Introduction.

Introduction

Oracle Database 10g: Backup and Recovery 1 - 2
Objectives After completing this lesson, you should be able to: Describe course objectives Describe backup methods Describe the forms of data recovery Describe Oracle Recovery Manager architecture Plan a recovery strategy Plan a backup strategy based on your recovery strategy Oracle Database 10g: Backup and Recovery

Course Objectives After completing this course, you should be able to: Use Oracle Recovery Manager (RMAN) to perform backup and recovery operations Create a duplicate database Perform tablespace point-in-time recovery Create and manage an RMAN recovery catalog Use Oracle Secure Backup to back up and restore Oracle databases and file-system data to and from tape Oracle Database 10g: Backup and Recovery

What Is Backup and Recovery?
Backup and recovery constitutes the strategies and procedures you employ to: Protect your database against data loss Reconstruct your database following data loss What Is Backup and Recovery? The phrase backup and recovery refers to the strategies and techniques that are employed by database administrators to protect the database from loss and to reconstruct the database should loss occur. Oracle Database 10g: Backup and Recovery

Performing Backup and Recovery Operations for an Oracle Database
For performing backup and recovery based on physical backups, the following solutions are available: Recovery Manager: A utility with a command-line client and an Enterprise Manager GUI interface User-managed backup and recovery: A technique that involves using operating system commands to create backups and using SQL*Plus commands for additional backup and recovery operations Performing Backup and Recovery Operations for an Oracle Database Physical backups are backups of the physical files that comprise your Oracle database, including datafiles, control files, and archived redo log files. You can make backups of your database by using Recovery Manager (RMAN), a utility that creates and manages backups and enables you to perform recovery operations. Alternatively, you can create backups of your database files and perform recovery through a combination of SQL commands and operating system commands. RMAN is the preferred solution for backup and recovery operations for an Oracle database. Oracle Database 10g: Backup and Recovery

Using Oracle Recovery Manager
RMAN: Is a command-line client for advanced functions Has powerful control and scripting language Has a published API that enables interface with most popular backup software Backs up data, control, archived log, and server parameter files Backs up files to disk or tape Enterprise Manager uses Recovery Manager (RMAN) to perform backup and recovery operations. Using Oracle Recovery Manager RMAN is the component of Oracle Database that is used to perform backup and recovery operations. It can make consistent and inconsistent backups, perform incremental or full backups, and back up either the whole database or a portion of it. RMAN uses its own powerful job control and scripting language, as well as a published API that interfaces RMAN with many popular backup software solutions. RMAN can store backups on disk for quick recovery or place them on tape for long-term storage. In order for RMAN to store backups on tape, an interface to the tape device known as a Media Management Library (MML) must be configured. Enterprise Manager supplies a graphical interface to the most commonly used RMAN functionality. Advanced backup and recovery operations are accessible through the RMAN command-line client. Oracle Database 10g: Backup and Recovery

Recovery Manager Components
Server session Recovery Manager (RMAN) Target database (control file repository) Enterprise Manager Options Server session Channel Channel Channel Auxiliary database MML Recovery Manager Components Recovery Manager executable: The Recovery Manager command-line interface is invoked through the RMAN client application. RMAN interprets user commands and appropriately invokes server sessions to perform the desired tasks. Enterprise Manager: Enterprise Manager Database Control supplies a graphical interface to the most commonly used RMAN functionality. Server sessions: The server processes (UNIX) or threads (Windows) invoked by RMAN connect to the target database to perform the backup, restore, and recovery functions through a PL/SQL interface. These sessions read or write files from or to disk, tape, or the Flash Recovery Area, which is a storage location specified as the default storage area for files related to database recovery. Target database: The database for which backup and recovery operations are being performed using RMAN is called the target database. The control file of the target database contains information about its physical structure, such as the size and location of datafiles, online and archived redo log files, and control files. This information is used by the server sessions invoked by RMAN in backup and recovery operations. Recovery catalog database Disk Flash Recovery Area Oracle Database 10g: Backup and Recovery

Using Oracle Secure Backup
One tool to backup and restore Oracle databases and file-system data to and from tape Integrated with RMAN and Enterprise Manager Supports Oracle9i and Oracle Database 10g Using Oracle Secure Backup The Oracle Secure Backup tape management system has been introduced to lower software costs and complexity. Oracle Secure Backup can back up all types of file-system files. Although Oracle Secure Backup has no specialized knowledge of database backup and recovery algorithms, it can serve as a media management layer for Recovery Manager (RMAN) through the system backup to tape (SBT) interface. In this capacity, Oracle Secure Backup provides the same services for RMAN as other supported third-party SBT libraries. Oracle Secure Backup delivers reliable database and file system backup to tape, with support for the major tape drives and libraries accessible through various protocols, including Small Computer System Interface (SCSI), Small Computer System Interface protocol (iSCSI), Network Data Management Protocol (NDMP), and Fibre Channel. Note: Oracle continues to support third-party media management vendors (MMV) through its Backup Solutions Program (BSP). Oracle Secure Backup uses the same RMAN API as third-party media management software, so you have a choice of products to use for writing your database backups to tape. Oracle Database 10g: Backup and Recovery

Overview of Oracle Backup Methods
Backup strategies: Whole: A backup of the control file and all datafiles that belong to a database Partial: A portion of the database Backup types: Full: A non-incremental RMAN backup Incremental: Only information that has changed since some previous backup Backups modes: Offline: Consistent, also referred to as cold backup Online: Inconsistent, also referred to as hot backup Overview of Oracle Backup Methods A whole database backup includes all datafiles and at least one control file. Partial database backups may include zero or more tablespaces, zero or more datafiles, and may or may not include a control file. Full backups are non-incremental RMAN backups. You can make a full backup of only one datafile. “Full” does not refer to how much of the database is backed up, but to the fact that the backup is not incremental. Incremental backups make a copy of all data blocks that have changed since some previous backup. Oracle Database 10g supports two levels of incremental backup (0 and 1). A level 0 or baseline backup is equivalent to a full backup and contains all data blocks. A level 1 cumulative incremental backs up all database blocks changed since the level 0 backup. A level 1 differential incremental backs up all database blocks changed since a level 0 or level 1 backup. To restore using incremental backups, the baseline backup must first be restored, and then the incremental backup. You can make incremental backups with Recovery Manager (RMAN). Offline backups (also known as cold or consistent backups) are taken while the database is not open. They are consistent because at the time of the backup, the system change number (SCN) in the datafile headers matches the SCN in the control files. Oracle Database 10g: Backup and Recovery

When Do You Need to Use a Backup for Recovery?
The use of a backup to perform recovery is often required for the following types of errors: Media failure: The failure of a read or write of a database file due to a physical problem with the file User errors: Data in your database is changed or deleted incorrectly When Do You Need to Use a Backup for Recovery? When you experience media failure, such as the loss of a disk drive, you may need to recover your database. This type of recovery typically requires the use of a backup of the affected files. In the case of user errors, when data in the database has been incorrectly updated or deleted, a backup may be required to enable you to recover the database to a point before the unwanted change. Oracle Database 10g: Backup and Recovery

Responding to User Error
Possible responses to user error include: Reentering the lost data manually, if a record of the changes exists Importing the dropped object, if a suitable export file exists or the object is still available on a standby database Performing tablespace point-in-time recovery (TSPITR) of one or more tablespaces Returning the database to a past state using database point-in-time recovery Using one of the Oracle Flashback features to recover from logical corruption by returning affected objects to a past state Responding to User Error When a user error occurs, your recovery options are based on the techniques and features you implemented in anticipation of the error. In later lessons, you investigate tablespace point-in-time recovery, database point-in-time recovery, and Oracle Flashback features. Oracle Database 10g: Backup and Recovery

Overview of Data Recovery
Crash recovery: Automatic recovery after instance failure Media recovery: Recovery of current datafiles, control files Complete recovery: Recovery of the database to the most recent point in time Incomplete recovery (point-in-time recovery): Recovery of the database to its state at a specific time or system change number (SCN) Overview of Data Recovery Crash (instance) recovery and media recovery are performed to restore data integrity. Crash recovery happens the first time an Oracle database instance is started after a crash (or SHUTDOWN ABORT). The goal of crash recovery is to bring the datafiles to a transaction-consistent state, preserving all committed changes up to the point when the instance failed. Media recovery is initiated when you have experienced a loss of datafiles or all control files. You can perform a complete recovery to bring the database back to the point of failure by restoring datafiles from a backup and performing a recovery operation. In addition, you can perform an incomplete recovery operation by recovering the database to a named time or system change number (SCN). Oracle Database 10g: Backup and Recovery

Oracle Database Architecture: Crash Recovery
The online redo log files are used to roll the database forward. Uncommitted changes are rolled back. Online redo log files Undo blocks Oracle Database Architecture: Crash Recovery Crash recovery employs two distinct operations: Rolling forward the current, online datafiles by applying both committed and uncommitted transactions contained in online redo records Rolling back changes made in uncommitted transactions to their original state Database at time of instance failure Database with committed and uncommitted transactions Database with committed transactions only Oracle Database 10g: Backup and Recovery

Oracle Database Architecture: Recovery After Media Failure
Datafiles are restored from a backup. Archived and online redo log files are used to roll the database forward. Online and archived redo log files Undo blocks Oracle Database Architecture: Recovery After Media Failure Media recovery is used to recover from a lost or damaged current datafile, server parameter file (SPFILE), or control file. It can also recover changes that were recorded in the redo log files but not in the datafiles for a tablespace that went offline without the OFFLINE NORMAL option. Media recovery has the following characteristics: Must be explicitly invoked by the DBA Applies needed changes to datafiles that have been restored from backup, not to online datafiles Requires the use of archived redo log files as well as the online redo log file Recovered database Database with restored datafiles Database with committed and uncommitted transactions Oracle Database 10g: Backup and Recovery

Developing a Backup and Recovery Strategy for Your Oracle Database
Assess service-level criteria, including: Data availability requirements Data criticality Recovery point and time objectives Anticipate the errors that will arise in your environment and put in place the backup procedures needed to recover from those errors. Developing a Backup and Recovery Strategy for Your Oracle Database Developing best practices for backup and recovery of your Oracle database begins with an assessment of all service level criteria for your environment, including recovery point and time objectives, data availability requirements, and data criticality. Oracle Database 10g: Backup and Recovery

Oracle Solutions for High Availability
In addition to backup and recovery strategies and procedures, consider the following Oracle solutions: Oracle Data Guard: Provides a comprehensive set of services that create, maintain, manage, and monitor one or more standby databases Oracle Real Application Clusters (RAC): Enables access to a single database from multiples instances Oracle Streams: Enables the propagation and management of data, transactions, and events in a data stream LogMiner: Enables you to query redo log files through a SQL interface to provide data recovery Additional Oracle Solutions for High Availability High availability systems are computing environments configured to provide nearly full-time availability. These systems typically have redundant hardware and software that make them available despite failures. Well-designed high availability systems avoid having single points of failure. When failures occur, the failover processes implemented as part of the system move processing performed by the failed component to backup components. Oracle has a number of products and features that provide high availability in cases of unplanned downtime or planned downtime. In this course, you focus on various backup and recovery techniques that help you to meet high availability needs. Additional Oracle solutions for high availability include Oracle Data Guard, Oracle Real Application Clusters (RAC), Oracle Streams, and LogMiner. Oracle Database 10g: Backup and Recovery

Oracle High Availability Solutions for Unplanned Downtime
Computer failure: Fast-start fault recovery, Real Application Clusters (RAC), Data Guard, Oracle Streams Storage failure: Automatic Storage Management (ASM), RMAN with Flash Recovery Area, Data Guard, Oracle Streams Human errors: Oracle security features, Oracle Flashback technology, LogMiner Data corruption: Hardware Assisted Resilient Data (HARD) initiative, RMAN with Flash Recovery Area, Data Guard, Oracle Streams Site failure: RMAN, Data Guard, Oracle Streams Oracle High Availability Solutions for Unplanned Downtime Oracle provides high availability solutions for the following types of unplanned downtime: Computer failure: The system on which the database operates is unavailable Storage failure: The storage holding some or all of the database is unavailable Human errors: Unintentional or malicious actions cause data within the database to become logically corrupt or unusable Data corruption: A hardware or software component causes corrupt data to be read or written to the database Site failure: An event causes all or a significant portion of an application to stop processing or slow to an unusable level The table on the following page describes the appropriate Oracle solution for the various types of unplanned downtimes. Additionally, an estimate of recovery time is provided for each. Use this table to help plan the appropriate implementation of Oracle solutions to enable you to meet your recovery goals. Oracle Database 10g: Backup and Recovery

Summary In this lesson, you should have learned how to: Describe backup methods Describe the forms of data recovery Describe Oracle Recovery Manager architecture Plan a recovery strategy Plan a backup strategy based on your recovery strategy Oracle Database 10g: Backup and Recovery

Configuring for Recoverability

Objectives After completing this lesson, you should be able to: Configure your database in ARCHIVELOG mode Specify a retention policy Configure the Flash Recovery Area Oracle Database 10g: Backup and Recovery

Configuring Your Database for Backup and Recovery Operations
Operate the database in ARCHIVELOG mode. Configure the Flash Recovery Area. Archiver (ARCn) Online redo log files Archived redo log files Configuring Your Database When you operate your database in ARCHIVELOG mode, you have more recovery options after a data loss, including point-in-time recovery of the database or some tablespaces. It is recommended that you take advantage of the Flash Recovery Area to store as many backup and recovery-related files as possible, including disk backups and archived redo logs. Some features of Oracle Database backup and recovery, such as Oracle Flashback Database and guaranteed restore points, require the use of a Flash Recovery Area. Archived redo log files Control file backups Datafile backups Oracle Database 10g: Backup and Recovery

Configuring ARCHIVELOG Mode
Perform the following steps to place the database in ARCHIVELOG mode: Using Enterprise Manager: Select the “ARCHIVELOG Mode” check box. Click Apply. The database can be set to ARCHIVELOG mode only from the MOUNT state. Click Yes when asked whether you want to restart the database. Using SQL commands: Place the database in MOUNT mode. Issue the ALTER DATABASE ARCHIVELOG MODE command Open the database. Configuring ARCHIVELOG Mode Placing the database in ARCHIVELOG mode prevents redo logs from being overwritten until they have been archived. The following SQL command is used to place the database in ARCHIVELOG mode: SQL> ALTER DATABASE ARCHIVELOG; This command can be issued only while the database is in the MOUNT state. With the database in NOARCHIVELOG mode (the default), recovery is possible only until the time of the last backup. All transactions made after that backup are lost. In ARCHIVELOG mode, recovery is possible until the time of the last commit. Most production databases are operated in ARCHIVELOG mode. Note: Back up your database after switching to ARCHIVELOG mode because your database is recoverable only from the last backup taken in that mode. Oracle Database 10g: Backup and Recovery

Specifying a Backup Destination
Backups can be written to: Disk directory Tape using Oracle Secure Backup Media Management Library (tape device) Flash recovery area: Disk area set aside for backup and recovery and flashback database purposes Backup Destinations Backups can be written to a designated disk directory, a Media Management Library, or the Flash Recovery Area. Specifying a disk directory or the Flash Recovery Area means that backups go to hard-disk media. Typically, backups are regularly moved offline to tape via the media management interface in order to maintain disk space availability. Any disk directory can be specified as the destination of a backup provided that it already exists. If you set up a Flash Recovery Area, many backup and recovery tasks are simplified for you. The Oracle database automatically names files for you, and deletes obsolete files when there is space pressure. More information about configuring Flash Recovery is provided later in this lesson. Oracle Database 10g: Backup and Recovery

Specifying a Retention Policy
Retention policy: Describes which backups will be kept and for how long Two types of retention policies: Recovery window: Establishes a period of time within which point-in-time recovery must be possible Redundancy: Establishes a fixed number of backups that must be kept Retention policies are mutually exclusive. File2 File1 Now File2 needs to be backed up: Seven-day retention Specifying a Retention Policy A retention policy describes which backups will be kept and for how long. You can set the value of the retention policy by using the RMAN CONFIGURE command or Enterprise Manager. The best practice is to establish a period of time during which it will be possible to discover logical errors and fix the affected objects by doing a point-in-time recovery to just before the error occurred. This period of time is called the recovery window. This policy is specified in number of days. For each datafile, there must always exist one backup that satisfies the following condition: SYSDATE - checkpoint_time <= recovery_window For example, if the policy were to be set as follows: RMAN> CONFIGURE RETENTION POLICY TO RECOVERY WINDOW OF 7 DAYS; Then, for each file there must be a backup that satisfies: SYSDATE - (SELECT checkpoint_time FROM V$DATAFILE WHERE file#= …) >= 7 In the example in the slide, File1 has a backup that is within the seven-day retention period. File2 does not, so it needs to be backed up in order to satisfy the retention policy. Oracle Database 10g: Backup and Recovery

Retention Policies (notes only page)
Specifying a Retention Policy (continued) You should keep the recovery window time period less than or equal to the value of the control file parameter CONTROL_FILE_RECORD_KEEP_TIME to prevent the record of older backups from being overwritten in the control file. If you require a certain number of backups to be retained, then you can set the retention policy on the basis of the redundancy option. This option requires that a specified number of backups be cataloged before any backup is identified as obsolete. The default retention policy has a redundancy of 1, which means that only one backup of a file must exist at any given time. A backup is deemed obsolete when a more recent version of the same files has been backed up. Retention Policies (notes only page) Oracle Database 10g: Backup and Recovery

Using a Flash Recovery Area
The Flash Recovery Area provides a centralized location for control file backups, archived redo logs, flashback logs, and database backups. The Flash Recovery Area can be defined as a directory, file system, or ASM disk group. A single Flash Recovery Area can be shared by more than one database. Using a Flash Recovery Area The Flash Recovery Area is a unified storage location for all recovery-related files and activities in an Oracle database. All files that are needed to completely recover a database from a media failure are part of the Flash Recovery Area. The recovery-related files include: Control file: A copy is created in the Flash Recovery Area location at database creation. Archived redo log files: When the Flash Recovery Area is configured, LOG_ARCHIVE_DEST_10 is automatically set to the Flash Recovery Area location. The Archiver background process creates archived redo log files in the Flash Recovery Area and in other configured LOG_ARCHIVE_DEST_n locations. If no LOG_ARCHIVE_DEST_n locations are defined, the default location for archived redo log files is in the Flash Recovery Area. Flashback logs: Flashback logs are generated when Flashback Database is enabled. Control file autobackups: The default location for control file autobackups created by RMAN and autobackups generated by the Oracle database server is the Flash Recovery Area. Datafile copies: The BACKUP AS COPY command creates image datafile copies in the Flash Recovery Area. RMAN files: This is the default location that is used by RMAN for backups and restoration of the archive log content from tape for a recovery operation. Database area Flash Recovery Area Oracle Database 10g: Backup and Recovery

Defining a Flash Recovery Area
The Flash Recovery Area is defined by setting the following initialization parameters: DB_RECOVERY_FILE_DEST_SIZE: Sets the disk limit, expressed in bytes DB_RECOVERY_FILE_DEST: Sets the location for the Flash Recovery Area These parameters are dynamic and can be altered or disabled. Defining a Flash Recovery Area Use the following mandatory parameters to define the Flash Recovery Area: DB_RECOVERY_FILE_DEST_SIZE: You must define a disk limit, which is the amount of space that the Flash Recovery Area is permitted to use. Setting a disk limit allows the remaining disk space not dedicated to the Flash Recovery Area to be used for other purposes. The recommended size of the disk limit is the sum of the database size, size of incremental backups, and size of all archive log files that have not been copied to tape. In addition, when configuring the value of this parameter, it is recommended to set the value approximately 10 percent lower than what the operating system reports as free space because this disk limit does not include any overhead size that is not known to the Oracle database. For example, the DB_RECOVERY_FILE_DEST_SIZE parameter should account for any file system overhead due to file system metadata, compression, or mirroring. Therefore, if 10 GB is allocated for the Flash Recovery Area and the operating system reports free space as 10 GB (neglecting any file system overhead), then set the value of this parameter 10 percent lower than 10 GB. The minimum size of the Flash Recovery Area should be at least large enough to contain archived redo log files that have not been copied to tape. DB_RECOVERY_FILE_DEST: A Flash Recovery Area specification contains a location, which is a valid destination to create files. Oracle Database 10g: Backup and Recovery

Defining Flash Recovery Area Using Enterprise Manager
You can use Enterprise Manager Grid Control and Database Control to easily define the Flash Recovery Area. On the Database Control home page, navigate to the Maintenance page and click the Recovery Settings link in the Backup/Recovery Settings region. You can define the Flash Recovery Area location and its size on the Recovery Settings page. You must set the size of the Flash Recovery Area when specifying its location. Specifying a size allows any remaining disk space that is not dedicated to the Flash Recovery Area to be used for other purposes. Oracle Database 10g: Backup and Recovery

Flash Recovery Area Space Management
Disk limit is reached and a new file needs to be written into the Flash Recovery Area Flash Recovery Area Files that are no longer required on disk are deleted Database file backup 1 2 3 4 Space pressure occurs Warning issued to user 1 2 Backup files to be deleted RMAN updates list of files that may be deleted Flash Recovery Area Space Management Each time RMAN creates a file in the Flash Recovery Area, the list of files that are no longer required on disk is updated. When the Flash Recovery Area experiences space pressure or is low on free space because there are no files that can be deleted from the Flash Recovery Area, you are warned of the danger of running out of disk space. The Oracle Database server and RMAN continue to create files in the Flash Recovery Area until 100% of the disk limit is reached. When setting DB_RECOVERY_FILE_DEST_SIZE, you must consider whether you have allocated enough disk space before running out of space or necessitating a backup to tape. Files that are obsolete or have been backed up to tape are likely candidates for deletion to provide free space. When a file is written into the Flash Recovery Area and space is needed for that file, the Oracle Database server deletes a file that is on the obsolete files list. When a file is written and deleted from the Flash Recovery Area, notification is written into the alert log. Note: When Flash Recovery Area used space is at 85%, a warning is issued, and when used space is at 97%, a critical warning is issued. These are internal settings and cannot be changed. A sample alert log output follows: WARNING: db_recovery_file_dest_size of bytes is % used, and has 0 remaining bytes available. Oracle Database 10g: Backup and Recovery

Flash Recovery Area Space Management (continued notes only)
You can issue the following query to determine the action to take: SQL> SELECT object_type, message_type, message_level, 2> reason, suggested_action 3> FROM dba_outstanding_alerts; Your choice is to add further disk space, back up files to a tertiary device, delete files from the Flash Recovery Area using RMAN, or consider changing the RMAN retention policy. Flash Recovery Area Space Management (continued notes only) Oracle Database 10g: Backup and Recovery

Flash Recovery Area Space Usage
Configure the retention policy to the minimum value appropriate for your database. Back up the archive log files regularly and delete the files upon completion of the backup. Use the RMAN REPORT OBSOLETE and DELETE OBSOLETE commands to remove backups and file copies that are not required. Flash Recovery Area Space Usage To avoid running out of space in the Flash Recovery Area, you should never store user-managed files in this area. You should also perform the following steps as needed or appropriate: Use RMAN to delete unnecessary files from the Flash Recovery Area. Use RMAN to take frequent backups of the Flash Recovery Area. Change the RMAN retention policy to retain backups for a smaller period of time. Change the RMAN archived log deletion policy. Add disk space and increase the value of the DB_RECOVERY_FILE_DEST_SIZE database initialization parameter if you are frequently running out of space. For example, to back up the archived log files in the Flash Recovery Area and then delete the files after they have been successfully backed up, you would use the RMAN command: BACKUP ARCHIVELOG ALL DELETE ALL INPUT; If you use a backup solution other than RMAN, you still have to use RMAN to remove the files from the Flash Recovery Area. After the archived redo log files have been backed up and removed from disk, use the RMAN CROSSCHECK and DELETE commands to reclaim the archived log space from the Flash Recovery Area. You should do this on a regular basis, or after every backup. Oracle Database 10g: Backup and Recovery

Monitoring the Flash Recovery Area
Real-time Flash Recovery Area metrics can be viewed through Enterprise Manager Database Control. On the Maintenance page, scroll down to the Related Links section and select All Metrics. Scan the list and click Recovery Area. The displayed page shows the Recovery Area Free Space (%) metric, which indicates the percentage of the recovery that is free space. Click the percentage number to see the graph of recovery area usage. Oracle Database 10g: Backup and Recovery

Benefits of Using a Flash Recovery Area
Using the Flash Recovery Area for recovery-related files: Simplifies the location of database backups Automatically manages the disk space allocated for recovery files Benefits of Using a Flash Recovery Area Using a Flash Recovery Area for all recovery-related files simplifies the ongoing administration of your database. Oracle Corporation recommends the use of the Flash Recovery Area for all recovery-related files. Oracle Database 10g: Backup and Recovery

Summary In this lesson, you should have learned how to: Configure your database in ARCHIVELOG mode Specify a retention policy Configure the Flash Recovery Area Oracle Database 10g: Backup and Recovery

Practice Overview This practice covers the following topics: Placing the database in ARCHIVELOG mode Verifying that the Flash Recovery Area is configured Using RMAN to connect to the target database Oracle Database 10g: Backup and Recovery

Using RMAN to Create Backups

Objectives After completing this lesson, you should be able to: Configure persistent settings Configure backup destinations Configure backup optimization Create duplexed backup sets Oracle Database 10g: Backup and Recovery

Using RMAN to Create Backups
When creating a backup using RMAN, you can specify: Type: Full or incremental Files to back up: Entire database, datafiles, control file, server parameter file, archived redo log files Backup type: Image copy or backup set Using RMAN to Create Backups A backup is a copy of data from your database that can be used to reconstruct that data. The results of a backup created through RMAN can be either image copies or backup sets. When performing a backup using RMAN, you can specify: The type of backup to be performed. You can perform backups of the entire database to include every used data block in the files (a FULL backup) or incremental backups (INCREMENTAL). If CONFIGURE CONTROLFILE AUTOBACKUP is enabled, RMAN automatically backs up the control file and the current server parameter file after a BACKUP command is executed. What to backup. Valid values are DATABASE, DATAFILE, TABLESPACE, ARCHIVELOG, CURRENT CONTROLFILE, or SPFILE. Whether an image copy (AS COPY) or backup set (AS BACKUPSET) is created The file name format and location for backup pieces (FORMAT) Which datafiles or archived redo logs should be excluded from the backup set (SKIP) That the input files should be deleted upon the successful creation of the backup set (DELETE INPUT) Oracle Database 10g: Backup and Recovery

Backup Destinations Backups can be written to: Disk directory Media Management Library (tape device) Typically used for disaster recovery, when disk backups are lost. Flash Recovery Area This is the disk area set aside for backup and recovery and flashback database purposes. Define the location and the size. Files are automatically named by using Oracle Managed Files. Files are automatically retained and deleted as necessary. Backup Destinations Backups can be written to a designated disk directory, a Media Management Library, or the Flash Recovery Area. Specifying a disk directory or the Flash Recovery Area means that backups go to hard-disk media. Typically, they are regularly moved offline to tape via the media management interface in order to maintain disk space availability. Any disk directory can be specified as the destination of a backup provided that it already exists. If you configure a Flash Recovery Area, many backup and recovery tasks are simplified for you. The Oracle Database server automatically names files for you, and deletes obsolete files when there is space pressure. Oracle Database 10g: Backup and Recovery

Configuring Persistent Settings for RMAN
RMAN is preset with default configuration settings. Use the CONFIGURE command to: Configure automatic channels Specify the backup retention policy Specify the number of backup copies to be created Set the default backup type to BACKUPSET or COPY Limit the size of backup pieces Exempt a tablespace from backup Enable and disable backup optimization Configure automatic backups of control files Configuring Persistent Settings for RMAN To simplify ongoing use of RMAN for backup and recovery, RMAN enables you to set a number of persistent configuration settings for each target database. These settings control many aspects of RMAN’s behavior. You can save persistent configuration information such as channel parameters, parallelism, and the default device type in the RMAN repository (which is stored in either the control file or a recovery catalog database). These settings have default values, which allow you to use RMAN immediately. However, as you develop a more advanced backup and recovery strategy, you may have to change these settings to implement that strategy. You can use the CONFIGURE command to configure persistent settings for RMAN backup, restore, duplication, and maintenance jobs. These settings are in effect for any RMAN session until the configuration is cleared or changed. Oracle Database 10g: Backup and Recovery

Using Enterprise Manager to Configure RMAN Settings
You can use Oracle Enterprise Manager to specify the backup settings for an instance. To specify backup settings, on the Maintenance page, select Backup Settings in the Backup/Recovery Settings section. The Backup Settings property page consists of three tabs: Device: Used to set the disk and tape configuration settings, including the Media Management Library (MML) settings Backup Set (shown in the slide): Used to specify parameters for backup sets and to enter host credentials Policy: Used to set various backup and retention policies before you initiate a backup, such as automatically backing up the control file and SPFILE. The Policy page also allows you to configure block change tracking support, a feature that provides faster incremental backups. Note: Backup settings change the databasewide settings and apply to any backups that do not override settings at the backup level. Oracle Database 10g: Backup and Recovery

Managing Persistent Settings
Use the SHOW command to list current settings: Use the CLEAR command to reset any persistent setting to its default value: RMAN> SHOW CONTROLFILE AUTOBACKUP FORMAT; RMAN> SHOW EXCLUDE; RMAN> SHOW ALL; RMAN> CONFIGURE BACKUP OPTIMIZATION CLEAR; RMAN> CONFIGURE MAXSETSIZE CLEAR; RMAN> CONFIGURE DEFAULT DEVICE TYPE CLEAR; Managing Persistent Settings Using the RMAN SHOW command, you can view the RMAN configuration settings. If SHOW ALL is executed when connected to a target database, only node-specific configurations and database configurations are displayed. You can return to the default value for any CONFIGURE command by executing the same command with the CLEAR option. Oracle Database 10g: Backup and Recovery

Configuring and Allocating Channels for Use in Backups
Configure automatic channels with the CONFIGURE command: Allocate channels manually with the ALLOCATE CHANNEL command within a RUN block: RMAN> CONFIGURE DEVICE TYPE sbt PARALLELISM 1; RMAN> CONFIGURE DEFAULT DEVICE TYPE TO sbt; RMAN> CONFIGURE CHANNEL DEVICE TYPE sbt … RMAN> BACKUP DATABASE; RMAN> RUN { ALLOCATE CHANNEL ch1 DEVICE TYPE DISK; … BACKUP DATABASE PLUS ARCHIVELOG; } Configuring and Allocating Channels for Use in Backups Choose from the following options for configuring channels and executing backups: Configure automatic channels with the CONFIGURE command, and then issue the BACKUP command at the RMAN prompt or within a RUN block. Manually allocate channels with the ALLOCATE CHANNEL command within a RUN block, and then issue BACKUP commands. Oracle Database 10g: Backup and Recovery

Configuring Backup Optimization
The BACKUP command skips backing up files when the identical files have already been backed up. It is used when the following conditions are true: Backup optimization is enabled. BACKUP DATABASE, BACKUP ARCHIVELOG with ALL or LIKE options, or BACKUP BACKUPSET ALL commands are executed. Only one type of channel is allocated. It can be overriden with the FORCE option. It is always used for RECOVERY AREA, DB_RECOVERY_FILE_DEST, and RECOVERY FILES BACKUP options. Configuring Backup Optimization If you enable backup optimization, the BACKUP command skips backing up files when the identical files have already been backed up to the specified device type. If RMAN determines that a file is identical and it has already been backed up, then it is a candidate to be skipped. However, RMAN performs further checking to determine whether to skip the file, because both the retention policy and the backup duplexing feature are factors in the algorithm that RMAN uses to determine whether there are sufficient backups on the specified device type. Refer to the Oracle Database Backup and Recovery Advanced User’s Guide for detailed information about the criteria that RMAN uses to determine whether a file is identical and the backup optimization algorithm. You can enable backup optimization on the Backup Settings page in Enterprise Manager or by issuing the CONFIGURE BACKUP OPTIMIZATION ON command. By default, backup optimization is disabled. Backup optimization is automatically enabled for the BACKUP RECOVERY AREA | DB_RECOVERY_FILE_DEST and BACKUP RECOVERY FILES commands. Oracle Database 10g: Backup and Recovery

Configuring Backup Optimization (continued) To override backup optimization and back up all files whether or not they have changed, specify the FORCE option on the BACKUP command as in the following example: BACKUP DEVICE TYPE sbt BACKUPSET ALL FORCE; Note that the FORCE option does not apply to files in the recovery area. You can disable backup optimization on a persistent basis using Enterprise Manager or by issuing the following command: CONFIGURE BACKUP OPTIMIZATION OFF; Oracle Database 10g: Backup and Recovery

Creating Backup Sets RMAN> BACKUP AS BACKUPSET 2> FORMAT '/BACKUP/df_%d_%s_%p.bus' 3> TABLESPACE hr_data; Backup set Datafile 1 Datafile 2 Datafile 3 Datafile 1 Datafile 2 Datafile 3 Creating Backup Sets RMAN can store its backups in an RMAN-exclusive format called a backup set. A backup set is a collection of files called backup pieces, each of which may contain one or more database file backups. Note: The FORMAT parameter specifies a pattern to use in creating a file name for the backup pieces created by this command. The FORMAT specification can also be provided through the ALLOCATE CHANNEL and CONFIGURE commands. Tablespace HR_DATA Oracle Database 10g: Backup and Recovery

Creating Image Copies RMAN> BACKUP AS COPY 2> DATAFILE '/ORADATA/users_01_db01.dbf' > FORMAT '/BACKUP/users01.dbf'; RMAN> BACKUP AS COPY 4> ARCHIVELOG LIKE '/arch%' 5> FORMAT 'arch_%U.bak'; Copy of datafile 3 Datafile 3 Datafile 3 Creating Image Copies An image copy is a clone of a single datafile, archived redo log, or control file. An image copy can be created with the BACKUP AS COPY command or with an operating system command. When you create the image copy with the RMAN BACKUP AS COPY command, the server session validates the blocks in the file and records the copy information in the control file. An image copy has the following characteristics: An image copy can be written only to disk. When large files are being considered, copying may take a long time, but restoration time is reduced considerably because the copy is available on the disk. If files are stored on disk, they can be used immediately by using the SWITCH command in RMAN, which is equivalent to the ALTER DATABASE RENAME FILE SQL statement. In an image copy, all blocks are copied, whether they contain data or not, because an Oracle database process copies the file and performs additional actions such as checking for corrupt blocks and registering the copy in the control file. To speed up the process of copying, you can use the NOCHECKSUM parameter. Image copy can be part of a full or incremental level 0 backup because a file copy always includes all blocks. You must use the level 0 option if the copy will be used in conjunction with an incremental backup set. Copy of archived log Archived log file Archived log file Oracle Database 10g: Backup and Recovery

Creating Image Copies (continued) The example in the slide creates two image copies: A copy of the users01_db01.dbf datafile, renamed as users01.dbf, and stored in the BACKUP directory A copy of the archived redo log files The example assumes that you are using automatic channel allocation. If you manually allocate channels, you must include the COPY command within the RUN statement as follows: RMAN> RUN { 2> ALLOCATE CHANNEL c1 type disk; 3> COPY 4> DATAFILE '/ORADATA/users_01_db01.dbf' to 5> '/BACKUP/users01.dbf', 6> ARCHIVELOG 'arch%' to 7> 'arch_%U.bak'; 8> } Oracle Database 10g: Backup and Recovery

BACKUP Command Options
Scan for logical corruptions and physical corruptions. Set a threshold on the number of detected corruptions allowed before aborting. Validate the target input files before performing a backup operation. Duplex the backup set. Overwrite an existing backup set or image copy. Pass control of the data transfer between storage devices and the datafiles on disk to the media management layer. Encrypt the backup files. BACKUP Command Options During the backup operation, an Oracle database process computes a checksum for each block to detect corruption. RMAN verifies the checksum when restoring the copy. This is referred to as physical corruption detection. You can use the NOCHECKSUM option to suppress the checksum operation and speed up the backup process. If the database is already maintaining block checksums, then this option has no effect. You can use the CHECK LOGICAL option to test data and index blocks that pass physical corruption checks for logical corruption—for example, corruption of a row piece or index entry. If logical corruption is detected, the block is logged in the alert log and trace file of the server process. You can set a threshold for the allowed number of logical and physical corruptions with the MAXCORRUPT parameter. As long as the sum of physical and logical corruptions that is detected for a file remains below this value, the RMAN backup operation completes and the Oracle database populates the V$DATABASE_BLOCK_CORRUPTION view with the corrupt block ranges. If MAXCORRUPT is exceeded, then the operation terminates without populating the view. You can use the VALIDATE option to check for physical and logical errors in database files. When using the BACKUP command with the VALIDATE option, RMAN scans the specified files and verifies their contents, testing whether this file can be backed up. This command does not actually back up the specified files. Oracle Database 10g: Backup and Recovery

BACKUP Command Options (continued) You can create up to four identical copies of each backup piece by duplexing the backup set. Use any of the following commands to produce a duplexed backup set: BACKUP COPIES SET BACKUP COPIES CONFIGURE ... BACKUP COPIES RMAN does not produce multiple backup sets, but produces identical copies of each backup piece in the set. You cannot use this option with the BACKUP AS COPY command to create multiple image copies. If you specify REUSE, you enable RMAN to overwrite an already existing backup set or image copy with the same file name as the file that BACKUP is currently creating. The PROXY copy functionality backs up the specified files by giving the media management software control over the data transfer between storage devices and the datafiles on disk. The media manager—not RMAN—decides how and when to move data. When you run BACKUP with the PROXY option, RMAN performs these steps: 1. It searches for a channel of the specified device type that is proxy capable. If no such channel is found, then RMAN issues a warning and attempts a conventional (that is, nonproxy) backup of the specified files. 2. If RMAN locates a proxy-capable channel, it calls the media manager to check whether it can proxy copy the files. If the media manager cannot proxy copy, then RMAN uses conventional backup sets to back up the files. If you do not want RMAN to try a conventional copy when a proxy copy fails, use the ONLY option. Because image copies are written only to disk, you cannot use the PROXY option with the BACKUP AS COPY command. Note: If you specify PROXY, then the %p variable must be included in the FORMAT string either explicitly or implicitly within %U. Encryption of backups is discussed later in this lesson. Oracle Database 10g: Backup and Recovery

Creating a Whole Database Backup
RMAN> BACKUP DATABASE PLUS ARCHIVELOG; Control file Archived log file copies Datafile copies SPFILE Creating a Whole Database Backup A whole database backup is a copy of all datafiles and the control file. You can optionally include the server parameter file (SPFILE) and archived redo log files. Using Recovery Manager to make an image copy of all the database files simply requires mounting the database, starting RMAN, and entering the BACKUP command shown in the slide. Note: You must have issued the following CONFIGURE commands to make the backup as described previously: CONFIGURE DEFAULT DEVICE TYPE TO disk; CONFIGURE DEVICE TYPE DISK BACKUP TYPE TO COPY; CONFIGURE CONTROLFILE AUTOBACKUP ON; You can also create a backup (either a backup set or image copies) of previous image copies of all datafiles and control files in the database by using the following command: RMAN> BACKUP COPY OF DATABASE; By default, RMAN executes each BACKUP command serially. However, you can parallelize the copy operation by: Using the CONFIGURE DEVICE TYPE DISK PARALLELISM n command, where n is the desired degree of parallelism Allocating multiple channels Specifying one BACKUP AS COPY command and listing multiple files Oracle Database 10g: Backup and Recovery

RMAN Backup Types A full backup contains all used datafile blocks.
A level 0 incremental backup is equivalent to a full backup that has been marked as level 0. A cumulative level 1 incremental backup contains only blocks modified since the last level 0 incremental backup. A differential level 1 incremental backup contains only blocks modified since the last incremental backup. Full, or "level 0 incremental backup" Cumulative incremental backup Differential incremental backup RMAN Backup Types Full Backups A full backup is different from a whole database backup. A full datafile backup is a backup that includes every used data block in the file. RMAN copies all blocks into the backup set or image copy, skipping only datafile blocks that have never been used. For a full image copy, the entire file contents are reproduced exactly. A full backup cannot be part of an incremental backup strategy; it cannot be the parent for a subsequent incremental backup. Incremental Backups An incremental backup is either a level 0 backup, which includes every block in the datafiles except blocks that have never been used, or a level 1 backup, which includes only those blocks that have been changed since a previous backup was taken. A level 0 incremental backup is physically identical to a full backup. The only difference is that the level 0 backup can be used as the base for a level 1 backup, but a full backup can never be used as the base for a level 1 backup. Incremental backups are specified through the INCREMENTAL keyword of the BACKUP command. You specify INCREMENTAL LEVEL = [0 | 1]. Oracle Database 10g: Backup and Recovery

RMAN Backup Types (continued) Incremental Backups (continued) RMAN can create multilevel incremental backups as follows: Differential: Is the default type of incremental backup that backs up all blocks changed after the most recent incremental backup at either level 1 or level 0 Cumulative: Backs up all blocks changed after the most recent backup at level 0 Examples To perform an incremental backup at level 0, use the following command: RMAN> BACKUP INCREMENTAL LEVEL 0 DATABASE; To perform a differential incremental backup, use the following command: RMAN> BACKUP INCREMENTAL LEVEL 1 DATABASE; To perform a cumulative incremental backup, use the following command: RMAN> BACKUP INCREMENTAL LEVEL 1 CUMULATIVE DATABASE; RMAN makes full backups by default if neither FULL nor INCREMENTAL is specified. Unused block compression causes never-written blocks to be skipped when backing up datafiles to backup sets, even for full backups. A full backup has no effect on subsequent incremental backups, and is not considered part of any incremental backup strategy, although a full image copy backup can be incrementally updated by applying incremental backups with the RECOVER command. This is covered later in this lesson. Oracle Database 10g: Backup and Recovery

Fast Incremental Backup
Optimizes incremental backups Tracks which blocks have changed since the last backup Oracle Database 10g has integrated change tracking: A change tracking file is introduced. Changed blocks are tracked as redo is generated. Database backup automatically uses the changed block list. List of changed blocks Change tracking file CTWR Fast Incremental Backup The goal of an incremental backup is to back up only those data blocks that have changed since a previous backup. You can use RMAN to create incremental backups of datafiles, tablespaces, or the whole database. During media recovery, RMAN examines the restored files to determine whether it can recover them from an incremental backup. RMAN always chooses incremental backups over archived redo logs because applying changes at a block level is faster than reapplying individual changes. If you enable the block change tracking feature, Oracle Database tracks the physical location of all database changes in a file called the change tracking file. RMAN uses this change tracking data to determine which blocks to read during an incremental backup, creating much faster incremental backups by eliminating the need to read the entire datafile. The maintenance of this file is fully automatic and does not require your intervention. The size of the block change tracking file is proportional to the: Database size in bytes Number of enabled threads in a RAC environment Number of old backups maintained by the block change tracking file The minimum size for the block change tracking file is 10 MB, and any new space is allocated in 10 MB increments. The Oracle database does not record block change information by default. Redo generation SGA Redo log Oracle Database 10g: Backup and Recovery

Enabling Fast Incremental Backup
ALTER DATABASE {ENABLE|DISABLE} BLOCK CHANGE TRACKING [USING FILE '...'] Enabling Fast Incremental Backup You enable block change tracking from the Database Control home page. Click the Policy tab from the Backup Settings on the Maintenance tabbed page. You do not need to set the block change tracking file destination if the DB_CREATE_FILE_DEST initialization parameter is set because the file is created as an Oracle Managed File (OMF) file in the DB_CREATE_FILE_DEST location. You can, however, specify the name of the block change tracking file, placing it in any location you choose. You can also enable or disable this feature by using an ALTER DATABASE command. If the change tracking file is stored in the database area with your database files, then it is deleted when you disable change tracking. You can rename the block change tracking file by using the ALTER DATABASE RENAME command. Your database must be in the MOUNT state to rename the tracking file. The ALTER DATABASE RENAME FILE command updates the control file to refer to the new location. You can use the following syntax to move the block change tracking file name: ALTER DATABASE RENAME FILE '...' TO '...'; Oracle Database 10g: Backup and Recovery

