tool interface.

■
NDMP daemon
This daemon runs on a media server and a client, and provides data communication between them.

■
Robot daemon
This runs on a media server and manipulates tapes in a tape library. The service daemon starts one robot daemon for each tape library when a tape manipulation is needed.

■
Proxy daemon
This daemon runs on a client to verify user access for SBT backup and restore operations.

Host Access Modes

Communicating to a host in an administrative domain is possible through two access modes:

■
Primary
For primary access mode, OSB is installed on a host. The access mode is used by OSB daemons. An Oracle database typically exists on a host accessed via this mode.

In OEM, it is referred to as “native” access mode. In OSB Web tool, it is called “OB” access mode.

■
NDMP
The Network Data Management Protocol host is a storage appliance provided by third-party vendors, such as DinoStor, Mirapoint, and Network Appliance. Using a vendor-specific implementation, the NDMP host uses the NDMP protocol to back up and restore file systems. OSB is accessible via NDMP, although OSB software is not installed on an NDMP host.

Administrative Data

OSB arranges information for the administrative domain as a hierarchy of files in the OSB home on the administrative server. The directory that OSB installed into is the OSB home.

Figure 5-4 illustrates the directory structure for an OSB home. All platforms have the same directory structure, although the default home is /usr/local/oracle/backup for Unix and Linux systems, but is C:\Program Files\Oracle\Backup for Microsoft Windows systems.

Domain-wide entities, such as media families, classes, and devices, are included within the administrative data. Figure 5-4 illustrates how the config directory contains several subdirectories.

120
Part II: Setup Principles and Practices

/usr/local/oracle/backup

Back up on a regular basis

admin

Centralized on the administrative server

config

encryption

history

log

security

state

class

dataset

default

device

family

host

schedule summary

user

FIGURE 5-4
Administrative server directories

These subdirectories each represent an object maintained by OSB. For each object directory, OSB

creates files describing the characteristics for the corresponding object.

Only in rare circumstances would it be necessary to access the administrative database directly from the file system. The OEM, Web tool, and obtool interfaces are commonly used to access catalogs and configuration data.

Oracle Secure Backup Users and Classes

To enable OSB to maintain consistent user identities across the administrative domain, OSB saves information for OSB users, as well as their rights, on the administrative server.

On the administrative server, each OSB user has an account and an encrypted password.

Using Web tool or obtool, operating system users may enter their username and password. Using an encrypted SSL connection, the client program transmits the password to the administrative server.

The admin user is created by default during OSB installation on the administrative server. Also during the installation, you can create the oracle user to back up and recover Oracle databases.

The installer assigns a random password to the oracle user. Usually, it is unnecessary to log into OSB by using this user.

Operating System Accounts

For OSB users, the namespace is distinct from the namespaces for Linux, Unix, and Microsoft Windows users. Therefore, if you access a host in the administrative domain as, for example, the operating system user backup_usr, and if the OSB user in the domain is named backup_usr, these accounts will be managed separately, though the names are identical. You may find it convenient to create the OSB user with the same name and password as an operating system user.

At the time you create an OSB user, you may associate the user with Unix and Microsoft Windows accounts. Accounts of this type are used with an unprivileged backup, which is a backup that is not run with root privileges. Privileged backup and restore operations use a client with root (Unix) or Local System (Microsoft Windows) permissions.