Read Oracle RMAN 11g Backup and Recovery Online
Authors: Robert Freeman
118
Part II: Setup Principles and Practices
Oracle
Oracle Secure
Oracle
Secure Backup
Backup clients
Secure Backup
administrative
media server
server
NAS
appliance
Linux
Unix
NDMP
Backup
Restore
OB
Linux
Oracle
Tape
Secure
library
Backup
catalog
Recovery
Manager
Oracle
Control flow
database
OB
Windows
Recovery
Manager
Oracle
database
FIGURE 5-2
OSB administrative domain
Enterprise Manager
Database Control
Oracle Secure Backup
administrative server,
media server, and client
Web
b o
browser
Linux
Recovery
Tape
Manager
Backup
Restore
Oracle
Tape
database
Offsite
library
storage
FIGURE 5-3
OSB administrative domain with a single host
Chapter 5: Oracle Secure Backup
119
Oracle Secure Backup Daemons
An administrative domain uses seven types of OSB daemons:
■
Service daemon
This daemon runs on the administrative server, media server, and client. Access to OSB configuration data on the administrative server is provided by the service daemon. It also runs jobs requested by the schedule daemon. On a media server or a client, the daemon handles membership in an administrative domain.
■
Schedule daemon
This runs only on the administrative server. It is the OSB scheduler.
■
Index daemon
This daemon runs only on the administrative server, to manage the backup catalog. It starts when a backup is completed or the catalog is accessed for restore or browsing operations.
■
Apache web server daemon
This runs only on the administrative server and provides the Web tool interface.
■
NDMP daemon
This daemon runs on a media server and a client, and provides data communication between them.
■
Robot daemon
This runs on a media server and manipulates tapes in a tape library. The service daemon starts one robot daemon for each tape library when a tape manipulation is needed.
■
Proxy daemon
This daemon runs on a client to verify user access for SBT backup and restore operations.
Host Access Modes
Communicating to a host in an administrative domain is possible through two access modes:
■
Primary
For primary access mode, OSB is installed on a host. The access mode is used by OSB daemons. An Oracle database typically exists on a host accessed via this mode.
In OEM, it is referred to as “native” access mode. In OSB Web tool, it is called “OB” access mode.
■
NDMP
The Network Data Management Protocol host is a storage appliance provided by third-party vendors, such as DinoStor, Mirapoint, and Network Appliance. Using a vendor-specific implementation, the NDMP host uses the NDMP protocol to back up and restore file systems. OSB is accessible via NDMP, although OSB software is not installed on an NDMP host.
Administrative Data
OSB arranges information for the administrative domain as a hierarchy of files in the OSB home on the administrative server. The directory that OSB installed into is the OSB home.
Figure 5-4 illustrates the directory structure for an OSB home. All platforms have the same directory structure, although the default home is /usr/local/oracle/backup for Unix and Linux systems, but is C:\Program Files\Oracle\Backup for Microsoft Windows systems.
Domain-wide entities, such as media families, classes, and devices, are included within the administrative data. Figure 5-4 illustrates how the config directory contains several subdirectories.
120
Part II: Setup Principles and Practices
/usr/local/oracle/backup
Back up on a regular basis
admin
Centralized on the administrative server
config
encryption
history
log
security
state
class
dataset
default
device
family
host
schedule summary
user
FIGURE 5-4
Administrative server directories
These subdirectories each represent an object maintained by OSB. For each object directory, OSB
creates files describing the characteristics for the corresponding object.
Only in rare circumstances would it be necessary to access the administrative database directly from the file system. The OEM, Web tool, and obtool interfaces are commonly used to access catalogs and configuration data.
Oracle Secure Backup Users and Classes
To enable OSB to maintain consistent user identities across the administrative domain, OSB saves information for OSB users, as well as their rights, on the administrative server.
On the administrative server, each OSB user has an account and an encrypted password.
Using Web tool or obtool, operating system users may enter their username and password. Using an encrypted SSL connection, the client program transmits the password to the administrative server.
The admin user is created by default during OSB installation on the administrative server. Also during the installation, you can create the oracle user to back up and recover Oracle databases.
The installer assigns a random password to the oracle user. Usually, it is unnecessary to log into OSB by using this user.
Operating System Accounts
For OSB users, the namespace is distinct from the namespaces for Linux, Unix, and Microsoft Windows users. Therefore, if you access a host in the administrative domain as, for example, the operating system user backup_usr, and if the OSB user in the domain is named backup_usr, these accounts will be managed separately, though the names are identical. You may find it convenient to create the OSB user with the same name and password as an operating system user.
At the time you create an OSB user, you may associate the user with Unix and Microsoft Windows accounts. Accounts of this type are used with an unprivileged backup, which is a backup that is not run with root privileges. Privileged backup and restore operations use a client with root (Unix) or Local System (Microsoft Windows) permissions.