Monitoring Block Change Tracking
SQL> SELECT filename, status, bytes 2 FROM v$block_change_tracking; SQL> SELECT file#, avg(datafile_blocks), avg(blocks_read), avg(blocks_read/datafile_blocks) * 100 AS PCT_READ_FOR_BACKUP, avg(blocks) 5 FROM v$backup_datafile 6 WHERE used_change_tracking = 'YES' 7 AND incremental_level > 0 8 GROUP BY file#; Monitoring Block Change Tracking The output of the V$BLOCK_CHANGE_TRACKING view shows where the block change tracking file is located, the status of block change tracking (ENABLED/DISABLED), and the size (in bytes) of the file. The query on the V$BACKUP_DATAFILE view shows how effective the block change tracking is in minimizing the incremental backup I/O (the PCT_READ_FOR_BACKUP column). A high value indicates that RMAN reads most blocks in the datafile during an incremental backup. You can reduce this ratio by decreasing the time between the incremental backups. A sample formatted output from the V$BACKUP_DATAFILE query is shown below: FILE# BLOCKS_IN_FILE BLOCKS_READ PCT_READ_FOR_BACKUP BLOCKS_BACKED_UP Oracle Database 10g: Backup and Recovery

Creating an Oracle-Suggested Backup
Enterprise Manager makes it easy for you to set up an Oracle-suggested backup strategy that protects your data and provides efficient recoverability to any point in the preceding 24 hours. The Oracle-suggested strategy uses the incremental backup and incrementally updated backup features, providing faster recoverability than is possible when applying database changes from the archived log files. To establish an Oracle-suggested strategy, navigate to the Maintenance page. In the Backup/Recovery region, select Schedule Backup. The Backup Strategy enables you to select from the Oracle-Suggested Backup and Customized Backup strategies. The Oracle-suggested strategy takes a full database copy as the first backup. Because it is a whole database backup, you might want to consider taking this at a period of least activity. After that, an incremental backup to disk is taken every day. Because these backups on disk are retained, you can always perform a full database recovery or a point-in-time recovery to any time within the past day. After you complete and accept your required options, your database is backed up once daily, using incremental backups and incrementally applied backups, allowing quick recovery to any time in the preceding 24 hours. Oracle Database 10g: Backup and Recovery

Creating Duplexed Backup Sets
To create a duplexed backup set use: CONFIGURE ... BACKUP COPIES BACKUP...COPIES Backup set 1 Datafile 1 Datafile 2 Datafile 3 Backup set 2 Datafile 1 Datafile 1 Datafile 2 Datafile 3 Datafile 2 Datafile 3 Creating Duplexed Backup Sets RMAN can make up to four copies of a backup set simultaneously, each an exact duplicate of the others. A copy of a backup set is a copy of each backup piece in the backup set, with each copy getting a unique copy number (for example, 0tcm8u2s_1_1 and 0tcm8u2s_1_2). In most cases, the easiest method of duplexing backup sets is to use BACKUP...COPIES or CONFIGURE ... BACKUP COPIES to duplex backup sets. For DISK channels, specify multiple values in the FORMAT option to direct the multiple copies to different physical disks. For sbt channels, if you use a media manager that supports Version 2 of the SBT API, then the media manager will automatically put each copy onto a separate medium (for example, a separate tape). Note that it is not possible to duplex backup sets to the Flash Recovery Area, and that duplexing only applies to backup sets, not image copies. You receive an error if you specify the BACKUP... COPIES option when creating image copy backups. The CONFIGURE...BACKUP COPIES setting is ignored for image copy backups. Note: Duplexed backup sets are typically used for tape backups. Tablespace HR_DATA Oracle Database 10g: Backup and Recovery

Creating Duplexed Backup Sets Using CONFIGURE BACKUP COPIES
RMAN> CONFIGURE ARCHIVELOG BACKUP COPIES > FOR DEVICE TYPE sbt TO 2; RMAN> CONFIGURE DATAFILE BACKUP COPIES RMAN> BACKUP DATABASE PLUS ARCHIVELOG; RMAN> BACKUP DEVICE TYPE DISK AS COPY DATABASE; Creating Duplexed Backup Sets Using CONFIGURE BACKUP COPIES Use the CONFIGURE ... BACKUP COPIES command to specify the number of identical backup sets that you want to create on the specified device type. This setting applies to all backups except control file autobackups (because the autobackup of a control file always produces one copy) and backup sets when backed up with the BACKUP BACKUPSET command. Note: You must have automatic channels configured. To create a duplexed backup set with CONFIGURE BACKUP COPIES perform the following steps: 1. Configure the number of copies on the desired device type for datafiles and archived redo log files. 2. Execute the BACKUP command. 3. Issue a LIST BACKUP command to verify your backup. Oracle Database 10g: Backup and Recovery

Creating Duplexed Backup Sets Using BACKUP COPIES
RMAN> BACKUP AS BACKUPSET DEVICE TYPE sbt 2> COPIES 2 3> INCREMENTAL LEVEL 0 4> DATABASE; Creating Duplexed Backup Sets Using BACKUP COPIES You can use the BACKUP command with the COPIES option to override other COPIES or DUPLEX settings to create duplexed backup sets. To duplex a backup with BACKUP COPIES, perform the following steps: 1. Specify the number of identical copies with the COPIES option of the BACKUP command. 2. Issue a LIST BACKUP command to verify your backup. Oracle Database 10g: Backup and Recovery

Creating Backups of Backup Sets
RMAN> BACKUP DEVICE TYPE DISK AS BACKUPSET 2> DATABASE PLUS ARCHIVELOG; RMAN> BACKUP DEVICE TYPE sbt BACKUPSET ALL; Datafile 1 Datafile 1 Datafile 2 Datafile 2 Datafile 3 Datafile 3 Archived redo logs Creating Backups of Backup Sets Use the RMAN BACKUP BACKUPSET command to back up previously created backup sets. Only backup sets that were created on device type DISK can be backed up using RMAN. The backup sets can be backed up to any available device type. The BACKUP BACKUPSET command uses the default disk channel to copy backup sets from disk to disk. To back up from disk to tape, you must either configure or manually allocate a nondisk channel. Archived redo logs Backup sets Oracle Database 10g: Backup and Recovery

Configuring Control File Autobackups
RMAN> CONFIGURE CONTROLFILE AUTOBACKUP ON; Configuring Control File Autobackups To avoid losing a copy of the current control file, you should configure RMAN to take automatic backups of the control file. The automatic backup of the control file occurs independently of any backup of the current control file explicitly requested as part of your backup command. If you are operating RMAN in NOCATALOG mode, it is highly recommended that you activate control file autobackup. Otherwise, if you lose your control file, your database may be unrecoverable. To configure control file autobackup, modify the backup policy for your database by using Enterprise Manager or use the following RMAN command: CONFIGURE CONTROLFILE AUTOBACKUP ON; By default, control file autobackups are disabled. If you enable control file autobackups, then RMAN automatically backs up the control file and the current server parameter file (if used to start up the database) in one of two circumstances: A successful backup is recorded in the RMAN repository. A structural change to the database affects the contents of the control file, which, therefore, must be backed up. Control file autobackups that take place as the result of structural changes are always written to disk. Oracle Database 10g: Backup and Recovery

Control File Autobackups (notes only page)
Configuring Control File Autobackups (continued) For non-Oracle Managed Files (non-OMF) files, the control file autobackup file name has a default format of %F for all device types, so that RMAN can guess the file location and restore it without a repository. This variable format translates into c-IIIIIIIIII-YYYYMMDD-QQ, where: IIIIIIIIII stands for the DBID YYYYMMDD is a time stamp of the day the backup is generated QQ is the hex sequence that starts with 00 and has a maximum of FF You can change the default format by using the CONFIGURE CONTROLFILE AUTOBACKUP FORMAT FOR DEVICE TYPE type TO 'string' command. The value of string must contain the substitution variable %F and cannot contain other substitution variables. For example: CONFIGURE CONTROLFILE AUTOBACKUP FORMAT FOR DEVICE TYPE DISK TO '/u01/oradata/cf_ORCL_auto_%F'; Note: Control file autobackups are stored in the Flash Recovery Area, unless otherwise specified. Files created in the Flash Recovery Area are OMF files and do not adhere to the naming convention described above. With a control file autobackup, RMAN can recover the database even if the current control file, recovery catalog, and server parameter file are inaccessible. Because the path used to store the autobackup follows a well-known format, RMAN can search for and restore the server parameter file or control file from that autobackup. Control File Autobackups (notes only page) Oracle Database 10g: Backup and Recovery

Using a Media Manager Server session (channel) Recovery Manager
Media management library Oracle Secure Backup with built-in MML Or Media management server software Using a Media Manager To use tape storage for your database backups, RMAN requires Oracle Secure Backup or a media manager. Oracle Secure Backup is covered in detail later in this course. A media manager is a utility that loads, labels, and unloads sequential media, such as tape drives for the purpose of backing up, restoring, and recovering data. The Oracle Database server calls MML software routines to back up and restore datafiles to and from media that is controlled by the media manager. Some media management products can completely manage all data movement between Oracle datafiles and the backup devices. Some products that use high-speed connections between storage and media subsystems can reduce much of the backup load from the primary database server. Note that the Oracle Database server does not need to connect to the Media Management Library (MML) software when it backs up to disk. Oracle Database 10g: Backup and Recovery

Using a Media Manager (continued) The Oracle Backup Solutions Program (BSP) provides a range of media management products that are compliant with Oracle’s MML specification. Software that is compliant with the MML interface enables an Oracle Database session to back up data to a media manager and request the media manager to restore backups. Check with your media vendor to determine whether it is a member of the Oracle BSP. Before you can begin using RMAN with a media manager, you must install the media manager software and make sure that RMAN can communicate with it. Instructions for this procedure should be available in the media manager vendor’s software documentation. Depending on the product that you are installing, perform the following basic steps: 1. Install and configure the media management software on the target host or production network. No RMAN integration is required at this stage. 2. Ensure that you can make non-RMAN backups of operating system files on the target database host. This step makes it easier to troubleshoot problems at a later time. Refer to your media management documentation to learn how to back up files to the media manager. 3. Obtain and install the third-party media management module for integration with the Oracle database. This module must contain the library loaded by the Oracle Database server when accessing the media manager. Backup and Restore Operations Using a Media Manager The following Recovery Manager script performs a datafile backup to a tape drive controlled by a media manager: run { # Allocating a channel of type 'sbt' for serial device ALLOCATE CHANNEL ch1 DEVICE TYPE sbt; BACKUP DATAFILE 3; } When Recovery Manager executes this command, it sends the backup request to the Oracle Database session performing the backup. The Oracle Database session identifies the output channel as a media management device and requests the media manager to load a tape and write the output. The media manager labels and keeps track of the tape and the names of the files on each tape. The media manager also handles restore operations. When you restore a file, the following steps occur: 1. The Oracle Database server requests the restoration of a particular file. 2. The media manager identifies the tape containing the file and reads the tape. 3. The media manager passes the information back to the Oracle Database session. 4. The Oracle Database server writes the file to disk. Oracle Database 10g: Backup and Recovery

Creating Proxy Copies A proxy copy is a backup to a third-party media storage device in which the entire data transfer is conducted by a media manager. Media manager must support proxy copy functionality. It is created with BACKUP PROXY command. RMAN creates conventional backup if proxy copy is not supported. Use PROXY ONLY to force failure if proxy copy is not possible. Creating Proxy Copies A proxy copy is a backup to a third-party media storage device in which the entire data transfer is conducted by a media manager. You can use the PROXY option of the BACKUP command to create a proxy copy. This option can be used only with media managers that support it. During a proxy copy, RMAN turns over control of the data transfer to the media manager. When you execute the BACKUP PROXY command, RMAN queries the media manager to determine whether it can perform a proxy copy for the specified file. If the media manager cannot proxy copy the file, then RMAN attempts a conventional backup of the file. You can use the PROXY ONLY option to force RMAN to fail if a proxy copy cannot be performed. Proxy copy can be used with datafiles or archived redo log files, as shown in these examples: BACKUP DEVICE TYPE sbt PROXY DATAFILE 3; BACKUP DEVICE TYPE sbt PROXY ONLY DATABASE; BACKUP DEVICE TYPE sbt PROXY ONLY ARCHIVELOG ALL; Note: SBT channels must be configured with the appropriate parameters. Control files are never backed up with proxy copy. If the PROXY option is specified on an operation that includes backup of a control file, it is ignored for the control file backup. Oracle Database 10g: Backup and Recovery

Managing Backups: Reporting
Use the following RMAN commands to obtain information about your backups: LIST: Displays information about backup sets, proxy copies, and image copies recorded in the repository REPORT: Produces a detailed analysis of the repository REPORT NEED BACKUP: Lists all datafiles that require a backup REPORT OBSOLETE: Identifies files that are no longer needed to satisfy backup retention policies Managing Backups: Reporting Use the RMAN LIST command to display information about backup sets, proxy copies, and image copies recorded in the repository. Use this command to list: Backups and copies that do not have the AVAILABLE status in the RMAN repository Backups and copies of datafiles that are available and can possibly be used in a restore operation Backup sets and copies that contain a backup of a specified list of datafiles or specified tablespaces Backup sets and copies that contain a backup of any archived logs with a specified name or range Backup sets and copies restricted by tag, completion time, recoverability, or device Incarnations of a specified database or of all databases known to the repository Stored scripts in the recovery catalog Use the RMAN REPORT command to analyze information in the RMAN repository in more detail. The REPORT NEED BACKUP command is used to identify all datafiles that need a backup. The report assumes that the most recent backup would be used in the event of a restore. Oracle Database 10g: Backup and Recovery

Managing Backups: Reporting (notes only)
Managing Backups: Reporting (continued) Using the REPORT OBSOLETE command, you can identify files that are no longer needed to satisfy backup retention policies. By default, the REPORT OBSOLETE command reports which files are obsolete under the currently configured retention policy. You can generate reports of files that are obsolete according to different retention policies by using REDUNDANCY or RECOVERY WINDOW retention policy options with the REPORT OBSOLETE command. Refer to the Oracle Database Backup and Recovery Reference for detailed syntax information. Managing Backups: Reporting (notes only) Oracle Database 10g: Backup and Recovery

Using Enterprise Manager to View Backup Reports
You can use the Backup Report page to display lists of backup jobs that are known to the database through the information recorded about them in the database control file. You can filter the jobs that appear in the Result table by using the Filter By fields at the top of the page. The Result table lists basic information about each backup job, such as the Start Time, the Time Taken, and the Status of the backup job. You can also use the Result table to drill down to individual, detailed backup job reports by using the link in the Backup Name column. You can drill down to a “Summary of job” page of the backup job by clicking the Status of the job in the Result table, where you can view the contents of the output log. You can use the View Backup Report Job page to display detailed information about the current backup job selected on the Backup Report page. The information displayed on this page is derived from the information recorded in the database control file. The View Backup Report Job page displays result information in the Result section in various categories, such as Input Summary, containing rollup information about the files that were backed up; Output Summary, containing rollup information about the Backup Sets and Image Copies; and then Inputs and Outputs sections that display tables containing detailed job information about the datafiles, control files, backup sets, backup pieces, and image copies. Oracle Database 10g: Backup and Recovery

Managing Backups: Crosschecking and Deleting
Use the following RMAN commands to manage your backups: CROSSCHECK: Verifies the status of backups and copies recorded in the RMAN repository against media such as disk or tape DELETE EXPIRED: Removes only files whose status in the repository is EXPIRED DELETE OBSOLETE: Deletes backups that are no longer needed Managing Backups: Crosschecking and Deleting Use the CROSSCHECK command to ensure that data about backups in the recovery catalog or control file is synchronized with actual files on disk or in the media management catalog. The CROSSCHECK command operates only on files that are recorded in the RMAN repository. The CROSSCHECK command checks only objects marked AVAILABLE or EXPIRED by examining the files on disk for DISK channels or by querying the media manager for sbt channels. The CROSSCHECK command updates the repository records for any files that it is unable to find to EXPIRED. It does not delete any files that it is unable to find. The DELETE command can remove any file that the LIST and CROSSCHECK commands can operate on. For example, you can delete backup sets, archived redo logs, and datafile copies. The DELETE command removes both the physical file and the catalog record for the file. The DELETE OBSOLETE command deletes backups that are no longer needed. It uses the same REDUNDANCY and RECOVERY WINDOW options as REPORT OBSOLETE. If you delete backups without using RMAN, you can use the CROSSCHECK or UNCATALOG commands to remove the files from the recovery catalog. Refer to the Oracle Database Backup and Recovery Reference for detailed syntax information. Oracle Database 10g: Backup and Recovery

Using Enterprise Manager to Manage Backups
You can manage your backup records through Enterprise Manager. Backup maintenance functions provided in Enterprise Manager include the following: Viewing lists of backups (backup sets and image copies) recorded in the RMAN repository Crosschecking your repository: Verifying that the backups listed in the repository exist and are accessible Marking as expired any backups not accessible at the time of the crosscheck Deleting the record of expired backups from your RMAN repository Deleting obsolete backups from the repository and from disk You can access the Manage Current Backups page in Enterprise Manager by clicking Manage Current Backups in the Backup/Recovery region of the Maintenance page. The Manage Current Backups page has two property pages: Backup Set (the initial view) and Image Copy. Each serves a similar purpose, listing the backups as recorded in the Recovery Manager repository. Note: If you use a Flash Recovery Area for your backup storage, many maintenance activities are reduced or eliminated because of the Flash Recovery Area’s automatic management of disk space and file retention based on the retention policy. Oracle Database 10g: Backup and Recovery

Summary In this lesson, you should have learned how to: Configure persistent settings Configure backup destinations Configure backup optimization Create duplexed backup sets Oracle Database 10g: Backup and Recovery

Practice Overview This practice covers the following topics: Configuring control file autobackup Configuring backup optimization Creating a whole database backup using the Oracle-suggested strategy Creating duplexed backup sets Managing backups Oracle Database 10g: Backup and Recovery

Using RMAN to Perform Recovery

Objectives After completing this lesson, you should be able to: Perform complete recovery Perform recovery on a new host Perform recovery using a backup control file Oracle Database 10g: Backup and Recovery

Using RMAN RESTORE and RECOVER Commands
RESTORE command: Restores database files from backup RECOVER command: Recovers restored files by applying changes recorded in the redo log files RMAN> SQL 'ALTER TABLESPACE inv_tbs OFFLINE IMMEDIATE'; RMAN> RESTORE TABLESPACE inv_tbs; RMAN> RECOVER TABLESPACE inv_tbs; RMAN> SQL 'ALTER TABLESPACE inv_tbs ONLINE'; Using RMAN RESTORE and RECOVER Commands Reconstructing the contents of all or part of a database from a backup typically involves two phases: retrieving a copy of the datafile from a backup, and reapplying changes to the file since the backup from the archived and online redo logs, to bring the database to the desired SCN (usually the most recent one). The RESTORE command retrieves the datafile onto disk from a backup location on tape, disk, or other media, and makes it available to the database server. RMAN restores from backup any archived redo logs required during the recovery operation. If backups are stored on a media manager, channels must be configured or allocated for use in accessing backups stored there. The RECOVER command takes the restored copy of the datafile and applies to it the changes recorded in the database’s redo logs. Refer to the Oracle Database Backup and Recovery Reference for additional information and examples using the RESTORE and RECOVER commands. Oracle Database 10g: Backup and Recovery

Performing Recovery Using Enterprise Manager
The Enterprise Manager Recovery Wizard creates and runs an RMAN script to perform the recovery. Performing Recovery Using Enterprise Manager You can also perform complete or incomplete recovery by using the Recovery Wizard available through Enterprise Manager. On the Maintenance page, click Perform Recovery in the Backup/Recovery section. Oracle Database 10g: Backup and Recovery

Comparing Complete and Incomplete Recovery
There are two types of recovery: Complete recovery: Brings the database up to the present, including all committed data changes made to the point in time when the recovery was requested Incomplete recovery: Brings the database up to a specified point in time in the past, before the recovery operation was requested Complete recovery Incomplete recovery Comparing Complete and Incomplete Recovery When you perform complete recovery, you bring the database to the state where it is fully up-to-date, including all committed data modifications to the present time. Incomplete recovery, however, brings the database to some point in the past. This means there are missing transactions; any data modifications done between the recovery destination time and the present are lost. In many cases, this is the desirable goal because there may have been some changes made to the database that need to be undone. Recovering to a point in the past is a way to remove the unwanted changes. Recovery task started at this time Restore from this backup Missing transactions after incomplete recovery Oracle Database 10g: Backup and Recovery

Complete Recovery Following the Loss of Datafiles
Archived log Archived log Online Redo log Changes applied Database opened 2 Undo applied 4 5 1 3 6 Complete Recovery Following the Loss of Datafiles The following steps describe what takes place during complete recovery following the loss of datafiles: 1. Damaged or missing files are restored from a backup. 2. Changes from incremental backups, archived redo log files, and online redo log files are applied as necessary. The redo log changes are applied to the datafiles until the current online log is reached and the most recent transactions have been reentered. Undo blocks are generated during this entire process. This is referred to as rolling forward or cache recovery. 3. The restored datafiles may now contain committed and uncommitted changes. 4. The database is opened before undo is applied. This is to provide higher availability. 5. The undo blocks are used to roll back any uncommitted changes. This is sometimes referred to as transaction recovery. 6. The datafiles are now in a recovered state and are consistent with the other datafiles in the database. Datafiles containing committed and uncommitted transactions Restored datafiles Recovered datafiles Oracle Database 10g: Backup and Recovery

Performing Complete Recovery: Loss of a Non-Critical datafile in ARCHIVELOG Mode If a datafile is lost or corrupted, and that file does not belong to the SYSTEM or UNDO tablespace, then restore and recover the missing datafile. Performing Complete Recovery: Loss of a Non-Critical datafile in ARCHIVELOG Mode With the database in ARCHIVELOG mode, the loss of any datafile not belonging to the SYSTEM or UNDO tablespaces only affects objects that are in the missing file. To restore and recover the missing datafile using Enterprise Manager, perform the following steps: 1. Click Perform Recovery on the Maintenance properties page. 2. Select “Datafiles” as the recovery type, and select “Restore to current time.” 3. Add all datafiles that need recovery. 4. Determine whether you want to restore the files to the default location or (if a disk or controller is missing) to a new location. 5. Submit the RMAN job to restore and recover the missing files. Because the database is in ARCHIVELOG mode, recovery up to the time of the last commit is possible and users are not required to reenter any data. Oracle Database 10g: Backup and Recovery

Performing Complete Recovery: Loss of a System-Critical Datafile in ARCHIVELOG Mode If a datafile is lost or corrupted, and that file belongs to the SYSTEM or UNDO tablespace, then perform the following steps: The instance may or may not shut down automatically. If it does not, use SHUTDOWN ABORT to bring the instance down. Mount the database. Restore and recover the missing datafile. Open the database. Performing Complete Recovery: Loss of a System-Critical Datafile Datafiles belonging to the SYSTEM tablespace or containing UNDO data are considered system critical. A loss of one of these files requires the database to be restored from the MOUNT state (unlike other datafiles that may be restored with the database open). Perform the following steps for complete recovery: 1. If the instance is not already shut down, shut it down. 2. Mount the database. 3. Click Perform Recovery on the Maintenance properties page. 4. Select “Datafiles” as the recovery type, and select “Restore to current time.” 5. Add all datafiles that need recovery. 6. Determine whether you want to restore the files to the default location or (if a disk or controller is missing) to a new location. 7. Submit the RMAN job to restore and recover the missing files. 8. Open the database. Users are not required to reenter data because the recovery is up to the time of the last commit. Oracle Database 10g: Backup and Recovery

Recovery Using Incrementally Updated Backups
RMAN can recover image copies by using incremental backup files: Image copies are updated with all changes up to the incremental backup SCN. Incremental backup reduces the time required for media recovery. There is no need to perform an image copy after the incremental restoration. RMAN> RECOVER COPY OF 2> DATAFILE {n|'file_name'} Incremental backup files Recovery Using Incrementally Updated Backups You can use RMAN to apply incremental backups to datafile image copies. With this recovery method, you use RMAN to recover a copy of a datafile—that is, you roll forward (recover) the image copy to the specified point in time by applying the incremental backups to the image copy. The image copy is updated with all changes up through the SCN at which the incremental backup was taken. RMAN uses the resulting updated datafile in media recovery just as it would use a full image copy taken at that SCN, without the overhead of performing a full image copy of the database every day. The benefits of applying incremental backups to datafile image copies are that you reduce the time required for media recovery (using archive logs) because you need to apply archive logs only since the last incremental backup. Also, you do not need to perform a full image copy after the incremental restoration. If the recovery process fails during the application of the incremental backup file, you simply restart the recovery process. RMAN automatically determines the required incremental backup files to apply, from before the image datafile copy until the time at which you want to stop the recovery process. If there is more than one version of an image copy recorded in the RMAN catalog, RMAN automatically uses the latest version of the image copy. RMAN reports an error if it cannot merge an incremental backup file with an image copy. Image copy of datafile Incrementally updated backup Oracle Database 10g: Backup and Recovery

Using the Flash Recovery Area for Fast Recovery
Use the Flash Recovery Area to perform fast recovery by performing the following steps: Use the SWITCH TO COPY command to switch to a file in the Flash Recovery Area. Recover the datafile in the Flash Recovery Area. Create an image copy of the datafile in the original datafile location. Switch to the new image copy. Recover the new image copy. Using the Flash Recovery Area for Fast Recovery You can use datafiles from the Flash Recovery area for fast recovery by performing the following steps: 1. Take the datafile offline. 2. Use the SWITCH TO COPY command to restore the datafile from the flash recovery area. 3. Recover the datafile. 4. Bring the datafile online. 5. Create an image copy of the datafile in the original location using the BACKUP AS COPY command. 6. Take the datafile offline. 7. Switch to the copy you made in step 5 using the SWITCH TO COPY command. 8. Recover the datafile. 9. Bring the datafile online. Oracle Database 10g: Backup and Recovery

Performing Restore and Recovery of a Database in NOARCHIVELOG Mode
If the database is in NOARCHIVELOG mode, and any datafile is lost, perform the following tasks: Shut down the instance if it is not already down. Restore the entire database, including all data and control files, from the backup. Open the database. Users must reenter all changes made since the last backup. Performing Restore and Recovery of a Database in NOARCHIVELOG Mode The loss of any datafile from a database in NOARCHIVELOG mode requires complete restoration of the database, including control files and all datafiles. With the database in NOARCHIVELOG mode, recovery is possible only up to the time of the last backup. So users must reenter all changes made since that backup. For this type of recovery, perform the following tasks: 1. Shut down the instance if it is not already down. 2. Click Perform Recovery on the Maintenance properties page. 3. Select Whole Database as the type of recovery. Oracle Database 10g: Backup and Recovery

Using Incremental Backups to Recover a Database in NOARCHIVELOG Mode
Use incremental backups to perform limited recovery of a database in NOARCHIVELOG mode. STARTUP FORCE MOUNT; RESTORE CONTROLFILE; ALTER DATABASE MOUNT; RESTORE DATABASE; RECOVER DATABASE NOREDO; ALTER DATABASE OPEN RESETLOGS; Using Incremental Backups to Recover a Database in NOARCHIVELOG Mode You can perform limited recovery of a NOARCHIVELOG mode database by using incremental backups. The incremental backups must be consistent backups. If you have taken incremental backups, RMAN will use your level 0 and level 1 backups to restore and recover the database. You must specify the NOREDO option on the RECOVER DATABASE command if the online redo log files are lost or if the redo cannot be applied to the incremental backups. If you do not specify the NOREDO option, RMAN searches for the online redo log files after applying the incremental backups. If the online redo log files are not available, RMAN issues an error message. Note: If the current online redo log files contain all changes since the last incremental backup, you can issue the RECOVER DATABASE command without the NOREDO option and the changes will be applied. Oracle Database 10g: Backup and Recovery

Restoring and Recovering the Database on a New Host
Use the procedure to: Perform test restores Move a production database to a new host RMAN> Backups Server parameter file Server parameter file Restoring and Recovering the Database on a New Host Use the procedure described on the following pages to perform test restores. You can also use it to move a production database to a new host. The database identifier (DBID) for the restored test database is the same as the DBID of the original database. If you are using a recovery catalog and connect to the test database and the recovery catalog database, the recovery catalog is updated with information about the test database. This can impact RMAN’s ability to restore and recover the source database. You should create a duplicate database using the RMAN DUPLICATE command if your goal is to create a new copy of your target database for ongoing use on a new host. The duplicate database is assigned a new DBID which allows it to be registered in the same recovery catalog as the original target database. Refer to the lesson titled “Using RMAN to Create a Duplicate Database” for detailed information about the DUPLICATE command. Oracle Database 10g: Backup and Recovery

Preparing to Restore the Database to a New Host
Perform the following steps to prepare: Record the database identifier (DBID) of your source database. Copy the source database initialization parameter file to the new host. Ensure that source backups, including the control file autobackup, are accessible on the restore host. Preparing to Restore the Database to a New Host Perform the steps listed in the slide to prepare for the restore of the database to a new host. Note: If you are performing a test restore, do not connect to the recovery catalog when restoring the datafiles. If you connect to the recovery catalog, RMAN records information about the restored datafiles in the recovery catalog and considers the restored database as the current target database. If your control file is not large enough to contain all of the RMAN repository data on the backups you need to restore and you must use a recovery catalog, export the catalog and import it into a different schema or database. Use the copied recovery catalog for the test restore. Oracle Database 10g: Backup and Recovery

Restoring the Database to a New Host
Perform the following steps on the restore host to restore the database: Configure the ORACLE_SID environment variable. Start RMAN and connect to the target instance in NOCATALOG mode. Set the database identifier (DBID). Start the instance in NOMOUNT mode. Create a RUN block to: Restore the server parameter file from the backup sets Shut down the instance (SHUTDOWN ABORT) Edit the restored initialization parameter file. Restoring the Database to a New Host Perform the steps listed on this page and the next on the restore host to restore the database. 1. Configure the ORACLE_SID environment variable as shown in the following example: $ setenv ORACLE_SID orcl 2. Start RMAN and connect to the target instance. Do not connect to the recovery catalog as shown in the following example: $ rman TARGET / 3. Set the database identifier (DBID). You can find the DBID of your source database by querying the DBID column in V$DATABASE. RMAN> SET DBID ; 4. Start the instance in NOMOUNT mode: RMAN> STARTUP NOMOUNT You will receive an error similar to the following because the server parameter file has not been restored. RMAN uses a “dummy” parameter file to start the instance. startup failed: ORA-01078: failure in processing system parameters Oracle Database 10g: Backup and Recovery

Restoring the Database to a New Host (notes only slide)
Restoring the Database to a New Host (continued) 5. Create a RUN block to restore the server parameter file from the backup sets and shut down the instance (SHUTDOWN ABORT) as shown in the example: RUN { RESTORE SPFILE TO PFILE '?/oradata/test/initorcl.ora' FROM AUTOBACKUP; SHUTDOWN ABORT; } 6. Edit the restored initialization parameter file to change any location-specific parameters, such as those ending in _DEST, to reflect the new directory structure. 7. Start the instance in NOMOUNT mode using your edited text initialization parameter file. RMAN> STARTUP NOMOUNT > PFILE='?/oradata/test/initorcl.ora'; Restoring the Database to a New Host (notes only slide) Oracle Database 10g: Backup and Recovery

Restoring the Database to a New Host
8. Create a RUN block to: Restore the control file Mount the database 9. Create the RMAN recovery script to restore and recover the database. 10.Execute the RMAN script. 11.Open the database with the RESETLOGS option. Restoring the Database to a New Host (continued) 8. Create a RUN block to restore the control file from an autobackup and mount the database as shown in the example: RUN { RESTORE CONTROLFILE FROM AUTOBACKUP; ALTER DATABASE MOUNT; } 9. Query V$DATAFILE to determine the file names of the database on your new host. Create the RMAN recovery script to restore and recover the database. Use the SET NEWNAME command to specify the path on your new host for each of the datafiles. Use the SQL ALTER DATABASE RENAME FILE command to specify the path for the online redo log files. Include the SET UNTIL command to limit recovery to the end of the archived redo log files. Include the SWITCH command so that the control file recognizes the new path names as the correct names for the datafiles. An example of a recovery script follows: Oracle Database 10g: Backup and Recovery

Restoring the Database to a New Host (continued) (notes only slide)
RUN { SET NEWNAME FOR DATAFILE 1 TO '?/oradata/test/system01.dbf'; SET NEWNAME FOR DATAFILE 2 TO '?/oradata/test/undotbs01.dbf'; SET NEWNAME FOR DATAFILE 3 TO '?/oradata/test/sysaux.dbf'; SET NEWNAME FOR DATAFILE 4 TO '?/oradata/test/users01.dbf'; SET NEWNAME FOR DATAFILE 5 TO '?/oradata/test/example01.dbf'; SQL "ALTER DATABASE RENAME FILE ''/u01/app/oracle/oradata/orcl/redo01.log'' TO ''?/oradata/test/redo01.log'' "; SQL "ALTER DATABASE RENAME FILE ''/u01/app/oracle/oradata/orcl/redo02.log'' TO ''?/oradata/test/redo02.log'' "; SQL "ALTER DATABASE RENAME FILE ''/u01/app/oracle/oradata/orcl/redo03.log'' TO ''?/oradata/test/redo03.log'' "; SET UNTIL SCN ; RESTORE DATABASE; SWITCH DATAFILE ALL; RECOVER DATABASE; } 10. Execute the recovery script. 11. Open the database with the RESETLOGS option: RMAN> ALTER DATABASE OPEN RESETLOGS; After you have completed your test, you can shut down the test database instance and delete the test database with all of its files. Restoring the Database to a New Host (continued) (notes only slide) Oracle Database 10g: Backup and Recovery

Performing Recovery with a Backup Control File
Restore and mount a backup control file when all copies of the current control file are lost or damaged. Execute the RECOVER command after restoring the backup control file. Open the database with the RESETLOGS option after performing complete or point-in-time recovery. Performing Recovery with a Backup Control File If you have lost all copies of the current control file, you must restore and mount a backup control file before performing recovery. Your recovery operation may be to recover lost datafiles or it may be to simply recover the control file. If you are using a recovery catalog, the process is identical to recovery with a current control file because RMAN can use the recovery catalog to obtain RMAN metadata. Oracle Database 10g: Backup and Recovery

Restoring the Server Parameter File from the Control File Autobackup
RMAN> STARTUP FORCE NOMOUNT; RMAN> RESTORE SPFILE FROM AUTOBACKUP; RMAN> STARTUP FORCE; Recovery Manager (RMAN) Flash Recovery Area Restoring the Server Parameter File from the Control File Autobackup If you have lost the server parameter file, you can restore it from the autobackup. The procedure is similar to restoring the control file from autobackup. Set the DBID for your database and then issue the RESTORE SPFILE FROM AUTOBACKUP command. If you are restoring the SPFILE to a nondefault location, specify the command as follows: RESTORE SPFILE TO <file_name> FROM AUTOBACKUP If you are restoring the server parameter file from the flash recovery area, specify the command as follows: RMAN> run { 2> restore spfile from autobackup 3> recovery area = '<flash recovery area destination>' 4> db_name = '<db_name>'; 5> } Server parameter file Database Oracle Database 10g: Backup and Recovery

Restoring the Control File from Autobackup
Recovery Manager (RMAN) Flash Recovery Area Control file Database RMAN> RESTORE CONTROLFILE TO 2> '/oradata/ctlfile.bak' FROM AUTOBACKUP; RMAN> RECOVER DATABASE; RMAN> ALTER DATABASE OPEN RESETLOGS; Restoring the Control File from Autobackup If you are not using a recovery catalog, you should have autobackup of the control file configured, so that you are able to quickly restore the control file if needed. The commands used for restoring your control file are the same, whether or not you are using a Flash Recovery Area. However, if you are using a Flash Recovery Area, RMAN implicitly cross-checks backups and image copies listed in the control file, and catalogs any files in the Flash Recovery Area not recorded in the restored control file, improving the usefulness of the restored control file in the restoration of the rest of your database. Note: Tape backups are not automatically cross-checked after the restoration of a control file. If you are using tape backups, then after restoring the control file and mounting the database, you must cross-check the backups on tape. Oracle Database 10g: Backup and Recovery

Restoring the Control File from Autobackup (notes only slide)
Restoring the Control File from Autobackup (continued) To restore the control file from an autobackup, the database must be in a NOMOUNT state. You must set the database identifier (DBID) before issuing the RESTORE CONTROLFILE FROM AUTOBACKUP command as shown in the following example: RMAN> SHUTDOWN IMMEDIATE; RMAN> STARTUP NOMOUNT; RMAN> SET DBID ; RMAN> RESTORE CONTROLFILE FROM AUTOBACKUP; RMAN searches for a control file autobackup. If one is found, RMAN restores the control file from that backup to all the control file locations listed in the CONTROL_FILES initialization parameter. If you have a recovery catalog, you do not have to set the DBID or use the control file autobackup to restore the control file. You can use the RESTORE CONTROLFILE command with no arguments: RMAN> RESTORE CONTROLFILE; The instance must be in the NOMOUNT state when you perform this operation, and RMAN must be connected to the recovery catalog. The restored control file is written to all locations listed in the CONTROL_FILES initialization parameter. Use the RESTORE CONTROLFILE... TO <destination> command to restore the control file to a nondefault location. If you have also lost the SPFILE for the database and need to restore it from the autobackup, the procedure is similar to restoring the control file from autobackup. You must first set the DBID for your database, and then use the RESTORE SPFILE FROM AUTOBACKUP command. After you have started the instance with the restored server parameter file, RMAN can restore the control file from the autobackup. After you restore and mount the control file, you have the backup information necessary to restore and recover the database. After restoring the control files of your database from backup, you must perform complete media recovery and then open your database with the RESETLOGS option. Restoring the Control File from Autobackup (notes only slide) Oracle Database 10g: Backup and Recovery

Performing Disaster Recovery
Disaster implies the loss of the entire target database, the recovery catalog database, all current control files, all online redo log files, and all parameter files. Disaster recovery includes the restoration and recovery of the target database. Minimum required set of backups: Backups of some datafiles Corresponding archived redo logs files At least one control file autobackup Performing Disaster Recovery Disaster recovery includes the restoration of and recovery of the target database after the loss of the entire target database, all current control files, all online redo log files, all parameter files, and the recovery catalog database (if applicable). To perform disaster recovery, the following backups are required as a minimum: Backups of some datafiles Corresponding archived redo logs generated after the time of the backup At least one autobackup of the control file Note: Refer to the Oracle Database 10g: Data Guard Administration course and the Oracle Data Guard Concepts and Administration manual for information about how Oracle Data Guard can provide complete disaster protection. Oracle Database 10g: Backup and Recovery

Performing Disaster Recovery
Basic procedure: Restore an autobackup of the server parameter file. Start the target database instance. Restore the control file from autobackup. Mount the database. Restore the datafiles. Recover the datafiles. Open the database with the RESETLOGS option. Performing Disaster Recovery (continued) The basic procedure for performing disaster recovery is outlined in the slide. After you have mounted the database, follow the steps for performing recovery with a backup control file. Refer to the Oracle Database Backup and Recovery Advanced User’s Guide for a detailed example. Oracle Database 10g: Backup and Recovery

Summary In this lesson, you should have learned how to: Perform complete recovery Perform recovery on a new host Perform recovery using a backup control file Oracle Database 10g: Backup and Recovery

Practice Overview This practice covers the following topics: Performing datafile recovery using different methods Performing control file recovery Oracle Database 10g: Backup and Recovery

Using Oracle Flashback Technologies

Objectives After completing this lesson, you should be able to: Use Flashback Drop to recover a dropped table Use Flashback Query to view the contents of the database as of any single point in time Use Flashback Versions Query to view versions of a row over time Use Flashback Transaction Query to view transaction history of a row Use Flashback Table to restore the contents of a table to a specific point in the past Configure Flashback Database Perform Flashback Database to a point in time Oracle Database 10g: Backup and Recovery

Using Oracle Flashback Technology
FALSE Undo data Transaction Investigate several historical states of data Tx Version Compare versions of a row Query Compare current data with data from the past Recycle bin Flashback logs Uses Table Database Object Level TRUE Truncate table; Undesired multitable changes made Update with the wrong WHERE clause Drop Flashback Technology Drop table Affects Data Scenario Examples Using Oracle Flashback Technology Flashback technology can be used when a logical corruption occurs in an Oracle database and you need to recover data quickly and easily. It is often difficult to identify the objects and rows that are affected by an erroneous transaction. With flashback technology, you can diagnose errors introduced into the database and repair the damage. You can view the transactions that have contributed to specific row modifications, view the entire set of versions of a given row during some time period, or just view data as it appeared at a specific time in the past. The table in the slide shows typical uses of flashback technology. Flashback Database uses the flashback logs to perform flashback. Flashback Drop uses the Recycle Bin. All other techniques use undo data. Not all flashback features modify the database. Some are simply methods to query other versions of data. The results of flashback queries can help you to: Determine which type of database-modifying flashback operation to perform to correct the problem Use the result set of the flashback queries in an INSERT, UPDATE, or DELETE statement that enables you to easily repair the erroneous data Oracle Database 10g: Backup and Recovery

Flashback Drop and the Recycle Bin
RECYCLEBIN = ON Drop a table Realize a mistake was made DROP TABLE employees; FLASHBACK TABLE employees TO BEFORE DROP; Flashback Drop and the Recycle Bin In previous releases of the Oracle database, if you dropped a table by mistake, you had to recover the database to a prior time to recover the dropped table. This procedure was often time consuming and resulted in loss of work of other transactions. Oracle Database includes the Flashback Drop feature, which you can use to undo the effects of a DROP TABLE statement without having to use point-in-time recovery. Note: The RECYCLEBIN initialization parameter is used to control whether the Flashback Drop capability is enabled. If the parameter is set to OFF, then dropped tables do not go into the Recycle Bin. If this parameter is set to ON, the dropped tables go into the Recycle Bin and can be recovered. By default, RECYCLEBIN is set to ON. Oracle Database 10g: Backup and Recovery

Understanding the Recycle Bin
BIN$zbjrBdpw==$0 EMPLOYEES BIN$zbjra9wy==$0 EMPLOYEES_PK Recycle bin USER_OBJECTS Objects are: Renamed Not moved EMPLOYEES BIN$zbjrBdpw==$0 EMPLOYEES_PK DBA_FREE_SPACE BIN$zbjra9wy==$0 Understanding the Recycle Bin Without the Recycle Bin enabled, when you drop a table, the space associated with the table and its dependent objects is immediately reclaimable (that is, it can be used for other objects). If the Recycle Bin is enabled, when you drop a table, the space associated with the table and its dependent objects is not immediately reclaimable, even though it appears in DBA_FREE_SPACE. Instead, the dropped objects are temporarily placed in the Recycle Bin and still belong to their owner. The space used by Recycle Bin objects is never automatically reclaimed unless there is space pressure. This enables you to recover Recycle Bin objects for the maximum possible duration. When a dropped table is moved to the Recycle Bin, the table and its associated objects and constraints are renamed using system-generated names. This is necessary to avoid name conflicts that may arise if you later create a new object with the same name. The Recycle Bin itself is a data dictionary table that maintains the relationships between the original names of dropped objects and their system-generated names. You can query the contents of the Recycle Bin by using the DBA_RECYCLEBIN view. DROP TABLE employees; Oracle Database 10g: Backup and Recovery

