Aimed at Hardware Consolidation
The obvious thrust of the marketing show was that 12c is going to be good for IT departments responding to budgetary and resource pressures. In contrast to previous releases which touted more technical stuff, appealing to developers and analysts, 12c seems aimed at operational DBA staffs and hardware purchase decision makers. Oracle discusses multiple attack points to achieve these aims. They’ve re-architected their basic database structure to accommodate multiple databases within one DB shell, called a Container DB. The impact of this new structure is to vastly reduce things like patch maintenance and upgrades, because in most cases only the container DB level need be addressed. There have also been improvements made facilitating data consolidation, and data security, at the operational level. Finally, Oracle is advocating a cleaner, more efficient database cloud service for those wishing to either vend or make use of it.
Pluggable DB ArchitectureWith the new pluggable DB structure, the SGA memory and background processes (of which there are now about 22 in release 12c) are shared across all member DBs of the mother container database (CDB). The pluggable databases (PDB) are defined to the CDB via an XML file which describes their structures and datafiles. Thus, the CDB stores metadata for each of it’s plugged-in databases in it’s master data dictionary. Each PDB has it’s own unique global identifier or GUID. Both UNDO and REDO areas are shared among PDBs. You can see how this would favorably impact DBA workload. All software upgrades, patches, and migrations could be applied once at the container database level. If desired, several container ‘levels’ can be designed at various release levels, and individual PDBs can be unplugged from one CDB and ‘migrated’ by plugging it into the next CDB.
Lest you are wondering about the machine performance impact of all this new structure, Oracle claims their usual shattering test results (enlarge at right). A souped-up Oracle Sun server could handle about 50 identically configured databases before tapping out. But the same databases, after being converted to the pluggable architecture, allowed well over 250 to be simultaneously executing on the same box. 12c further centralizes the management of corporate databases; it will clearly realize cost savings for both hardware and DBA resources. In order to fully analyze the software cost impacts however, more information will be needed about Oracle’s licensing plans and pricing.
ILM and ADOAn entire presentation was devoted to Information Lifecycle Management (ILM), accomplished in 12c with a new facility called Automatic Data Optimization (ADO). Oracle sets this up with four putative ‘tiers’ of data immediacy, ranging from very active OLTP type blocks to fully archived or ‘dormant’ data. They do not want the fourth, lowest level to completely escape our attention however, as they claim: “by 2015, upwards of 300 exabytes of archive data will be mandatorily stored due to regulation.”
Data, at the segment, partition, or even block level, can be automatically shuffled between pre-defined tiers of accessibility and compression (which of course governs retrieval speed). This is accomplished by an admin with relatively simple commands, or graphically via the EM tool. Heat maps of data usage track I/O patterns automatically at the block level, and these results (color-coded by tier in the presentation examples at left) then determine data management according to preset ILM policies. Below is a some sample policy SQL:
w h i t e s p a c e
sqldba> ALTER TABLE employee ILM ADD POLICY
TIER TO DATA2 READ ONLY
AFTER 180 DAYS OF NO MODIFICATION
w h i t e s p a c e
Again, since both data compressing and the data movements to readonly tablespaces and so on are completely automatic, once triggered by an ILM policy event, the emphasis is on conserving DBA operational time.
DBaaS, Data Masking, Data RedactionOracle wants to sell to the cloud providers too, and an entire presentation discussed the merits of scalable Exadata machines paired with 12c’s consolidation strategy. Within organizations, Oracle is aligning itself with the internal DBaaS (Database as a Service) model, to help consolidated IT departments manage changing and varied support level agreements and operational needs across areas of the company. Corporate applications distribute seamlessly across Exadata servers.
An interesting segment was devoted to security enhancements with 12c. Several use cases of recent high profile database breaches were profiled, and it was pointed out that DBA and Operational staff are often targeted unwittingly via social media. One scenario traced the compromising of a trusted employee’s home device after phishing exercises against DBAs selected off LinkedIn. Once such an employee’s laptop at home is compromised with keypress tracers, it becomes easy to steal sensitive access passwords while work is being done off site! Then, hackers are able to leisurely access corporate database systems and set up concealed backdoors, stealing tablespace backups and so on.
Oracle’s security approach includes three areas of activity: preventive, detective, and administrative. In the preventive arena, data masking and data redaction were highlighted. The first involves setting up rules such that sensitive data are ‘masked’ or transparently modified for the benefit of testing and development instances. This happens automatically with referential integrity preserved across related tables. Redaction, on the other hand, operates by blocking out portions of the data, enough to conceal it. Policies also govern this, and it applies in real-time according to the sensed context (type of user or app). Transparency is preserved. Within the administrative arena, automated scanning tools may be set up to seek and identify sensitive data candidates throughout the database corpus and present them for action: encryption, redaction, auditing, etc. Another mechanism is designed to patrol for SQL Injection attacks, using accurate grammatical analysis against the SQL pool. It can be set to ‘learning mode’ against all incoming SQL to create whitelists of permissable constructs, and blacklists of known suspicious command strings. This feature resides in a dedicated firewall and is part of Database Vault.
Bundled vs. Optional Features
Ottawa is a government contract town — not too liberal with their IT budgets. This mindset was on display at the dog-and-pony show I attended when several of the participants questioned why a full-service database vendor would charge extra licensing fees for ‘necessary’ functionality. Mentioned as examples: Database Vault, failsafe and failover aspects of DataGuard, performance troubleshooting enhancements within EM. The fact that features like these are non-free add-in packages forces some analysts to second guess things like security planning.Odds and Ends
There was brief discussion concerning Oracle’s posture against the market share threat from Big Data, NoSQL, and Hadoop. Of course, Oracle is trying to include all of the above under their big umbrella approach. A few moments were spent unveiling SQL extensions which permit queries against HDFS-style or map reduced datafiles. This works in conjunction with Oracle’s No-SQL. There was even talk of Oracle warming to the open source mentality in vogue in the Hadoop world, but it was not entirely convincing. As ammunition, one sales rep pointed to the ‘Community Edition’ of this offering: it can be downloaded for free for a period of experimentation. One slide claimed that an Oracle developer succeeded in coding a 200 line M/R query with only 20 lines of BD-enhanced SQL, claiming that the Oracle extensions are far more compact than Apache’s PIG, for example.
If you’re salivating for pure techie morsels, have a look at Tom Kyte’s survey of his top twelve new features for release 12c. He did something similar when 11g was shiny and new. A few honorable mentions:
• In-line (temporary) PL/SQL within SQL
• Better Top-N SQL syntax (“middle-N”)
• Mid-stream adoption of secondary ‘Plan B’ execution plans
An upcoming post will gather the complete set of slide shows from the presentation in PDF form.