Restoring Tables from the Recycle Bin
Restore dropped tables and dependent objects. If multiple Recycle Bin entries have the same original name: Use unique, system-generated names to restore a particular version The restored table is last in, first out (LIFO) Rename the original name if that name is currently used. FLASHBACK TABLE table_name TO BEFORE DROP [RENAME TO new_name]; Restoring Tables from the Recycle Bin Use the FLASHBACK TABLE ... TO BEFORE DROP command to recover a table and all of its possible dependent objects from the Recycle Bin. You can specify either the original name of the table or the system-generated name assigned to the object when it was dropped. If you specify the original name, and if the Recycle Bin contains more than one object of that name, then the object that was moved to the Recycle Bin most recently is recovered first (LIFO: last in, first out). If you want to retrieve an older version of the table, you can specify the system-generated name of the table that you want to retrieve, or issue additional FLASHBACK TABLE ... TO BEFORE DROP statements until you retrieve the table you want. If a new table of the same name has been created in the same schema since the original table was dropped, then an error is returned unless you also specify the RENAME TO clause. Note: When you flash back a dropped table, the recovered indexes, triggers, and constraints keep their Recycle Bin names. Therefore, it is advisable to query the Recycle Bin and DBA_CONSTRAINTS before flashing back a dropped table. In this way, you can rename the recovered indexes, triggers, and constraints to more usable names. Oracle Database 10g: Backup and Recovery

Automatic Space Reclamation in the Recycle Bin
2 BIN$zbjrBdpw==$0 BIN$zbjra9wy==$0 BIN$zbjrBdpw==$0 BIN$zbjra9wy==$0 DBA_FREE_SPACE - RECYCLEBIN 1 Automatic Space Reclamation in the Recycle Bin As long as the space used by Recycle Bin objects is not reclaimed, you can recover those objects by using Flashback Drop. Recycle Bin object reclamation policies are as follows: Manual cleanup when you explicitly issue a PURGE command Automatic cleanup under space pressure: While objects are in the Recycle Bin, their corresponding space is also reported in DBA_FREE_SPACE because their space is automatically reclaimable. The free space in a particular tablespace is then consumed in the following order: 1. Free space not corresponding to Recycle Bin objects 2. Free space corresponding to Recycle Bin objects. In this case, Recycle Bin objects are automatically purged from the Recycle Bin using a first in, first out (FIFO) algorithm. 3. Free space automatically allocated if the tablespace is autoextensible Suppose you create a new table in the TBS1 tablespace. If there is free space allocated to this tablespace that does not correspond to a Recycle Bin object, this free space is used first. If this is not enough, free space is used that corresponds to Recycle Bin objects that reside in TBS1. If the free space of some Recycle Bin objects is used, these objects get purged automatically from the Recycle Bin. You can no longer recover those objects by using the Flashback Drop feature. As a last resort, the TBS1 tablespace is extended if possible. Autoextend 3 Oracle Database 10g: Backup and Recovery

Manual Space Reclamation in the Recycle Bin
PURGE {TABLE table_name|INDEX index_name} PURGE TABLESPACE ts_name [USER user_name] PURGE [USER_|DBA_]RECYCLEBIN Manual Space Reclamation in the Recycle Bin Use the PURGE command to permanently remove objects from the Recycle Bin. When an object is purged from the Recycle Bin, the object and its dependent objects are permanently removed from the database. Objects purged from the Recycle Bin are no longer recoverable by using the Flashback Drop feature. PURGE can be used as follows: PURGE TABLE purges the specified table. PURGE INDEX purges the specified index. PURGE TABLESPACE purges all the objects residing in the specified tablespace. In addition, objects residing in other tablespaces may get purged if they are dependent. Optionally, you can also specify the USER clause to purge only those objects that belong to the specified user running low on disk quota for the specified tablespace. PURGE RECYCLEBIN purges all the objects that belong to the current user. RECYCLEBIN and USER_RECYCLEBIN are synonymous. PURGE DBA_RECYCLEBIN purges all the objects. You must have the appropriate system privileges or the SYSDBA system privilege to issue this command. Note: For PURGE TABLE and PURGE INDEX commands, if you specify an original name and if the Recycle Bin contains more than one object of that name, then the object that has been in the Recycle Bin the longest is purged first (FIFO). Oracle Database 10g: Backup and Recovery

Bypassing the Recycle Bin
DROP TABLE table_name [PURGE] ; DROP TABLESPACE ts_name [INCLUDING CONTENTS] ; DROP USER user_name [CASCADE] ; Bypassing the Recycle Bin You can use the DROP TABLE PURGE command to permanently drop a table and its dependent objects from the database. When you use this command, the corresponding objects are not moved to the Recycle Bin. This command provides the same functionality that the DROP TABLE command provided in previous releases. When you issue the DROP TABLESPACE ... INCLUDING CONTENTS command, the objects in the tablespace are not placed in the Recycle Bin. Moreover, objects in the Recycle Bin belonging to the tablespace are purged. When you issue the same command without the INCLUDING CONTENTS clause, the tablespace must be empty for the command to succeed. However, there can be objects belonging to the tablespace in the Recycle Bin. In this case, these objects are purged. When you issue the DROP USER ... CASCADE command, the user and all the objects owned by the user are permanently dropped from the database. Any objects in the Recycle Bin belonging to the dropped user are purged. Oracle Database 10g: Backup and Recovery

Querying the Recycle Bin
SELECT owner, original_name, object_name, type, ts_name, droptime, related, space FROM dba_recyclebin WHERE can_undrop = 'YES'; SELECT original_name, object_name, type, ts_name, droptime, related, space FROM user_recyclebin WHERE can_undrop = 'YES'; SQL> SHOW RECYCLEBIN Querying the Recycle Bin You can view all the objects that you have dropped by querying USER_RECYCLEBIN or RECYCLEBIN. DBA_RECYCLEBIN shows you all the objects that have been dropped by all users and that are still in the Recycle Bin. You can also use the SQL*Plus SHOW RECYCLEBIN command. This command shows you only those objects that can be “undropped.” The examples show how to extract important information from the Recycle Bin: ORIGINAL_NAME is the name of the object before it is dropped. OBJECT_NAME is the system-generated name of the object after it is dropped. TYPE is the object’s type. TS_NAME is the name of the tablespace to which the object belongs. DROPTIME is the date at which the object was dropped. RELATED is the object identifier of the dropped object. SPACE is the number of blocks currently used by the object. You can also see the contents of the Recycle Bin by using Enterprise Manager. Note: For detailed information about the DBA_RECYCLEBIN view, refer to the Oracle Database Reference manual. Oracle Database 10g: Backup and Recovery

Querying Data in Dropped Tables
USER_TABLES DROPPED TABLE_NAME NO SALES Recycle bin YES BIN$zbjrBdpw==$0 EMPLOYEES BIN$zbjra9wy==$0 EMPLOYEES_PK YES NO SALES_PK DROPPED INDEX_NAME USER_INDEXES Querying Data in Dropped Tables When you drop a table, the table is moved to the Recycle Bin, and its original name is changed to a unique, system-generated name. Because you still own the dropped table, you can see its characteristics from various dictionary views such as DBA_TABLES, DBA_OBJECTS, and DBA_SEGMENTS. To make a distinction between tables that are in the Recycle Bin and tables that are not, the DBA_TABLES view has a column named DROPPED that is set to YES for tables that are still in the Recycle Bin. As long as a system-generated table name is in the Recycle Bin, you can use it in a SELECT statement and also in flashback queries. However, you cannot issue any sort of DML or DDL statements on objects that reside in the Recycle Bin. SELECT ... FROM "BIN$zbjrBdpw==$0" WHERE ... Oracle Database 10g: Backup and Recovery

Using Flashback Technology to Query Data
Flashback Query Query all data at a specified point in time. Flashback Versions Query See all versions of a row between two times. See the transactions that changed the row. Flashback Transaction Query See all changes made by a transaction. Time Tx3 Using Flashback Technology to Query Data Flashback technology provides the capability to query past versions of schema objects, query historical data, and perform change analysis. Every transaction logically generates a new version of the database. With Flashback technology, you can navigate through these versions to find an error and its cause: Flashback Query: Query all data as it existed at a specific point in time. Flashback Versions Query: See all versions of rows between two times and the transactions that changed the row. Flashback Transaction Query: See all changes made by a transaction. Tx2 Flashback Tx1 Oracle Database 10g: Backup and Recovery

Configuring Undo for Flashback
SYSTEM tablespace UNDOTBS1 tablespace Configuring Undo for Flashback Flashback Query, Flashback Versions Query, and Flashback Transaction Query use data from the undo tablespace. Use the UNDO_RETENTION initialization parameter to specify, in seconds, the amount of committed undo information to be retained in the database. Note: If an active transaction needs undo space and the undo tablespace does not have any free space, then the system starts reusing undo space that would have been retained unless you had specified RETENTION GUARANTEE for the tablespace. UNDO_RETENTION initialization parameter Oracle Database 10g: Backup and Recovery

Flashback Query: Overview
Use to query all data at a specified point in time. Employees Unwanted updates Employees t1 t2 SELECT employee_id, salary FROM employees AS OF TIMESTAMP <t1> WHERE employee_id = 200 Flashback Query: Overview With the Flashback Query feature, you can perform queries as of a certain time. By using the AS OF clause of the SELECT statement, you can specify the time stamp for which to view the data. This is useful for analyzing a data discrepancy. Note: TIMESTAMP and SCN are valid options for the AS OF clause. Oracle Database 10g: Backup and Recovery

Flashback Query: Example
Employees Employees Employees salary = 4,400 salary = 4,840 salary = 4,400 11:00 11:10 UPDATE employees SET salary = (SELECT salary FROM employees AS OF TIMESTAMP TO_TIMESTAMP (' :00:00', 'yyyy-mm-dd hh24:mi:ss') WHERE employee_id = 200) WHERE employee_id = 200 Flashback Query: Example If a raise has been erroneously given to a particular employee recently, you can update the salary again, assigning the salary provided by a subquery that returns the flashed back value. Oracle Database 10g: Backup and Recovery

Flashback Versions Query: Overview
Tx0 Tx1 Tx2 Employees Employees Employees 200 t1 t2 SELECT versions_xid, salary FROM employees VERSIONS BETWEEN TIMESTAMP <t1> and <t2> WHERE employee_id = 200; Flashback Versions Query: Overview With the Flashback Query feature, you can perform queries on the database as of a certain time span or range of user-specified system change numbers (SCNs). The Flashback Versions Query feature enables you to use the VERSIONS clause to retrieve all the versions of the rows that exist between two points in time or two SCNs. The rows returned by Flashback Versions Query represent a history of changes for the rows across transactions. Flashback Versions Query retrieves only committed occurrences of the rows. Uncommitted row versions within a transaction are not shown. The rows returned also include deleted and subsequently reinserted versions of the rows. You can use Flashback Versions Query to retrieve row history. It provides you with a way to audit the rows of a table and retrieve information about the transactions that affected the rows. You can then use the returned transaction identifier to perform transaction mining by using LogMiner or to perform a Flashback Transaction Query, as described later in this lesson. Note: VERSIONS_XID is a pseudocolumn that returns the transaction identifier of the corresponding version of a row. Tx0 Tx1 Tx2 Oracle Database 10g: Backup and Recovery

Using Enterprise Manager to Perform Flashback Versions Query
Flashback Versions Query Through Enterprise Manager Flashback Versions Query can also be performed by using Enterprise Manager. On the Maintenance page, select Perform Recovery. On the Perform Recovery page, select Tables for the Object Type and select Flashback Existing Tables for the Operation Type. Click Perform Object Level Recovery. On the “Perform Object Level Recovery: Point-in-Time” page, select “Evaluate row changes and transactions to decide on a point in time,” and specify the name of the target table. Select the columns that you want to view in the Available Columns box, and then enter a search clause in the Bind The Row Value box. Select “Show all row history,” and then click Next. Oracle Database 10g: Backup and Recovery

Flashback Versions Query: Considerations
The VERSIONS clause cannot be used to query: External tables Temporary tables Fixed tables Views The VERSIONS clause cannot span DDL commands. Segment shrink operations are filtered out. Flashback Versions Query: Considerations The VERSIONS clause cannot be used to query the following types of tables: External tables Temporary tables Fixed tables You cannot use the VERSIONS clause to query a view. However, a view definition can use the VERSIONS clause. The VERSIONS clause in a SELECT statement cannot produce versions of rows across the DDL statements that change the structure of the corresponding tables. This means that the query stops producing rows after it reaches a time in the past when the table structure was changed. Certain maintenance operations, such as a segment shrink, may move table rows across blocks. In this case, the version query filters out such phantom versions because the row data remains the same. Oracle Database 10g: Backup and Recovery

Flashback Transaction Query: Overview
Undo SQL FLASHBACK_TRANSACTION_QUERY DBA User Erroneous DML Flashback Transaction Query: Overview Flashback Transaction Query is a diagnostic tool that you can use to view changes made to the database at the transaction level. This enables you to diagnose problems in your database and perform analysis and audits of transactions. You can use the FLASHBACK_TRANSACTION_QUERY view to determine all the necessary SQL statements that can be used to undo the changes made either by a specific transaction or during a specific period of time. Oracle Database 10g: Backup and Recovery

Using Enterprise Manager to Perform Flashback Transaction Query
This feature is used in conjunction with the Flashback Versions Query feature with the help of the Perform Recovery Wizard. On the “Perform Object Level Recovery: Choose SCN” page, click the corresponding Transaction ID link in the Flashback Versions Query Result region. In the example in the slide, a Flashback Versions Query is performed on the JOBS table to retrieve the three versions of the JOBS row for JOB_ID = 'AD_PRES'. Then, one of the transaction IDs is clicked, showing all the changes that were part of that transaction. Notice that in addition to the JOBS table update, there was also an update to the EMPLOYEES table in that transaction. Oracle Database 10g: Backup and Recovery

Flashback Transaction Query: Considerations
DDL commands are seen as dictionary updates. Dropped objects appear as object numbers. Dropped users appear as user identifiers. Flashback Transaction Query: Considerations Within the database, DDL operations are nothing but a series of space management operations and changes to the data dictionary. Flashback Transaction Query on a transaction underlying a DDL command displays the changes made to the data dictionary. When Flashback Transaction Query involves tables that have been dropped from the database, the table names are not reflected. Instead, object numbers are used. If the user who executed a transaction is dropped, Flashback Transaction Query of that transaction displays the corresponding user ID only, and not the username. Note: When there is not enough undo data for a specific transaction, a row with a value of UNKNOWN in the OPERATION column of FLASHBACK_TRANSACTION_QUERY is returned. Oracle Database 10g: Backup and Recovery

Flashback Table: Overview
Flashback Table recovers tables to a specific point in time. Flashback Table is an in-place operation. The database stays online. Flashback Table: Overview Using Flashback Table, you can recover a set of tables to a specific point in time without having to perform traditional point-in-time recovery operations. A Flashback Table operation is done in-place, while the database is online, by rolling back only the changes that are made to the given tables and their dependent objects. A Flashback Table statement is executed as a single transaction. All tables must be flashed back successfully, or the entire transaction is rolled back. Note: You can use Flashback Versions Query and Flashback Transaction Query to determine the appropriate flashback time. Erroneous DMLs Flashed back tables User Oracle Database 10g: Backup and Recovery

Flashback Table Using Flashback Table, you can recover a table or tables to a specific point in time without restoring a backup. Data is retrieved from the undo tablespace to perform a Flashback Table operation. The FLASHBACK TABLE privilege is required to flash back a table. Row movement must be enabled on the table that you are performing the flashback operation on. Flashback Table With Flashback Table, you can recover a table or tables to a specific point in time without restoring a backup. When you use this feature, the data in tables and their associated objects (indexes, constraints, triggers, and so on) is restored. The data used to satisfy a Flashback Table request is retrieved from the undo tablespace. You can use Flashback Versions Query and Flashback Transaction Query to determine the appropriate flashback time. Flashback Table provides a way for users to easily and quickly recover from accidental modifications without a database administrator’s involvement. You must grant the FLASHBACK TABLE or FLASHBACK ANY TABLE system privilege to any user that uses the Flashback Table feature. In addition, you must grant the SELECT, INSERT, DELETE, and ALTER object privileges to the user. You can use Enterprise Manager to flash back a table. The wizard guides you through the process. Note: Enabling row movement is described on the next page. Oracle Database 10g: Backup and Recovery

Enabling Row Movement on a Table
ALTER TABLE employees ENABLE ROW MOVEMENT; Enabling Row Movement on a Table You must enable row movement on a table to be able to flash back the table. When you enable row movement, the Oracle server can move a row in the table. You can use Enterprise Manager to enable row movement. Using Enterprise Manager, you can enable row movement on a table by performing the following steps: 1. Select Tables in the Schema region on the Administration property page. Enter the schema name to search for the table, and click Go. 2. Click the table name of the table for which you want to enable row movement. You are now on the View Table page. 3. Click Edit, which takes you to the Edit Table page. 4. Click the Options tab, where you can change the Enable Row Movement setting for the table. 5. Set Enable Row Movement to Yes, and click Apply. The update confirmation message is displayed. Oracle Database 10g: Backup and Recovery

Performing Flashback Table
FLASHBACK TABLE hr.employees TO TIMESTAMP TO_TIMESTAMP(' 05:32:00', 'YYYY-MM-DD HH24:MI:SS'); Performing Flashback Table You can use Enterprise Manager to flash back a table by performing the following steps: 1. Select Perform Recovery in the Backup/Recovery region on the Maintenance property page. The Perform Recovery page appears. 2. In the Object Level Recovery region, select Tables from the Object Type drop-down list. 3. Select Flashback Existing Tables as the Operation Type. Click Perform Object Level Recovery. The “Perform Object Level Recovery: Point-in-time” page is displayed. 4. Select “Flashback to a timestamp” or “Flashback to a known SCN” and then specify a time stamp or SCN to flash back to, and click Next. 5. Click Add Tables to add tables to the list for the flashback operation. Click Next. 6. The Dependency Options page appears if there are dependent tables. Select the desired option for dealing with dependent tables. Typically, you would select “Cascade” to ensure a consistent flashback. Click Next. 7. The “Perform Object Level Recovery: Review” page appears. Review the information and click Submit. The Confirmation page appears. Note: You can also flash back tables from the Tables link in the Schema region of the Administration page. Oracle Database 10g: Backup and Recovery

Flashback Table: Considerations
The FLASHBACK TABLE command executes as a single transaction, acquiring exclusive DML locks. Statistics are not flashed back. Current indexes and dependent objects are maintained. Flashback Table operations: Cannot be performed on system tables Cannot span DDL operations Generate undo and redo data Flashback Table: Considerations The entire FLASHBACK TABLE statement is executed within a single transaction. All or none of the specified tables are flashed back. Flashback Table acquires exclusive data manipulation language (DML) locks on all the tables that are specified in the statement over the period of time when the operation is in progress. Statistics of impacted objects are not flashed back. All existing indexes are maintained. Dropped indexes are not re-created. Dependent on-commit materialized views are also maintained automatically. Tables specified in the FLASHBACK TABLE statement are flashed back, provided that none of the table constraints are violated. If any constraints are violated during flashback execution, the operation is aborted and the tables are left in the same state as they were just before the FLASHBACK TABLE statement invocation. You cannot perform Flashback Table to a particular time that is older than the time of the execution of a data definition language (DDL) operation that altered the structure of or shrunk a table that would be involved in the flashback operation. This restriction does not apply to DDL statements that only change storage attributes of the tables. Flashback Table cannot be performed on system tables, remote tables, and fixed tables. Oracle Database 10g: Backup and Recovery

Flashback Database: Overview
The Flashback Database operation: Works like a rewind button for the database Can be used in cases of logical data corruptions made by users Users generate errors. The database is corrupted. Flashback Database: You “press the rewind button.” The database is “rewound.” Flashback Database: Review With Flashback Database, you can quickly bring your database to an earlier point in time by undoing all the changes that have taken place since that time. With this operation, you do not need to restore backups. You can use this feature to undo changes that have resulted in logical data corruption. If you have experienced a loss of media or physical corruption in your database, then you must use traditional recovery methods. Oracle Database 10g: Backup and Recovery

Flashback Database Architecture
SGA Redo log buffer Flashback buffer Buffer cache LGWR Every change Log block before images periodically. Flashback logs Redo logs RVWR Back out changes to database using before images. Do forward media recovery. Flashback Database Architecture When you enable Flashback Database, the RVWR background process is started. This background process sequentially writes Flashback Database data from the flashback buffer to the Flashback Database logs, which are circularly reused. Subsequently, when a FLASHBACK DATABASE command is issued, the flashback logs are used to restore to the blocks’ before images, and then redo data is used to roll forward to the desired flashback time. The overhead of enabling Flashback Database depends on the read-write mix of the database workload. Because queries do not need to log any flashback data, the more write-intensive the workload, the higher the overhead of enabling Flashback Database. Note: Flashback Database logs are not archived. 1 2 … … Oracle Database 10g: Backup and Recovery

Configuring Flashback Database
1. Configure the Flash Recovery Area. 2. Set the retention target. 3. Enable Flashback Database. SQL> SHUTDOWN IMMEDIATE; SQL> STARTUP MOUNT EXCLUSIVE; SQL> ALTER SYSTEM SET 2 DB_FLASHBACK_RETENTION_TARGET=2880 SCOPE=BOTH; SQL> ALTER DATABASE FLASHBACK ON; SQL> ALTER DATABASE OPEN; Configuring Flashback Database You can configure Flashback Database as follows: 1. Configure the Flash Recovery Area. 2. Set the retention target with the DB_FLASHBACK_RETENTION_TARGET initialization parameter. You can specify an upper limit, in minutes, on how far back you want to be able to flash back the database. This parameter is only a target and does not provide any guarantee. Your flashback time interval depends on how much flashback data has been kept in the Flash Recovery Area. 3. Enable Flashback Database with the following command: ALTER DATABASE FLASHBACK ON; Before you can issue the command to enable Flashback Database, the database must be configured for archiving and started in MOUNT EXCLUSIVE mode. You can determine whether Flashback Database is enabled with the following query: SELECT flashback_on FROM v$database; You can disable Flashback Database with the ALTER DATABASE FLASHBACK OFF command. As a result, all existing Flashback Database logs are deleted automatically. Note: You can enable Flashback Database only when the database is mounted in exclusive mode, not open. Oracle Database 10g: Backup and Recovery

Using Enterprise Manager to Configure Flashback Database
Enable flashback logging and specify the Flash Recovery Area. Using Enterprise Manager to Configure Flashback Database When you are certain that the database is in ARCHIVELOG mode, return to the Recovery Settings page and scroll down to the Media Recovery and Flash Recovery Area regions to observe the new settings. When the Flash Recovery Area and archiving are configured, USE_DB_RECOVERY_FILE_DEST is configured for archive log destination 10. Enable flashback logging by selecting Enable Flashback Logging. You also have the ability to set the flashback retention time, and you can view important information regarding your flashback database window. Review the Flash Recovery Area location. The Flash Recovery Area is a unified storage location for all recovery-related files and activities in an Oracle database. All files that are needed to completely recover a database from a media failure are part of the Flash Recovery Area. The recovery-related files that can be created in the Flash Recovery Area include: archived redo log files, control files, backups created by Recovery Manager (RMAN), flashback logs, and the change tracking file. By allocating a storage location and unifying recovery-related files within a specific area, the Oracle database server relieves the database administrator of having to manage the disk files created by these components. The default location for the Flash Recovery Area is $ORACLE_BASE. If you want it in a different location, change it now. Scroll down to the bottom of the Recovery Settings page and click Apply. Oracle Database 10g: Backup and Recovery

Flashback Database: Examples
RMAN> FLASHBACK DATABASE TO TIME = 2> "TO_DATE(' :00:00', 3> 'YYYY-MM-DD HH24:MI:SS')"; RMAN> FLASHBACK DATABASE TO SCN=23565; RMAN> FLASHBACK DATABASE 2> TO SEQUENCE=223 THREAD=1; SQL> FLASHBACK DATABASE 2 TO TIMESTAMP(SYSDATE-1/24); SQL> FLASHBACK DATABASE TO SCN 53943; SQL> FLASHBACK DATABASE TO RESTORE POINT b4_load; Flashback Database: Examples You can use the RMAN FLASHBACK DATABASE command to execute the Flashback Database operation. You can use SEQUENCE and THREAD to specify a redo log sequence number and thread as a lower limit. RMAN selects only files that can be used to flash back to, but not including, the specified sequence number. Alternatively, you can use the FLASHBACK DATABASE SQL command to return the database to a past time or SCN. If you use the TO SCN clause, you must provide a number. If you specify TO TIMESTAMP, you must provide a time-stamp value. You can also specify a restore point name. Note: The database must be mounted in EXCLUSIVE mode to issue the FLASHBACK DATABASE command and must be opened with the RESETLOGS option when finished. Oracle Database 10g: Backup and Recovery

Using Enterprise Manager to Perform Flashback Database
Select the object and operation type. Using Enterprise Manager to Perform Flashback Database On the Maintenance page, select Perform Recovery. From the Object Type drop-down list, select Whole Database. Next, select “Recover to the current time or a previous point-in-time” as Operation Type. Finally, provide the operating system credentials for a database user (that is, one who belongs to the DBA group). When these steps are completed, click Continue to proceed to the next step in the Flashback Database operation. Oracle Database 10g: Backup and Recovery

Starting the Recovery Wizard: Using Enterprise Manager to Perform Flashback Database (continued) After the recovery operation type has been chosen, the Recovery Wizard is started. You are informed that the database will be shut down and restarted in MOUNT mode. This operation takes several minutes and you will be informed of the delay. After waiting an appropriate amount of time, you must click Refresh to continue with the operation. Oracle Database 10g: Backup and Recovery

Using Enterprise Manager to Perform Flashback Database (continued) The Recovery Wizard is now started. At this stage, the database is shut down and started in MOUNT mode. Click Refresh. This displays the Perform Recovery: Point-in-time page. On this page, select the “Recover to a prior point-in-time” option, and then specify either a date or an SCN. Then, click Next. The Perform Recovery: Flashback page appears next, and you can choose to perform either recovery using flashback or regular recovery. Select the corresponding option, and then click Next. This brings you directly to the Perform Recovery: Review page that is shown in the slide. Click Submit to flash back the database. Oracle Database 10g: Backup and Recovery

Flashback Database Considerations
When the Flashback Database operation completes, open the database: In read-only mode to verify that the correct target time or SCN was used With a RESETLOGS operation to allow for DML You cannot use Flashback Database in the following situations: The control file has been restored or re-created. A tablespace has been dropped. A datafile has been shrunk. Use the TO BEFORE RESETLOGS to flash back to before the last RESETLOGS operation. Flashback Database Considerations After the Flashback Database operation is complete, you can open the database in read-only mode to verify that the correct target time or SCN was used. If not, you can flash back the database again, or perform a recovery to roll forward the database. To undo a Flashback Database operation, you should recover the database forward. You cannot use Flashback Database to recover a data file that was dropped during the span of time you are flashing back. The dropped data file is added to the control file and marked offline, but it is not flashed back. Flashback Database cannot flash back a data file to a time after its creation and before the resize operation. If a file was resized during the span of time to which you are going to flash back the database, then you should take the file offline before beginning the Flashback Database operation. This is applicable for files that are shrunk rather than expanded. You can use Flashback Database with datafiles that you have configured for automatic extension. You can flash back to just before the last RESETLOGS operation by supplying the TO BEFORE RESETLOGS clause in the FLASHBACK DATABASE command. Note: The flashback retention target is not an absolute guarantee that flashback will be available. If space is needed for required files in the Flash Recovery Area, flashback logs may be deleted automatically. Oracle Database 10g: Backup and Recovery

Monitoring Flashback Database
To monitor the ability to meet your retention target: View the Flash Recovery Area disk quota: Determine the current flashback window: Monitor logging in the Flashback Database logs: SQL> SELECT estimated_flashback_size, flashback_size 3 FROM v$flashback_database_log; SQL> SELECT oldest_flashback_scn, 2 oldest_flashback_time 3 FROM v$flashback_database_log; Monitoring Flashback Database It is important for you to monitor space usage of the Flash Recovery Area so that you know how well you are meeting your retention target. Use the V$FLASHBACK_DATABASE_LOG view to monitor the Flashback Database retention target: ESTIMATED_FLASHBACK_SIZE uses previously logged flashback data to provide an estimate of how much disk space is needed in the Flash Recovery Area for flashback logs to meet the current flashback retention target. The estimate is based on the workload since the instance was started, or during the most recent time interval equal to the flashback retention target, whichever is shorter. FLASHBACK_SIZE gives you the current size in bytes of the flashback data. OLDEST_FLASHBACK_SCN and OLDEST_FLASHBACK_TIME display the approximate lowest SCN and time to which you can flash back your database. CURRENT_SCN in V$DATABASE gives you the current database SCN. Use the V$FLASHBACK_DATABASE_STAT view to monitor the overhead of logging flashback data in the Flashback Database logs. This view contains 24 hours of information, with each row representing a one-hour time interval. You can use this view to determine rate changes in the flashback data generation. SQL> SELECT * 2 FROM v$flashback_database_stat; Oracle Database 10g: Backup and Recovery

Monitoring Flashback Database (continued) (notes only slide)
SQL> SELECT begin_time, end_time, flashback_data, db_data, 2 redo_data, estimated_flashback_size AS EST_FB_SZE 3 FROM v$flashback_database_stat; BEGIN_TIM END_TIME FLASHBACK_DATA DB_DATA REDO_DATA EST_FB_SZE 12-FEB FEB 12-FEB FEB 12-FEB FEB 12-FEB FEB On the basis of this information, you may need to adjust the retention time or the Flash Recovery Area size. FLASHBACK_DATA and REDO_DATA represent the number of bytes of flashback data and redo data written, respectively, during the time interval, and DB_DATA gives the number of bytes of data blocks read and written. This view also contains the estimated flashback space needed for the interval. You can query V$RECOVERY_FILE_DEST to view information regarding the Flash Recovery Area. The column descriptions are: NAME: Flash recovery area name, indicating location string SPACE_LIMIT: Disk limit specified in the DB_RECOVERY_FILE_DEST_SIZE parameter SPACE_USED: Space used by Flash Recovery Area files (in bytes) SPACE_RECLAIMABLE: Amount of space that can be reclaimed by deleting obsolete, redundant, and other low-priority files through the space management algorithm NUMBER_OF_FILES: Number of files SQL> SELECT name, space_limit AS quota, space_used AS used, space_reclaimable AS reclaimable, number_of_files AS files 5 FROM v$recovery_file_dest ; NAME QUOTA USED RECLAIMABLE FILES /u01/flash_recovery_area Monitoring Flashback Database (continued) (notes only slide) Oracle Database 10g: Backup and Recovery

Monitoring Flashback Database
Monitoring Flashback Database (continued) Most of the Flashback Database statistics mentioned on the preceding pages can be viewed from the Recovery Settings page. These metrics include the current space used by all flashback logs, the lowest SCN, and the time of the lowest SCN in the flashback data. Oracle Database 10g: Backup and Recovery

Tuning Considerations for Flashback Database
Performance overhead is approximately 2%. Sequential and often, bulk writes are used for writing flashback data. In well-configured systems, no process needs to wait for writing of flashback logs. Best practices: Use a fast file system for the Flash Recovery Area, preferably without operating system file caching. Configure enough disk spindles for the file system that holds the Flash Recovery Area. Configure the file system on top of striped storage volumes, with a relatively small stripe size such as 128 KB. For large, production databases, set the LOG_BUFFER initialization parameter to at least 8 MB. Tuning Considerations for Flashback Database Maintaining flashback logs imposes comparatively limited overhead on an Oracle database instance. Changed blocks are written from memory to the flashback logs at relatively infrequent, regular intervals, to limit processing and I/O overhead. To achieve good performance for large production databases with Flashback Database enabled, Oracle recommends the following: Use a fast file system for your Flash Recovery Area, preferably without operating system file caching. Files created in the Flash Recovery Area, including flashback logs, are typically large. Operating system file caching is typically not effective for these files, and may actually add CPU overhead for reading from and writing to these files. The recommendation is to use a file system that avoids operating system file caching, such as ASM. Configure enough disk spindles for the file system that will hold the Flash Recovery Area. For large production databases, multiple disk spindles may be needed to support the required disk throughput for the Oracle Database server to write the flashback logs effectively. Oracle Database 10g: Backup and Recovery

Tuning Considerations for Flashback Database (continued) If the storage system used to hold the Flash Recovery Area does not have non-volatile RAM, try to configure the file system on top of striped storage volumes, with a relatively small stripe size such as 128 KB. This will allow each write to the flashback logs to be spread across multiple spindles, improving performance. For large, production databases, set the LOG_BUFFER initialization parameter to at least 8 MB. This ensures that the Oracle Database server allocates maximum memory (typically16 MB) for writing flashback database logs. Tuning Considerations for Flashback Database (continued) (notes only slide) Oracle Database 10g: Backup and Recovery

Using Guaranteed Restore Points
A guaranteed restore point ensures that you can perform a FLASHBACK DATABASE command to that SCN at any time. SQL> CREATE RESTORE POINT before_load 2 GUARANTEE FLASHBACK DATABASE; Guaranteed Restore Points Like normal restore points, guaranteed restore points can be used as aliases for SCNs in recovery operations. However, they also provide specific functionality related to the use of the Flashback Database feature. Creating a guaranteed restore point at a particular SCN enforces the requirement that you can perform a Flashback Database operation to return your database to its state at that SCN, even if flashback logging is not enabled for your database. If flashback logging is enabled, creating a guaranteed restore point enforces the retention of flashback logs required for Flashback Database back to any point in time after the creation of the earliest guaranteed restore point. A guaranteed restore point can be used to revert a whole database to a known good state days or weeks ago, as long as there is enough disk space in Flash Recovery Area to store the needed logs. Note: As with normal restore points, guaranteed restore points can be used to specify a point in time for RECOVER DATABASE operations. Oracle Database 10g: Backup and Recovery

Summary In this lesson, you should have learned how to: Use Flashback Drop to recover a dropped table Use Flashback Query to view the contents of the database as of any single point in time Use Flashback Versions Query to view versions of a row over time Use Flashback Transaction Query to view transaction history or a row Use Flashback Table to restore the contents of a table to a specific point in the past Configure Flashback Database Perform Flashback Database to a point in time Oracle Database 10g: Backup and Recovery

Practice Overview This practice covers the following topics: Enabling Flashback Database Setting Restore Points Performing Flashback Table Using Flashback Query and Flashback Versions Query Performing Flashback Database to undo unwanted transactions Oracle Database 10g: Backup and Recovery

Using RMAN to Create a Duplicate Database

Objectives After completing this lesson, you should be able to: Describe the ways a duplicate database can be used Configure auxiliary database file names Create a duplicate database Oracle Database 10g: Backup and Recovery

Using RMAN to Create a Duplicate Database
Use the RMAN DUPLICATE command to create a duplicate database using target database backups. Datafile backups Archived redo log files Using RMAN to Create a Duplicate Database A duplicate database is a copy of the target database (or a subset of the target database) with a new, unique database identifier (DBID). The target database site and duplicate database site can be on the same or separate hosts. The duplicate database is created using backups and archived redo log files from the target database. Auxiliary instance Target database Oracle Database 10g: Backup and Recovery

Using a Duplicate Database
You can use a duplicate database to: Test backup and recovery procedures Recover objects by creating an export and importing the objects into the production database Using a Duplicate Database A duplicate database is a copy of your target database. You can operate it independently of the target database to: Test backup and recovery procedures Recover objects that were inadvertently dropped from the target database by creating an export containing the objects in the duplicate database and importing them into the production database. Oracle Database 10g: Backup and Recovery

Creating a Duplicate Database
Create an Oracle password file for the auxiliary instance. Establish Oracle Net connectivity to the auxiliary instance. Create an initialization parameter file for the auxiliary instance. Start the auxiliary instance in NOMOUNT mode. Mount or open the target database. Ensure that backups and archived redo log files are available. Allocate auxiliary channels if needed. Execute the DUPLICATE command. Creating a Duplicate Database The basic steps to creating a duplicate database are outlined in the slide. More detail is provided in the lesson for some of the steps. Oracle Database 10g: Backup and Recovery

Creating an Initialization Parameter File for the Auxiliary Instance
Specify parameters as follows: DB_NAME If the duplicate database is in the same Oracle Home as the target database, names must be different. Use the same value in the DUPLICATE command. DB_BLOCK_SIZE Specify the same value as set for the target database. Creating an Initialization Parameter File for the Auxiliary Instance You must create a text initialization parameter file for the auxiliary instance. The text initialization parameter file must reside on the same host as the RMAN client that you use to execute the DUPLICATE command. Take note of the requirements for each of the following parameters: DB_NAME: If the target database and the duplicate database are in the same Oracle Home, you must set DB_NAME to a different name. If they are in different Oracle Homes, you must ensure that the duplicate database name differs from the other names in its Oracle Home. Be sure to use the same database name that you set for this parameter when you execute the DUPLICATE command. DB_BLOCK_SIZE: The block size of the auxiliary database must match the block size of the target database. Specify the same value in the initialization parameter file for the auxiliary database as set in the initialization parameter file for the target database. If the parameter is not set in the initialization parameter file for the target database, do not set it in the auxiliary instance initialization parameter file. In addition, be sure to verify the settings of all initialization parameters that specify path names. Verify that all specified paths are accessible on the duplicate database host. Oracle Database 10g: Backup and Recovery

Specifying Parameters to Control File Naming
Specify the following parameters to control the naming of the files of your auxiliary database: CONTROL_FILES DB_FILE_NAME_CONVERT LOG_FILE_NAME_CONVERT CONTROL_FILES='/u01/app/oracle/oradata/aux/control01.ctl', '/u01/app/oracle/oradata/aux/control02.ctl', '/u01/app/oracle/oradata/aux/control03.ctl' DB_FILE_NAME_CONVERT='/u01/app/oracle/oradata/orcl', '/u01/app/oracle/oradata/aux' LOG_FILE_NAME_CONVERT='/u01/app/oracle/oradata/orcl', Specifying Parameters to Control File Naming RMAN generates names for the required database files when you execute the DUPLICATE command. You can control the naming of the files by specifying the following initialization parameters in the auxiliary instance initialization parameter file: CONTROL_FILES: Specify the names of the control files in this parameter. If you do not set the names via this parameter, the Oracle server creates an Oracle-managed control file in a default control destination. Refer to the SQL CREATE CONTROLFILE command in the SQL Reference manual for specific information. DB_FILE_NAME_CONVERT: This parameter is used to specify the names of datafiles for the auxiliary database. It has the format DB_FILE_NAME_CONVERT = 'string1' , 'string2' where string1 is the pattern of the target database file name and string2 is the pattern of the auxiliary database file name. You can also specify the DB_FILE_NAME_CONVERT parameter as an option to the DUPLICATE DATABASE command. LOG_FILE_NAME_CONVERT: This parameter is used to specify the names of the redo log files for the auxiliary database. It has the format LOG_FILE_NAME_CONVERT = 'string1' , 'string2' where string1 is the pattern of the target database file name and string2 is the pattern of the auxiliary database file name. You can also use the LOGFILE clause of the DUPLICATE DATABASE command to specify redo log file names. Oracle Database 10g: Backup and Recovery

Specifying Parameters to Control File Naming – Notes Only
Specifying Parameters to Control File Naming (continued) As an alternative to using the initialization parameters to control the naming of the files, you can use the following techniques to rename the redo log files: Use the LOGFILE clause of the DUPLICATE command. Set the Oracle Managed Files initialization parameters: DB_CREATE_FILE_DEST, DB_CREATE_ONLINE_DEST_n, or DB_RECOVERY_FILE_DEST. You can use the following techniques to specify new names for datafiles: Include the SET NEWNAME FOR DATAFILE command within a RUN block to specify new names for the datafiles. Use the CONFIGURE AUXNAME command. Specify the DB_FILE_NAME_CONVERT parameter with the DUPLICATE command. Specifying Parameters to Control File Naming – Notes Only Oracle Database 10g: Backup and Recovery

Starting the Instance in NOMOUNT Mode
Create a server parameter file (SPFILE) from the text initialization parameter file you used to start the instance. Start the auxiliary instance in NOMOUNT mode. SQL> create spfile 2 from pfile='$HOME/auxinstance/initAUX.ora'; File created. SQL> startup nomount pfile='$HOME/auxinstance/initAUX.ora' ORACLE instance started. Total System Global Area bytes Fixed Size bytes Variable Size bytes Database Buffers bytes Redo Buffers bytes Starting the Instance in NOMOUNT Mode After you have created the text initialization parameter file, invoke SQL*Plus to start the auxiliary instance in NOMOUNT mode. After you invoke SQL*Plus, create a server parameter file (SPFILE) from your text initialization parameter file. You can execute the CREATE SPFILE before or after you have started the instance. You should create the SPFILE in the default location so that you do not need to specify the PFILE option with the DUPLICATE command. RMAN shuts down the auxiliary instance and restarts it as part of the duplication process, so you must specify the PFILE option if you do not use an SPFILE. Oracle Database 10g: Backup and Recovery

Ensuring That Backups and Archived Redo Log Files Are Available
Backups of all target database datafiles must be accessible on the duplicate host. Backups can be a combination of full and incremental backups. Archived redo log files needed to recover the duplicate database must be accessible on the duplicate host. Archived redo log files can be: Backups on a media manager Image copies Actual archived redo log files Ensuring That Backups and Archived Redo Log Files Are Available The backups needed to restore the datafiles must be accessible on the duplicate host. You do not need a whole database backup. RMAN can use a combination of full and incremental backups of individual datafiles during the duplication process. Archived redo logs required to recover the duplicate database to the desired point in time must also be accessible. The archived redo log files can be backups, image copies, or the actual archived redo logs. The backups or copies can be transferred to the local disk of the duplicate database node or mounted across a network by some means such as NFS. Oracle Database 10g: Backup and Recovery

Allocating Auxiliary Channels
Auxiliary channels specify a connection between RMAN and an auxiliary database instance. If automatic channels are not configured, allocate auxiliary channels: Start RMAN with a connection to the target database, the auxiliary instance, and recovery catalog if applicable. Allocate at least one auxiliary channel within the RUN block. $ rman target auxiliary RMAN> RUN {ALLOCATE AUXILIARY CHANNEL aux1 DEVICE TYPE DISK; ALLOCATE AUXILIARY CHANNEL aux2 DEVICE TYPE DISK; … Allocating Auxiliary Channels If you do not have automatic channels configured, manually allocate at least one auxiliary channel before issuing the DUPLICATE command. The ALLOCATE AUXILIARY CHANNEL command must be within the same RUN block as the DUPLICATE command. The channel type specified on the ALLOCATE AUXILIARY CHANNEL command must match the media where the backups of the target database are located. If the backups reside on disk, you can allocate more than one channel to reduce the time it takes for the duplication process. For tape backups, you can specify the number of channels that correspond to the number of devices available. Oracle Database 10g: Backup and Recovery

Using the RMAN DUPLICATE Command
Connect to the target database and the auxiliary instance. Specify the same database name that you used in the DB_NAME initialization parameter. RMAN> RUN {ALLOCATE AUXILIARY CHANNEL aux1 DEVICE TYPE DISK; ALLOCATE AUXILIARY CHANNEL aux2 DEVICE TYPE DISK; … DUPLICATE TARGET DATABASE to auxdb; } Using the RMAN DUPLICATE command Invoke RMAN and connect to the target database and auxiliary instance before issuing the DUPLICATE command. The auxiliary instance must be started with the NOMOUNT option and the target database must be mounted or open. Oracle Database 10g: Backup and Recovery

Understanding the RMAN Duplication Operation
When you execute the DUPLICATE command, RMAN performs the following operations: Creates a control file for the duplicate database Restores the target datafiles to the duplicate database Performs incomplete recovery using all available incremental backups and archived redo log files Shuts down and restarts the auxiliary instance Opens the duplicate database with the RESETLOGS option Creates the online redo log files Generates a new, unique database identifier (DBID) for the duplicate database Understanding the RMAN Duplication Operation When you execute the DUPLICATE command, RMAN performs the following operations: Creates a control file for the duplicate database Restores the target datafiles to the duplicate database Performs incomplete recovery using all available incremental backups and archived redo log files Shuts down and restarts the auxiliary instance Opens the duplicate database with the RESETLOGS option Creates the online redo log files Generates a new, unique DBID for the duplicate database Oracle Database 10g: Backup and Recovery

Specifying Options for the DUPLICATE Command
You can specify the following options with the DUPLICATE command: Enable RESTRICTED SESSION automatically OPEN RESTRICTED Exclude read-only tablespaces SKIP READONLY Prevent checking of file names NOFILENAMECHECK SKIP TABLESPACE Option Exclude named tablespaces Purpose Specifying Options for the DUPLICATE Command Specify additional options when executing the DUPLICATE command as appropriate. SKIP READONLY: Use to exclude read-only tablespace datafiles. SKIP TABLESPACE: Use to exclude tablespaces from the target database. You cannot exclude the SYSTEM tablespace or tablespaces containing undo or rollback segments. NOFILENAMECHECK: Use to prevent RMAN from checking whether target database datafiles with the same name as duplicate database datafiles are in use. You must specify this option when the target database and duplicate database datafiles and redo log files use the same names. You would typically use this when you create a duplicate database on a host that has the same disk configuration, directory structure, and file names as the target database host. If you do not specify NOFILENAMECHECK in this situation, RMAN returns an error. OPEN RESTRICTED: Use to enable RESTRICTED SESSION automatically after the database is opened. Oracle Database 10g: Backup and Recovery

Using Enterprise Manager to Create a Duplicate Database
You can also use Enterprise Manager to create a duplicate (clone) database. Select Clone Database in the “Move Database Files” section of the Maintenance page. The Clone Database Wizard steps you through the process of creating a duplicate database. On the Source Type page, designate the source for the cloning operation. You can select a current database instance or a saved working directory from a previous clone operation. Oracle Database 10g: Backup and Recovery

Using Enterprise Manager: Source Working Directory
On the Source Working Directory page, specify the directory on the source host in which the backup files are to be stored during the clone operation. You can choose to delete or retain the backup set after the cloning procedure. The Clone Database wizard automatically calculates the amount of temporary disk space required for creating the new backup set and for retaining the backup set for future use. On this page, you must also enter the operating host credentials. Oracle Database 10g: Backup and Recovery

Using Enterprise Manager: Select Destination
On the Select Destination page, specify the Global Database Name and Instance Name for the duplicate database. Provide the host credentials for the destination and select the destination Oracle Home. Oracle Database 10g: Backup and Recovery

Using Enterprise Manager: Destination Options
On the Destination Options page, specify the location for the database files. Confirm the location for the Oracle Net configuration files. Specify login information for Enterprise Manager. After completing this page and clicking Next, the Schedule page is displayed. Confirm the schedule information and click Next. Oracle Database 10g: Backup and Recovery

Using Enterprise Manager: Review Page
A complete description of the duplicate database is displayed on the Review page. Confirm that all information is correct. Click Submit Job to create the duplicate database. Oracle Database 10g: Backup and Recovery

Summary In this lesson, you should have learned how to: Describe the ways a duplicate database can be used Configure auxiliary database file names Create a duplicate database Oracle Database 10g: Backup and Recovery

Practice Overview This practice covers the following topics: Configuring an auxiliary instance Creating a duplicate database using the DUPLICATE command Oracle Database 10g: Backup and Recovery

Performing Tablespace Point-in-Time Recovery

Objectives After completing this lesson, you should be able to: Determine when to use tablespace point-in-time recovery (TSPITR) Choose the correct TSPITR target time Perform basic RMAN tablespace point-in-time recovery Oracle Database 10g: Backup and Recovery

Tablespace Point-in-Time Recovery (TSPITR) Concepts
TSPITR enables you to quickly recover one or more tablespaces to an earlier time. TSPITR does not affect the state of other tablespaces or objects in the database. Tablespace Point-in-Time Recovery (TSPITR) Concepts RMAN automatic tablespace point-in-time recovery (TSPITR) enables you to quickly recover one or more tablespaces in an Oracle database to an earlier time, without affecting the state of the other tablespaces and objects in the database. Oracle Database 10g: Backup and Recovery

Tablespace Point-in-Time Recovery (TSPITR): Terminology
Target time: The point in time or SCN that the tablespace will be recovered to Recovery set: Datafiles that compose the tablespaces to be recovered Auxiliary set: Datafiles required for the TSPITR of the recovery set that are not part of the recovery set. It typically includes: SYSTEM tablespace Rollback or undo segment tablespaces Temporary tablespace Auxiliary destination: Disk location to store files Tablespace Point-in-Time Recovery (TSPITR): Terminology The following terminology is used when discussing TSPITR: Target time: The point in time or system change number (SCN) that the tablespace will be recovered to during TSPITR Recovery set: Datafiles composing the tablespaces to be recovered Auxiliary set: Datafiles required for TSPITR of the recovery set that are not themselves part of the recovery set. The auxiliary set typically includes: A copy of the SYSTEM tablespace Datafiles containing rollback or undo segments from the target instance In some cases, a temporary tablespace, used during the export of database objects from the auxiliary instance Auxiliary destination: A location on disk that can be used to store any of the auxiliary set datafiles, control files, and online logs of the auxiliary instance during TSPITR. Files stored in the auxiliary destination can be deleted after TSPITR is complete. Oracle Database 10g: Backup and Recovery

Tablespace Point-in-Time Recovery: Architecture
RMAN Control file Auxiliary instance Restore Datafile backups Restore Archived redo log files 1 Recover Tablespace Point-in-Time Recovery: Architecture In the diagram, the following tablespace point-in-time recovery (TSPITR) entities are shown: Target database: Contains the tablespace to be recovered Control file: Provides the RMAN backup information Backup sets: Come from the target database and are the source of the reconstructed tablespace Archived redo logs: Come from the target database and are the source of the reconstructed tablespace Auxiliary instance: Is the Oracle database instance used during the recovery process to perform the recovery RMAN performs the following steps during tablespace point-in-time recovery (TSPITR): 1. Restores a backup control file from a point in time before the target time to the auxiliary instance. It restores the datafiles for the recovery set to the target database and the datafiles for the auxiliary set to the auxiliary instance. 2. Recovers the restored datafiles to the specified point in time Recovered tablespace Target database 2 Oracle Database 10g: Backup and Recovery

Tablespace Point-in-Time Recovery: Architecture
RMAN 5 Import metadata Export file Recovered tablespace Control file Tablespace Point-in-Time Recovery Architecture (continued) 3. Exports the dictionary metadata about objects in the recovered tablespace to the target database 4. Issues SWITCH commands on the target database so that the target database control file points to the datafiles in the recovery set that were recovered on the auxiliary instance 5. Imports the dictionary metadata from the auxiliary instance to the target instance, allowing the recovered objects to be accessed Auxiliary instance Target database 3 4 Export metadata Point to recovered tablespace Oracle Database 10g: Backup and Recovery

Understanding When to Use TSPITR
TSPITR can be used in the following situations: To recover data lost after an erroneous TRUNCATE TABLE statement To recover from logical corruption of a table To undo the effects of a batch job or DML statements that have affected only a part of the database To recover a logical schema to a different point from the rest of the physical database TSPITR cannot be used to: Recover a dropped tablespace Recover a renamed tablespace to a point before it was renamed Understanding When to Use TSPITR RMAN TSPITR can be used to: Recover data lost after an erroneous TRUNCATE TABLE statement Recover from logical corruption of a table Undo the effects of an incorrect batch job or another DML statement that has affected only a subset of the database Recover a logical schema to a different point in time than other parts of the physical database Oracle Database 10g: Backup and Recovery

Preparing for TSPITR Perform the following steps to prepare for TSPITR: Determine the correct target time. Determine what is needed in the recovery set. Identify and preserve objects that will be lost after TSPITR. Preparing for TSPITR Before performing TSPITR, you need to determine the correct target time for your recovery. You need to determine whether you need additional tablespaces in your recovery set. You should evaluate what objects will be lost as a result of the TSPITR operation and determine how you want to preserve those objects. Each of these steps is discussed in more detail in this lesson. Oracle Database 10g: Backup and Recovery

Determining the Correct Target Time
You cannot perform TSPITR a second time unless you are using a recovery catalog. After you perform TSPITR and bring the tablespace online, you cannot use a backup from an earlier time. Use the following methods to determine the correct target time: Flashback Query Flashback Transaction Query Flashback Version Query Determining the Correct Target Time It is extremely important that you choose the right target time or SCN for TSPITR. After you bring a tablespace online after TSPITR, you cannot use any backup from a time earlier than the moment you brought the tablespace online. In practice, this means that you cannot make a second attempt at TSPITR if you choose the wrong target time the first time, unless you are using a recovery catalog. If you have a recovery catalog, however, you can perform repeated TSPITR operations to different target times. The current control file does not contain a record of an older incarnation of the recovered tablespace if you do not use a recovery catalog. Recovery with a current control file that involves the tablespace cannot use a backup taken prior to the time when you brought the tablespace online. However, you can perform incomplete recovery of the whole database to any time prior to or equal to the time when you brought the tablespace online if you can restore a backup control file from before that time. You can use Oracle Flashback Query, Oracle Flashback Transaction Query, and Oracle Flashback Version Query to investigate changes to your database and to help determine the correct target time for TSPITR. Oracle Database 10g: Backup and Recovery

Determining the Tablespaces for the Recovery Set
Use the TS_PITR_CHECK view to identify relationships that span recovery set boundaries. If objects in the tablespace that you are recovering have relationships with objects in other tablespaces, you can: Add the tablespace that contains the related objects to the recovery set Suspend the relationship for the duration of TSPITR Remove the relationship Determining the Recovery Set If you are unsure whether you have accounted for all objects that have relationships with the objects in the tablespaces you are performing the TSPITR operation for, you can use the TS_PITR_CHECK view to identify any additional objects. When you query this view, information about any objects that will prevent you from proceeding with TSPITR is displayed. The reason why tablespace point-in-time recovery cannot proceed is displayed in the REASON column of the TS_PITR_CHECK view. As an example, if you are planning to perform TSPITR for the USERS and EXAMPLE tablespaces, execute the following query to determine whether there are any relationships with objects in other tablespaces that are not accounted for: SELECT * FROM SYS.TS_PITR_CHECK WHERE (TS1_NAME IN ('USERS','EXAMPLE') AND TS2_NAME NOT IN ('USERS','EXAMPLE')) OR (TS1_NAME NOT IN ('USERS','EXAMPLE') AND TS2_NAME IN ('USERS','EXAMPLE')); Refer to the Oracle Database Backup and Recovery Advanced User’s Guide for additional examples using the TS_PITR_CHECK view. Oracle Database 10g: Backup and Recovery

Identifying Objects That Will Be Lost
Objects created in the tablespace after the target recovery time are lost. Query TS_PITR_OBJECTS_TO_BE_DROPPED to determine which objects will be lost following TSPITR. Use Export prior to TSPITR and Import following TSPTIR to preserve and re-create the lost objects. Identifying Objects That Will be Lost Query the TS_PITR_OBJECTS_TO_BE_DROPPED view to determine whether there are any objects that will be lost as a result of performing tablespace point-in-time recovery. As an example, you are performing TSPITR for the USERS and EXAMPLE tablespaces to the target time of April 3, 2006 at 8:30:00 a.m. Issue the following query to determine whether there are any objects that will be lost following your TSPITR: SELECT OWNER, NAME, TABLESPACE_NAME, TO_CHAR(CREATION_TIME, 'YYYY-MM-DD:HH24:MI:SS') FROM TS_PITR_OBJECTS_TO_BE_DROPPED WHERE TABLESPACE_NAME IN ('USERS','EXAMPLE') AND CREATION_TIME > TO_DATE('2006-APR-03:08:30:00','YY-MON-DD:HH24:MI:SS') ORDER BY TABLESPACE_NAME, CREATION_TIME; Oracle Database 10g: Backup and Recovery

Performing Basic RMAN TSPITR
Fully automated TSPITR: Specify an auxiliary destination. RMAN manages all aspects of TSPITR. This is the recommended method. Customized TSPITR with an automatic auxiliary instance: This is based on fully automated TSPITR. Customize location of files. Specify initialization parameters. Specify channel configurations. TSPITR using your own auxiliary instance: Configure and manage the auxiliary instance. Performing Basic RMAN TSPITR You have the following options when performing TSPITR: Fully automated TSPITR: Specify an auxiliary destination and RMAN manages all aspects of the TSPITR operation. This is the simplest way to perform TSPITR, and is recommended unless you specifically need more control over the location of recovery set files after TSPITR or auxiliary set files during TSPITR, or control over the channel configurations or some other aspect of your auxiliary instance. Customized TSPITR with an automatic auxiliary instance: TSPITR is based on the behavior of fully automated TSPITR, possibly still using an auxiliary destination. You can customize one or more aspects of the behavior, such as the location of auxiliary set or recovery set files. You can specify initialization parameters or channel configurations for the auxiliary instance created and managed by RMAN. TSPITR with your own auxiliary instance: Set up, start, stop, and clean up the auxiliary instance used in TSPITR. In addition, you can manage the TSPITR process using some of the methods available in customized TSPITR with an automatic auxiliary instance. Oracle Database 10g: Backup and Recovery

Performing Fully Automated TSPITR
Configure channels required for TSPITR on the target instance. Specify the auxiliary destination using the AUXILIARY DESTINATION option . Back up the recovered tablespaces and bring them online. RMAN> CONNECT TARGET RMAN> RECOVER TABLESPACE users, example > UNTIL TIME ' :08:00:00' > AUXILIARY DESTINATION > '/u01/app/oracle/oradata/aux'; Performing Fully Automated TSPITR In addition to the preparation requirements discussed earlier in the lesson, when you perform fully automated TSPITR, you must: Configure any channels required for TSPITR on the target instance Specify a destination for RMAN to use for the auxiliary set of datafiles and other auxiliary instance files After TSPITR has completed, back up the recovered tablespaces and bring them online. You cannot use backups of any tablespaces that participate in TSPITR taken prior to TSPITR after you perform TSPITR. Oracle Database 10g: Backup and Recovery

Using Enterprise Manager to Perform TSPITR
You can also use Enterprise Manager to perform TSPITR. Select Perform Recovery in the High Availability section on the Maintenance page. In the Object Level Recovery section, select Tablespaces in the Object Type menu and click Perform Object Level Recovery. You are stepped through the TSPITR process. Oracle Database 10g: Backup and Recovery

Understanding TSPITR Processing
RMAN performs the following steps: Creates the auxiliary instance, starts it, and connects to it Takes the tablespaces that will be recovered offline Restores a backup control file from a point in time before the target time to the auxiliary instance Restores the datafiles from the recovery set to the target database and the auxiliary set to the auxiliary instance Recovers the restored datafiles to the specified time Opens the auxiliary database with the RESETLOGS option Understanding TSPITR Processing The steps that RMAN carries out to perform TSPITR are listed on this page and the next. Oracle Database 10g: Backup and Recovery

Understanding TSPITR Processing
Exports the dictionary metadata about objects in the recovered tablespaces to the target database Shuts down the auxiliary instance Imports the dictionary metadata from the auxiliary instance to the target instance Deletes all auxiliary set files Understanding TSPITR Processing (continued) After RMAN completes the last step, the TSPITR process is complete. The recovery set datafiles are returned to the state they were in at the specified target time. Oracle Database 10g: Backup and Recovery

Performing Customized RMAN TSPITR with an RMAN-Managed Auxiliary Instance Rename or relocate your recovery set datafiles. Specify a location other than the auxiliary destination for some or all of the auxiliary set datafiles. Create image copy backups of your datafiles in advance of TSPITR. Use a different channel configuration for the auxiliary instance. Specify different initialization parameters for your RMAN-managed auxiliary instance. Performing Customized RMAN TSPITR with an RMAN-Managed Auxiliary Instance If you want to customize RMAN TSPITR, you can use an RMAN-managed auxiliary instance and make the following changes: Rename the recovery set datafiles using SET NEWNAME so that they are not restored and recovered in their original locations. Control the location of your auxiliary set datafiles by specifying new names for individual files with SET NEWNAME and using DB_FILE_NAME_CONVERT to provide rules for converting datafile names in the target database to datafile names for the auxiliary database. Use existing image copies of the recovery set and auxiliary set datafiles on disk rather than restoring them from backup for faster RMAN TSPITR performance. Refer to the Oracle Database Backup and Recovery Advanced User’s Guide for additional information. Oracle Database 10g: Backup and Recovery

Performing RMAN TSPITR Using Your Own Auxiliary Instance
Not recommended, but supported Perform the following steps: Create an Oracle password file for the auxiliary instance. Create an initialization parameter file for the auxiliary instance. Verify Oracle Net connectivity to the auxiliary instance. Start the auxiliary instance in NOMOUNT mode. Connect the RMAN client to the target and auxiliary instances. Execute the RECOVER TABLESPACE command. Performing RMAN TSPITR Using Your Own Auxiliary Instance Oracle recommends that you allow RMAN to manage the creation and destruction of the auxiliary instance used during RMAN TSPITR. However, creating and using your own auxiliary instance is supported. Perform the following steps to create an Oracle instance suitable for use as an auxiliary instance: 1. Create an Oracle password file for the auxiliary instance using the orapwd utility. 2. Create a text initialization parameter file for the auxiliary instance. 3. Verify Oracle Net connectivity to the auxiliary instance using a valid net service name. To perform TSPITR, complete the following steps: 1. Start the auxiliary instance in NOMOUNT mode. 2. Connect the RMAN client to target and auxiliary instances. 3. Execute the RECOVER TABLESPACE command. Refer to the Oracle Database Backup and Recovery Advanced User’s Guide for a detailed example. Oracle Database 10g: Backup and Recovery

Troubleshooting RMAN TSPITR
Filename conflicts: Ensure that there are no name conflicts when using SET NEWNAME, CONFIGURE AUXNAME, and DB_FILE_NAME_CONVERT. Insufficient sort space during Export: Increase the sort space. RMAN cannot identify tablespaces with undo segments: Use the UNDO TABLESPACE clause. Restarting a manual auxiliary instance after TSPITR failure: Shut down and restart in NOMOUNT mode. Troubleshooting RMAN TSPITR File name conflicts: If your use of SET NEWNAME, CONFIGURE AUXNAME, and DB_FILE_NAME_CONVERT cause multiple files in the auxiliary or recovery sets to have the same name, you receive an error during TSPITR. To correct the problem, specify different values for these parameters to eliminate the duplicate name. Insufficient sort space during Export: When RMAN exports the metadata about recovered objects from the auxiliary instance, it uses space in the temporary tablespace for sorting. If there is insufficient space in the temporary tablespace for the sorting operation, you need to increase the amount of sort space available. Edit the recover.bsq file, found in $ORACLE_HOME/rdbms/admin, to remove the comment characters from the following lines in the file: sql clone "create tablespace aux_tspitr_tmp datafile ''/tmp/aux_tspitr_tmp.dbf'' size 500K"; Oracle Database 10g: Backup and Recovery

Troubleshooting RMAN TSPITR (continued) RMAN cannot identify tablespaces with undo segments: During TSPITR, RMAN needs information about which tablespaces had undo segments at the TSPITR target time. This information is usually available in the recovery catalog, if one is used. If there is no recovery catalog, or if the information is not found in the recovery catalog, RMAN proceeds assuming that the set of tablespaces with undo segments at the target time is the same as the set of tablespaces with undo segments at the present time. If this assumption is not correct, the TSPITR operation fails and an error is reported. To prevent this from happening, provide a list of tablespaces with undo segments at the target time in the UNDO TABLESPACE clause. Restarting manual auxiliary instance after TSPITR failure: If you are managing your own auxiliary instance and there is a failure in TSPITR, then before you can retry TSPITR, you must shut down the auxiliary instance, correct the problem, and put the auxiliary instance back in NOMOUNT mode. Full Notes Page Oracle Database 10g: Backup and Recovery

Summary In this lesson, you should have learned how to: Determine when to use tablespace point-in-time recovery Choose the correct target Perform basic RMAN tablespace point-in-time recovery Oracle Database 10g: Backup and Recovery

Practice Overview This practice covers using RMAN to perform TSPITR. Oracle Database 10g: Backup and Recovery

Using the RMAN Recovery Catalog

Objectives After completing this lesson, you should be able to: Create the recovery catalog Manage the recovery catalog Resynchronize the recovery catalog Use stored scripts Oracle Database 10g: Backup and Recovery

RMAN Repository Data Storage: Comparison of Options
Control file: Simpler administration Default Recovery catalog: Replicates control file data Has room for more data Can service many targets Can store RMAN scripts Metadata Backup set list Image copy list . RMAN Repository Data Storage: Comparison of Options The RMAN repository data is always stored in the control file of the target database. But it can also be stored in a separate database, called a recovery catalog. A recovery catalog preserves backup information in a separate database, which is useful in the event of a lost control file. This allows you to store a longer history of backups than what is possible with a control file–based repository. A single recovery catalog is able to store information for multiple target databases. The recovery catalog can also hold RMAN stored scripts, which are sequences of RMAN commands for common backup tasks. Centralized storage of scripts in the recovery catalog can be more convenient than working with command files. Using a separate recovery catalog database is not recommended for small installations where administration of a separate recovery catalog database would be burdensome. Oracle Database 10g: Backup and Recovery

Storing Information in the Recovery Catalog
Recovery Manager (RMAN) Database structure Archived redo logs Backup sets Datafile copies Recovery catalog database Target database control file Storing Information in the Recovery Catalog RMAN propagates information about the database structure, archived redo logs, backup sets, and datafile copies into the recovery catalog from the target database’s control file after any operation that updates the repository, and also before certain operations. Oracle Database 10g: Backup and Recovery

Reasons to Use a Recovery Catalog
Stores more historical information than the control file Provides backup history needed for a recovery that goes further back in time than the history in the control file Enables you to use RMAN stored scripts Enables you to create customized reports for all registered targets Enables you to use the KEEP FOREVER clause of the BACKUP command Reasons to Use a Recovery Catalog Although you can use the control file as the sole repository for RMAN, it has finite space for records of backup activities. When you use a recovery catalog, you can store a much longer history of backups. This enables you to perform a recovery that goes back further in time than the history in the control file. If you want to use RMAN stored scripts, you must use a recovery catalog. When you use a recovery catalog, the backup and recovery information for all registered targets is contained in one place allowing you to create customized reports by connecting as the recovery catalog owner and querying the various RC_ views. If you do not use a recovery catalog, you must connect to each target database instance separately and query the V$ views for the RMAN information in the target control file. You can use the BACKUP ... KEEP command to create a backup that is retained for a different period of time from that specified by the configured retention policy. The KEEP FOREVER clause specifies that the backup or copy never expires and requires the use of a recovery catalog so that the backup records can be maintained indefinitely. Oracle Database 10g: Backup and Recovery

Creating the Recovery Catalog: Three Steps
Configure the recovery catalog database. Create the recovery catalog owner. Create the recovery catalog. Creating the Recovery Catalog: Three Steps Perform the following three steps to create a recovery catalog: 1. Configure the database in which you will store the recovery catalog. 2. Create the recovery catalog owner. 3. Create the recovery catalog. Oracle Database 10g: Backup and Recovery

Configuring the Recovery Catalog Database
Allocate space for the recovery catalog. Consider: The number of databases supported by the recovery catalog Number of archived redo log files and backups recorded Use of RMAN stored scripts Space is needed for default tablespace for recovery catalog owner schema. Create a tablespace for the recovery catalog. Configuring the Recovery Catalog Database Determine in which database you will install the recovery catalog schema. Be sure to consider your backup and recovery procedures for this database. The amount of space required by the recovery catalog schema depends upon the number of databases monitored by the catalog. The space increases as the number of archived redo log files and backups for each database increases. If you use RMAN stored scripts, space must be allocated for those scripts. The typical space requirement is 15 MB for each database registered in the recovery catalog. Oracle Database 10g: Backup and Recovery

Creating the Recovery Catalog Owner
Create the recovery catalog owner. Grant the RECOVERY_CATALOG_OWNER role. SQL> CREATE USER rcowner IDENTIFIED BY rcpass 2 TEMPORARY TABLESPACE temp 3 DEFAULT TABLESPACE tools 4 QUOTA UNLIMITED ON tools; SQL> GRANT recovery_catalog_owner TO rcowner; Creating the Recovery Catalog Owner Create a user to serve as the recovery catalog owner. Set the default tablespace for this user to the tablespace you created for the recovery catalog. Be sure to provide UNLIMITED quota on this tablespace for the user. After you have created the user, grant the RECOVERY_CATALOG_OWNER role to the user. The RECOVERY_CATALOG_OWNER role provides privileges for the owner of the recovery catalog. The role includes the following system privileges: ALTER SESSION, CREATE CLUSTER, CREATE DATABASE LINK, CREATE PROCEDURE, CREATE SEQUENCE, CREATE SESSION, CREATE SYNONYM, CREATE TABLE, CREATE TRIGGER, CREATE TYPE, and CREATE VIEW. You can use SQL commands or Enterprise Manager to create the user and grant the role. Oracle Database 10g: Backup and Recovery

Creating the Recovery Catalog
Connect to the recovery catalog database as the catalog owner: Execute the CREATE CATALOG command: $ rman RMAN> CONNECT CATALOG RMAN> CREATE CATALOG; Creating the Recovery Catalog After creating the catalog owner, use the RMAN CREATE CATALOG command to create the catalog tables in the default tablespace of the catalog owner. Oracle Database 10g: Backup and Recovery

Managing Target Database Records in the Recovery Catalog
Registering a database in the recovery catalog Cataloging additional backup files Unregistering a target database from the recovery catalog Managing Target Database Records in the Recovery Catalog Although most information is automatically propagated from the control file to the recovery catalog, there are a few operations you may need to perform to maintain target database records in the recovery catalog. Oracle Database 10g: Backup and Recovery

Registering a Database in the Recovery Catalog
RMAN performs the following actions: Creates rows in the recovery catalog tables for the target database Copies data from the target database control file to the recovery catalog tables Synchronizes the recovery catalog with the control file $ rman TARGET / CATALOG RMAN> REGISTER DATABASE; Registering a Database in the Recovery Catalog After creating the recovery catalog, you must register the target databases in the recovery catalog. Perform the following steps to register your target database: 1. Invoke RMAN and connect to the recovery catalog database and to the target database as shown in the following example: % rman TARGET / CATALOG 2. Ensure that the target database is mounted or open. 3. Register the target database in the recovery catalog by issuing the REGISTER command: RMAN> REGISTER DATABASE; Oracle Database 10g: Backup and Recovery

Using Enterprise Manager to Register a Database
Select Recovery Catalog Settings in the Backup/Recovery Settings section of the Maintenance page. Click Add Recovery Catalog to specify the host, port, and SID of a database with an existing recovery catalog. Oracle Database 10g: Backup and Recovery

Using Enterprise Manager to Register a Database
After you have defined the recovery catalog database, select “Use Recovery Catalog” on the Recovery Catalog Setting page to register the database in the recovery catalog database. Oracle Database 10g: Backup and Recovery

Unregistering a Target Database from the Recovery Catalog
This removes information about the target database from the recovery catalog. Use this when you no longer want the target database to be defined in the recovery catalog. $ rman TARGET / CATALOG RMAN> UNREGISTER DATABASE; Unregistering a Target Database from the Recovery Catalog When you unregister a database from the recovery catalog, all RMAN repository records in the recovery catalog are lost. You can reregister the database. The recovery catalog records for that database are then based on the contents of the control file at the time of reregistration. Typically, you would unregister a target database only if you no longer want to use the recovery catalog for that database or the database no longer exists. Note: If you have used Enterprise Manager Database Control to register your database, you must use it again to unregister your database. Oracle Database 10g: Backup and Recovery

Cataloging Additional Backup Files
CATALOG can be used to catalog existing backup files that are no longer listed in the control file. This enables RMAN to use the files during a restore operation. Use the CATALOG command to add the following types of backup files to the recovery catalog: Control file copies Datafile copies Backup pieces Archived redo log files Cataloging Additional Backup Files If you have additional control file copies, datafile copies, backup pieces, or archived redo log files on disk, you can catalog them in the recovery catalog by using the CATALOG command. If backups have aged out of the control file, you can catalog them so that RMAN can use them during a restore operation. Examples of cataloging a control file, datafile, archived redo log file, and backup piece follow: RMAN> CATALOG CONTROLFILECOPY '/disk1/controlfile_bkup/2006_01_01/control01.ctl'; RMAN> CATALOG DATAFILECOPY '/disk1/datafile_bkup/2006_01_01/users01.dbf'; RMAN> CATALOG ARCHIVELOG '/disk1/arch_logs/archive1_731.log', '/disk1/arch_logs/archive1_732.log'; RMAN> CATALOG BACKUPPIECE '/disk1/backups/backup_820.bkp'; You can catalog all files in the currently enabled Flash Recovery Area as follows: RMAN> CATALOG RECOVERY AREA NOPROMPT; Use the following command to catalog all valid backups in the specified location: RMAN> CATALOG START WITH '/tmp/arch_logs'; RMAN> CATALOG BACKUPPIECE 'file_name'; Oracle Database 10g: Backup and Recovery

Manually Resynchronizing the Recovery Catalog
Manually resynchronize the recovery catalog in the following situations: After the recovery catalog was unavailable for RMAN to automatically resynchronize it When you perform infrequent backups of your target database After making changes to the physical structure of the target database RMAN> RESYNC CATALOG; Manually Resynchronizing the Recovery Catalog When RMAN performs a resynchronization, it compares the recovery catalog to either the current control file of the target database or a backup control file and updates the recovery catalog with information that is missing or changed. When resynchronizing, RMAN does the following: 1. Creates a snapshot control file 2. Compares the recovery catalog to the snapshot control file 3. Updates the recovery catalog with missing or changed information Note: Refer to the Backup and Recovery Advanced User’s Guide for detailed information about records that are updated during resynchronization. RMAN automatically performs full or partial resynchronizations in most situations in which they are needed. Perform a manual resynchronization of the recovery catalog in the following situations: If the recovery catalog was unavailable when you issued RMAN commands that cause a partial resynchronization If you perform infrequent backups of your target database because the recovery catalog is not updated automatically when a redo log switch occurs or when a redo log is archived After making any change to the physical structure of the target database Oracle Database 10g: Backup and Recovery

Using RMAN Stored Scripts
Stored scripts are an alternative to command files stored on a specific system. Stored scripts are available to any RMAN client that can connect to the target database and recovery catalog. Two types of RMAN stored scripts: Local: Associated with the target database to which RMAN is connected when the script is created Global: Can be executed against any database registered in the recovery catalog Using Stored Scripts You can use RMAN stored scripts as an alternative to command files for managing frequently used sequences of RMAN commands. Unlike command files that are available only on the system on which they are stored, a stored script is always available to any RMAN client that can connect to the target database and recovery catalog. Stored scripts can be defined as global or local. A local stored script is associated with the target database to which RMAN is connected when the script is created, and can be executed only when you are connected to that target database. A global stored script can be executed against any database registered in the recovery catalog, if the RMAN client is connected to the recovery catalog and a target database. Oracle Database 10g: Backup and Recovery

Creating RMAN Stored Scripts
Creating a local script: Creating a global script: Creating a script from a text file: CREATE SCRIPT script_name { <RMAN commands> } CREATE GLOBAL SCRIPT script_name { <RMAN commands> } Creating Stored Scripts Connect to the desired target database and the recovery catalog and execute the CREATE SCRIPT command to create a stored script. CREATE SCRIPT script_name FROM FILE 'file_name'; Oracle Database 10g: Backup and Recovery

Executing RMAN Stored Scripts
Executing a script: Executing a global script: RUN { EXECUTE SCRIPT script_name ; } RUN { EXECUTE GLOBAL SCRIPT script_name ; } Executing Stored Scripts Connect to the target database and recovery catalog, and use the EXECUTE SCRIPT command to execute a stored script. Note that the EXECUTE SCRIPT command requires a RUN block. If an RMAN command in the script fails, subsequent RMAN commands in the script will not execute. When you execute the script, it will use the automatic channels configured at the time. Use ALLOCATE CHANNEL commands in the script if you need to override the configured channels as shown in the following example: RMAN> RUN { ALLOCATE CHANNEL ch1 DEVICE TYPE DISK; ALLOCATE CHANNEL ch2 DEVICE TYPE DISK; ALLOCATE CHANNEL ch3 DEVICE TYPE DISK; EXECUTE SCRIPT full_backup; } Oracle Database 10g: Backup and Recovery

Displaying RMAN Stored Script Information
Displaying a script: Sending the contents of a script to a file: Displaying the names of defined scripts: PRINT [GLOBAL] SCRIPT script_name; PRINT [GLOBAL] SCRIPT script_name TO FILE 'file_name'; LIST [GLOBAL] SCRIPT NAMES; Displaying Stored Script Information Connect to the target database and recovery catalog and use the PRINT SCRIPT command to display a stored script or write it out to a file. Use the LIST SCRIPT NAMES command to display the names of scripts defined in the recovery catalog. This command displays the names of all stored scripts, both global and local, that can be executed for the target database to which you are currently connected. Oracle Database 10g: Backup and Recovery

Updating and Deleting RMAN Stored Scripts
Updating a script: Updating a script from a file: Deleting a script: REPLACE [GLOBAL] SCRIPT script_name { <RMAN commands> ; } REPLACE [GLOBAL] SCRIPT script_name FROM FILE 'file_name'; Updating and Deleting Stored Scripts Connect to the target database and recovery catalog and use the REPLACE SCRIPT command to update stored scripts. RMAN creates the script if it does not exist. To delete a stored script from the recovery catalog, connect to the catalog and a target database, and use the DELETE SCRIPT command. DELETE SCRIPT script_name; Oracle Database 10g: Backup and Recovery

Backing Up and Recovering the Recovery Catalog
Include the recovery catalog in your overall backup and recovery strategy. Backup guidelines: Set the retention policy to a REDUNDANCY value greater than 1. Configure the control file autobackup feature to ON. Back up the database onto two separate media. Execute BACKUP DATABASE PLUS ARCHIVELOG at regular intervals. Do not use another recovery catalog as the repository for the backups. Backing Up and Recovering the Recovery Catalog Because the recovery catalog resides in a database, your backup and recovery strategy for the recovery catalog should be included in your overall backup and recovery strategy. Never store a recovery catalog containing the RMAN repository for a database in the same database as the target database or on the same disks as the target database. A recovery catalog is only effective if it is separated from the data that it is designed to protect. Logical backups of the RMAN recovery catalog created with one of Oracle’s export utilities can be a useful supplement for physical backups. You can import the exported recovery catalog data into another database and rebuild the catalog. Oracle Database 10g: Backup and Recovery

Re-creating an Unrecoverable Recovery Catalog
To partially re-create the contents of a lost recovery catalog, use the following commands: RESYNC CATALOG command: Updates the recovery catalog with any RMAN repository information from the control file of the target database or a control file copy CATALOG START WITH command: Recatalogs any available backups Re-creating an Unrecoverable Recovery Catalog If the recovery catalog database is lost or damaged, and recovery of the recovery catalog database through the normal Oracle recovery procedures is not possible, then you must re-create the catalog. You can use the following commands to partially repopulate the contents of the recovery catalog: RESYNC CATALOG: Use this command to update the recovery catalog with any RMAN repository information from the control file of the target database or a control file copy. Note that any metadata from control file records that aged out of the control file is lost. CATALOG START WITH... : Use this command to recatalog any available backups. Oracle Database 10g: Backup and Recovery

Exporting and Importing the Recovery Catalog
Use the Export and Import utilities or the Data Pump utilities to: Move the recovery catalog from one database to another Create a logical backup of the RMAN recovery catalog Exporting and Importing the Recovery Catalog You can use Export and Import to move the recovery catalog from one database to another. You can also create an export of the recovery catalog to serve as a logical backup. Perform the following steps to export a recovery catalog from one database and import the catalog into a second database: 1. Use one of the Oracle Export utilities to export the catalog data from the database. 2. Create a recovery catalog user on the database you are exporting to and grant the user necessary privileges. 3. Use the corresponding import utility to import the catalog data into the schema created in step 2. You should not execute the CREATE CATALOG command before or after importing the catalog into the database. The import operation creates the catalog in the second database. Note: The recovery catalog can be backed up and moved to another database by using Export and Import or Data Pump as a transportable tablespace, as well as using logical methods. Oracle Database 10g: Backup and Recovery

Upgrading the Recovery Catalog
To upgrade the recovery catalog to the version required by the RMAN client, use the UPGRADE CATALOG command: UPGRADE CATALOG; Upgrading the Recovery Catalog If you use a version of the recovery catalog that is older than that required by the RMAN client, then you must upgrade it by executing the UPGRADE CATALOG command. Note: To install the new recovery catalog schema, the recovery catalog user must have TYPE privilege. You must be connected to the catalog database, and the catalog database must be open. You do not have to be connected to the target database. You must enter the UPGRADE command a second time to confirm the upgrade. You will receive an error if the recovery catalog is already at a version greater than needed by the RMAN executable. RMAN permits the command to be run if the recovery catalog is current however, so that the packages can be re-created if necessary. RMAN displays all error messages generated during the upgrade in the message log. Oracle Database 10g: Backup and Recovery

Dropping the Recovery Catalog
To drop the recovery catalog schema, use the DROP CATALOG command: DROP CATALOG; Dropping the Recovery Catalog If you no longer want to maintain a recovery catalog, you can drop the recovery catalog schema from the tablespace with the DROP CATALOG command. Dropping the catalog deletes the recovery catalog record of backups for all target databases registered in the catalog. Note: Execute this command only at the RMAN prompt. You must be connected to the recovery catalog database through the CATALOG command-line option or the CONNECT CATALOG command. The catalog database must be open. You do not have to be connected to the target database. Enter the command twice to confirm that you want to drop the schema. Oracle Database 10g: Backup and Recovery

Summary In this lesson, you should have learned how to: Create the recovery catalog Manage the recovery catalog Resynchronize the recovery catalog Use stored scripts Oracle Database 10g: Backup and Recovery

Practice Overview This practice covers the following topics: Creating the recovery catalog Resynchronizing the recovery catalog Creating and executing a stored script Oracle Database 10g: Backup and Recovery

Monitoring and Tuning RMAN

Objectives After completing this lesson, you should be able to: Monitor RMAN jobs Troubleshoot RMAN operations Tune RMAN backup performance Oracle Database 10g: Backup and Recovery

Monitoring RMAN Sessions
Query V$SESSION and V$PROCESS to identify the relationship between server sessions and RMAN channels. If you are monitoring multiple sessions, use the SET COMMAND ID command to correlate a process with a channel during a backup. SQL> COLUMN CLIENT_INFO FORMAT a30 SQL> COLUMN SID FORMAT 999 SQL> COLUMN SPID FORMAT 9999 SQL> SELECT s.sid, p.spid, s.client_info 2 FROM v$process p, v$session s 3 WHERE p.addr = s.paddr 4 AND CLIENT_INFO LIKE 'rman%'; Monitoring RMAN Sessions To identify which server sessions correspond to which RMAN channels, you can query V$SESSION and V$PROCESS. The SPID column of V$PROCESS identifies the operating system ID number for the process or the thread. On UNIX, the SPID column shows the process ID. On Windows, the SPID column shows the thread ID. There are two basic methods for obtaining this information, depending on whether you have multiple RMAN sessions active concurrently. When only one RMAN session is active, execute the following query on the target database while the RMAN job is running: SQL> COLUMN CLIENT_INFO FORMAT a30 SQL> COLUMN SID FORMAT 999 SQL> COLUMN SPID FORMAT 9999 SQL> SELECT s.sid, p.spid, s.client_info 2 FROM v$process p, v$session s 3 WHERE p.addr = s.paddr 4 AND CLIENT_INFO LIKE 'rman%'; SID SPID CLIENT_INFO rman channel=ORA_SBT_TAPE_1 rman channel=ORA_SBT_TAPE_2 Oracle Database 10g: Backup and Recovery

Monitoring RMAN Sessions (notes only)
Monitoring RMAN Sessions (continued) When multiple RMAN sessions are running, it will help to correlate a process with a channel during a backup by using the SET COMMAND ID command as shown below: 1. In each session, set the COMMAND ID to a different value after allocating the channels and then back up the desired object. For example, enter the following in session 1: RUN { ALLOCATE CHANNEL c1 TYPE sbt; SET COMMAND ID TO 'sess1'; BACKUP DATABASE; } Set the command ID to a string such as sess2 in the job running in session 2: RUN { ALLOCATE CHANNEL c1 TYPE sbt; SET COMMAND ID TO 'sess2'; BACKUP DATABASE; } 2. Start a SQL*Plus session and then query the joined V$SESSION and V$PROCESS views while the RMAN job is being executed. For example, enter: SELECT SID, SPID, CLIENT_INFO FROM V$PROCESS p, V$SESSION s WHERE p.ADDR = s.PADDR AND CLIENT_INFO LIKE '%id=sess%'; If you run the SET COMMAND ID command in the RMAN job, then the CLIENT_INFO column displays in the following format: id=command_id,rman channel=channel_id For example, the following shows a sample output: SID SPID CLIENT_INFO id=sess id=sess id=sess1,rman channel=c id=sess2,rman channel=c1 Monitoring RMAN Sessions (notes only) Oracle Database 10g: Backup and Recovery

Monitoring RMAN Job Progress
Monitor the progress of backup and restore operations by querying V$SESSION_LONGOPS. SQL> SELECT SID, SERIAL#, CONTEXT, SOFAR, TOTALWORK, 2 ROUND(SOFAR/TOTALWORK*100,2) "%_COMPLETE" 3 FROM V$SESSION_LONGOPS 4 WHERE OPNAME LIKE 'RMAN%' 5 AND OPNAME NOT LIKE '%aggregate%' 6 AND TOTALWORK != 0 7 AND SOFAR <> TOTALWORK; SID SERIAL# CONTEXT SOFAR TOTALWORK %_COMPLETE Monitoring RMAN Job Progress Monitor the progress of backups, copies, and restores by querying the V$SESSION_LONGOPS view. RMAN uses detail and aggregate rows in V$SESSION_LONGOPS. Detail rows describe the files that are being processed by one job step. Aggregate rows describe the files that are processed by all job steps in an RMAN command. A job step is the creation or restore of one backup set or datafile copy. The detail rows are updated with every buffer that is read or written during the backup step, so their granularity of update is small. The aggregate rows are updated when each job step is completed, so their granularity of update is large. Note: Set the STATISTICS_LEVEL parameter to TYPICAL (the default value) or ALL to populate the V$SESSION_LONGOPS view. The relevant columns in V$SESSION_LONGOPS for RMAN include: SID: The server session ID corresponding to an RMAN channel SERIAL#: The server session serial number. This value changes each time a server session is reused. OPNAME: A text description of the row. Detail rows include RMAN:datafile copy, RMAN:full datafile backup, and RMAN:full datafile restore. CONTEXT: For backup output rows, the value of this column is 2. For all the other rows except proxy copy (which does not update this column), the value is 1. Oracle Database 10g: Backup and Recovery

Monitoring RMAN Job Progress (notes only)
Monitoring RMAN Job Progress (continued) SOFAR: For image copies, the number of blocks that have been read; for backup input rows, the number of blocks that have been read from the files that are being backed up; for backup output rows, the number of blocks that have been written to the backup piece; for restores, the number of blocks that have been processed to the files that are being restored in this one job step; and for proxy copies, the number of files that have been copied TOTALWORK: For image copies, the total number of blocks in the file; for backup input rows, the total number of blocks to be read from all files that are processed in this job step; for backup output rows, the value is 0 because RMAN does not know how many blocks that it will write into any backup piece; for restores, the total number of blocks in all files restored in this job step; and for proxy copies, the total number of files to be copied in this job step Monitoring RMAN Job Progress (notes only) Oracle Database 10g: Backup and Recovery

Monitoring RMAN Job Performance
The following views can be used to monitor backup and restore performance: V$BACKUP_SYNC_IO V$BACKUP_ASYNC_IO The following rows will exist for a backup or restore: One row for each datafile One aggregate datafile row One row for each backup piece Whether or not I/O is synchronous depends on how the controlling process views it. Monitoring RMAN Job Performance The maximum backup speed is limited by the available hardware. It is not possible to back up any faster than the aggregate tape bandwidth. One exception to this is if there are many empty blocks in the datafiles that need not be backed up. One of the components of the backup system will be a bottleneck; which one depends on the relative speeds of the disk, tape drive, and any other transport components such as the network. For example, if the bottleneck is the tape drive, and the tape is streaming, then the backup cannot possibly proceed any faster. Note: If you have synchronous I/O and have set the BACKUP_DISK_IO_SLAVES initialization parameter to TRUE, I/O will be displayed in V$BACKUP_ASYNC_IO. Oracle Database 10g: Backup and Recovery

Interpreting RMAN Message Output
RMAN troubleshooting information can be found in the: RMAN command output RMAN trace file Alert log Oracle server trace file sbtio.log file Interpreting RMAN Message Output The RMAN command output contains actions that are relevant to the RMAN job as well as error messages that are generated by RMAN, the server, and the media vendor. RMAN error messages have an RMAN-nnnn prefix. The output is displayed to the terminal (standard output) but can be written to a file by defining the LOG option or by shell redirection. The RMAN trace file contains the DEBUG output and is used only when the TRACE command option is used. The alert log contains a chronological log of errors, nondefault initialization parameter settings, and administration operations. Because it records values for overwritten control file records, it can be useful for RMAN maintenance when operating without a recovery catalog. The Oracle trace file contains detailed output that is generated by Oracle server processes. This file is created when an ORA-600 or ORA-3113 (following an ORA-7445) error message occurs, whenever RMAN cannot allocate a channel, and when the media management library fails to load. It can be found in USER_DUMP_DEST. The sbtio.log file contains vendor-specific information that is written by the media management software and can be found in USER_DUMP_DEST. Note that this log does not contain Oracle server or RMAN errors. Oracle Database 10g: Backup and Recovery

Using the DEBUG Option The DEBUG option is used to: View the PL/SQL that is generated Determine precisely where an RMAN command is hanging or faulting The DEBUG option is specified at the RMAN prompt or within a run block. The DEBUG option creates an enormous amount of output, so redirect the output to a trace file: $ rman target / catalog rman/rman debug trace trace.log Using the DEBUG Option The DEBUG option displays all SQL statements that are executed during RMAN compilations and the results of these executions. Any information that is generated by the recovery catalog PL/SQL packages is also displayed. In the following example, the DEBUG output is written during the backup of datafile 3, but not datafile 4: RMAN> run { debug on; allocate channel c1 type disk; backup datafile 3; debug off; backup datafile 4; } Remember that the DEBUG output can be voluminous, so make sure that you have adequate disk space for the trace file. This simple backup session that does not generate any errors creates a trace file that is almost a half megabyte in size: $ rman target / catalog rman/rman debug trace sample.log RMAN> backup database; RMAN> host "ls –l sample.log"; -rw-r--r user02 dba Apr 6 10:38 sample.log host command complete Oracle Database 10g: Backup and Recovery

Understanding RMAN Code Layer Error Numbers
Catalog package diagnostics Interphase errors between PL/SQL and RMAN Execution manager server-side errors Low-level keyword analyzer Generated PL/SQL errors and messages General execution manager RESTORE or RECOVER compilation errors General compilation errors Error Range DUPLICATE compilation errors Cause Understanding RMAN Code Layer Error Numbers In the RMAN message stack, you will find errors that are prefixed with RMAN-nnnn, ORA-nnn, and finally errors that are preceded by the line, Additional information. Oracle Database 10g: Backup and Recovery

Interpreting RMAN Error Stacks
Read the stack from bottom to top. Look for Additional information. RMAN identifies the failed command. RMAN-00571: =========================================== RMAN-00569: ======= ERROR MESSAGE STACK FOLLOWS ======= RMAN-03009: failure of backup command on c1 channel at /04/ :18:19 ORA-19506: failed to create sequential file, name="07d36ecp_1_1", parms="" ORA-27007: failed to open file SVR4 Error: 2: No such file or directory Additional information: 7005 Additional information: 1 ORA-19511: Error from media manager layer,error text: Interpreting RMAN Error Stacks Because of the amount of data that RMAN logs, you may find it difficult to identify the useful messages in the RMAN error stack. Note the following tips and suggestions: Because many of the messages in the error stack are not meaningful for troubleshooting, try to identify the one or two errors that are most important. Check for a line that says Additional information followed by an integer. This line indicates a media management error. The integer that follows refers to a code that is explained in the text of the error message. Read the messages from bottom to top because this is the order in which RMAN issues the messages. The last one or two errors that are displayed in the stack are often informative. Look for the RMAN or RMAN message immediately following the banner. The RMAN is the same as RMAN but includes the channel ID. If the failure is related to an RMAN command, then these messages indicate which command failed. The syntax errors generate an RMAN error. Identify the basic type of error according to the error range chart provided earlier in the lesson. If the error is still unclear, refer to the Oracle Database Error Messages manual for more information. Oracle Database 10g: Backup and Recovery

Tuning RMAN RMAN BACKUP and RESTORE operations perform the following tasks: Read or write data. Process data by copying and validating blocks. The slowest of these tasks is referred to as a bottleneck. Tuning RMAN requires that the bottlenecks be identified and addressed. Tuning RMAN RMAN backup and restore operations perform the following distinct tasks: Reading or writing input data Processing data by validating and copying blocks from the input to the output buffers The slowest of these tasks is called a bottleneck. RMAN tuning involves identifying the bottleneck (or bottlenecks) and attempting to make it more efficient by using RMAN commands, initialization parameter settings, or adjustments to the physical media. The key to tuning RMAN is understanding I/O. The backup and restore jobs of RMAN use two types of I/O buffers: disk and tertiary storage (usually tape). When performing a backup, RMAN reads input files by using disk buffers and writes the output backup file by using either the disk or the tape buffer. When performing restores, RMAN reverses these roles. I/O can be synchronous and asynchronous. Synchronous devices perform only one I/O task at a time. Therefore, you can easily determine how much time the backup jobs require. In contrast to synchronous I/O (SIO), asynchronous I/O (AIO) can perform more than one task at a time. To tune RMAN effectively, you must thoroughly understand the concepts of synchronous and asynchronous I/O, disk and tape buffers, and channel architecture. With an understanding of these concepts, you can use fixed views to monitor bottlenecks. Oracle Database 10g: Backup and Recovery

RMAN Multiplexing 1 MB buffers are allocated so that the total buffer size for all the input files is 16 MB. Less than or equal to 4 RMAN allocates four 128 KB disk buffers for each file, so that the total size is 512 KB for each file. Greater than 8 Greater than 4 but less than or equal to 8 Multiplexing Level 512 KB are allocated so that the total buffer size for all the files is less than 16 MB. Allocation Rule RMAN Multiplexing RMAN uses two different types of buffers for I/O: disk and tape. RMAN multiplexing determines how RMAN allocates disk buffers. RMAN multiplexing is the number of files in a backup read simultaneously and then written to the same backup piece. The degree of multiplexing depends on the FILESPERSET parameter of the BACKUP command as well as the MAXOPENFILES parameter of the CONFIGURE CHANNEL or ALLOCATE CHANNEL commands. For example, assume that you back up two data files with one channel. You set FILESPERSET to 3 and set MAXOPENFILES to 8. In this case, the number of files in each backup set is 2 (the lesser of FILESPERSET and the files read by each channel) and the level of multiplexing is 2 (the lesser of MAXOPENFILES and the number of files in each backup set). When RMAN backs up from disk, it uses the algorithm that is described in the table shown in the slide. Note: For best recovery performance, do not set FILESPERSET to a value greater than 8. Oracle Database 10g: Backup and Recovery

Allocating Disk Buffer: Example
Data files Input disk buffers 1 MB 1 MB Channel FILESPERSET = 4 MAXOPENFILES = 4 1 MB Allocating Disk Buffer: Example In the example shown in the slide, one channel is backing up four data files. MAXOPENFILES is set to 4 and FILESPERSET is set to 4. The level of multiplexing is 4 in this example. The total size of the buffers for each data file is 4 MB. To calculate the total size of the buffers that are allocated in a backup set, multiply the total bytes for each data file by the number of datafiles that are being concurrently accessed by the channel, and then multiply this number by the number of channels. Assume that you use one channel to back up four data files, and use the settings that are shown in the slide. In this case, multiply as follows to obtain the total size of the buffers that are allocated for the backup: 4 MB per datafile x 1 channel x 4 datafiles per channel = 16 MB Set the MAXOPENFILES parameter so that the number of files that are read simultaneously is just enough to use the output device fully. This consideration is important when the output device is a tape. 1 MB Oracle Database 10g: Backup and Recovery

Allocating Tape Buffers
If BACKUP_TAPE_IO_SLAVES is TRUE, tape buffers are allocated from the SGA. If BACKUP_TAPE_IO_SLAVES is FALSE, tape buffers are allocated from the PGA. Channel Tape buffers 256 KB Allocating Tape Buffers If you make a backup to a tape device, the Oracle server allocates four buffers per channel for the tape writers (or reads if doing a restore). The Oracle server allocates these buffers only if the channel is an SBT channel. Typically, each tape buffer is 256 KB. To calculate the total size of buffers that are used during a backup or restore, multiply the buffer size by four, and then multiply this product by the number of channels. As illustrated in the example shown in the slide, assume that you use one tape channel and each buffer is 256 KB. In this case, the total size of buffers that are used during a backup is as follows: 256 KB per buffer x 4 buffers per channel x 1 channel = 1024 KB RMAN allocates the tape buffers in the System Global Area (SGA) or the Program Global Area (PGA), depending on whether I/O slaves are used. If the BACKUP_TAPE_IO_SLAVES initialization parameter is set to TRUE, RMAN allocates tape buffers from the shared pool or the large pool if the LARGE_POOL_SIZE initialization parameter is set. If you set the parameter to FALSE, RMAN allocates the buffers from the PGA. If you use I/O slaves, set the LARGE_POOL_SIZE initialization parameter to set aside SGA memory that is dedicated to holding these large memory allocations. By doing this, the RMAN I/O buffers do not compete with the library cache for shared pool memory. Oracle Database 10g: Backup and Recovery

Comparing Synchronous and Asynchronous I/O
Server process writes data to buffer. Server process waits; tape process writes data. 1 2 Server process Tape buffers Server process writes data to new buffer. 4 Tape process signals finish. 3 Comparing Synchronous and Asynchronous I/O When RMAN reads or writes data, the I/O is either synchronous or asynchronous. When the I/O is synchronous, a server process can perform only one task at a time. When it is asynchronous, a server process can begin an I/O and then perform other tasks while waiting for the I/O to complete. It can also begin multiple I/O operations before waiting for the first to complete. You can set initialization parameters that determine the type of I/O. If you set BACKUP_TAPE_IO_SLAVES to TRUE, the tape I/O is asynchronous. Otherwise, the I/O is synchronous. The example in the slide shows synchronous I/O in a backup to tape. The following steps occur in a synchronous transfer: 1. A server process writes blocks to a tape buffer. 2. The tape process writes data to tape. The server process is idle while the media manager copies data from the Oracle buffers to the media manager’s internal buffers. 3. The tape process relays to the server process that it has completed writing. 4. The server process can initiate a new task. Oracle Database 10g: Backup and Recovery

Comparing Synchronous and Asynchronous I/O
Server process writes data to buffer. 1 2 Tape process writes data. Server process Tape buffers Comparing Synchronous and Asynchronous I/O (continued) Many operating systems support native asynchronous I/O and Oracle can take advantage of this feature whenever it is available. It is recommended that you always set BACKUP_TAPE_IO_SLAVES to TRUE when the platform supports it. On operating systems that do not support native asynchronous I/O, Oracle can simulate it by using special I/O slave processes that are dedicated to performing I/O on behalf of another process. You can control disk I/O slaves by setting the DBWR_IO_SLAVES parameter to a nonzero value. Oracle allocates four backup disk I/O slaves for any nonzero value of DBWR_IO_SLAVES. The example in the slide illustrates asynchronous I/O in a backup to tape. The steps that occur in an asynchronous exchange are detailed below: 1. A server process writes blocks to a tape buffer. 2. The tape process writes data to the tape. While the tape process is writing, other server processes are free to process more input blocks and fill more output buffers. 3. The spawned server process writes to the tape buffers while the initial tape process writes to the tape. Server process writes to new buffer while step 2 completes. 3 Oracle Database 10g: Backup and Recovery

Monitoring RMAN Job Performance
The following views can be used to monitor backup and restore performance: V$BACKUP_SYNC_IO V$BACKUP_ASYNC_IO The following rows will exist for a backup or restore: One row for each datafile One aggregate datafile row One row for each backup piece Whether or not I/O is synchronous depends on how the controlling process views it. Monitoring RMAN Job Performance The maximum backup speed is limited by the available hardware. It is not possible to back up any faster than the aggregate tape bandwidth. One exception to this is if there are many empty blocks in the datafiles that need not be backed up. One of the components of the backup system will be a bottleneck—which one depends on the relative speeds of the disk, tape drive, and any other transport components such as the network. As an example if the bottleneck is the tape drive, and the tape is streaming, then the backup cannot possibly proceed any faster. Note: If you have synchronous I/O and have set the BACKUP_DISK_IO_SLAVES initialization parameter to TRUE, I/O will be displayed in V$BACKUP_ASYNC_IO. Oracle Database 10g: Backup and Recovery

Asynchronous I/O Bottlenecks
Use V$BACKUP_ASYNC_IO to monitor asynchronous I/O. If LONG_WAITS + SHORT_WAITS is a large part of IO_COUNT, then the file is probably a bottleneck. LONG_WAITS: Number of times the backup/restore process told the OS to wait until I/O was complete SHORT_WAITS: Calls the backup/restore process made polling for I/O completion in nonblocking mode. WAITS times should be zero to avoid bottlenecks. Asynchronous I/O Bottlenecks You can use V$BACKUP_ASYNC_IO to monitor asynchronous I/O. The LONG_WAITS column shows the number of times the backup or restore process directed the operating system to wait until an I/O was complete. The SHORT_WAITS column shows the number of times the backup/restore process made an operating system call to poll for I/O completion in a nonblocking mode. On some platforms, the asynchronous I/O implementation may cause the calling process to wait for the I/O to complete while performing a nonblocking poll for I/O. The simplest way to identify the bottleneck is to query V$BACKUP_ASYNC_IO for the datafile that has the largest ratio for LONG_WAITS divided by IO_COUNT. Oracle Database 10g: Backup and Recovery

Synchronous I/O Bottlenecks
Synchronous I/O is considered to be a bottleneck. Query the DISCRETE_BYTES_PER_SECOND column from V$BACKUP_SYNC_IO to view the I/O rate. Compare this rate with the device’s maximum rate. If the rate is lower than what the device specifies, this is a tuning opportunity. Synchronous I/O Bottlenecks When using synchronous I/O, it can easily be determined how much time the backup jobs require because devices perform only one I/O task at a time. Oracle I/O uses a polling mechanism rather than an interrupt mechanism to determine when each I/O request completes. Because the backup or restore process is not immediately notified of I/O completion by the operating system, you cannot determine the duration of each I/O. Use V$BACKUP_SYNC_IO to determine the source of backup or restore bottlenecks and to determine the progress of backup jobs. V$BACKUP_SYNC_IO contains rows when the I/O is synchronous to the process (or thread, on some platforms) that is performing the backup. Oracle Database 10g: Backup and Recovery

Tape Backup Speed The following factors affect the speed of the backup to tape: Native transfer rate Tape compression Tape streaming Physical tape block size Tape Backup Speed The tape native transfer rate is the write speed without compression. This speed represents the upper limit of the backup rate. The upper limit of your backup performance should be the aggregate transfer rate of all the tape drives. If the backup is performing at that rate, and an excessive amount of CPU is not being used, then tuning RMAN will not help. Tape compression greatly affects backup performance. If the tape has good compression, then the sustained backup rate is faster. For example, if the compression ratio is 2:1 and the native transfer rate of the tape drive is 6 MB per second, then the resulting backup speed is 12 MB per second. Almost all tape drives currently in the market are fixed-speed, streaming tape drives—that is, these drives can write data only at one speed. As a result, when they run out of data to write to tape, they must slow down and stop. For example, when the drive’s buffer empties, the tape is moving so quickly that it actually overshoots and must rewind past the point where it stopped writing. The physical tape block size can affect the backup performance. The block size is the amount of data that is written by the media management software to a tape in one write operation. The common rule is that a larger tape block size leads to a faster backup. The physical tape block size is controlled by the media management software. Oracle Database 10g: Backup and Recovery

Tape Subsystem Performance Rules
Increasing the number of tape drives or the speed of tape drives provides for faster backup and restore. Allocate one channel per physical device: If more channels than physical drives are used, then the backup sets will be intermingled. This is similar to multiplexing data files. If tape drive is not streaming, then increase the number of files that are multiplexed. Back up the files that are likely to be restored together in the same backup set. Tape Subsystem Performance Rules You can speed up the backup and restore processes by buying more tape drives, faster tape drives, or ideally a combination of the two. It is a waste of system resources to allocate more than one channel per tape drive. If more channels than physical drives are used, then the backup sets will be intermingled. This can adversely affect the time it takes to restore selected files. If a tape drive is not streaming, increasing the number of files multiplexed together may help. Remember that if a small subset of files in a backup set must be restored, the restore will take longer if many files are multiplexed into the backup set. Put just enough files into each backup set to keep the tape drives streaming. It is better to store files that are likely to be restored together in the same backup set. Oracle Database 10g: Backup and Recovery

Controlling Tape Buffer Size with BLKSIZE
Adjust the size of the tape buffer to keep the tape streaming. Use the BLKSIZE option of PARMS to set the desired buffer size: Set BLKSIZE to 1 MB to correspond to the buffer size. RMAN> CONFIGURE CHANNEL DEVICE TYPE SBT_TAPE 2> PARMS="BLKSIZE= "; Controlling Tape Buffer Size with BLKSIZE If the tape is not streaming, but the problem is not due to an incremental backup or by backing up empty files, then try adjusting the block size of the tape buffer. You can change the size of each tape buffer by using the PARMS parameter of the ALLOCATE CHANNEL or CONFIGURE CHANNEL command. If the BLKSIZE parameter for PARMS is supported on your platform, then you can set it to the desired size of each buffer. For example, configure an SBT channel as follows: RMAN> CONFIGURE CHANNEL DEVICE TYPE SBT > PARMS="BLKSIZE= "; Oracle Database 10g: Backup and Recovery

Channel Tuning Use the CONFIGURE CHANNEL and ALLOCATE CHANNEL commands to: Limit the size of backup pieces Prevent RMAN from consuming too much disk bandwidth Determine the level of multiplexing for each channel Channel Tuning You can set various channel limit parameters that apply to operations that are performed by the allocated server session in the CONFIGURE CHANNEL and ALLOCATE CHANNEL commands. The MAXPIECESIZE parameter specifies the maximum size of a backup piece. Use this parameter to make RMAN create multiple backup pieces in a backup set. RMAN creates each backup piece with a size that is no larger than the value that has been specified in the parameter. The RATE parameter specifies the bytes per second that RMAN reads on the channel. This parameter is useful in preventing RMAN from consuming excessive disk bandwidth and degrading OLTP performance. For example, if each disk drive delivers 3 MB per second and you set RATE=1500K, some disk bandwidth will still be available to the online system. The MAXOPENFILES parameter determines the maximum number of input files that a backup or copy can have open at a given time. If not set manually, then the value defaults to 8. The level of RMAN multiplexing is partially determined by MAXOPENFILES. The level of multiplexing in turn determines how RMAN allocates disk buffers. Multiplexing is the number of input files that are simultaneously read and then written into the same backup piece. Oracle Database 10g: Backup and Recovery

Tuning the BACKUP Command
MAXPIECESIZE limits the size of each backup piece. FILESPERSET prevents RMAN from reading from too many disks at once. Tuning the BACKUP Command The MAXPIECESIZE parameter specifies the maximum size of each backup piece created on the channel. The FILESPERSET parameter specifies the maximum number of files to place in a backup set. If you allocate only one channel, then you can use this parameter to make RMAN create multiple backup sets. For example, if you have 50 input datafiles and two channels, you can set FILESPERSET=5 to create 10 backup sets. This strategy can prevent you from splitting a backup set among multiple tapes. Oracle Database 10g: Backup and Recovery

Tuning RMAN Backup Performance
Follow these steps to tune RMAN backup performance: Remove RATE settings from configured and allocated channels. Set DBWR_IO_SLAVES if you use synchronous disk I/O. Set LARGE_POOL_SIZE. Tune RMAN tape streaming performance bottlenecks. Query V$ views to identify bottlenecks. Tuning RMAN Backup Performance Follow this set of steps to obtain the best backup performance: 1. Remove RATE settings from configured and allocated channels. The RATE parameter is used to set the maximum number of bytes (default), kilobytes (K), megabytes (M), or gigabytes (G) that RMAN reads each second on the channel. It sets an upper limit for bytes read so that RMAN does not consume too much disk bandwidth and degrade performance. If your backup is not streaming to tape, ensure that the RATE parameter is not set on the ALLOCATE CHANNEL or CONFIGURE CHANNEL commands. 2. Set DBWR_IO_SLAVES if you use synchronous disk I/O. If your disk does not support asynchronous I/O, then try setting the DBWR_IO_SLAVES initialization parameter to a nonzero value. Any nonzero value for DBWR_IO_SLAVES causes a fixed number (four) of disk I/O slaves to be used for backup and restore, simulating asynchronous I/O. If I/O slaves are used, I/O buffers are obtained from the SGA. The large pool is used if configured. Otherwise, the shared pool is used. Note: By setting DBWR_IO_SLAVES, the database writer processes will use slaves as well. You may need to increase the value of the PROCESSES initialization parameter. 3. Set LARGE_POOL_SIZE as described on the next page. 4. Tune RMAN tape streaming performance bottlenecks as described later in the lesson. 5. Use V$ views as described earlier in the lesson. Oracle Database 10g: Backup and Recovery

Setting LARGE_POOL_SIZE
If LARGE_POOL_SIZE is not set, the Oracle server tries to get memory from the shared pool. If LARGE_POOL_SIZE is not big enough, the server does not allocate buffers from the shared pool. If the server cannot get enough memory, it allocates buffers from the local process memory. The Oracle server writes a message to the alert log indicating that synchronous I/O is used for this backup. Setting LARGE_POOL_SIZE The requests for contiguous memory allocations from the shared pool are small, usually under 5 KB in size. It is possible that a request for a large contiguous memory allocation can fail or require significant memory housekeeping to release the required amount of contiguous memory. The large pool may be able to satisfy the memory request. The large pool does not have a least recently used list, so Oracle does not attempt to age memory out of the large pool. Use the LARGE_POOL_SIZE initialization parameter to configure the large pool. Query V$SGASTAT.POOL to see in which pool (shared pool or large pool) the memory for an object resides. The suggested value for LARGE_POOL_SIZE is calculated as: #_of_allocated_channels * (16 MB + (4*size_of_tape_buffer )) For backups to disk, the tape buffer is obviously 0, so set LARGE_POOL_SIZE to 16 MB. For tape backups, the size of a single tape buffer is defined by the RMAN channel parameter BLKSIZE, which defaults to 256 KB. Assume a case in which you are backing up to two tape drives. If the tape buffer size is 256 KB, then set LARGE_POOL_SIZE to 18 MB. If you increase BLKSIZE to 512 KB, then increase LARGE_POOL_SIZE to 20 MB. Note: The large pool is used only for disk buffers when DBWR_IO_SLAVES > 0 and for tape buffers when BACKUP_TAPE_IO_SLAVES = TRUE. If you are using Automatic Shared Memory Management, the large pool is sized automatically in response to system workload. ksfqxcre: failure to allocate shared memory means sync I/O will be used whenever async I/O to file not supported natively Oracle Database 10g: Backup and Recovery

Tuning RMAN Tape Streaming Performance Bottlenecks
Use BACKUP... VALIDATE to determine whether tape streaming or disk I/O is the bottleneck. Use multiplexing to improve tape streaming with disk bottlenecks. Use incremental backups to improve backup performance with tape bottlenecks. Tuning RMAN Tape Streaming Performance Bottlenecks Perform the following actions to identify and remedy bottlenecks that affect RMAN’s performance on tape backups: Use BACKUP... VALIDATE to determine whether tape streaming or disk I/O is the bottleneck in a given backup job. Compare the time required to run backup tasks with the time required to run BACKUP VALIDATE of the same tasks. BACKUP VALIDATE of a backup to tape performs the same disk reads as a real backup but performs no tape I/O. If the time required for the BACKUP VALIDATE to tape is significantly less than the time required for a real backup to tape, then writing to tape is the likely bottleneck. Use multiplexing to improve tape streaming with disk bottlenecks. In some situations when RMAN is performing a backup to tape, it may not be able to send data blocks to the tape drive fast enough to support streaming. For example, during an incremental backup, RMAN backs up only blocks changed since a previous datafile backup as part of the same strategy. If you do not enable change tracking, RMAN must scan entire datafiles for changed blocks, and fill output buffers as it finds such blocks. If there are not many changed blocks, RMAN may not fill output buffers fast enough to keep the tape drive streaming. You can improve performance by increasing the degree of multiplexing used for backups. This increases the rate at which RMAN fills tape buffers, which makes it more likely that buffers are sent to the media manager fast enough to maintain streaming. Oracle Database 10g: Backup and Recovery

Tuning RMAN Tape Streaming Performance Bottlenecks (notes only)
Tuning RMAN Tape Streaming Performance Bottlenecks (continued) Use incremental backups to improve backup performance with tape bottlenecks. If writing to tape is the source of a bottleneck for your backups, consider using incremental backups as part of your backup strategy. Incremental level 1 backups write only the changed blocks from datafiles to tape, so that any bottleneck on writing to tape has less impact on your overall backup strategy. In particular, if tape drives are not locally attached to the node running the database being backed up, then incremental backups can be faster. Tuning RMAN Tape Streaming Performance Bottlenecks (notes only) Oracle Database 10g: Backup and Recovery

Summary In this lesson, you should have learned how to: Monitor RMAN jobs Troubleshoot RMAN operations Tune RMAN backup performance Oracle Database 10g: Backup and Recovery

Practice Overview This practice covers monitoring RMAN jobs. Oracle Database 10g: Backup and Recovery

Oracle Secure Backup Overview

Objectives After completing this lesson, you should be able to: Describe how Oracle Secure Backup complements the Oracle backup and recovery options Define Oracle Secure Backup terminology Describe Oracle Secure Backup interface options Describe backup management features of Oracle Secure Backup For More Information Oracle Secure Backup Administrator’s Guide Oracle Secure Backup Reference Oracle Database 10g: Backup and Recovery

Oracle Secure Backup Tape Backup Management
Highest levels of tape data protection at the lowest cost Fastest, most efficient Oracle database tape backup Protection of entire Oracle environment including Oracle application files Oracle integrated product Oracle Databases File System Data UNIX Linux Integration with RMAN Windows NAS Oracle Secure Backup Centralized Tape Backup System Oracle Secure Backup Tape Backup Management Business background: The increased demands on the enterprise backup infrastructure require more rigorous service level agreements for backup windows and restoration time, while obtaining reliable data protection within budget. The tape technology meets this challenge by offering high-speed devices and high capacity media with a throughput similar to that of a disk (generally, at a high cost). Oracle Secure Backup 10.1 addresses this issue by providing centralized tape backup management for the Oracle Database and file systems in mixed, diverse environments, thus reducing the cost and complexity of tape backup and restoration. Tape Oracle Database 10g: Backup and Recovery

What Is Oracle Secure Backup?
Centralized tape backup management software: Managing data protection for diverse, distributed servers and tape devices Client/server architecture for backing up and restoring data locally or over the LAN, WAN, or SAN Oracle Secure Backup features: Tape backup management for entire Oracle environment including file systems and the Oracle database Policy-based backup management Secure data protection and interdomain communication Effective media and device management Broad tape device and platform support What Is Oracle Secure Backup? Oracle Secure Backup is centralized tape management software. It enables reliable data protection to tape, and supports the major tape drives and libraries in SAN, Gigabit Ethernet, and SCSI environments. Oracle Secure Backup enables you to do the following: Back up and restore data using a variety of machine architectures. Access local and remote file systems and devices from any location in a network without using Network File System (NFS) or Common Internet File System (CIFS) protocols. Back up to and restore from Oracle Cluster File System (OCFS) on Linux and Windows Use wildcards and exclusion lists to specify what you want to back up. Control secondary storage–based data recording format and compression. Duplex database backups (back up the same files to multiple devices). Each data stream automatically goes to a separate device. Perform full, incremental, or differential backups. Maintain security and limit the users who are authorized to perform data management operations. Support most popular tape drives and libraries. Oracle Database 10g: Backup and Recovery

Oracle Secure Backup: Tape Management and Integration with Oracle Products
Oracle Collaboration Suite configuration files Oracle Application Server configuration files Oracle Database: Versions Oracle9i and later Real Application Clusters File System Data: Oracle Home installations Other nondatabase data Backup and restore Oracle Secure Backup Centralized Tape Backup Management Tape Library Oracle Secure Backup: Tape Management and Integration with Oracle Products Some of the many options available for protecting your Oracle data are backing up solely to disk, backing up to disk as a staging area for tape backups, or backing up directly to tape. Disk backup and restore operations are generally faster than the equivalent tape operations. However, tape backups provide some advantages for long-term backup requirements, such as offsite storage and portability, which allow you to move backups from one data center to another. Oracle Secure Backup provides tape backup management for all your files relating to Oracle products, including: Oracle database backups stored on tape through integration with Recovery Manager Seamless support of Oracle Real Application Clusters (RAC) Support for Oracle Cluster File System (OCFS) and Automatic Storage Management (ASM) Central administration of distributed clients and media servers including: Oracle Application Servers Oracle Collaboration Suite Oracle Home and binaries Oracle Database 10g: Backup and Recovery

Client/Server Architecture Host Roles
Administrative server Maintains configuration settings and backup history catalog Media server Transfers data to or from attached devices Client Contains data to be backed up Administrative server Oracle Secure Backup catalog N E T W O R K Media server Client/Server Architecture Host Roles To configure Oracle Secure Backup, you need to define an administrative domain. An administrative domain is a group of machines on your network that you manage as a common unit to perform backup and restore operations. An administrative domain has one administrative server, one or more clients, and one or more media servers. The administrative server is a machine in your administrative domain that contains a full installation of the Oracle Secure Backup software. This host maintains the backup catalog files and others files for configuration settings and administrative data. The administrative server runs the scheduler, which starts and monitors jobs within the administrative domain. You need one administrative server for each administrative domain at your site. To configure an administrative server, you choose an administrative server installation when installing Oracle Secure Backup on the host. A media server is a machine that has one or more secondary storage devices, such as a tape library, connected to it. A media server transfers data to and from its attached storage devices. During installation, you can configure multiple secondary storage devices on media servers. A client is a machine whose locally accessed data is backed up by Oracle Secure Backup. Most of the machines defined within the administrative domain are clients. Client Data to backup Oracle Database 10g: Backup and Recovery

Oracle Secure Backup for Centralized Tape Backup Management
UNIX or Linux NAS Windows Heterogeneous clients backed up over the network Oracle Secure Backup administrative server LAN Media servers locally backed up Oracle Database Oracle Secure Backup Administrative Domain Tape Library Oracle Secure Backup for Centralized Tape Backup Management The Oracle Secure Backup software offers centralized backup management of heterogeneous clients and servers by storing the backup and configuration data in a central repository called the Oracle Secure Backup administrative server. The administrative server contains a consolidated backup catalog, providing a single location for managing backup policies, scheduling backups for multiple platforms, and managing local and remote tape devices. The configured machines and devices managed by an administrative server make up the Oracle Secure Backup administrative domain, as shown in the slide. The Oracle Secure Backup tape management system minimizes the complexity of managing diverse architectures: Flexible tape device configuration with options for single and multi-hosted tape libraries Support for major tape libraries and tape drives in GbE and SCSI environments Client/server architecture providing centralized administration of distributed media servers over a local area network (LAN) or wide area network (WAN) Oracle Database 10g: Backup and Recovery

Typical SAN Environment
LAN Administrative server SAN Fibre connectivity Oracle Secure Backup: Dynamically shares tape drives attached to the Storage Area Network (SAN) Manages any resource contention Oracle Database Typical SAN Environment Oracle Secure Backup supports Storage Area Network (SAN) environments. The graphic in the slide depicts a typical SAN environment where one or more servers are attached to the SAN along with one or more tape devices. Each of the tape devices attached to the SAN appears local to the servers using SAN. Clients within the administrative domain are backed up over the network to the tape devices on the configured media servers. Oracle Secure Backup automatically manages resource contention for tape drives within the SAN. During a backup or restore operation, a server engages a tape drive, thereby making it temporarily unavailable to other servers. When the operation completes, the tape drive is again available for use by any of the servers using SAN, as permitted by your configuration. When configuring tape devices, you are asked to configure attachments, where each attachment describes a data path between the host and the device itself. A device must have at least one attachment. In a SAN environment, a tape device may have multiple attachments, one for each host that can access the device. The Fibre fabric and switches within the SAN are transparent to Oracle Secure Backup. Therefore, SAN interoperability becomes important at the hardware level. When configuring a SAN, it is recommended to confirm that the hardware components have been tested and certified to work together. Tape devices Oracle Database 10g: Backup and Recovery

Oracle Secure Backup Interface Options
EM Web tool Oracle Secure Backup RMAN obtool SBT Oracle Secure Backup Interface Options As shown in the slide, you can access Oracle Secure Backup in four different ways depending on what you want to do: EM provides a graphical interface to Oracle Secure Backup for users who elect to perform database backup and restore operations through integration with RMAN. You can also perform administrative tasks such as managing media and devices within the Oracle Secure Backup administrative domain. The Enterprise Manager console includes a link to the Oracle Secure Backup Web tool for performing file-system backup and restore operations. You use RMAN to back up your databases directly to tape. RMAN can be accessed either through the RMAN executable or through EM. (This was covered in the previous lessons, so it is not duplicated here.) RMAN communicates with Oracle Secure Backup through the SBT interface. The Web tool is a GUI application that enables you to configure administrative domains, manage operations, browse the backup catalog, and back up and restore data. It provides a graphical and interactive interface to access the obtool utility. You should use this interface when making backups of file system data. The obtool utility provides a command-line interface to Oracle Secure Backup. This interface gives you the same functionalities as the GUI interface. Database operations File system operations Oracle Database 10g: Backup and Recovery

Media Concepts: Overview
Media family Volume set Volume Physical tape Volume Physical tape Backup image Product of a backup operation Media Concepts: Overview Oracle Secure Backup organizes the backups it creates in a simple hierarchy, which comprises the following logical concepts: A “backup image” is the product of a backup operation. A backup image is a file that consists of one or more backup sections. A backup image can be contained within a single volume or it can span multiple volumes. The part of a backup image that fits on a single volume is called a “backup section.” A “volume” is a single unit of media such as an LTO-3 tape. A “volume set” is a group of one or more volumes that contain a complete backup image. A “media family” is a named classification of volumes that share some common attributes, such as the volume naming method, the policies used for writing data to volumes, and the length of time volumes are retained in the media family. When you back up files using Oracle Secure Backup, you generate a volume set that has some common characteristics defined by the media family that you have associated with your backup operation. Set of tapes containing backup images Set of volumes with common characteristics Oracle Database 10g: Backup and Recovery

Backup Pieces and Backup Images
RMAN backup set Oracle database files RMAN backup piece RMAN backup piece … Backup image Backup image Backup Pieces and Backup Images The backup of an Oracle database, created by RMAN, results in a backup set (an RMAN-specific logical structure), which contains at least one backup piece (an RMAN-specific physical file containing the backed up data). Oracle Secure Backup backs up and maintains backup metadata for each RMAN backup piece written to tape within its own catalog. You can browse backup pieces by using obtool or Oracle Secure Backup Web tool. Note: Use RMAN for the management of RMAN backup pieces. If you manage the backup pieces stored on tape by using Oracle Secure Backup utilities instead of RMAN, the Oracle Secure Backup catalog and the RMAN repository can become unsynchronized. The best practice is for backup pieces to be updated through RMAN, not manually by the use of Oracle Secure Backup. Oracle Secure Backup images Oracle Database 10g: Backup and Recovery

Media Management Expiration Policies
Recycling time-managed volumes Write window Retention duration Updates allowed Updates forbidden Time Volume set creation Volume set closed Volume set expiration Recycling content-managed volumes Marked DELETED by RMAN Or Marked DELETED by Oracle Secure Backup Expired Expired Expired Expired Media Management Expiration Policies Oracle Secure Backup automates tape recycling, reusing tapes after the backups or volumes have expired, depending on their user-defined recycling method: Time-managed expiration policies: The expiration time is associated at the volume level for time-managed media families. When the volume expiration date is reached, the volume becomes eligible to be overwritten. Each volume in a volume set will have an expiration date, which is determined as follows: The user-defined write-window determines how long the tape may be appended to after the first tape write event (optional). The user-defined retention time determines how long the volume must be retained after the write-window has closed or after the first tape write event, if a write-window is not defined. If a write-window is not defined, the volume will be appended to, until it is full. The expiration time is the “write-window” time plus the retention time. Backup piece Backup piece Backup piece Backup piece Volume set Oracle Database 10g: Backup and Recovery

MM Expiration Policies Notes
Media Management Expiration Policies (continued) Content-managed expiration policies: The expiration time is associated with the content on the tape, not with the actual volume. With content-managed volumes, the retention period is configured within RMAN by using the recovery window or redundancy setting. Oracle Secure Backup does not associate a specific date with the backup piece, but updates the piece attribute from “content manages use” to “deleted” status as instructed by RMAN. By issuing the RMAN DELETE OBSOLETE command, RMAN deletes any disk backups no longer needed to meet the user-configured retention policies and notifies the media management software (Oracle Secure Backup) about which pieces can be deleted. The expiration status is updated in the Oracle Secure Backup catalog, but the actual pieces are not deleted from tape. Instead, the backup pieces receive the “deleted” attribute. After all backup pieces on a specific tape have a “deleted” attribute, Oracle Secure Backup considers the tape eligible for reuse, and overwrites the tape, when a tape is needed. Note: It is not recommended, but you can remove backup pieces (an RMAN backup piece corresponds to an Oracle Secure Backup backup image) with the Oracle Secure Backup Web tool or the rmpiece command in the obtool utility. These commands remove the backup piece from the Oracle Secure Backup catalog. If you remove a backup piece outside of RMAN, you must use the RMAN CROSSCHECK command to update the RMAN repository and have the removed backup pieces marked as EXPIRED. Then you use the RMAN DELETE EXPIRED command to remove these backup pieces from the RMAN repository. MM Expiration Policies Notes Oracle Database 10g: Backup and Recovery

Oracle Secure Backup Media Family
A named classification of volumes that share the same: Volume identification sequence Write-allowed period Expiration policy (either content- or time-managed) Used to classify and characterize backup types Commonly associated with backup levels, which generally correspond to retention times, such as: Full Incremental Archive log Oracle Secure Backup Media Family Media families provide a way to establish write periods and retention policies for data backed up to various kinds of tapes. You can, for example, establish a media family for all of your backups that remain on site, a separate media family for your backups that are to be stored off site, and a third media family for all your incremental backups. Each media family identifies the length of time that data can be written to a tape and the length of time before the data on a volume expires and is eligible to be overwritten. So, a media family is a classification of backup media that share the same: Volume identification sequence: The volume ID consists of a fixed portion, followed by a sequence number assigned and updated by Oracle Secure Backup. When you create a media family, you specify how to generate volume IDs that become part of the volume label. Write window: The beginning of the write window is the time at which Oracle Secure Backup first writes to a volume in the volume set. The write window is a user-specified time interval that applies to all volumes in the set. Oracle Secure Backup continues to append backups to the volume set until the end of this interval. When the write window closes, Oracle Secure Backup does not allow further updates to the volume set until it expires or is relabeled, reused, unlabeled, or overwritten. Expiration policy: When a volume set expires, Oracle Secure Backup automatically considers each volume in the set eligible to be overwritten. A media family is either content managed (default) or time managed. These two policies are mutually exclusive. Oracle Database 10g: Backup and Recovery

Tape Drives and Libraries
mainlib Tape library robotics move tapes between drives and slots. Tape library Barcode reader scans labels on cartridges. Robotic control ____________________________________________________________________________________________________________________________________________________________________________________________________________________________________ maintd1 Type of tape drive refers to its tape format such as LTO-2 or SDLT600. maintd2 Storage elements (slots) store tapes. maintd3 Tape Drives and Libraries Oracle Secure Backup maintains information about secondary storage devices, tape libraries, and tape drives, so they can be used for local and network backup and restore operations. These devices are easily configured during the installation process, or a new device can be easily added to an existing Oracle Secure Backup environment. Each tape drive and tape library is uniquely identified within an Oracle Secure Backup administrative domain by a user-defined name (for example, mainlib and maintd1). Because Oracle Secure Backup manages tape drive operations, it must explicitly be able to identify the tape drive as well as understand if the tape drive is housed within a tape library. Oracle Secure Backup must further determine which tape slots (storage elements) are available for storing tapes when they are not loaded in a tape drive. Before you can use tape drives or tape libraries with Oracle Secure Backup, you must add the device to the administrative domain. Oracle Secure Backup maintains a distinction between a device and the means by which the device is connected to a host. Each device you configure can have one or more attachments, where each attachment describes a data path between a host and the device itself. Most often, an attachment comprises the identity of a host plus a UNIX device special file name, a Windows device name, or NAS device name. In rare cases, additional information is needed to complete the attachment definition. Device connectivity varies by device: SCSI, Fibre, and iSCSI Oracle Database 10g: Backup and Recovery

Tape Drives and Libraries Notes
Tape Drives and Libraries (continued) A Fibre channel–attached tape drive or tape library often has multiple attachments, one for each host that can directly access it. When a device is attached to multiple hosts, Oracle Secure Backup automatically manages contention for the device so that only one host is permitted access to it at any time. For example, SAN-attached devices often have multiple attachments, one for each host that has local access to the device through its Fibre channel interface. Tape Drives and Libraries Notes Oracle Database 10g: Backup and Recovery

Virtual Tape Libraries (VTL)
Providing the performance advantages of disk backup Disk appliances, emulating tape libraries and drives Most popular virtual tape libraries supported by Oracle Secure Backup (See “Tape Device” compatibility guide on Oracle Technology Network) Increasingly adopted into IT environments Seamlessly deployed without changing backup infrastructure Flexible configuration with user-defined options for number and type of tape emulation Attached to the network or servers, depending on the manufacturer Virtual Tape Libraries (VTL) A virtual tape library leverages traditional tape backup with disk technology to create an optimized backup and recovery infrastructure. Tape emulation software on the disk appliance emulates popular tape devices and formats. Because VTLs identify themselves as tape equipment, for the backup software, they appear identical to the actual tape device that is emulated. VTLs offer the performance advantages of disk backup and they may be seamlessly deployed in a system environment, without changing the backup infrastructure. Note: In this class (where physical tape devices are not available), you use virtual test devices to practice Oracle Secure Backup operations. These virtual test devices are not supported in production use and are different from the commercially sold VTLs. For a list of supported VTLs, refer to Certify on MetaLink. Oracle Database 10g: Backup and Recovery

Managing Data to Be Protected
Recurring or immediate backups scheduled using Enterprise Manager Use RMAN backup levels: full and incremental RMAN backup sets Oracle Database Flexible date/time calendar–based scheduling On-demand backups Frequency of backups Multilevel backups: full, incremental, or off-site Backup options Datasets, user-defined, group hosts, files, or directories to back up Defining what data to back up File System Data Managing Data to Be Protected Managing the backup infrastructure of file-system data and Oracle database data is easily administered with Oracle Secure Backup and RMAN. Defining what data to back up is conceptually similar for file-system and database data. Both require that you, the user, define what to include in the backup. For the database, you use the RMAN backups sets created using RMAN or Enterprise Manager. For file systems, Oracle Secure Backup uses “datasets.” Use the Oracle Secure Backup Web tool to define file-system datasets. After defining what data to back up, you must determine what type of backup is most appropriate to meet your backup and restore requirements. Oracle Secure Backup offers multiple backup levels for file-system backups including full backup levels, multiple incremental levels, and an off-site backup level. The off-site level is actually a full backup performed without interfering with any incremental backup strategies. Oracle Secure Backup also provides flexible scheduling options enabling you to determine ongoing backup schedules based on the day and time granularity. For the Oracle database, RMAN offers full and incremental backup levels that are backed up to tape by Oracle Secure Backup. After you have defined what, how, and how often to back up your data through scheduling, Oracle Secure Backup can automatically implement your backup schedules requiring only manual intervention for hardware errors or media needs. Oracle Database 10g: Backup and Recovery

Oracle Secure Backup Jobs
Log Job ID Type Backup Restore Transcript Oracle Secure Backup Jobs Each backup and restore operation creates a corresponding job. Each job has a unique ID, log, and transcript. Job logs describe high-level events, such as: Job creation Job dispatch Completion times Job transcripts describe the job details: Created at the time of dispatch Updated as the job progresses Reports needs such as “operator assistance required” There are two different job types: Data set jobs for file-system backup or restore Oracle backup jobs for database backup or restore A job summary is a text file report produced by Oracle Secure Backup that describes the status of selected file-system backup and restore jobs. Job summaries may be generated on a regular, repeating basis and sent via to users. Job summaries Oracle Database 10g: Backup and Recovery

Securing Data and Access to the Backup Domain
User-level access control Users assigned to a set of privileges, called classes Consistent user identity mapping OS privileges to Oracle Secure Backup user, called preauthorized access Host authentication Two-way server authentication Encryption Oracle Database 10gR2 backup encryption to tape Data and backup messages encrypted in-transit as part of SSL interdomain communication Securing Data and Access to the Backup Domain An Oracle Secure Backup administrative domain is a network of hosts. Any such network has a level of vulnerability to malicious attacks. The task of the security administrator is to learn the types of possible attacks and how to guard against them. Access Control To access the Oracle Secure Backup software, you must enter a username and password or use preauthorization. Each Oracle Secure Backup user is assigned to a class, which defines the actions that are permitted for that user. Host Authentication All hosts in the administrative domain use SSL and X.509 certificates for identity verification and authentication. Sensitive data is encrypted before transmittal over the network. SSL protects the administrative domain from eavesdropping, message tampering or forgery, and replay attacks. The Web server requires a signed X.509 certificate and associated public and private keys to establish an SSL connection with a client browser. The X.509 certificate for the Web server is self-signed by the installation script when you install Oracle Secure Backup on the administrative server. Oracle Database 10g: Backup and Recovery

Network Backup Security Notes
Securing Data and Access to the Backup Domain (continued) Network Backup Security Note: Currently, the NDMP protocol does not include a mechanism to accommodate the negotiation of an SSL connection to NDMP filers. Encryption File-system backups on tape are not encrypted by Oracle Secure Backup. When you use Oracle Secure Backup to create a new file-system backup, Oracle Secure Backup applies encryption to the data as it passes over the network. After Oracle Secure Backup writes the data to tape, the file system data resides in unencrypted form. When you use RMAN to make an encrypted backup of a database, RMAN encrypts the backup data before it is provided to the SBT interface. If the data is transmitted over the network, Oracle Secure Backup transfers the RMAN-encrypted data without applying additional encryption to the data as it passes over the network. After Oracle Secure Backup writes the data to tape, the data resides on tape in encrypted form. In this case, the encryption is provided by RMAN before the backup is provided to the SBT layer. The Oracle Secure Backup SBT layer is the only supported interface for making encrypted RMAN backups directly to tape. By default, the data sent over the network within an administrative domain, both file system and database, is encrypted through SSL. However, if the database backup data is first encrypted by RMAN, then the data is not further encrypted in transit. To improve performance of backups in a protected network, you can disable encryption for transmitted data by means of the encryptdataintransit security policy. Network Backup Security Notes Oracle Database 10g: Backup and Recovery

Oracle Secure Backup: The Integration Advantage
Key benefits of RMAN and Oracle Secure Backup integration: Exclusive support of RMAN backup encryption to tape Faster, more reliable database backups to tape Single technical support resource, expediting problem resolution EM integration exclusive to Oracle Secure Backup Familiar interface for Oracle customers, reducing any learning curves associated with other products Management of the entire Oracle database backup and recovery from disk (Flash Recovery Area) to tape Advanced security leveraging Oracle’s proven technology Oracle Secure Backup: The Integration Advantage This slide summarizes key benefits of RMAN and Oracle Secure Backup integration over other third-party media management libraries. Details about the security technology are: Secure Socket Layer (SSL) implementation Embedded Oracle wallets Oracle Database 10g: Backup and Recovery

Why Use Oracle Secure Backup?
Intelligent integration with RMAN delivering the best performance and security for database backups Backup encryption performed with Oracle database Faster, smaller backups protecting only used blocks Scalable, low-cost per-tape drive pricing Substantial cost savings over the competition Unlimited clients, servers, and NAS Single technical support resource for entire backup solution expedites problem resolution Reliable, centralized backup management for entire Oracle environment Why Use Oracle Secure Backup? Since Oracle 8.0, RMAN is the recommended backup utility for the Oracle database. It is known for reliable, automated, online protection of data to disk, and is integrated with numerous third-party media management products for backups to tape. Oracle Secure Backup provides an alternative to expensive, third-party tape backup utilities by providing the media management layer for RMAN tape utilization. Oracle Secure Backup 10.1 increases customer return on investment by providing end-to-end tape data protection for your Oracle environment at a fraction of the cost of other tape products. Oracle Secure Backup exclusively provides RMAN encrypted backup to tape. To deliver the fastest database tape backup, Oracle Secure Backup backs up only used blocks (from Oracle Database and higher). This process makes the backups faster and smaller, which also saves space on tape. Oracle Secure Backup (as part of the Oracle technology stack) offers a single-vendor technical resource for complete Oracle database protection. The Oracle Secure Backup installation automatically links the SBT libraries for RMAN tape backups. Oracle Database 10g: Backup and Recovery

Summary In this lesson, you should have learned how to: Describe how Oracle Secure Backup complements the Oracle backup and recovery options Define Oracle Secure Backup terminology Describe Oracle Secure Backup interface options Describe backup management features of Oracle Secure Backup Oracle Database 10g: Backup and Recovery

Installing Oracle Secure Backup

Objectives After completing this lesson, you should be able to: Install Oracle Secure Backup on Linux Choose an Oracle Secure Backup interface Register the Administrative Server in EM Add an Oracle Secure Backup user with preauthorized access For More Information Oracle Secure Backup Installation Guide For supported tape devices, see For supported Web browser, platform and NAS devices, see Oracle’s certification matrix on MetaLink. Oracle Database 10g: Backup and Recovery

Performing Preinstallation Tasks
Confirm that your planned environment is supported. Tape device support matrix on OTN Platform support on Certify on metalink.oracle.com Plan disk space for Oracle Secure Backup. Obtain Oracle Secure Backup software via OTN download or CD. Plan your administrative domain—that is, determine which host will be Administrative Server, which media servers or clients. Obtain SCSI device information (UNIX and Linux). Performing Preinstallation Tasks There is no required sequence between the preinstallation tasks. Check the supported device list on OTN to confirm that your environment is supported: Platform support by host role Tape library and tape drive support Connectivity support Each host that participates in an Oracle Secure Backup administrative domain must have a network connection and run TCP/IP. Oracle Secure Backup uses this protocol for all inter- and intra-machine communication between its own and other system components. Each appliance that employs a closed operating system, such as Network Attached Storage (NAS) and tape servers, is backed up using NDMP. This protocol enables Oracle Secure Backup to access primary and secondary storage controlled by the appliance. Each host that participates in an Oracle Secure Backup administrative domain must also have some preconfigured way to resolve a host name to an IP address. Most systems use one of the name resolution mechanisms: (DNS, NIS, WINS, or a local hosts file) to do this. Oracle Secure Backup does not require a specific mechanism. Oracle Secure Backup requires only that, upon presenting the underlying system software with an IP address you have configured, it obtains an IP address corresponding to that name. Oracle Database 10g: Backup and Recovery

Installation and Configuration of the Administrative Domain
1. Software installation 2. Configure additional hosts and tape devices Client Tape drives and libraries OTN CD-ROM Administrative server Media server Installation and Configuration of the Administrative Domain The installation and configuration of your administrative domain includes the following: Install the Oracle Secure Backup software itself on each of your hosts except NDMP-enabled hosts such as Network Attached Storage (NAS) filers. Define your administrative domain on the administrative server. This step involves defining all media servers, clients, and NAS filers. When installing a media server, Oracle Secure Backup device attachments are created as part of the device driver installation process. These attachments are used during the device definition. Make the administrative server aware of the tape devices that exist in your administrative domain. On each defined media servers, you need to configure the directly attached SCSI and Fibre Channel devices (tape libraries and tape drives). If you use a NAS filer with attached tape libraries and tape drives, you can use Oracle Secure Backup commands to discover these devices; this allows Oracle Secure Backup to recognize and communicate with the NAS-attached devices. Oracle Database 10g: Backup and Recovery

Performing Installation Tasks
Log in as the root user. Create an Oracle Secure Backup home directory. Change your directory to the <OSB_Home> directory. Run the setup program and respond to the prompts. [stage] $ su Password: [stage]# mkdir -p /usr/local/oracle/backup [stage]# cd /usr/local/oracle/backup [backup]# /stage/osb_10_1cdrom/setup Performing Installation Tasks The recommended directory for installing the Oracle Secure Backup software is /usr/local/oracle/backup. You can install the software in a different directory, if desired. However, then the printed and online documentation for Oracle Secure Backup may not agree with your actual commands, output, and GUI screens. For users new to Oracle Secure Backup, this can add an unwanted layer of confusion. In this course, you use the default directory: /usr/local/oracle/backup as <OSB_Home>. Note: There is no default “OSB_Home” environment variable, which is used to refer to this directory, unlike the ORACLE_HOME variable used with Oracle Database installations. After your <OSB_Home> directory is created, change your current directory to the <OSB_Home> directory, and execute the setup program from your staging area, which in this example is the /stage/osb_10_1cdrom directory. If you use your CD-ROM drive as your staging area, use a command similar to /cdrom/cdrom0/setup. In the above example, a stage directory is used instead of a CD-ROM drive. Oracle Database 10g: Backup and Recovery

Administrative Server Installation: Example
Welcome to Oracle's setup program for Oracle Secure Backup. This program loads Oracle Secure Backup software from the CD-ROM to a filesystem directory of your choosing. This CD-ROM contains Oracle Secure Backup version Please wait a moment while I learn about this host... done. You may load any of the following Oracle Secure Backup packages: 1. linux32 (RH 2.1, RHEL 3, RHEL 4, SuSE 8, SuSE 9) administrative server, media server, client 2. solaris64 (Solaris 2.8 and later, SPARC) Enter a space-separated list of packages you'd like to load. To load all packages, enter 'all' [1]: 1 Administrative Server Installation: Example As you can see, several numeric choices are displayed for various platforms, including Solaris, and several flavors of Linux. Select the number that corresponds to the installation package for the UNIX platform that you are running. The above example uses Linux. You have the option of selecting multiple machines on which to install Oracle Secure Backup. Simply list all package numbers, separated by spaces, on the same line. For example, to install Oracle Secure Backup software for Solaris and Linux machines, you would respond as shown here: To load all packages, enter 'all' [1]: 1 2 If you choose to install packages for other operating systems on the local host, you can use these files to install Oracle Secure Backup on designated hosts in the administrative domain by using a network connection. Oracle Database 10g: Backup and Recovery

Loading Oracle Secure Backup installation tools... done. Loading linux32 administrative server, media server, client... done. Loading of Oracle Secure Backup software from CD-ROM is complete. You may unmount and remove the CD-ROM. Would you like to continue Oracle Secure Backup installation with 'installob' now? (The Oracle Secure Backup Media Management Installation Guide contains complete information about installob.) Please answer 'yes' or 'no' [yes]: yes Administrative Server Installation: Example (continued) installob is the primary installation script for Oracle Secure Backup. It can be called in a stand-alone fashion by invoking the installob shell script. Oracle Database 10g: Backup and Recovery

Welcome to installob, Oracle Secure Backup's UNIX installation program. It installs Oracle Secure Backup onto one or more UNIX, Linux, or other supported open-source systems on your network. (Install Oracle Secure Backup for Windows using the CD-ROM from which you loaded this software.) For most questions, a default answer appears enclosed in square brackets. Press Enter to select this answer. Please wait a few seconds while I learn about this machine... done. Have you already reviewed and customized install/obparameters for your Oracle Secure Backup installation [yes]? yes Administrative Server Installation: Example (continued) A preconfigured obparameters file was created during the installation process. If you respond yes, the installation continues. If you respond no to the above prompt, you will be prompted to rerun installob after updating the parameter file. You can use a text editor to edit the obparameters file in the /usr/local/oracle/backup/install/ directory (referred to as the <OSB_Home>/install directory). Various parameters are defined that you can configure to meet the needs of your business. For example, you can modify parameters for: Oracle Secure Backup daemon observiced automatic startup at boot time Automatic creation of an Oracle Secure Backup user, called oracle, that is assigned the oracle class, and preauthenticated to be used by RMAN Oracle Secure Backup directory names Oracle Database 10g: Backup and Recovery

You can choose to install Oracle Secure Backup in one of two ways: (a) interactively, by answering questions asked by this program, or (b) in batch mode, by preparing a network description file Use interactive mode to install Oracle Secure Backup on a small number of hosts. Use batch mode to install Oracle Secure Backup on any number of hosts. Which installation method would you like to use (a or b) [a]? a Administrative Server Installation: Example (continued) You continue with the installation using one of the following two methods: If you quit the setup program to modify the obparameters file, then start the installob script using the following commands (logged in as root): # cd <Oracle Secure Backup software directory> # install/installob (The Oracle Secure Backup software is installed by default in the /usr/local/oracle/backup directory) If you did not exit the setup program, indicate that the obparameters file is acceptable, and the program continues by calling the installob installation script. You then select one of the following installation modes: (a) interactive mode: The software is installed on one machine at a time. After each installation, you are asked if you want to install the software on another machine. (b) batch mode: You can use this to create or modify a network description file, which is a text file that describes your network configuration. The setup program uses the information in this file to push the subset of the Oracle Secure Backup software that is required for Oracle Secure Backup to run on the remote machine. Oracle Database 10g: Backup and Recovery

Oracle Secure Backup is not yet installed on this machine. Oracle Secure Backup's Web server has been loaded, but is not yet configured. You can install this host one of three ways: (a) administrative server (the host will also be able to act as a media server or client) (b) media server (the host will also be able to act as a client) (c) client If you are not sure which way to install, please refer to the Oracle Secure Backup Installation Guide. (a,b or c) [a]? a Administrative Server Installation: Example (continued) After specifying the method of installation, you specify the role for this machine. In this example, this is the first time Oracle Secure Backup is being installed on the network, so you choose an administrative server installation. Oracle Database 10g: Backup and Recovery

Beginning the installation. This will take just a minute and will produce several lines of informational output. Installing Oracle Secure Backup on edrsr10p1 (Linux version ELsmp) You must now enter a password for the Oracle Secure Backup 'admin' user. Oracle suggests you choose a password of at least 8 characters in length, containing a mixture of alphabetic and numeric characters. Please enter the admin password:oracle << not echoed >> Re-type password for verification:oracle << not echoed >> Administrative Server Installation: Example (continued) Choose a password for the admin user, which follows your security strategies. During the software installation, the installob script displays output relating to the actions it performs. This information varies among operating systems. The output may also be different if the obparameters file was modified. generating links for admin installation with Web server checking Oracle Secure Backup's configuration file (/etc/obconfig) setting Oracle Secure Backup directory to /usr/local/oracle/backup in /etc/obconfig setting local database directory to /usr/etc/ob in /etc/obconfig setting temp directory to /usr/tmp in /etc/obconfig setting administrative directory to /usr/local/oracle/backup/admin in /etc/obconfig protecting the Oracle Secure Backup directory removing /etc/rc.d/init.d/qrserviced creating /etc/rc.d/init.d/observiced activating observiced via chkconfig initializing the administrative domain creating default oracle user Oracle Database 10g: Backup and Recovery

Is edrsr4p1 connected to any tape libraries that you'd like to use with Oracle Secure Backup [no]? no Is edrsr4p1 connected to any tape drives that you'd like to use with Oracle Secure Backup [no]? no Would you like to install Oracle Secure Backup on any other machine [yes]? no Installation summary: Installation Host OS Driver OS Move Reboot Mode Name Name Installed? Required? Req? admin edrsr4p1 Linux no no no Oracle Secure Backup is now ready for your use. Administrative Server Installation: Example (continued) After the Oracle Secure Backup software has been installed, you are asked if you want to configure any tape libraries that might be attached to the current host. If you do not have any devices to configure, or you do not want to configure the devices at this time, you can press [Enter] to accept the default value of no. You can configure devices at a later time using EM or the makedev interface. Next, you are given the option of performing a remote installation of Oracle Secure Backup to another machine using the software already installed on the administrative server. In this example, you decide not to perform any further installations from this machine. After the software installation completes, an installation summary appears. Oracle Database 10g: Backup and Recovery

Wizard-Based Installation on Windows
Start your Windows installation by running the setup.exe program. This activates the InstallShield wizard. Answer the questions of the InstallShield wizard, such as your customer information, your server role definition, your predefined Oracle user, and other questions needed to complete the installation on a Windows server. Oracle Secure Backup supports configuring the administrative domain on a host running the Windows operating system. To support running an administrative server on Windows, the GNU SMTP implementation is replaced with an Oracle-developed one. During the installation process, the Oracle Secure Backup Setup wizard copies all Oracle Secure Backup files to the local host and generates Windows Registry entries. The default directory on Windows is C:\Program Files\Oracle\Backup\, which is different from the recommended UNIX directory of usr/local/oracle/backup. Oracle Database 10g: Backup and Recovery

Oracle Secure Backup Interfaces
Web tool obtool . Enterprise Manager interface Oracle Secure Backup Interfaces You can use either the GUI interface or the obtool command-line interface (CLI) to access the Oracle Secure Backup information. In all cases, you must use a valid username and password. For example, if you want to view the Oracle Secure Backup users, you can choose any of these three interfaces: You can start the Web tool by entering into your Web browser. Click the Configure tab, and then click Users. You can start Enterprise Manager by entering into your Web browser, and then select the following: Maintenance > Oracle Secure Backup Device and Media > Configure > Users. You can start the obtool command line by entering obtool in a terminal window, and then the lsuser command. Note: Enterprise Manager is the recommended interface. Oracle Database 10g: Backup and Recovery

Integration with Enterprise Manager
The Oracle Secure Backup Device and Media link evokes the Oracle Secure Backup Administrative Server page in EM. The File System Backup and Restore link evokes the Oracle Secure Backup Web tool. Integration with Enterprise Manager Oracle Secure Backup has been integrated with Enterprise Manager (Database Control and Grid Control). It can be accessed through the Maintenance page. By using the EM interface, you can manage the Oracle Secure Backup administrative domain, performing tasks such as adding or deleting media servers or tape devices, and scheduling RMAN backups for the database. The Web tool is the best interface to use file-system backups, adding and deleting clients, managing defaults and polices, and managing Oracle Secure Backup users. Oracle Database 10g: Backup and Recovery

Oracle Secure Backup Administrative Server Page
em_admin_server_home.gif Oracle Secure Backup Administrative Server Page Within the Enterprise Manager framework, Oracle Secure Backup has an intuitive Administrative Server home page that provides an overview of your administrative domain. From this management console, you can perform management tasks for the administration domain by clicking the appropriate links: Administrative server (the Edit settings link) Media servers Media families Volumes (the Details link) Devices (the Manage link, or click the device name in the Devices table) Note: For file-system backups, a link to invoke the Oracle Secure Backup Web tool is conveniently located at the bottom of the page. Oracle Database 10g: Backup and Recovery

Configuring the Administrative Server in EM
Before you can use Enterprise Manager to manage your administrative domain, you must first configure the administrative server information within EM. Connect to the EM Database Control on the administrative server. From the Maintenance page, click the “Oracle Secure Backup Device and Media” link in the Oracle Secure Backup section. This takes you to the Add Administrative Server page if this is the first time you are trying to access Oracle Secure Backup from Database Control on that host. On the Add Administrative Server page, you need to specify the Oracle Secure Backup home directory, which is the directory specified during the software installation. EM assumes that the local host is the Oracle Secure Backup administrative server and enters the local host name for the administrative server name. After specifying the administrative server host, you need to enter the Oracle Secure Backup administrative username and password (for example, admin). Then, click OK. You can also navigate to the Add Administrative Server page by clicking the Backup Settings link on the Maintenance page. When the Backup Settings page is displayed, scroll down to the Oracle Secure Backup section and click Configure. On the Administrative Server Login page, you can choose the “Add a new administrative server” option, or change the current login information. Oracle Database 10g: Backup and Recovery

Oracle Secure Backup Web Tool Home Page
web_home_page.gif Oracle Secure Backup Web Tool Home Page The Oracle Secure Backup Web tool Home page provides a snapshot of the current status of Oracle Secure Backup jobs and devices, presenting important summary information to administrators and users. The Home page includes the schedule times and statuses of recent jobs as well as job IDs, job type, and job level. Oracle Secure Backup provides a link for failed jobs, alerting users and administrators to potential trouble spots. The Devices link lists the devices associated with each job along with information concerning device type, device name, and status. This page provides you with an overall sense of the various backup or restore processes that are going on. The Web tool provides a graphic interface for just about all of the Oracle Secure Backup features, such as: Flexible scheduling options for backups of file-system data: Specify backups based on time of day, days of the week, month, quarter, or year Schedule backups to start immediately or at a future date Backup windows to minimize impact on day-to-day backup operations Ability to create off-site backups for remote storage without disturbing currently scheduled incremental backups of the same data Oracle Database 10g: Backup and Recovery

Common obtool Commands
Category obtool Command Hosts lshost -l Devices lsdev Storage selectors lsssel User info id, lsuser, lsclass Jobs and schedules lsjob [-a | -c | -p] lsbw (backup windows) lssched Backups lsds (for dataset information) lspiece (for RMAN backup pieces) lsbackup (for file system backups) lssection (for backup image sections) Media families lsmf --long Volumes lsvol --all or lsvol --library <libname> Common obtool Commands The table in the slide lists some of the common obtool commands you can use to query the Oracle Secure Backup administrative and catalog data. Depending upon the information you want to retrieve, you may use additional options to specify the amount of information returned, such as listing all the volumes for a particular media family or listing only completed jobs. Oracle Database 10g: Backup and Recovery

Configuring Oracle Secure Backup Users
The Users page lists all the users authorized by Oracle Secure Backup along with their class names and addresses. Oracle Database 10g: Backup and Recovery

Adding Oracle Secure Backup Users
To configure one or more users, perform the following steps: 1. From the Web tool Home page, click the Configure tab in the menu bar. 2. Click Users in the submenu under Basic. The Users page appears. 3. Click the Add button to add a new user. A dialog box appears for entering a username. 4. Enter a username in the User field. Formally, it is unrelated to any other name used in your computing environment or the Oracle Secure Backup administrative domain. Practically, you might find it convenient to choose Oracle Secure Backup usernames that are identical to users’ Windows or UNIX names. 5. Enter a password for the user in the Password field. This password is used to log in to Oracle Secure Backup. 6. Select a class from the User class list. 7. Optionally, enter a given name in the Given name filed. This name is for information purposes only. 8. Enter a UNIX name for this account in the UNIX name field. This name forms the identity of any nonprivileged jobs run by the user on UNIX systems. If this Oracle Secure Backup user will not, or is not permitted to, run Oracle Secure Backup jobs on UNIX systems, the user can leave this field blank. Oracle Database 10g: Backup and Recovery

Adding Oracle Secure Backup Users Notes
Adding Oracle Secure Backup Users (continued) Enter a UNIX group name for this account in the UNIX group field. This name forms the identity of any nonprivileged jobs run by the user on UNIX systems. In the NDMP server user list, select “yes” if you want Oracle Secure Backup’s NDMP server to accept a login from this user using the username and password you have supplied. This is not required for normal Oracle Secure Backup operation and is typically set to “no.” Enter the address for the user in the address field. When Oracle Secure Backup wants to communicate with this user, such as to deliver a summary report or notify the user of a pending input request, it does so by sending an to this address. Choose one of the following: Click Apply to add the user account and remain in this page. Click OK to add the user account and return to the Users page. The user account appears in the User Name box on the Users page. A message appears in the Status box informing you that the user was successfully added. Click Cancel to avoid the operation and move back one page. If the user you configured needs to initiate backup and restore operations on Windows clients, refer to the “Assigning Windows Account Information” section. Note: Oracle Secure Backup creates the admin user when a new administrative domain is initialized. You cannot remove the admin user. Adding Oracle Secure Backup Users Notes Oracle Database 10g: Backup and Recovery

Preauthorizing Access
To provide preauthorized access, you can modify parameters for an existing user account: 1. From the Users page, select the name of the user from the User Name box. 2. Click the Edit button. A page appears with details for the user you selected. 3. Make any required changes. To modify users, you need to be a member of a class that has this right enabled. 4. Choose one of the following: Click Apply to remain in this page. Click OK to save the changes and return to the Users page. Click Cancel to avoid the operation and move back one page. If your Oracle Secure Backup user needs to initiate backup and restore operations on Windows clients, then you need to add Windows Domains information. To configure RMAN and/or command-line preauthorization, click Preauthorized Access and specify the appropriate attributes. The combination of Hosts, OS username, and Windows domain name must be unique. Note: For more information about the Oracle Secure Backup user, see the lesson titled “Managing Oracle Secure Backup Security.” Oracle Database 10g: Backup and Recovery

Summary In this lesson, you should have learned how to: Install Oracle Secure Backup on Linux Choose an Oracle Secure Backup interface Register the administrative server in EM Add an Oracle Secure Backup user with preauthorized access Oracle Database 10g: Backup and Recovery

Practice Overview This practice covers the following topics: Creating your Oracle Secure Backup home directory Installing the Oracle Secure Backup software Configuring virtual test devices Registering your administrative server with EM Inserting four volumes into the tape library Defining a new Oracle Secure Backup user Configuring preauthorization for this user Note: Completing all practice steps is a prerequisite for all the following practices. Oracle Database 10g: Backup and Recovery

Using RMAN and Oracle Secure Backup

Objectives After completing this lesson, you should be able to: Create database backup storage selectors Describe integrated disk and tape backup Perform Oracle-suggested backup to tape Determine database recovery Oracle Database 10g: Backup and Recovery

RMAN and Oracle Secure Backup Basic Process Flow
5 RMAN 1 4 2 Administrative server 3 Oracle Secure Backup Client: Database server Data being backed up Media server RMAN and Oracle Secure Backup Basic Process Flow 1. RMAN initiates backup. 2. Oracle Secure Backup creates the backup job. 3. Oracle Secure Backup executes the job (transfers data from client to media). 4. Oracle Secure Backup updates its own catalog. 5. RMAN updates its repository. Oracle Database 10g: Backup and Recovery

RMAN Database Backup to Tape
1. Configure 2. Perform Backup and Restore Oracle Secure Backup Interface Options Oracle server session SBT library Database backup storage selector RMAN Oracle Secure Backup Preauthorized RMAN user Enterprise Manager RMAN Database Backup to Tape The RMAN database backup to tape consists of two steps: 1. Configure preauthorization and a database storage selector in Oracle Secure Backup. 2. Use RMAN to perform your backup and restore operation. When you install Oracle Secure Backup, the installer automatically performs the following tasks: Copies the SBT library to the /lib subdirectory of the <OSB_Home> directory Creates a symbolic link to the library in the /lib or /usr/lib directory So, by default, you are automatically using Oracle Secure Backup each time you allocate an SBT_TAPE channel with RMAN. On a host that has Oracle Secure Backup installed, RMAN searches for and loads the SBT library, when an SBT channel is allocated. RMAN looks in a platform-specific default location for the SBT library. On UNIX or Linux, the default library file name is $ORACLE_HOME/lib/libobk.so, with the extension name varying according to platform: .so, .sl, .a, and so on. On Windows, the default library location is %ORACLE_HOME%\bin\orasbt.dll. When you access Oracle Secure Backup from RMAN, all you do is allocate a channel of type SBT_TAPE, and then run RMAN commands to back up or restore your database. Oracle Database 10g: Backup and Recovery

Database Backup Storage Selector
Database name Wait time Database ID Database backup storage selector Copy number Host Restricted devices Media family Database Backup Storage Selector Database backup storage selectors are for backups of Oracle databases. Oracle Secure Backup uses information encapsulated in storage selectors to interact with RMAN when performing backup operations. Oracle Secure Backup maintains storage selectors as an object type on the administrative server. When RMAN performs an Oracle database backup to devices and media managed by Oracle Secure Backup, RMAN passes the database name, content type, and copy number to Oracle Secure Backup. With this information Oracle Secure Backup determines the corresponding database backup storage selector. This selector informs Oracle Secure Backup which devices, if any, to restrict this backup to and which media family (if any) to use. Database backup storage selectors enable you to specify which resources should be used by SBT backups. A database backup storage selector object contains the following information: The database name or ID. An asterisk character (*) indicates that the storage selector applies to all databases. The name of the hosts to which this selector applies. An asterisk character (*) indicates that the storage selector applies to databases residing on all available hosts. Content Oracle Database 10g: Backup and Recovery

Database Backup Storage Selector Notes
Database Backup Storage Selector (continued) The name of the media family to use for backups under the control of this storage selector object The backup content to which this selector applies. The content may be one or more of the following: archivelog: Backs up or restores database archived redo logs full: Backs up or restores the database files, regardless of when they were last backed up. This option is the same as a level 0 backup. incremental: Backs up or restores only data that has been modified since the last backup, regardless of the backup level autobackup: Backs up or restores control files * : Represents all content types The names of devices to which backups controlled by this storage selector are restricted. You specify the restriction in one of the following forms: <devicename>: Uses the specified device @<hostname>: Uses any device of the specified host Uses the specified device attached to the specified host When more than one device restriction is specified in a list, Oracle Secure Backup selects only one of them from the list. The RMAN copy number to which this selector applies. This is configured for use with the RMAN commands BACKUP … COPIES or CONFIGURE BACKUP COPIES to duplex backup sets to protect against disaster, media damage, or human error. The copy number must be an integer in the range of 1 through 4. The default value is an asterisk (*), which indicates that the storage selector applies to any copy number. How long to wait for the availability of resources required by backups under the control of this storage selector. The resource wait time is specified as a duration, which has the following format: duration::= forever | disabled | number {[seconds] | [minutes] | [hours] | [days] | [weeks] | [months] | [years]} If the resources do not become available during the specified wait time, RMAN fails the job. Note: For more information about creating and managing database backup storage selectors, refer to the obtool topic, “Database Backup Storage Selector Commands,” in the Oracle Secure Backup Reference manual. Database Backup Storage Selector Notes Oracle Database 10g: Backup and Recovery

Defining Database Storage Selectors
Storage selectors are created, named, and modified by a user belonging to a class with the modify administrative domain's configuration right. To create a database backup storage selector, perform the following steps: 1. In EM Database Control, click the Maintenance tab. 2. On the Maintenance page, click the Configure Backup Settings link. 3. On the Configure Backup Settings page, click Configure in the Oracle Secure Backup section. This takes you to the Backup Storage Selectors page. From there, you can manage your backup storage selectors. Then, click Return. You can also use the following example command to create a database storage selector: mkssel -c * -d * -i * -h EDRSR14P1 -r vt1 ssel1 This example creates a database backup storage selector that is valid for any Oracle database located on the EDRSR14P1 host. The storage selector object is called ssel1, and it restricts backups to the vt1 tape drive. The lsssel command enables you to list the defined database backup storage selectors in your administrative domain. Oracle Database 10g: Backup and Recovery

Media Families and RMAN
The default content-managed media family is RMAN-DEFAULT. Thus, creating media families for use in RMAN backups is optional. You may find it useful to create different media families for the different types of backup sets that you create with RMAN. For example, you may want to create a media family for archived redo log backups and a separate media family for datafile backups. You can create media families in Enterprise Manager. On the Administrative Server page, you can click the link corresponding to the Media Families number. This takes you to the Media Families page, where you can create new media families and manage the existing media families used by Oracle Secure Backup. Alternatively, you can use the Oracle Secure Backup Web tool to create these media families or use the mkmf command in obtool. Note: For more information about how to manage media families within Oracle Secure Backup, refer to the Oracle Secure Backup Administrator’s Guide. Oracle Database 10g: Backup and Recovery

Oracle Database Disk and Tape Backup Solution
Flash Recovery Area space managed by RMAN Automatic restores from disk or tape without user-specified destination Optimized backup to tape Oracle Databases Flash Recovery Area RMAN RMAN Backup directly to tape Backup from disk to tape --- OR --- Oracle Secure Backup Media Management Layer Oracle Database Disk and Tape Backup Solution The Oracle Database 10g (and later) has a Flash Recovery Area, which is a unified disk storage location for all database recovery–related files. RMAN manages the disk space in the Flash Recovery Area. With the Flash Recovery Area and Oracle Secure Backup, you can easily deploy a comprehensive disk and tape backup and recovery strategy for your Oracle databases. By putting RMAN in control of your backup and restore operation, you simplify your availability-related processes. You have the most effective restore process because RMAN automatically restores from the best backup source (which can be disk or tape). If the most recent backup is not available, RMAN continues with a previous backup. This failover can be from disk to tape. It does not require any user intervention. Enterprise Manager Oracle Database 10g: Backup and Recovery

Backing Up the Flash Recovery Area to Tape
One simple RMAN command: BACKUP RECOVERY AREA Advantages of using the Flash Recovery Area to tape: Performing optimized backups to tape First restoring from Flash Recovery Area for maximum performance, then using tape (if needed) Reducing I/O on databases (separate disk group) Backing Up the Flash Recovery Area to Tape To back up the Flash Recovery Area to tape with Oracle Secure Backup, you issue one RMAN command: BACKUP RECOVERY AREA. Using this disk to tape backup method (instead of performing a separate backup of the production database to tape) provides a few distinct advantages: Saves tape resource with optimized backups of the Flash Recovery Area. It eliminates unnecessary backup of files, which are already on tape. Enables RMAN to utilize better restore intelligence: first from disk, then tape as needed. Otherwise, RMAN use the most recent backup regardless of the storage media. Reduces I/O (important for production databases) because the Flash Recovery Area uses a separate disk group Oracle Database 10g: Backup and Recovery

Defining Retention for RMAN Backups
Achieving retention policy with both disk and tape backups Defining an RMAN RECOVERY WINDOW retention policy Using the RMAN DELETE OBSOLETE command: Deleting obsolete files on disk Notifying Oracle Secure Backup of backup pieces that are no longer needed Defining content-managed media families for RMAN and Oracle Secure Backup (recommendation) Now File1 File2 Seven-day retention RMAN recovery window Defining Retention for RMAN Backups By defining retention periods within RMAN, a combination of disk and tape backups are utilized to meet your recovery requirements. When using the Flash Recovery Area and Oracle Secure Backup, the recommended RMAN retention policy is the user-defined RECOVERY WINDOW option. This means, you define a period of time within which point-in-time recovery must be possible. When defining this recovery window, consider also the following: Base retention on recovery needs Size Flash Recovery Area based on desired disk recovery capability Schedule disk and tape backups through RMAN or EM If your recovery plan allows for restoration from disk for a certain number of hours each day, the Flash Recovery Area should be sized to hold the recovery-related files for this time period. The amount of time backups remain within the Flash Recovery Area is determined by the amount of available disk space, not by a specific time setting. Oracle Database 10g: Backup and Recovery

Backup Settings Backup Settings In Enterprise Manager, you must configure “Tape Drives” (in this screenshot set to 1) and you must configure a database backup storage selector. Optional, but recommended: You should test your tape drive. Oracle Database 10g: Backup and Recovery

Scheduling Backups with EM
With the EM Database Control Console, you can schedule backups to disk, tape, or both: 1. To schedule a backup, click the Schedule Backup link from the Maintenance page. 2. On the Schedule Backup page, you can choose either the Oracle-suggested backup strategy, or configure a customized backup. In the screenshot shown in the slide, the Oracle-suggested strategy is chosen by clicking the Schedule Oracle-Suggested Backup button. Regardless of whether you accept the suggested backup method or devise your own, you can choose the type of storage media to use for your backups. The Oracle-suggested backup strategy makes a one-time, whole-database backup, which is performed online. This is a baseline incremental level 0 backup. The automated backup strategy then schedules incremental level 1 backups for each following day. By selecting Customized, you gain access to a wider range of configuration options. Select the objects that you want to back up—the whole database (the default) or individual tablespaces, datafiles, archived logs, or any Oracle backups currently residing on the disk (to move them to the tape). Oracle Database 10g: Backup and Recovery

Oracle-Suggested Backup to Tape
This is the example for you to explore during your practice session. Oracle Database 10g: Backup and Recovery

RMAN and Oracle Secure Backup Job Execution
To verify that your RMAN and Oracle Secure Backup job executed successfully, review: Output Log (you can see how RMAN first uses the disk, then the tape) EM Backup Reports (accessible from the EM Maintenance page) Oracle Database 10g: Backup and Recovery

Managing Database Tape Backups
Managing Tape Backups Use the Manage Current Backups page to search for and display a list of backup sets or backup copies. You can then perform management operations on selected copies, sets, or files. You can access this page from the Maintenance page. The Manage Current Backups page displays both disk and tape backups, as shown in the slide. Use the Search section to find backup sets or copies using Status filters to isolate specific objects. You can use the Contents options to further filter the results list. You can then use the available functions on the Manage Current Backups page to manage the files or sets displayed in the Results table. You can use Catalog Additional Files to catalog backup pieces on disk or to add metadata to the RMAN repository when adding a new database to an RMAN recovery catalog. You can ensure that data about backups in the recovery catalog or control file is synchronized with the corresponding data on disk or in the media management catalog by performing the Crosscheck All function and scheduling the operation as a job. Oracle Database 10g: Backup and Recovery

Managing Tape Backups Notes
Managing Tape Backups (continued) You can use the Delete All Obsolete function to remove backups that are obsolete, or eligible for deletion. You can use the function to create a job that removes the physical files, deletes the recovery catalog records (if you use a catalog), and updates the records in the target control file to the DELETED status. If the backup is stored on tape and managed by Oracle Secure Backup, the Oracle Secure Backup catalog is also updated to indicate that the backup pieces are deleted. You can create a job using the Delete All Expired function to remove expired records. First, use the Crosscheck All function to determine whether backups recorded in the repository still exist on disk or tape. If Enterprise Manager cannot locate the backups, then it updates their records to the EXPIRED status. Then, you can use the Delete All Expired function to remove the records. Managing Tape Backups Notes Oracle Database 10g: Backup and Recovery

Performing Database Recovery
In Enterprise Manager, you can access the Perform Recovery page from the Maintenance page. The Perform Recovery page enables you to perform various kinds of database recovery. You can recover the whole database, a particular datafile, or a tablespace. RMAN automatically retrieves all the files from backup that are needed for the specified recovery operation, regardless of whether the files were backed up to disk or tape. If RMAN requests files from a previous backup that is stored on tape, Oracle Secure Backup automatically determines which tape to use. If those tapes are not immediately available (offsite), RMAN will wait for the resources as long as you specify. You can specify RMAN resource wait times in the following locations, each of which overrides the preceding specifications in the list: The rmanresourcewaittime policy The RMAN channel configuration parameter OB_RESOURCE_WAIT_TIME Oracle Database 10g: Backup and Recovery

RMAN Automatic Failover to Previous Backup
When you need to perform recovery of your database following the loss of data, RMAN automatically selects the most appropriate backup to restore. RMAN automatically switches to a previous backup if the most recent backup is not available. This operation is totally transparent and is automatically done by RMAN. Failover from disk backups to tape backups is useful when using a Flash Recovery Area with your Oracle database. The screenshot in the slide illustrates this situation, where the datafile backup was inadvertently deleted from the Flash Recovery Area. As you can see, RMAN restored the datafile using the next most recent backup, which was stored on tape by Oracle Secure Backup. If you use tape backups exclusively in your environment and a backup or tape is not available, then RMAN and Oracle Secure Backup can fail over to the next most recent backup on tape. Note: RMAN and Oracle Secure Backup work in tandem: RMAN performs the datafile or database recovery. Oracle Secure Backup restores the necessary files, if they are located on tape. Oracle Database 10g: Backup and Recovery

Summary In this lesson, you should have learned how to: Create database backup storage selectors Describe integrated disk and tape backup Perform Oracle-suggested backup to tape Determine database recovery Oracle Database 10g: Backup and Recovery

Practice Overview This practice covers the following topics: Creating a database backup storage selector for your database Performing an Oracle-suggested backup to tape Note: The completion of the database storage selector practice is required for the following practice sessions. Oracle Database 10g: Backup and Recovery

Backing Up File-System Files with Oracle Secure Backup

Objectives After completing this lesson, you should be able to: Create dataset scripts Schedule file backups Submit backup requests Perform file-system backups Oracle Database 10g: Backup and Recovery

Backing Up File-System Files with Oracle Secure Backup
Two ways of scheduling data backups of file systems with Oracle Secure Backup: On-demand backups Scheduled backups Two types of backups: Full: All specified files Incremental: Only files that have changed since the last lower backup 1 2 3 Backup level Up to nine levels Full Backing Up File-System Files with Oracle Secure Backup You can back up file-system files in two different ways: By creating on-demand (ad hoc or one-time only) backup jobs and submitting them to the Oracle Secure Backup scheduler (with the go option) By using backup schedules, which define backup jobs that run at predetermined times. The scheduler automatically initiates such jobs at a day and time that you specify. Using Oracle Secure Backup, you can create two types of backups: Full backups: A full backup backs up all specified files, regardless of when they were last backed up. This option is the same as backup level 0. You can also perform a type of full backup, called an offsite backup, that does not affect the full or incremental backup schedule. Incremental backups: There are nine different incremental backup levels. In each level, Oracle Secure Backup backs up only those files that have changed since the last backup at a lower (numerical) backup level. You can also instruct Oracle Secure Backup to back up only those files that have been modified since the last backup, regardless of its backup level. Note: The “incr” level backups are not supported on certain NAS devices. Notably, this includes Network Appliance filers. Oracle Database 10g: Backup and Recovery

File-System Backups Your steps to back up your file system: Set-up media families. Create datasets. For scheduled backups: Create backup windows. For repeating backups: Create schedule and triggers. Create and execute backup requests. File-System Backups Assuming that you have already configured your administrative domain, you perform the following steps when using Oracle Secure Backup to create file-system file backups: 1. Log in as a UNIX, Linux, or Windows operating system user that has access to the files to be backed up, and log in to Oracle Secure Backup with backup privileges. 2. Configure media families to help manage the volumes created by the backup operation, if you have not done so already. 3. Create a dataset description file that identifies the hosts and files you want to back up. For scheduled backups, perform the following additional steps: Create at least one backup window, if you need to restrict the hours in which backups can be performed. If there are no restrictions, then you can use the default backup window. Create a schedule for your backup job and add at least one trigger to this schedule. For on-demand backups, perform the following additional steps: Create one or more backup requests. Send your backup requests to the scheduler. Doing so turns each backup request into a backup job, making it eligible to run. When you terminate your Oracle Secure Backup session, any backup requests that have not been submitted, are lost. Oracle Database 10g: Backup and Recovery

Managing Media Families
From the EM Administrative Server page, you can click the link corresponding to the Media Families number. This takes you to the Media Families page from where you have the options to Add a new media family. You can also select an existing media family, and Edit or Remove that media family. To add a new media family, perform the following steps: 1. Enter a name for the media family in the Media Family Name field. Normally, this name will appear as the prefix in each volume ID that uses this media family. 2. Enter a write-allowed time period in the Write window field (seconds, minutes, hours, days, weeks, months, years). You can set the write window to a specific duration, such as 14 days or three weeks. All volume sets that are members of the media family remain open for updates for this period. If you do not specify a write window for a volume set, Oracle Secure Backup considers the volume set eligible to be updated indefinitely. 3. Enter an amount of time to retain the volume using the Retain Time fields. Oracle Secure Backup uses this to apply an expiration date to the volume set. If you intend to use this media family to store RMAN backups, then select the Content Manages Reuse option. 4. Optionally, enter additional information in the Comment field. 5. Click OK to create your new media family. Oracle Database 10g: Backup and Recovery

Dataset Script: Examples
stc1 stc2 stc3 Textual description that defines which files to back up Examples found in the samples directory / home usr1 usr2 usr3 usr4 tmp labs labs Dataset Script: Examples With Oracle Secure Backup, use datasets to describe the list of files you want to back up. A dataset is a textual description that tells Oracle Secure Backup what files to back up. Datasets employ a lightweight language. This dataset language gives you great flexibility in building and organizing datasets for the files you want to protect. The graphic in the slide illustrates the files that you can find on three different hosts. Using the dataset script defined in the next slide, you can back up the files in the graphic except the ones corresponding to the dashed boxes. To familiarize yourself with the dataset language, you can find examples in the samples subdirectory of your Oracle Secure Backup home directory. file1.tmp file2.txt labs file1.temp file2.junk labs tmp Oracle Database 10g: Backup and Recovery

Dataset Script: Examples
# Dataset "common-exclusions": exclude name tmp exclude name *.tmp exclude name *.temp exclude name *.backup # Dataset "application files": exclude name *~ include path /home/usr1 include path /home/usr2 include host stc1 include host stc2 include host stc3 { include dataset common-exclusions include path /home/usr3 before backup optional "/etc/local/nfy '/usr3 begin'" after backup optional "/etc/local/nfy '/usr3 end'" include path /home/usr4 { exclude name *.junk } } Dataset Script: Examples (continued) Oracle Secure Backup’s dataset language has the following characteristics: Comments may appear anywhere following a hash (#) character. Statements have the form: statement-name [statement-argument] where statement-name may consist of multiple space-separated words, such as include path. Some statements may begin a nested block, and statements within the block apply only to the statement that began the block. These have the form: statement-name [statement-argument]{ statement-name [statement-argument] ...} An escape character, \, may appear anywhere to remove the special meaning of the character following it. Blank lines are ignored. The slide shows you two dataset description files that can be used to back up the data shown in the previous slide. The first script is used to exclude directories and files starting with tmp, *.tmp, *.temp, and *.backup. Oracle Database 10g: Backup and Recovery

Dataset Script Examples Notes
Dataset Script: Examples (continued) The second script is used to back up the following data on hosts stc1, stc2, and stc3: On stc1 and stc2: /home/usr1 and /home/usr2 On stc3: /home/usr1, /home/usr2, /home/usr3, and /home/usr4 except files starting with tmp, *.tmp, *.temp, *.backup, and *.junk only for /home/usr4. When Oracle Secure Backup starts backing up data in /home/usr3 on stc3, it executes the /etc/local/nfy executable. The same executable is also executed when Oracle Secure Backup finishes its backup of /home/usr3. When performing a normal (nondatabase) backup, you may want to skip files that would be included in a database backup. Examples of such files include the database files themselves, control files, redo logs, and flashback logs. To exclude these files, specify the exclude oracle files directive in your dataset. Note: For more information about the dataset language, refer to the Oracle Secure Backup Administrator’s Guide. Dataset Script Examples Notes Oracle Database 10g: Backup and Recovery

Creating Datasets Creating Datasets Using the Web Tool Interface You can use the Oracle Secure Backup Web tool to create a dataset: 1. From the Home page, click the Backup tab in the menu bar. 2. On the Backup menu, click Datasets in the submenu under Settings. The Datasets page appears. Dataset directories appear in the Path box with a slash as the last character in the name. 3. Click the Add button to create a new dataset. When you create a new dataset description, the initial contents of the dataset are defined by a dataset template. 4. Select File or Directory from the Dataset type list. Like Windows and UNIX file systems, Oracle Secure Backup’s datasets are organized in a naming tree. You may optionally create dataset directories to help you organize your data definitions. Later, you will discover that when you want Oracle Secure Backup to back up data, you identify the name of the dataset description defining the data. If you give the name of a dataset directory, it is equivalent to naming all the dataset description files contained within that directory tree. Dataset directories may be nested up to 10 levels deep. By default, a dataset file is created under the <OSB_Home>/admin/dataset/NEW_CLIENTS directory. Oracle Database 10g: Backup and Recovery

Creating Datasets with Web Tool Notes
Creating Datasets (continued) Using the Web Tool Interface (continued) 5. In the Name field, enter a name for the dataset. 6. Update the dataset statements displayed in the template file to define your backup data. For more information, see “Dataset Script: Examples,” earlier in this module. 7. Choose one of the following: Click the Save button to accept your entries and return to the Datasets page. Click Cancel to abort the operation and move back one page. If your dataset has errors, a message appears in the Status section. As you can see in the slide, you also have the options to check, edit, rename, and remove datasets. Using the obtool Interface Similarly, you can manage your dataset directories and description files by using the obtool interface. The example shown here first looks at the contents of the dataset directory, and then creates the new directory TEST inside the existing NEWCLIENTS directory. Then, a new dataset description file called test1 is created inside the TEST directory. ob> lsds Top level dataset directory: NEW_CLIENTS/ ob> cdds NEW_CLIENTS ob> mkds --dir TEST ob> cdds TEST ob> mkds -i test1 Input the new dataset contents. Terminate with an EOF or a line containing just a dot ("."). exclude name tmp include path /u01/oracle/solutions . Apply your changes [yes]? y Dataset directory NEW_CLIENTS/TEST: Test1 The obtool commands used for managing datasets are as follows: cdds is used to navigate into the dataset directory structure. pwdds is used to show you the current path in the dataset directory structure. lsds is used to list the contents of the current dataset directory. mkds is used to create both dataset directories and dataset description files. The --dir option is used for directories. The –i option is used to directly enter your dataset description text without the use of any special editor. As shown in the example, the system asks you to enter your text and finish it with a dot. rmds is used to remove both directories and files. The --nq option is used to avoid any confirmation before doing the removal. Note: For more information about these obtool commands, refer to the Oracle Secure Backup Reference manual. Creating Datasets with Web Tool Notes Oracle Database 10g: Backup and Recovery

Creating Backup Windows
A backup window is a time range within which Oracle Secure Backup performs scheduled backup jobs. You must have at least one backup window in order for scheduled backup jobs to run. You can identify a single backup window that applies to all days of the week, or fine-tune backup windows to specific weekdays or dates. A default backup window is always created, and is identified as daily 00:00-24:00. Backup windows have a start time and an end time. Backups are eligible for execution after the start time specified by a backup window. When the backup window end time arrives, Oracle Secure Backup completes any backups that have already been started. No more backups are started until the window opens again or a new window opens. Perform the following steps to create a backup window by using the Oracle Secure Backup Web tool: 1. From the Backup menu, click Backup Windows in the submenu under Settings. The Backup Windows page appears. 2. Click the Add button to add a new backup window. The Backup Window page appears. Oracle Database 10g: Backup and Recovery

Creating Backup Windows Notes
Creating Backup Windows (continued) 3. Select a backup window type from the Type field. Your choices are: Day range: If you select this option, refer to the “Creating Backup Triggers” section. Date: If you select this option, refer to the Oracle Secure Backup Administrator’s Guide. 4. Select a local time range (expressed in 24-hour format) from the Time range field. Oracle Secure Backup will start scheduled backups during this time range. A time range is an interval specified as <start time>-<end time>, where the start and end times are in the form hour:minute:second. You can also use a four-digit hour-minute specifier (for example, 1430, which indicates 2:30 p.m.). The time range is based on the local time and takes into account Daylight Savings Time, if it applies to your locale. If the end time precedes the start time, Oracle Secure Backup assumes that the end time refers to the following day. For example, 20:00–02:00 indicates 8:00 p.m. as the start time and 02:00 a.m. of the next day as the end time. 5. Select one of the following: Click OK to save your entries and exit the page. The Backup Windows page reappears. Click Cancel to avoid the operation and move back one page. Using obtool for Backup Windows obtool has a group of commands that enable you to configure backup windows. A backup window enables you to specify a time frame for the execution of scheduled backup operations. You can identify a single backup window that applies to all days of the week or fine-tune backup windows based on specific days or dates. When you create a backup window, you specify the time and day range using the syntax: addbw { --times/-t time-range[,time-range]... } day-specifier[,day-specifier]... time-range: Represents a time-of-day range using the syntax start-time-end-time. For example: 08:00:00-08:30:00 or :35:30 day-specifier: Represents a range of time in terms of days using the syntax: year/month/day | month/day | wday | wday-wday | weekday[s] | weekend[s] | daily | today | yesterday wday::= sunday[s] | monday[s] | tuesday[s] | wednesday[s] | thursday[s] | friday[s] | saturday[s] If no backup windows are identified, then scheduled backups will not run. The default backup window has a day-specifier of 'daily 00:00-24:00'. Creating Backup Windows Notes Oracle Database 10g: Backup and Recovery

Creating Backup Schedules
A backup schedule indicates to Oracle Secure Backup what data to back up and how to back it up. You need to execute the following steps to create a schedule using the Oracle Secure Backup Web tool: 1. From the Backup menu, click Schedules in the submenu under Settings. The Schedules page appears. Backup schedules appear in the Schedule name box in the central panel. 2. Click the Add button to add a new schedule. The New Schedules page appears. 3. Enter a name for the schedule in the Schedule field. 4. Enter a priority number for the backup job in the Priority field. 5. In the Datasets box, select one or more datasets to include in the backup job. 6. Optionally, select one or more restrictions in the Restrictions box. You can restrict scheduled backups to specific devices. 7. Optionally, enter any information that you want to store with the backup schedule in the Comments field. obtool commands for backup schedules include: Addbw: To add a new backup window Chkbw: To check for the existence of a backup window Lsbw: To list backup windows Rmbw: To remove a backup window or specific time ranges Setbw: To change the settings of a backup window Oracle Database 10g: Backup and Recovery

Creating Backup Triggers
To create triggers by using the Oracle Secure Backup Web tool, perform the following steps: 1. Navigate first to Backup Schedules, and then to Triggers. The Triggers page appears with the default setting of Day in the Trigger type field. 2. Using the Trigger type field, select a time representation you want to use to define when to perform the backup job. Your choices are: one time: To perform a backup only once day (default): To perform a backup one or more days during the week month: To perform a backup one day a month quarter: To perform a backup one day per quarter year: To perform a backup one day during the year 3. Select a backup level from the Backup level field. You can choose full, incr, offsite, or an incremental level from 1 through 9. 4. Select the hour and minute to start the backup in the Backup at fields. 5. Select a media family to be used by this scheduled backup in the Media family field. 6. Optionally, choose an expiration time period in the Expire after fields (in seconds, minutes, hours, days, weeks, months, years, or forever). If the scheduled backup is not started by this time, it is deleted and not run at all. Oracle Database 10g: Backup and Recovery

Creating Backup Triggers Notes
Creating Backup Triggers (continued) 7. Depending on your selection in step 2, you end up having different screens. Here, it is supposed that the day option is used. Select the days on which Oracle Secure Backup will run the scheduled backup. Your choices are: Select daily: To trigger the schedule to run on all seven days of the week Select weekdays: To trigger the backup to run on weekdays only (Monday through Friday) Select weekends: To trigger the backup to run only on weekends (Saturday and Sunday) Alternatively, from both the “Select weekdays” and “Select weekends” fields, you can select a mix of individual days on which you can trigger scheduled backups to run. For example, Monday, Tuesday, and Saturday at 8:00 a.m. 8. Optionally, select an option from the “Week in month” group. This option enables you to limit which week in the month the backup schedule will run. Your choice are: All: This includes all weeks. Selected (First, Second, Third, Fourth, Fifth, and Last): This enables you to specify the week to include. 9. Optionally, specify weekday exceptions from the Except drop-down list. An exception prevents Oracle Secure Backup from backing up data on the day that you specify. Your choices are: none (default): To disable an exception except: To enable an exception 10. Select a value from the Time drop-down list. Your choices are: before: To enable you to specify an exception before a specified day after: To enable you to specify an exception after a specified day 11. Select values from the Specify day fields. From the first field, your choices are none, first, second, third, fourth, and last. From the second field, your choices are Monday, Tuesday, Wednesday, Thursday, Friday, Saturday, and Sunday. 12. Click one of the following: Add to accept your entries and add the trigger You are returned to the Triggers page with a success message. The schedule is displayed in the Triggers field. The schedule displays the level of the backup, the time at which it is to begin, and the days on which the backup is to be performed. Edit to modify the trigger Remove to delete the trigger Cancel to avoid the operation and move back one page Note: In the slide, you can see how to create a trigger at the day level. For the other levels, refer to the Oracle Secure Backup Administrator’s Guide. Creating Backup Triggers Notes Oracle Database 10g: Backup and Recovery

Previewing a Backup Trigger
Perform the following steps to preview a backup trigger by using the Oracle Secure Backup Web tool: 1. Navigate first to Backup Schedules, and then to Triggers. 2. Select the trigger that you want to preview from the Triggers page. 3. Click the Preview button. Oracle Database 10g: Backup and Recovery

Creating On-Demand Backup Requests
To create an on-demand backup request with the Oracle Secure Backup Web tool, perform the following steps: 1. From the Backup page, click Backup Now in the submenu under the Operations section. The Backup Now page appears. In the backup box in the central panel, each backup request that you have created but have not yet sent to the scheduler is displayed. Backup requests are identified by a backup name and number. 2. To create a new backup, click the Add button. The Options page appears. 3. Select one or more datasets from the Datasets box. 4. Optionally, select a future date and time for the backup to run from the Backup date and Backup time fields. If you leave these fields unchanged, Oracle Secure Backup considers your backup job immediately available for execution. 5. Optionally, enter an expiration time in the Expire after field. Do this if you want Oracle Secure Backup to automatically delete this backup job if it has not started within the specified expiration period after the date and time intervals defined earlier in the Backup date and Backup time fields. 6. Select a backup level from the Backup level filed. Your choices are: full (default), 1 to 9, incr, and offsite. Oracle Database 10g: Backup and Recovery

Creating On-Demand Backups Notes
Creating On-Demand Backup Requests (continued) 7. Select a media family to which the data of this backup should be assigned from the Media family field. 8. Optionally, select one or more device restrictions from the Restrictions field. Oracle Secure Backup enables you to restrict backups to one or more of the following: A specific tape drive, displayed as devicename Any tape drive attached to a specific host, displayed Any tape drive-host attachment, displayed as If you do not set a restriction (the default), your backup job will use any available device at the discretion of Oracle Secure Backup’s scheduling system. 9. Optionally, change the priority of the backup job in the Priority field. The default is 100. The priority of a job is a positive integer value. The lower this value, the greater the priority assigned to the job by the scheduler. It considers priority 20 jobs, for example, more important than priority 100 jobs. The scheduler always gives preference to dispatching higher priority jobs over lower priority ones. 10. Choose whether you want the backup to operate in unprivileged or privileged mode. Unprivileged mode is the default. An unprivileged backup runs under your UNIX user identity or Windows account identity, as configured in your Oracle Secure Backup user profile. Your access to file-system data, therefore, is constrained by the rights of the UNIX user or Windows account having that identity. On UNIX systems, a privileged backup runs under the root user identity. On Windows systems, it runs under the same account identity as the Oracle Secure Backup service on the Windows client. 11. Choose one of the following: Click OK to accept your selections. When you do so, Oracle Secure Backup displays this backup request in the list box on the Backup Now page. Click Cancel to avoid the operation and move back one page. Creating On-Demand Backups Notes Oracle Database 10g: Backup and Recovery

Submitting Backup Requests
To send backup requests to the scheduler, perform the following steps in the Oracle Secure Backup Web tool: 1. From the Backup menu, click Backup Now in the submenu under Operations. The Backup Now page appears. 2. Click the Go button. Oracle Secure Backup sends each backup request that appears in the Number/Dataset central panel to the scheduler. A message appears in the status section for each request acknowledged by the scheduler. Oracle Secure Backup deletes each backup request upon its acceptance by the scheduler. As a result, the Number/Dataset central panel is empty upon completion of the Go operation. 3. To view the status of your job, go to the Manage page, click the Jobs link. On the Jobs page, you can see the output of your job by clicking the Show Transcript button. Oracle Database 10g: Backup and Recovery

Reviewing Jobs Reviewing Jobs On the Manage: Jobs page in the Web tool, you can view a list of jobs according to your selection criteria. For more details, click a job (it is highlighted), then click Show Properties or Show Transcript. Oracle Database 10g: Backup and Recovery

Summary In this lesson, you should have learned how to: Create dataset scripts Schedule file backups Submit backup requests Perform file-system backups Oracle Database 10g: Backup and Recovery

Practice Overview This practice covers the following topics: Creating a dataset Scheduling a backup of the dataset Note: The completion of this practice is a prerequisite for the following practice, “Restoring a dataset.” Oracle Database 10g: Backup and Recovery

Restoring File-System Backups with Oracle Secure Backup

Objectives After completing this lesson, you should be able to: Browse the catalog for file-system backup data Create catalog-based restore requests Perform file-system restoration Oracle Database 10g: Backup and Recovery

Browsing the Catalog for File-System Backup Data
The administrative server maintains a catalog in which it stores metadata relating to backup and restore operations for the administrative domain. Oracle Secure Backup maintains a discrete backup catalog for each client in your administrative domain. When you browse a backup catalog, Oracle Secure Backup presents the data in the form of a file-system tree, just as it appeared on the client from which the data was saved. For example, if you backed up the /home/myfile.dat file located on myhost, the backup catalog for myhost represents the contents of the backup image as /home/myfile.dat. At the root of the backup catalog appears the superdirectory, which contains all files and directories saved from the uppermost file-system level. The superdirectory provides you with a starting point from which to access every top-level file-system object stored in the backup catalog. For Windows clients, this superdirectory contains the drive identifiers, such as C:. Oracle Database 10g: Backup and Recovery

Restoring File-System Data
Restoring the needed files is easily accomplished using the Oracle Secure Backup catalog. Tree-style browsing of all backups Multiple query options for fast identification of needed files You can restore files to the original location or an alternative location. The end-user restore ability is based on user-level permissions. Fast restoration from tape is accomplished by using tape position data obtained during backup. Restoring File-System Data You can gain practical experience with this during the practice session. Oracle Database 10g: Backup and Recovery

Restoring File-System Files with Oracle Secure Backup
Two ways to restore data: Catalog-based restore: Based on catalog backup history Directly from Media: Based only on the data contained in the volumes Referred to as a RAW restore and is not commonly used Recommended only for Advanced users Restoring File-System Files with Oracle Secure Backup With Oracle Secure Backup, you can restore data in two different ways: By browsing backup catalogs for the file-system objects of interest. After you have located their names and selected the instances to restore, you may direct Oracle Secure Backup to perform the restore. This is called “catalog-based restore.” By knowing the names of the file-system objects of interest and the secondary storage location (volume ID and backup image file number) in which they are stored. This is called “raw restore.” For more information about raw restores, see the Oracle Secure Backup documentation. Oracle Database 10g: Backup and Recovery

The Restore Page The Restore Page You can use the Oracle Secure Backup Web tool to restore your saved files. You do this from the Restore page. To access the Restore page from the Web tool Home page, click the Restore tab on the menu bar. Oracle Database 10g: Backup and Recovery

Listing All File-System Backups of a Client
Perform the following steps to list all backups of a client by using the Oracle Secure Backup Web tool: 1. From the Restore: Backup Catalog page, select any host from the Hosts Name list. 2. Click Browse Host. Oracle Secure Backup displays the Browse Host page. 3. Drill down to the file or directory for which you want to display the available backups. Click the List Host Backups button. A properties page appears. Click the Close button when you have finished viewing this window. Oracle Database 10g: Backup and Recovery

Creating a Catalog-Based Restore Request
To browse a backup catalog for data restore, perform the following steps: 1. From the Web tool Home page, click the Restore tab on the menu bar. The Restore page appears. 2. On the Restore page, click the Backup Catalog link in the Operations section. 3. On the Browse Restore Catalog page, select the client from which the data was originally saved in the Host Name list. 4. Select one or more data selectors from the Data Selector list box. 5. Select a View mode: Inclusive or Exact. 6. Optionally, enter the path name of the directory you want to browse in the Path field. If you do not do this, Oracle Secure Backup displays the uppermost directory in the client’s naming hierarchy that it has backed up. 7. Click Browse Host. Oracle Secure Backup displays the Browse Host page with the selected directory displayed. Oracle Database 10g: Backup and Recovery

Creating a Catalog-Based Restore Request (continued) 8. On the Browse Host page, click a directory name to make it your current directory and view its contents. You can repeat this operation many times to find the data you want to restore. You can choose a directory to restore (and all its contents), or you can choose to restore individual files. 9. You can change the Data selector, and then click Apply to redisplay the page. 10. You can also seamlessly change the View mode without leaving this page. 11. Select the check box next to the name of each file-system file or directory that you want to restore. Doing so creates an Oracle Secure Backup restore request for each instance of the file identified by the data selector. To learn the identity of those instances, view the object’s properties page by clicking the adjacent Properties button. When you do, Oracle Secure Backup displays a pop-up window. After viewing the pop-up window, click Close. Oracle Database 10g: Backup and Recovery

Creating a Catalog-Based Restore Request (continued) 12. On the Browse Host page, after you have selected the objects that you want to be restored, click the Add button. The New Restore page appears. 13. Optionally, enter an alternative path name for each file or directory to restore. The original path name of each object you previously selected appears in the lower-left portion of this page. To its right is a text box in which you may enter the alternative path name. If you leave this blank, Oracle Secure Backup restores the data using its original name. 14. Optionally, select the Device option and select a tape drive to use to perform the restore. By default, Oracle Secure Backup automatically selects the tape drive to use. 15. Choose whether you want the restore to operate in unprivileged or privileged mode. Unprivileged mode is the default. An unprivileged restore runs under your UNIX user identity or Windows account identity, as configured in your Oracle Secure Backup user profile. The privileged mode uses the root or administrator accounts. (You must have appropriate rights to choose this option.) 16. Optionally, enter one or more obtar options in the Obtar option(s) field. For example, -J enables debug output and provides a high level of detail in the job transcript. For details about obtar options, refer to the Oracle Secure Backup Reference Guide. Oracle Database 10g: Backup and Recovery

Creating a Restore Request Notes
Creating a Catalog-Based Restore Request (continued) 17. Select the “No high speed positioning” check box if you do not want to use the available position data to speed up the restore. 18. Select the “NDMP incremental restore” check box to direct certain NAS data servers to apply incremental restore rules. Normally, recoveries are additive: each file and directory restored from a full or an incremental backup is added to its destination directory. When you select NDMP incremental restore, NAS data servers that implement this feature restore each directory to its exact state as of the last incremental backup image applied during the restore job. Files that were deleted before the last incremental backup are deleted by the NAS data service upon restore of that incremental backup. 19. Select “Replace existing files” to overwrite any existing files with those restored from the backup image. Alternatively, select “Keep existing files” to keep any existing files instead of overwriting them with files from the backup image. 20. If you are restoring to a Windows system, select “Replace in-use files” to replace in-use files with those from the backup image. Windows deletes each in-use file when the last user closes it. Alternatively, select “Keep in-use files” to leave any in-use Windows files unchanged. 21. Click OK. Oracle Secure Backup displays the Browse Host page. The restore request you just made appears in the Restore items list. Oracle Secure Backup displays the message, “Success: file(s) added to restore list,” in the status area. Oracle Database 10g: Backup and Recovery

Submitting Restore Requests
Submitting a restore request initiates the creation of an Oracle Secure Backup job. Perform the following steps to send catalog-based restore requests to the scheduler by using the Oracle Secure Backup Web tool: 1. From the Browse Restore Catalog page, select any host from the Hosts Name list. 2. Click Browse Host. Oracle Secure Backup displays the Browse Host page. 3. Click Go. The Web tool sends each restore request that appears in the Restore items list box to the scheduler. A message appears in the status area for each request acknowledged by the scheduler. It may say, for example: 2 catalog restore request items submitted; job id is admin/2. Oracle Secure Backup deletes each restore request upon its acceptance by the scheduler. As a result, the Restore items list is empty upon completion of the Go operation. 4. To view the status of your job, go to the Manage page, and click the Jobs link. On the Jobs page, select restore in the Types field, and click Apply. You can see the output of your job. Oracle Database 10g: Backup and Recovery

Summary In this lesson, you should have learned how to: Browse the catalog for file-system backup data Create catalog-based restore requests Perform file-system restoration Oracle Database 10g: Backup and Recovery

Practice Overview This practice covers performing file-system restoration. Oracle Database 10g: Backup and Recovery

Managing Oracle Secure Backup Security

Objectives After completing this lesson, you should be able to: Manage user access control for Oracle Secure Backup Describe host authentication Determine backup security characteristics Describe encryption Perform an encrypted database backup and restore Oracle Database 10g: Backup and Recovery

Guarding Access and Data
User Access Control Fine-granularity of control with users assigned to a class of privileges Server Authentication Two-way ID verification Encryption Data and message level Proven Security Technology Guarding Access and Data For a comprehensive coverage of Oracle’s security concepts and tools, see the course titled Oracle Database 10g: Security. Oracle Database 10g: Backup and Recovery

Managing User Access Control .
Authentication Encryption Oracle Secure Backup user: Is different from an Oracle schema and an OS user Has one set of access rights Belongs to only one class Set of user rights Set of user rights Class Class Managing User Access Control Oracle Secure Backup maintains its own catalog of OSB users and their rights on the administrative server. This is in addition to the database access and operating system control. By storing OSB access control information about the administrative server, Oracle Secure Backup maintains a consistent user identity across the administrative domain. A set of “rights” is grouped into a “class,” which can be assigned to multiple users. However, each user is a member of exactly one class. An Oracle Secure Backup user is different from an Oracle schema user, as well as an operating system user. You can assign Oracle Secure Backup usernames and passwords that are identical to or different from those of existing operating system users. Each Oracle Secure Backup user is associated with a single UNIX account and a single Windows account. These UNIX and Windows accounts are used when some component of Oracle Secure Backup needs to assume a UNIX or Windows identity when running on behalf of a given Oracle Secure Backup user. Note: You might find it convenient to name Oracle Secure Backup users like their OS user identity. To configure Oracle Secure Backup users, you must belong to a class with the “Modify administrative domain’s configuration” right. Oracle Database 10g: Backup and Recovery

Predefined Classes and User Rights
admin operator user oracle reader Browse backup catalogs with this access Display administrative domain's configuration Modify own name and password Modify administrative domain's configuration Perform backups as self Perform backups as privileged user List any jobs owned by user Modify any jobs owned by user Perform restores as self Perform restores as privileged user Receive requesting operator assistance Receive describing internal errors Query and display information about devices Manage devices and change device state List any job, regardless of its owner Modify any job, regardless of its owner Access Oracle backups Perform Oracle backups and restores Privileged notdenied permitted permitted named Predefined Classes and User Rights A class defines a set of rights or access privileges. Oracle Secure Backup comes with the following predefined classes: admin: Is used for the overall administration of a domain. The admin class has all the rights and privileges needed to modify domain configurations and perform backup and restore operations. operator: Is used for standard day-to-day operations. The operator class lacks configuration privileges but has all the rights needed for backup and restore operations as well as viewing and managing devices. user: Is assigned to specific users giving them permission to interact in a limited way with their domains. This class is reserved for users who need to browse their own data within the Oracle Secure Backup catalog and perform user-based restores. oracle: Is similar to the operator class with specific privileges to modify Oracle database configuration settings, as well as to perform Oracle database backups and restores reader: Enables users to view the Oracle Secure Backup catalog data. Readers are permitted only to modify the given name and password for their Oracle Secure Backup user accounts. You can use the mkclass command to define your own Oracle Secure Backup user class. all all owner owner none Oracle Database 10g: Backup and Recovery

Predefined Classes and Rights Notes
Predefined Classes and User Rights (continued) Here is the explanation of each right: Browse backup catalogs with this access: Privileged: Users can browse all directories. Notdenied: Users can browse any directory for which they are not explicitly denied access. This option differs from permitted in that it allows access to a directory having no stat record stored in the catalog. Permitted: Users can browse a directory to which, based on operating system file ownership and protection, they have read rights. Named: Users can browse a directory if the UNIX user defined in the Oracle Secure Backup identity is listed as the owner of the directory or the UNIX group defined in the Oracle Secure Backup identity matches the group of the directory. If the UNIX user defined in the Oracle Secure Backup identity has read rights for the directory, but is not the UNIX owner or a member of the UNIX group associated with the directory, then the user is not able to browse the directory. None: Users have no rights to browse any directory. Display administrative domain’s configuration allows the class member to list objects (for example, hosts, devices, and users) in the administrative domain. Modify own name and password allows the class member to modify certain attributes for their own user objects (password and given name). Modify administrative domain’s configuration allows the class member to edit (create, modify, rename, and remove) all configuration data in an Oracle Secure Backup administrative domain. These include classes, users, hosts, devices, defaults and policies, schedules, datasets, media families, summaries, and backup windows. Perform backups as self allows the class member to back up only those files and directories in which they have access (using either UNIX user and group names or a Windows domain account). Perform backups as privileged user allows the class member to back up files and directories while acting as a privileged user (root on UNIX and as a member of the Administrators group on Windows). Perform recoveries as self allows the class member to recover the contents of backup images under the restrictions of the access rights imposed by the user’s UNIX name/group or Windows domain/account. List any jobs owned by user enables the class member view: Status of scheduled, ongoing, and completed jobs that they create Transcripts for job that they create Modify any jobs owned by user allows the class member to modify only jobs that they configured. Perform restore as self enables class members to restore the contents of backup images under the restrictions of the access rights imposed by the user’s UNIX name or group, or the Windows domain and account. Predefined Classes and Rights Notes Oracle Database 10g: Backup and Recovery

Predefined Classes and Rights Notes
Predefined Classes and User Rights (continued) Perform restore as privileged user allows the class member to recover the contents of backup images as a privileged user (root on UNIX and as a member of the Administrators group on Windows). Receive requesting operator assistance allows the class member to receive messages when Oracle Secure Backup needs manual intervention. Occasionally, during backups and recoveries, operator assistance may be required—for example, if a new tape is required to continue a backup. In such cases, s are sent to all users who belong to classes having this attribute. Receive describing internal errors enables the class member to receive messages describing errors that occurred in any Oracle Secure Backup activity. Query and display information about devices allows the class member to query the state of all storage devices configured within the administrative domain. Manage devices and change device state allows a class member to control the state of devices. List any job, regardless of owner allows the class member to view: Status of any scheduled, ongoing, and completed jobs Transcripts for any job Modify job, regardless of owner permits the class member to make changes to any job. Access Oracle backups specifies the type of access to Oracle Database backups made through the SBT interface. The values are as follows: owner indicates that the user can access only SBT backups created by the user. class indicates that the user can access SBT backups created by any Oracle Secure Backup user in the same class. all indicates that the user can access all SBT backups. none indicates that the user has no access to SBT backups. Perform Oracle backups and restores enables the class member to back up and restore Oracle databases. Users with this right are Oracle Secure Backup users that are mapped to operating system accounts used when performing Oracle database installations. SBT requests will be honored only if the OS account making the request is mapped to an Oracle Secure Backup user who has the “Oracle database backup/restore” right. In addition to this, SBT restore, query, and remove requests will be honored only if the OS account making the request is mapped to an Oracle Secure Backup user whose “Access Oracle backups” right allows access to the piece requested. Predefined Classes and Rights Notes Oracle Database 10g: Backup and Recovery

Defining an Oracle Secure Backup User
Name & password Preauthorization user information Class privileges Oracle Secure Backup user UNIX username and group Given name Windows domain account & password address Defining an Oracle Secure Backup User Here is a description of the parameters that need to be specified when creating Oracle Secure Backup users: The name of the Oracle Secure Backup user as well as his or her password The Oracle Secure Backup class to which this user is assigned A UNIX username and group A Windows domain name, user account, and password. If your Oracle Secure Backup user needs to initiate backup and restore operations on Windows clients, then you need to add the “Windows Domains” information. An indicator as to whether or not the Oracle Secure Backup user is permitted to log in to an NDMP server. This login is done using an external client program. An address used to send Oracle Secure Backup operation notifications and reports The given name of the user, if different from the username (optional) An indicator as to whether or not the operating system user has preauthorized access to the administrative domain as the specified Oracle Secure Backup user. You can preauthorize Oracle Secure Backup users for the use of the obtool, RMAN, or both. For example, the OS user oracle could be preauthorized to use Oracle Secure Backup as the oracle Oracle Secure Backup user, without having to supply an Oracle Secure Backup username or password. NDMP access authorization Oracle Database 10g: Backup and Recovery

Oracle Secure Backup User: OS Permissions
% obtool Oracle Secure Backup 10.1 login: osbuser1 osbuser1 acquires operator privileges and can perform on-demand backups as UNIX name: jdoe UNIX group: sysadmin Oracle Secure Backup User: OS Permissions When writing backup data to tape, you need to log in to Oracle Secure Backup. You can log in explicitly or transparently by using “preauthorization.” When you log in to OSB, you become a particular Oracle Secure Backup user, who, depending on the class to which you belong, acquires a set of OSB privileges (the rights belonging to that class). In the example in the slide, Oracle Secure Backup uses the class and rights assigned to the osbuser1 user to determine whether or not the requested action is allowed. If you then run a scheduled backup, it runs as the privileged user (root or administrator). If you run an on-demand backup, it runs under that OS user identity associated with the OSB user that you logged in as. If a UNIX or Linux host is backed up or restored, then Oracle Secure Backup uses the UNIX username and group values for the operating system identity. If a Windows host is backed up or restored, however, then Oracle Secure Backup uses the first (domain, account, password) triplet that allows access to the host. Of course, the user must have access to the files being backed up or restored. Oracle Database 10g: Backup and Recovery

Oracle Secure Backup User: OS Permissions (continued) The OS user that is used to access the files being backed up depends upon the type of backup operation: If you create a scheduled job, the backup runs in the OS namespace associated with the Oracle Secure Backup admin user, which is typically root on UNIX-like systems or LocalSystem on Windows systems. If you perform an on-demand backup, the OS namespace associated with the Oracle Secure Backup user of the current session is used, unless you specify the backup should run as a privileged operation. A backup that runs in privileged mode runs under the root operating system identity. On Windows systems, the backup runs under the same account as the Oracle Secure Backup service on the Windows client. Backup and restore requests submitted through the RMAN interface are treated as on-demand jobs. OS Permissions Notes Oracle Database 10g: Backup and Recovery

Preauthorization Preauthorized users do not log in explicitly.
RMAN script: run { … allocate channel oem_sbt_backup1 type 'SBT_TAPE' format '%U'; …} Preauthorized users do not log in explicitly. Preauthorization You can preauthorize Oracle Secure Backup users for the use of the obtool (cmdline) utility, RMAN, or both. Continuing the previous example, you can preauthorize the jdoe OS user as the osbuser1 user to allow login without explicitly supplying an Oracle Secure Backup username or password. When you run a customized script (for example, for file-system backup), you need to either supply an Oracle Secure Backup username and password, or use a cmdline preauthorized Oracle Secure Backup user account. cmdline preauthorization is optional, whereas RMAN preauthorization is required. Oracle database backups are evoked from RMAN or EM, which then communicates with Oracle Secure Backup. Because access to Oracle Secure Backup requires login as an authorized Oracle Secure Backup user, the communication attempt will fail unless the Oracle Secure Backup user has been preauthorized to perform RMAN backup and restore on that host. When Oracle Secure Backup receives communication from RMAN (via sbt), Oracle Secure Backup verifies that an Oracle Secure Backup user meets key criteria: RMAN preauthorization on for a specific host Matching O/S permissions to the Oracle database instance Association to an OSB class with rights to back up and/or restore the Oracle database Oracle Database 10g: Backup and Recovery

Assigning Windows Account Information
You can associate an Oracle Secure Backup user with multiple Windows domain accounts or use a single account that applies to all Windows domains. This section explains how to configure Windows account information for existing Oracle Secure Backup users who need to initiate backups and restores on Windows clients. To assign Windows account information to an Oracle Secure Backup user, perform the following steps: 1. From the Users page, select the name of the user from the User Name box. 2. Click the Edit button. A page appears with details for the user you selected. 3. Click the Windows Domains button. The Windows Domains page displays. 4. Enter a Windows domain name in the Domain name field. Type an asterisk (*) in this box for all Windows domains. 5. Enter a Windows user account in the Username field. 6. Enter a Windows password in the Password field. 7. Click the Add button to add the Windows account information. The domain appears in the Domain: Username list. Oracle Database 10g: Backup and Recovery

Authentication Access Control > Authentication Encryption The identity of each host is securely established before accepting communications. X.509 certificate transmitted proving identity 2 Identity verified Ethernet Network 1 3 Reply submitted Messages sent securely Authentication For hosts to securely exchange control messages and backup data within the domain, they must first authenticate themselves to one another. Host connections are always two-way authenticated with the exception of the initial host invitation to join a domain and communication with NDMP servers. In two-way authentication, the hosts participate in a handshake process whereby they mutually decide on a cipher suite to use, exchange identity certificates, and validate that each other’s certificate has been issued by a trusted certificate authority (CA). At the end of this process, a secure and trusted communication channel is established for the exchange of data. The use of identity certificates and SSL prevents outside attackers from impersonating a client in the administrative domain and accessing backup data. For example, an outside attacker would not be able to run an application on a nondomain host that sends messages to domain hosts that claim origin from a host within the domain. Note: Currently, the NDMP protocol does not include a mechanism to accommodate the negotiation of an SSL connection to NDMP filers. 4 SSL communication established; backup or restore operations may proceed Oracle Database 10g: Backup and Recovery

Leveraging Oracle Security Technology
Interdomain communications are secured by using the Secure Socket Layer (SSL) protocol. Backup messages are encrypted as part of SSL communication. Two-way authentication of clients and servers is performed, with an SSL “handshake” verifying identity. Every client and server has a unique X.509 certificate signed by a trusted Certificate Authority (CA). The Oracle Secure Backup administrative server is the CA that issues and manages security credentials within the domain. Oracle Wallets are encrypted containers storing X.509 certificates on all machines within the domain. Leveraging Oracle Security Technology Oracle Secure Backup uses the SSL protocol to establish a secure communication channel between hosts in an administrative domain. Any host in the domain can use a public key to send an encrypted message to another host, but only the host with the corresponding private key can decrypt the message. The default key size for all hosts in the domain is 1,024 bits. If you accept this default, then you do not need to perform any additional configuration. You can set the size of the key to values between 512 (not secure) and 4,096 (very secure). The Advanced Encryption Standard (AES) defines three standard key lengths, which are 128-bit, 192-bit, and 256-bit. The Web server requires a signed X.509 certificate and associated public and private keys to establish an SSL connection with a client browser. The X.509 certificate for the Web server is self-signed by the installation script when you install Oracle Secure Backup on the administrative server. Oracle Database 10g: Backup and Recovery

Leveraging Oracle Security Technology Notes
Leveraging Oracle Security Technology (continued) You can modify the default security configuration in the following ways: Disable SSL for interhost authentication and communication by setting the securecomms security policy. Transmit identity certificates in manual certificate provisioning mode. Set the key size for a host to a value greater or less than the default of 1,024 bytes. Disable encryption for backup data in transit by setting the encryptdataintransit security policy. For more information about how to modify the secure settings for your installation, refer to the Oracle Secure Backup Administrator’s Guide. Leveraging Oracle Security Technology Notes Oracle Database 10g: Backup and Recovery

Administrative Server Certificate Authority (CA)
Media server and client Wallet Wallet Signing certificate Identity certificate Identity certificate Administrative Server Certificate Authority (CA) The Oracle Secure Backup Administrative server is automatically configured as the Certificate Authority (CA) upon installation. During the installation of an administrative server, its wallet (encrypted and obfuscated) is created along with a signing certificate and identity certificate. The administrative server has the signing certificate, which it needs to sign the identity certificates for other hosts, and its identity certificate, which it needs to establish authenticated SSL connections with other hosts in the domain. By default, wallets and identity certificates are automatically created during the installation of media servers and clients. However, you can manually provision these certificates by using the obcm utility. For more information about obcm and manual certificate provisioning, see the Oracle Secure Backup Reference guide. The encrypted wallets should be backed up, whereas the obfuscated wallets should not be backed up. If a host wallet becomes destroyed, the host must be reinstalled and configured. This generates a new host wallet, which again is to be digitally signed by the administrative server. If the administrative server wallet is destroyed, the wallet must be re-created using the --initnewdomain command. However, if a new administrative server wallet is created, then a new wallet for each host in the domain must be created, so that their identity certificates are digitally signed by the new administrative server signing certificate. Oracle Database 10g: Backup and Recovery

Administrative Server Certificate Authority (CA) Notes
Administrative Server Certificate Authority (CA) (continued) Because Oracle Secure Backup–embedded wallets are used only for interdomain communication, they do not have any direct relationship to the backup data written to tape. Therefore, if wallets are destroyed and re-created, it does not affect the restoration of data from tape. Administrative Server Certificate Authority (CA) Notes Oracle Database 10g: Backup and Recovery

Oracle Wallets Oracle Secure Backup creates a unique wallet for every host in the administrative domain. (No additional configuration is needed.) The wallets contain X.509 certificates, but no encryption keys (unlike the database wallets). There are two types of wallets: A password protected, encrypted file to establish security credentials An obfuscated wallet, used by Oracle Secure Backup daemons Note: Back up the encrypted wallet regularly, but never the obfuscated one. Oracle Wallets When you add hosts to the administrative domain, Oracle Secure Backup creates the wallet, keys, and certificates for each host. No additional intervention or configuration is required. All required wallet functionality is embedded in Oracle Secure Backup, thereby eliminating the need for other wallet utilities. Every host in the domain, including the administrative server, has a private key known only to that host that is stored with the host’s identity certificate. This private key corresponds to a public key that is made available to other hosts in the administrative domain. Any host in the domain can use a public key to send an encrypted message to another host, but only the host with the corresponding private key can decrypt the message. Oracle Wallets are encrypted containers designed to store X.509 certificates. Unlike the database encryption key wallet, the Oracle Secure Backup wallet does not store encryption keys for data. Oracle Secure Backup does not share its wallets with other Oracle products. Besides maintaining its password-protected wallet, each host in the domain maintains an obfuscated wallet. This version of the wallet does not require a password. The obfuscated wallet, which is scrambled but not encrypted, enables the Oracle Secure Backup software to run without requiring a password during system startup. Oracle Database 10g: Backup and Recovery

Oracle Wallets (continued) The password for the password-protected wallet is generated by Oracle Secure Backup and not made available to the user. The password-protected wallet is not normally used after the security credentials for the host have been established because the Oracle Secure Backup daemons use the obfuscated wallet. To reduce the risk of unauthorized access to obfuscated wallets, Oracle Secure Backup does not back them up. The obfuscated version of a wallet is named cwallet.sso. By default, the wallet is located in /usr/etc/ob/wallet on Linux and UNIX and C:\Program Files\Oracle\Backup\db\wallet on Windows. Best practice tip: Backup the encrypted wallet. Oracle Wallets Notes Oracle Database 10g: Backup and Recovery

Encrypted Backups to Tape .
Access Control Authentication > Encryption RMAN backup encryption: Encryption keys are transparently managed by the database Backup encryption at the database or tablespace level Encryption algorithms up to 256-bit AES Secure transportation over the network: Database backups with RMAN encryption File-system backups with SSL RMAN encrypted backups on tape—only available with Oracle Secure Backup. Encrypted Backups to Tape Oracle Secure Backup leverages RMAN backup encryption technology, such as: Encryption keys being transparently managed by the database Your ability to choose backup encryption at the database or tablespace level. (This is in addition to the Transparent Data Encryption (TDE), which you can use inside the Oracle database.) Substantial protection through encryption algorithms up to 256-bit AES During transportation over the network, database backups are secured with RMAN encryption (in which case, no additional SSL is used). If your database backups are not encrypted by RMAN, Oracle Secure Backup uses SSL by default. It also secures your file-system backups over the network by using SSL. To store RMAN encrypted backups on tape, you need to use Oracle Secure Backup. Oracle Database 10g: Backup and Recovery

Creating RMAN Encrypted Backups
RMAN offers three encryption modes: Transparent mode: Uses the Oracle key management infrastructure Requires that you first configure Oracle Encryption Wallet Password mode: Requires the use of the SET ENCRYPTION ON IDENTIFIED BY password ONLY command in your RMAN scripts Dual mode: Requires the use of the SET ENCRYPTION ON IDENTIFIED BY password command in your RMAN scripts Creating RMAN Encrypted Backups For improved security, RMAN backup set backups can be encrypted. Any RMAN backups created as backup sets can be encrypted. Image copy backups cannot be encrypted. Encrypted backups are decrypted automatically during restore and recover operations, as long as the required decryption keys are available, by means of either a user-supplied password or the Oracle Encryption Wallet. RMAN supports three encryption modes: Transparent mode Password mode Dual mode Additional information about each mode follows. Oracle Database 10g: Backup and Recovery

Using Transparent Mode Encryption
Perform the following steps: Create a wallet using Oracle Wallet Manager: Open the wallet: Set the master key: ENCRYPTION_WALLET_LOCATION= (SOURCE=(METHOD=FILE)(METHOD_DATA= (DIRECTORY=/opt/oracle/product/10.2.0/db_1/))) ALTER SYSTEM SET ENCRYPTION WALLET OPEN IDENTIFIED BY <password>; Using Transparent Mode Encryption Transparent encryption does not require DBA intervention as long as the required Oracle key management infrastructure is available. Transparent encryption is best suited for day-to-day backup operations, where backups will be restored on the same database that they were backed up from. Transparent encryption is the default encryption mode. You must first configure the Oracle Encryption Wallet to use transparent encryption. Refer to the Oracle Advanced Security Administrator’s Guide for detailed information about the Oracle Encryption Wallet. Perform the following steps to use transparent mode encryption: 1. Create a wallet using Oracle Wallet Manager. By default, an unencrypted wallet (cwallet.sso) is created when Oracle Database is installed. An encrypted wallet (ewallet.p12) is recommended for use with backup set encryption. Place an entry in the sqlnet.ora file as shown in the slide. 2. Open the wallet. Before you can use backup set encryption , you need to make sure that the wallet is opened by your instance. The password specified with the ALTER SYSTEM command is the same password you specified when you created the wallet in step 1. 3. Set the master key from within your instance. When the wallet is opened, you need to set the master key. ALTER SYSTEM SET ENCRYPTION KEY IDENTIFIED BY <password>; Oracle Database 10g: Backup and Recovery

Using Transparent Mode Encryption
Configure RMAN encryption level (database, tablespace, or database excluding tablespaces): Set encryption algorithm, if needed: CONFIGURE ENCRYPTION FOR DATABASE ON CONFIGURE ENCRYPTION FOR TABLESPACE <tablespace_name> ON SET ENCRYPTION ALGORITHM 'algorithm name' Using Transparent Mode Encryption (continued) 4. Configure the RMAN encryption level. The CONFIGURE ENCRYPTION command is used to specify encryption settings for the database or tablespaces within the database, which apply unless overridden using the SET command. Options specified for an individual tablespace take precedence over options specified for the whole database. 5. Set encryption algorithm, if needed. Query V$RMAN_ENCRYPTION_ALGORITHMS to obtain a list of encryption algorithms supported by RMAN. The default encryption algorithm is 128-bit AES. Oracle Database 10g: Backup and Recovery

Using Password Mode Encryption
Enable password mode encryption in your RMAN session: SET ENCRYPTION ON IDENTIFIED BY <password> ONLY Using Password Mode Encryption When you use password encryption, you must provide a password when you create and restore encrypted backups. When you restore the password-encrypted backup, you must supply the same password that was used to create the backup. Password encryption is most appropriate for backups that will be restored at remote locations, but which must remain secure in transit. Use the SET ENCRYPTION ON IDENTIFIED BY password ONLY command in your RMAN scripts to enable password encryption. Password encryption cannot be persistently configured. Note: For security reasons, it is not possible to permanently modify your existing backup environment so that RMAN backups are encrypted using the password mode. You can enable only password-encrypted backups for the duration of an RMAN session. Oracle Database 10g: Backup and Recovery

Using Dual Mode Encryption
Dual-mode encrypted backups can be restored transparently or by specifying a password. Enable password mode encryption in your RMAN session: SET ENCRYPTION ON IDENTIFIED BY 'password' Using Dual Mode Encryption Dual-mode encrypted backups can be restored transparently or by specifying a password. Dual-mode encrypted backups are useful when you create backups that are normally restored using the Oracle Encryption Wallet, but which occasionally need to be restored where the Oracle Encryption Wallet is not available. To create dual-mode encrypted backup sets, specify the SET ENCRYPTION ON IDENTIFIED BY password command in your RMAN scripts. Oracle Database 10g: Backup and Recovery

Restoring Encrypted Backups
Before restoration, set the RMAN session to decrypt backups. Specify all required passwords with the SET DECRYPTION command when restoring from a set of backups that were created with different passwords. SET DECRYPTION IDENTIFIED BY '<password_1>' {, '<password_2>',…,'<password_n> } Restoring Encrypted Backups Use the SET DECRYPTION command to specify one or more decryption passwords to be used when reading dual-mode or password-encrypted backups. When RMAN reads encrypted backup pieces, it tries each password in the list until it finds the correct one to decrypt that backup piece. An error is signaled if none of the specified keys are correct. Oracle Database 10g: Backup and Recovery

Performing Encrypted Recovery
1 2 Performing Encrypted Recovery While performing encrypted database recovery from tape and disk, you can notice the following: 1. The SET DECRYPTION command is executed. 2. The recovery completed successfully and the EXAMPLE tablespace is brought back online. Oracle Database 10g: Backup and Recovery

Summary In this lesson, you should have learned how to: Manage user access control for Oracle Secure Backup Describe host authentication Determine backup security characteristics Describe encryption Perform an encrypted database backup and restore Oracle Database 10g: Backup and Recovery

Practice Overview This practice covers the following topics: Perform a password encrypted database backup Attempt to restore a tablespace without encryption password Perform decrypted restoration Oracle Database 10g: Backup and Recovery

Managing the Administrative Domain

Objectives After completing this lesson, you should be able to: Describe Oracle Secure Backup processes Configure policies and defaults Browse primary Oracle Secure Backup catalogs Manage clients Manage media servers (tape devices and libraries) Manage volumes Manage jobs Oracle Database 10g: Backup and Recovery

Oracle Secure Backup Processes: Daemons
Policies Catalogs Clients Media Serv. - Devices - Libraries Volumes Jobs Oracle Secure Backup Processes: Daemons Client Administrative server Media server observiced obscheduled observiced obhttpd obixd obproxyd observiced obproxyd obrobotd obndmpd obproxyd Oracle Secure Backup Processes: Daemons To oversee data protection activities among diverse hosts, devices, and databases, you define an administrative domain. There must be one and only one administrative server for each administrative domain. The administrative server includes: Oracle Secure Backup catalog, a directory structure with host-specific subdirectories. This means, the contents vary depending on the roles you assign to the host. An administrative server has the central catalog with configuration and metadata. Daemons (or services), which are processes, that run in the background and perform OSB operations on behalf of an application Some daemons run continually; others run only to perform specific work and then exit when they have finished. The Oracle Secure Backup daemons actively participate in managing backup and restore operations: observiced daemon: On the administrative server, this daemon runs jobs (such as backups and restores) at the request of the obscheduled daemon, cleans up old log files and transcripts, and provides access to Oracle Secure Backup configuration data to other hosts in the domain. Oracle Database 10g: Backup and Recovery

Oracle Secure Backup Daemons (continued) observiced daemon (continued) The observiced daemon starts the obscheduled daemon and the Web server during initialization. When running on a client or media server, observiced is primarily responsible for invoking Oracle Secure Backup programs in response to a request from the administrative server. On all hosts, the observiced daemon is normally started as part of system startup and runs continually. On UNIX and Linux, startup is usually performed through entries in /etc/init.d, whereas on a Windows host, the observiced daemon is started by the Service Control Manager. obscheduled daemon: This daemon initiates scheduled events and manages jobs. The daemon receives job creation requests from obtool users and from the SBT interface in response to RMAN commands. obixd daemon: This daemon manages the backup catalog. One instance of this daemon runs for each client whenever the contents of that client’s catalog must be read or updated. Apache Web server daemon (obhttpd): This daemon provides the Web tool GUI for Oracle Secure Backup. obndmpd daemon: This daemon implements the NDMP tape service and provides media services to remote clients. It is launched by the observiced daemon in response to client requests to open a channel to a tape drive that is not locally connected to the client. obrobotd daemon: This daemon is launched by the observiced daemon in response to requests to manipulate tapes in a tape library. One instance of this daemon runs for each tape library whenever the services of that tape library are required. obproxyd daemon: This daemon verifies user access for SBT backup and restore operations. The proxy daemon runs on the host that contains the SBT library accessed during the operations. The invocation of the proxy daemon is platform specific. The proxy daemon uses the operating system user identity of the process invoking the SBT library and the local host name to determine the Oracle Secure Backup user account for the backup operation. If a preauthorization exists for this OS user and host, and if the associated Oracle Secure Backup user is permitted to perform RMAN backups, then the login to Oracle Secure Backup is permitted. On a host running the Windows operating system, only the observiced daemon runs as a Windows service. The other Oracle Secure Backup daemons do not run as services. OSB Daemons Notes Oracle Database 10g: Backup and Recovery

Managing Common Daemon Operations
Oracle Secure Backup daemons respond to a common set of control commands. Sending control commands to daemons is an infrequently performed task that you would normally use only under the guidance of Oracle Support Services. The daemon control commands are: dump: To direct the daemon to dump internal state information into its log file reinitialize: To direct the daemon to reread configuration data from the file system debugon: To direct the daemon to generate extra information to its log file debugoff: To cancel a previous debugon command. This is the default state. To send a command to a daemon, perform the following steps: From the Web tool Home page, click the Manage tab. From the Manage page, click the Daemons link in the Maintenance section. On the Daemons page, select a daemon from the Type list. From the Host list, select the host on which the daemon is running. Select a command from the Command list. Click Apply to accept your selections. Oracle Database 10g: Backup and Recovery

Managing Policies and Defaults
Daemons > Policies Catalogs Clients Media Serv. - Devices - Libraries Volumes Jobs Managing Policies and Defaults Oracle Secure Backup provides customizable administrative policies to easily manage simple or complex environments: Policy settings for devices, catalog indexing, log management, and general backup and recovery operations notification of system events and reports Policies that control the behavior of daemons and services NDMP Data Management Agent (DMA) defaults Policies that control aspects of domain security Managing Policies and Defaults Defaults and policies are configuration data that control how Oracle Secure Backup operates within an administrative domain. The data is maintained on the administrative server. Oracle Secure Backup is preconfigured with a set of defaults and policies for fast deployment in most environments. Oracle Secure Backup policies are grouped into several policy classes. Each policy class contains policies that describe a particular area of Oracle Secure Backup operations: Daemon policies Device policies Index policies Log policies Media policies Naming policies NDMP policies Operations policies Scheduler policies Security policies Oracle Database 10g: Backup and Recovery

Configuring Oracle Secure Backup Policies
1 3 2 Configuring Oracle Secure Backup Policies To modify the policies settings by using the Web tool, perform the following steps: From the Configure page, select Defaults and Policies. Click the name of the policy that you want to modify. Make any required changes. Choose one of the following: Click Apply to remain in this page. Click OK to save the changes and return to the Configure page. Click Cancel to avoid the operation and move back one page. 5. Operations: You can set operation policies to specify the following: Whether Oracle Secure Backup updates backup history data every time a client host is backed up Whether Oracle Secure Backup creates volume and backup image labels for a new backup image whenever it backs up data Whether Oracle Secure Backup performs block-level verification after each backup section is completed Additional options to apply to scheduler-dispatched backup and restore operations, such as enabling diagnostic output mode with the obtar -J option Oracle Database 10g: Backup and Recovery

Oracle Secure Backup: Backup Metadata Catalogs
Daemons Policies > Catalogs Clients Media Serv. - Devices - Libraries Volumes Jobs Oracle Secure Backup: Backup Metadata Catalogs File-system metadata: indices.cur Piece catalog: sbtpiece.dat and sbtpiece.idx Volumes catalog: volumes.dat and volumes.idx Oracle Secure Backup: Backup Metadata Catalogs The Oracle Secure Backup catalog is a collection of backup metadata catalogs and configuration files. They are centrally located on the Administrative server in a hierarchical file system under the <OSB_Home> directory. The following are the four primary catalogs: 1. File-system backup metadata is stored for each client in the indices.cur catalog (also known as the index database). That means, if the administrative server has 100 clients, it has 100 indices.cur files. The indices.cur file is located in the /usr/local/oracle/backup/admin/history/host/<host_name> directory. 2. Oracle database backup piece metadata is stored in the sbtpiece.dat and sbtpiece.idx files. 3. A listing of all tapes, which contain backups registered with the Oracle Secure Backup catalog, is stored in the volumes.dat and volumes.idx files. When a tape is overwritten, the volumes catalog is immediately updated. 4. Information about backup sections is stored in the archives.dat and archives.idx files. This is important when a backup spans multiple volumes. The last three catalogs are located in the /usr/local/oracle/backup/admin/state/general/ directory. Backup sections catalog: archives.dat and archives.idx Oracle Database 10g: Backup and Recovery

Oracle Secure Backup Catalogs Notes
Oracle Secure Backup: Backup Metadata Catalogs (continued) After volumes have been overwritten or unlabeled, the backup metadata is no longer needed. The index daemon will automatically remove this backup metadata from the catalog at the interval set by the indexcleanupfrequency index policy (default is 21 days). Oracle Secure Backup Catalogs Notes Oracle Database 10g: Backup and Recovery

Oracle Secure Backup: Directory Structure
/usr/local/oracle/backup <OSB_Home> directory admin apache bin etc device help config history log state conf htdocs images logs modules lib tools.linux32 man .drv.linux32 samples Oracle Secure Backup: Directory Structure The Oracle Secure Backup home directory is created on every host where you install Oracle Secure Backup, although the contents of the directory vary depending on the roles you assigned to the host. The illustration in the slide shows the installed directories for an administrative server on a Linux operating system. The directories in the dashed box contain executable files, or information related to storage devices. Not shown in the slide are the following directories: .bin.linux32, .etc.linux32, and .lib.linux32. Oracle Secure Backup maintains its own centralized catalog on the administrative server. The Oracle Secure Backup catalog contains all the information used to define your configuration and also metadata relating to your backup and restore operations. Oracle Secure Backup organizes its catalog in a hierarchical way. The admin directory contains the administrative domain catalogs. Administrative server Oracle Database 10g: Backup and Recovery

Backing Up the Catalog Create a dataset that includes: Oracle Secure Backup home directory The /etc/obconfig file The /usr/etc/ob directory Create a backup request, either on-demand or scheduled. Submit the backup request to the scheduler. Store the volume set in a known location. Backing Up the Catalog Given that you know that you will need the catalog backup only in dire circumstances, you should make special provisions when storing the backup, such as: Storing the volume set in a known location so that the tapes can be retrieved without having to look up which volumes were used to store the backup Configuring the operations/backupoptions policy to use the -v option (if you configured a scheduled backup). This generates a full transcript and lists all the files backed up. Then, save the transcript along with the tapes. For additional protection, you can back up the /usr/etc/ob directory, which is the job transcript directory. You may also want to save a copy of the SCSI parameters used to create the device special files for your tape devices. This can assist you in reconfiguring the tape devices during disaster recovery of your administrative server. The parameter specifications should be saved along with the volumes that contain the catalog backup. Oracle Database 10g: Backup and Recovery

Daemons Policies Catalogs > Clients Media Serv. - Devices - Libraries Volumes Jobs Adding Clients Adding Client Adding Clients may be your most common management task: 1. In the Oracle Secure Backup Web tool, click Configure, and then click Hosts. 2. Select the “Suppress communication with host” check box if you want to add a (stand-alone) machine to the administrative domain. 3. Click the Add button. Then enter a host name of your choice in the Host field. The name must be unique among all Oracle Secure Backup host names. 4. Optionally, enter one IP interface name in the “IP Interface name(s)” field. If you leave this blank, Oracle Secure Backup uses the name of the host (step 3) as the resolvable IP name for the host. 5. Select a status from the Status field. Your choices are: In service: Indicates that the machine is logically available for backup and restores Not in service: Indicates that the machine is unavailable 6. Select one or more administrative domain roles for the host from the Roles field. 7. Select an access method for the host (if applicable) from the “Access method” field. Your choices are: ob or NDMP. Oracle Database 10g: Backup and Recovery

Daemons Policies Catalogs Clients > Media Serv. - Devices - Libraries Volumes Jobs Adding Media Servers Adding Media Servers From the Administrative Server page, you can click the link corresponding to the number of configured Media Servers in the administrative domain. This takes you to the Media Servers page from which you can manage your media servers. On the Media Servers page, click Add to add a new media server to your administrative domain. To configure a new media server on the Add Media Server page, perform the following steps: 1. Select the “Suppress communication with host” check box if you want to add a host to the administrative domain that is not yet connected to the network. 2. Enter the name by which you want to refer to the host in the Name field. The host you choose must be unique among all Oracle Secure Backup host names. 3. Optionally, enter one IP interface name in the “DNS Hostname(s) or IP Address(es)” field. If you leave this blank, Oracle Secure Backup uses the name you assigned to the host in step 2 as the resolvable IP name for the host. Oracle Database 10g: Backup and Recovery

Adding Media Servers Notes
Adding Media Servers (continued) 4. Select a status from the Status field. Your choices are: In Service: Indicates that the machine is logically available to perform backup and restore operations Not In Service: Indicates that the machine is logically unavailable to perform backup or restore operations 5. Select an access method for the host (if applicable) from the Access Mode field. Your choices are: Native: The host contains a local installation of Oracle Secure Backup. NDMP: The host is accessed through the Oracle Secure Backup RPC protocol (plus NDMP) or solely through Network Data Management Protocol (NDMP). 6. Click OK. Note: For more information about how to manage media servers within Oracle Secure Backup, refer to the Oracle Secure Backup Administrator’s Guide. Adding Media Servers Notes Oracle Database 10g: Backup and Recovery

Daemons Policies Catalogs Clients Media Serv. > - Devices - Libraries Volumes Jobs NAS Devices Communicate via NDMP Do not require installation of Oracle Secure Backup software on NAS appliance Support local data transfer (from file server directly to and from tape drives) with simultaneous central management May be a client or media server but not an administrative server NAS Devices The Network Data Management Protocol (NDMP) defines a common architecture for backups of heterogeneous file servers on a network. NDMP allows administrators to back up data using any combination of compliant network–attached servers, backup devices, and management applications. With NDMP, network congestion is minimized because the data path and control path are separated. Backups can occur locally—from file servers directly to tape drives—whereas management occurs centrally. NDMP is commonly used by NAS devices, which are also known as filers, to perform backup and restore operations without requiring an Oracle Secure Backup installation on the appliance. The filer communicates with the backup software through NDMP. This model is very different from the classical backup model, which requires the installation of an agent or backup software component on each host to communicate and perform backup and restore operations as directed by the backup software server. For supported NAS devices, see Certify on MetaLink. Oracle Database 10g: Backup and Recovery

Adding NDMP Media Servers
If you select NDMP in the Access Mode field on the Add Media Server page, the following additional options should be specified for your new host: 1. Select an authorization type from the Authentication Type field. The authentication type defines the way in which Oracle Secure Backup authenticates itself to the NDMP server. Typically, you should use the negotiated default setting. Your choices are: default: Uses the value of the Authentication type for the NDMP policy none: Attempts to use the NDMP server from Oracle Secure Backup without providing authentication data (this is usually unsuccessful) negotiated: Instructs Oracle Secure Backup to negotiate with the NDMP server to determine the best authentication mode to use text: Uses plain (unencrypted) text to authenticate md5: Uses the MD5 digest algorithm to authenticate 2. Enter a username in the Username field. The username is used to authenticate Oracle Secure Backup to this NDMP server. Oracle Database 10g: Backup and Recovery

Adding Devices Adding Devices You can add new devices in one of two ways: By automatically discovering them. Oracle Secure Backup can automatically discover and configure secondary storage devices connected to certain types of NDMP servers, such as Network Appliance filers. By adding them manually to define devices that cannot be automatically discovered On the Device page, click either Add Library or Add Drive to add a new device to your configuration. You can also use the obtool command mkdev to add an Oracle Secure Backup device object to your administrative domain configuration. Here are some examples: ob> mkdev --type library --attach hasun20:/dev/obl0 tc-lib ob> mkdev --type tape --library tc-lib --dte 1 --attach hasun20:/dev/obt0 tc-tape ob> lsdev The following output displays: library tc-lib in service drive 1 tc-tape in service Oracle Database 10g: Backup and Recovery

Adding Devices (continued) The first example shows you how to add a tape library device to your configuration. As shown, you need to specify the device type, its attachment, and its Oracle Secure Backup name. The second example is doing the same thing for a tape drive that is part of your tape library. In addition to the type, attachment, and name, you need to specify the corresponding tape library as well as the tape drive’s data transfer element (DTE). Oracle Secure Backup identifies each tape drive within a tape library by its DTE number. A DTE must be specified if library is specified. The third example shows you the output of the lsdev command, which shows you the current configuration for both devices. Unlike SCSI, which is a host-centric protocol, Fibre Channel libraries and tape drives are typically shared among multiple Oracle Secure Backup media servers. A Fibre Channel–attached tape drive or tape library often has multiple attachments, one for each host that can directly access it. You can specify multiple attach points when creating a device with the mkdev or chdev commands of obtool, the Web tool, or EM. Multiple attach points enable you to attach the same device to multiple hosts on a network. Note: For more information about the mkdev and chdev commands, refer to the Oracle Secure Backup Reference guide. Adding Devices Notes Oracle Database 10g: Backup and Recovery

Discovering Devices on NDMP Hosts
Libraries and tape devices attached to Network-Attached Storage (NAS) filers are automatically configured by the operating system on which the NAS device runs. Both SCSI device and Fibre Channel configuration occur automatically and require no input from the user. Oracle Secure Backup can detect changes in device configuration for some types of these NDMP-accessed hosts and, on the basis of this information, automatically update the administrative domain’s device configuration. However, NAS tape libraries and tape drives must first be made accessible to the Oracle Secure Backup software. This is accomplished by performing device discovery on each of the NAS filers in the administrative domain. You can discover devices by using Enterprise Manager, the Web tool, or obtool. Oracle Secure Backup detects multiple hosts connected to the same device by comparing the serial numbers reported by the operating system. ob> discoverdev --verbose --host edrsr12p1 Oracle Database 10g: Backup and Recovery

Managing Devices Managing Devices From the EM Administrative Server page, you can click the link corresponding to the Devices number. This takes you to the Devices page from where you have the options to Add Library and Add Drive. You can also select an existing device, and Edit or Remove that device. A tape has to be mounted in the drive before you can write to it. “Mounting a volume” means logically preparing a tape volume in a drive to be read or written. Note: Unlike tape devices, Oracle Secure Backup will refuse to communicate with a tape library that it does not recognize (a tape library whose product ID does not appear in the <OSB_Home>/devices/ob_robots file). Too many things may go wrong when trying to control an unknown tape library. Oracle Database 10g: Backup and Recovery

Tape Library Properties
Daemons Policies Catalogs Clients Media Serv. - Devices > - Libraries Volumes Jobs Tape Library Properties Em_devices_crop.gif Em_08_lib_prop_2.gif Tape Library Properties To view tape library properties, perform the following steps in EM: 1. On the Devices page, click the name of a tape library in the main text box. The Edit Library page is displayed, showing the properties of the selected tape library. The device attachment information is displayed at the bottom of the page. 2. Click Show Advanced Settings to view additional properties for the device. 3. You can make changes to the tape library configuration and then click one of the following: Apply, to implement those changes and remain in this page OK, to save the changes and return to the Device page Cancel, to avoid the operation and move back one page Attachments, to configure device attachments Using the Web tool interface: 1. On the Manage page, select a tape library or tape drive in the main text box 2. Click Show Properties Oracle Database 10g: Backup and Recovery

Tape Drive Properties Tape Drive Properties To view tape drive properties, perform the following steps: 1. On the Manage page, select a tape drive in the main text box. 2. Click Show Properties. The Web tool displays a page with the properties for the tape drive that you selected. 3. Click Close to return to the Manage page. Oracle Database 10g: Backup and Recovery

Daemons Policies Catalogs Clients Media Serv. - Devices - Libraries > Volumes Jobs Managing Volumes Managing Volumes You can access the Volumes page from the EM Administrative Server page by clicking the Details link to the right of the Volumes label in the Resources section. You can use the Volumes page to display a list of all volumes associated with an administrative server. To display the volumes, you have to first specify a filter option. You do so by using the Search section. In the example in the slide, the filter option limits the volumes displayed to only those for the RMAN-DEFAULT media family. If you want a listing of all volumes, then choose the All search option, and then click Go. The Results table identifies the Volume ID and other important information related to your volumes. You can view all the backup sections in a selected volume by choosing Backup Sections. Note: For more information about how to manage volumes within Oracle Secure Backup, refer to the Oracle Secure Backup Administrator’s Guide. Oracle Database 10g: Backup and Recovery

Managing Volumes Managing Volumes (continued) Use the Backup Sections page to display the sections of a backup. A backup section is that portion of a backup image that fits on one physical volume. The Sections table displays the client host, attributes, and time stamp for each section. Oracle Database 10g: Backup and Recovery

Oracle Secure Backup Jobs
Daemons Policies Catalogs Clients Media Serv. - Devices - Libraries Volumes > Jobs Oracle Secure Backup Jobs Oracle Secure Backup uses different types of jobs to perform backup and restore tasks: Dataset jobs Backup jobs Restore jobs Oracle backup jobs (RMAN) Oracle restore jobs (RMAN) For each job, Oracle Secure Backup maintains a: Log Running transcript Oracle Secure Backup Jobs Oracle Secure Backup creates jobs in response to work you ask it to do. It assigns each job a name, called a job identifier, that is unique among all jobs within the administrative domain. Several events cause Oracle Secure Backup to create new jobs: At the beginning of the day, Oracle Secure Backup inspects the triggers defined in each schedule. For each trigger that fires that day, it creates one new job for each dataset listed in the schedule. In job descriptions, Oracle Secure Backup identifies this as a dataset job. It assigns the scheduled dataset job a numerical job identifier. Also, each time you explicitly request that Oracle Secure Backup perform a backup using a dataset, and send your request to the scheduler, Oracle Secure Backup creates a dataset job. It assigns the job an identifier consisting of the username of the logged-in user, a slash, and a unique numerical identifier. An example of such a job identifier is admin/233. At the scheduled start time for a dataset job, Oracle Secure Backup reads the dataset, and then creates one subordinate job for each host it includes. In job descriptions, Oracle Secure Backup calls this a backup job. It assigns each backup job an identifier whose prefix is the parent (dataset) job ID, followed by a dot, and then followed by a unique small number. An example of such a job identifier is admin/233.1. Oracle Database 10g: Backup and Recovery

Oracle Secure Backup Jobs Notes
Oracle Secure Backup Jobs (continued) Each time you explicitly request that Oracle Secure Backup restore data, and send your request to the scheduler, Oracle Secure Backup creates a “restore job” for each backup image that must be read to effect the restore. It assigns each job an identifier consisting of the logged-in username, a slash, and a unique numerical identifier. If Oracle Secure Backup creates multiple jobs to satisfy one restore request, it marks each job except the first as dependent on the success of the previous job. The effect of this notation is that, should a job fail on which a later job is dependent, that later job is also marked as failed. RMAN creates an Oracle Secure Backup job with types of oracle backup or oracle restore instead of the backup and restore type. Oracle Secure Backup keeps a log for each job. This “job log” describes high-level events, such as the creation, dispatch, and completion times of the job. You may view the log through both the Oracle Secure Backup Web tool and obtool. Oracle Secure Backup also maintains a running transcript for each job. The transcript contains everything that is written to the standard output stream by the job’s components, such as obtar. Oracle Secure Backup creates this transcript when dispatching the job for the first time, and updates it as the job progresses. When a job requires operator assistance, Oracle Secure Backup prompts for assistance by using the transcript and by sending an notification, if configured. When you list the jobs by using the obtool utility, it displays the job ID, the scheduled time, the contents, and the job state. The contents field contains the following information, depending on the backup job type: The dataset being backed up (dataset jobs) The host on which the data set is being backed up (backup job) A description of the data being restored (restore job) The database backup operation, such as datafile or archivelog (Oracle backup job) The backup piece restored (Oracle restore job) Oracle Secure Backup Jobs Notes Oracle Database 10g: Backup and Recovery

Managing Jobs Managing Jobs After your backup has been submitted to the Oracle Secure Backup scheduler, you manage these jobs from the Oracle Secure Backup Web tool: From the Manage page, click the Jobs link in the Maintenance section. You are directed to the Jobs page. To limit the jobs displayed to: a. A specific host, select that host from the Host list b. Those instantiated by a certain user, select that user from the User list c. A particular dataset, select that dataset from the Dataset list Select one or more of the following Viewing options: Active: Select this option if you want to view the status of backup jobs that are currently in progress. Complete: Select this option to view the status of completed jobs, whether they succeeded or not. Pending: Select this option if you want to view the statuses of jobs that are pending, but not presently running. Input pending: Select this option to view the statuses of jobs that are running and requesting input now. Oracle Database 10g: Backup and Recovery

Managing Jobs (continued) Today: Select this option if you want to view the statuses of backup jobs that are scheduled to run today. Scheduled time: Select this option to display jobs scheduled within a time range you select from the From date and To date boxes. 4. Select the type of jobs that you want to see in the report. Your choices are: backup, recover, dataset, Oracle backup, and Oracle restore. You can select multiple job types by holding down [Shift] while selecting a job type. 5. Click Apply to accept your selections. Information is displayed in the job management table in the central panel. The following information is available for each job: ID: The Oracle Secure Backup-assigned job identifier Type: The type of Oracle Secure Backup job associated to a host Time: The date and time the job began or is scheduled to begin State: The job status, which can be pending, completed successfully, or failed To monitor jobs with the obtool interface, use the lsjob command. Note that the state of newly created jobs is future work until the job has been submitted. On-demand backups (created as backup requests) are named using the Oracle Secure Backup username and a system-generated number. For example, admin/1. Scheduled jobs are named using a system-generated number, but do not include the username as part of the job name. For example, 1.1. Oracle Database backup jobs are considered on-demand backups, so the username is included in the job ID. For example, oracle/1.1. Managing Jobs Notes Oracle Database 10g: Backup and Recovery

Viewing Job Properties and Transcripts
To view job properties in the Oracle Secure Backup Web tool, perform the following steps: 1. Select a job ID from the job management table in the central panel of the Jobs page. 2. Click the Show Properties button. The Job Properties page appears showing the characteristics of the selected job. To view a job transcript in the Oracle Secure Backup Web tool, perform the following steps: 1. Select a job from the job management table in the central panel of the Jobs page. 2. Click Show Transcripts. A transcript page appears. 3. Scroll down the page to view more information. At the end of the page, you can modify the transcript viewing criteria. Optionally, select a message level from the Level list. Oracle Secure Backup tags each message it writes to a transcript with a severity level. These levels range from “0 Debug message (extra output)” to “9 Fatal.” 4. Optionally, select “Start at line” and enter a line number at which you want the transcript view messages to start. 5. Optionally, select the “Suppress input” check box to suppress input requests. When a request for input is recognized, Oracle Secure Backup prompts for a response. Specifying this option suppresses this action. Oracle Database 10g: Backup and Recovery

Viewing Job Properties and Transcripts Notes
Viewing Job Properties and Transcripts (continued) 6. Optionally, select the “Show line numbers” check box to prefix each line with its message number. 7. Optionally, select the “Head lines” option and enter a number representing the first N lines of the transcript having a message severity level at or above the value you selected. 8. Optionally, select the “Tail lines” option if you want to display the last N lines of the transcript having a message severity level at or above the value you selected. 9. Optionally, select a value in the “Page refresh (in seconds)” list. The default is 60 seconds. 10. Click Apply to accept your changes, if any, and redisplay the transcript. To view a job transcript, you must be the owner of the job or belong to a user class that has either the list any jobs owned by user or the list any job, regardless of its owner right. Viewing Job Properties and Transcripts Notes Oracle Database 10g: Backup and Recovery

Suspending and Resuming Job Dispatching
It is possible to temporarily suspend and later resume Oracle Secure Backup’s dispatching of jobs. When job dispatching is suspended, running jobs are allowed to complete; however, the scheduler starts no new jobs. After job dispatching is suspended, the scheduler resumes it when you select the resume function or restart Oracle Secure Backup on the administrative server. To suspend job dispatching, from the Daemons page, click the Suspend button. The message “obscheduled suspended” appears in the Status area. Any pending backup and restore (scheduled or one-time) jobs are no longer dispatched. Jobs that are already running are permitted to finish. To resume job dispatching, from the Daemons page, click the Resume button. The message “obscheduled processing resumed” appears in the Status area. The following scenario shows you how to do that with the obtool utility: ob> ctldaemon --command suspend ob> lsdaemon Process Daemon/ Listen ID Service State port Qualifier observiced normal obscheduled suspended Oracle Database 10g: Backup and Recovery

Suspending and Resuming Job Dispatching Notes
Suspending and Resuming Job Dispatching (continued) ob> ctldaemon --command resume ob> lsdaemon --long --host EDRSR14P1 Process ID: Daemon/Service: observiced State: normal Listen port: Qualifier: (none) Process ID: Daemon/Service: obscheduled Listen port: ob> The ctldaemon command is generally used to control the operation of an Oracle Secure Backup daemon. In the above example, ctldaemon is used to suspend and resume Oracle Secure Backup job scheduling. The lsdaemon command is used to list the Oracle Secure Backup daemons running on a particular host. Note: For more information about the above commands, refer to the Oracle Secure Backup Reference guide. Suspending and Resuming Job Dispatching Notes Oracle Database 10g: Backup and Recovery

Job Summaries Job Summaries A “job summary” is a text file report that describes the backup and restore activity performed by Oracle Secure Backup. You can use job summaries to monitor specific backup jobs, or you can use a job summary report to monitor all backup and restore activity for a time period. You can create a “job summary schedule,” which enables Oracle Secure Backup to generate multiple summary reports, each covering different time periods or activities. If an system such as sendmail is operational on the administrative server, then you can supply the addresses for the recipients of job summary reports and the report will be sent in an to those recipients. It is recommended that you create at least one job summary schedule so that you receive an automated describing your backup jobs. Using the Web tool, in the Advanced section of the Configure page, click Job Summaries to list the configured job summary schedules. To remove a job summary schedule, select the schedule you want to remove, and then click Remove. Oracle Database 10g: Backup and Recovery

Displaying Log Files and Transcripts
RMAN ($ORACLE_HOME) Oracle Secure Backup (<OSB_Home> directory) rdbms/log/sbtio.log admin/log/scheduler/log Displaying Log Files and Transcripts If an error occurs during an SBT session, Oracle Secure Backup tries to send the error description to the administrative server to be saved in the job transcript. RMAN records the error in the trace file named sbtio.log, unless the user has configured a different file to be used by RMAN. By default, this trace file is located in the $ORACLE_HOME/rdbms/log directory. All SBT errors contain the following information: The location (function) where the failure occurred (for example, sbtbackup) The operation that was being performed (for example, “creating a backup piece”) A brief description of the problem (for example, “unable to contact admin server”) If applicable, a brief description of the remedy that the user may apply If applicable, the name of the trace or debug file where additional information about the problem can be found You can get more trace information by using the TRACE option of the ALLOCATE CHANNEL command. For example: ALLOCATE CHANNEL c1 TYPE sbt TRACE 5 … Trace levels range from 0 (errors only) to 6 (verbose debugging). Oracle Database 10g: Backup and Recovery

Summary In this lesson, you should have learned how to: Describe Oracle Secure Backup processes Configure policies and defaults Browse primary Oracle Secure Backup catalogs Manage clients Manage media servers (tape devices and libraries) Manage volumes Manage jobs Oracle Database 10g: Backup and Recovery

Practice Overview This practice covers the following topics: Backing up the Oracle Secure Backup catalog data and critical files Performing disaster recovery of the Oracle Secure Backup catalog files Oracle Database 10g: Backup and Recovery

Oracle Secure Backup Additional Installation Topics

Topics This appendix, together with the relevant lesson, should assist you to: Install Oracle Secure Backup on Windows Locate and describe the Oracle Secure Backup installed files Additional installation topics: Specifying installation parameters Client Installation: Example Media Server Installation: Example Uninstall Oracle Secure Backup Oracle Database 10g: Backup and Recovery

Windows Installation: Overview
Stop drivers Run setup.exe Answer customer information dialogs Select the type of host from the Oracle Secure Backup Setup screen Install Windows Installation: Overview Before beginning your installation, see documentation for platform-specific details, such as: on Windows: disable drivers on Windows-based media servers, and how to configure firewalls. Oracle Secure Backup supports configuring the administrative domain on a host running the Windows operating system. To support running an administrative server on Windows, the GNU SMTP implementation is replaced with one developed by Oracle. During the installation process, the Oracle Secure Backup Setup Wizard copies all Oracle Secure Backup files to the local host and generates Windows Registry entries. Note: Every installation of Oracle Secure Backup on Windows is a client installation, and can additionally be a media server or administrative server installation. Answer service startup dialogs Answer service login dialogs Oracle Database 10g: Backup and Recovery

Stopping Tape Device Drivers
Before you start an Oracle Secure Backup host installation on your Windows machine, you should stop any currently running drivers that are controlling existing tape drives and libraries that you plan to use with Oracle Secure Backup. This is necessary because Windows does not allow two device drivers to simultaneously claim the same device. To stop Windows drivers, perform the following steps: 1. From Control Panel, click System. 2. Click the Hardware tab. 3. Click the Device Manager button. The Device Manager window appears. 4. Expand the branch for Medium Changers (if any). 5. Right-click the icon that represents your tape library. 6. A pop-up menu appears. Select Disable to disable the medium changer driver. 7. Repeat steps 5 and 6 for each tape library or tape drive that you intend to use with Oracle Secure Backup. 8. Expand the branch for Tape Drives. Installed drivers for tape drives appear. 9. Right-click the icon that represents your tape drive. 10. A pop-up menu appears. Select Disable to disable the tape drive driver. Oracle Database 10g: Backup and Recovery

Oracle Secure Backup Setup
1. Run the setup.exe program from the directory into which you originally downloaded the software. The InstallShield Wizard is displayed. 2. Click Next to continue. The Readme Information dialog box is displayed. 3. Click Next to continue. The Customer Information dialog box is displayed. 4. Enter your name in the User Name box. 5. Enter the name of your company in the Organization box. 6. Select a target user for the application. Your choices are: Anyone who uses this computer (all users) Only for me (user) 7. Click Next to continue. 8. Choose the program features to configure: a. To configure the Windows host as a media server, click the pull-down menu of the Media Server icon. The options that are displayed are shown in the slide. Selecting the “This feature will be installed on local hard drive.” option removes the X from the Media Server icon and installs the media server software. Oracle Database 10g: Backup and Recovery

Service Startup Dialogs
Continued: Service Startup Dialogs The Service Startup dialog box is displayed. 12. Select a mode in which to start the Oracle Secure Backup service. Your choices are: Automatic: The Oracle Secure Backup service starts automatically when you reboot your host. Manual: The Oracle Secure Backup service must be started manually by a user who is a member of the Administrators group. Disabled: The Oracle Secure Backup service is disabled. 13. Click Next to continue. Note: On the Windows operating system, the only daemon that runs as a Windows service is the Oracle Secure Backup service (observiced). Oracle Database 10g: Backup and Recovery

Service Login Dialog Box
Continued: Service Login Dialog Box The Service Login dialog box appears. 14. Select one of the following options: If you plan to run the Oracle Secure Backup service daemon (and associated subordinate daemons) with full privileges, click System Account. If you plan to run the Oracle Secure Backup service daemon (and associated subordinate daemons) with the privilege set associated with an existing Windows user account, click “This Account” and enter the Windows user account name and password. If you choose this option, ensure that the account you select has enough backup and restore privileges. The required privileges are listed in the Oracle Secure Backup Service Logon dialog box. 15. Click Finish to complete the installation. 16. Repeat this installation process for each Windows host in your administrative domain. Oracle Database 10g: Backup and Recovery

Oracle Secure Backup Installed Files
<OSB_Home> directory admin apache bin device help samples config history log state conf htdocs images logs modules Oracle Secure Backup Installed Files The Oracle Secure Backup home directory is created on every host where you install Oracle Secure Backup, although the contents of the directory vary depending on the roles you assigned to the host. The illustration in the slide shows the installed directories that are common to an administrative server on any operating system. However, an administrative server configured on a Linux host will have additional directories created. In addition to containing the Oracle Secure Backup directory, each host on which Oracle Secure Backup is installed contains a configuration file. The configuration file is called obconfig.txt in the db subdirectory where you install Oracle Secure Backup on Windows, and it is called obconfig in the /etc directory on UNIX and Linux systems. These directories contain the following types of files: admin: Administrative and configuration data for the administrative domain, also the backup catalog apache: Apache Web server files (used by Web tool) bin: Executables or links to executables device: Data on the tape drives and libraries that are supported by the Oracle Secure Backup device driver Configuration file Administrative server Oracle Database 10g: Backup and Recovery

Oracle Secure Backup Installed Files
<OSB_Home> directory /usr/local/oracle/backup .drv.<OS> help bin device Media server <OSB_Home> directory /usr/local/oracle/backup Oracle Secure Backup Installed Files (continued) The slide illustrates the directories created for a media server or client. The bin and device subdirectories are created on every machine, regardless of the operating system used. The other directories shown in the slide are created for machines that use the Windows operating system. For a UNIX or Linux host, the following files and directories are installed in addition to the bin and device subdirectories: Media server: .bin.<operating_system>/ .drv.<operating_system>/ etc/ .etc.<operating_system>/ man/ /usr/etc/ob/.hostid /usr/etc/ob/xcr/ /usr/tmp/ .wrapper help bin device Client Oracle Database 10g: Backup and Recovery

Installed Files for Host Role: Administrative Server
<OSB_Home> directory admin apache bin device help samples config history log state conf htdocs images logs modules Installed Files for Host Role: Administrative Server The Oracle Secure Backup home directory is created on every host where you install Oracle Secure Backup, although the contents of the directory vary depending on the roles you assigned to the host. The illustration in the slide shows the installed directories that are common to an administrative server on any operating system. However, an administrative server configured on a Linux host will have additional directories created. In addition to containing the Oracle Secure Backup directory, each host on which Oracle Secure Backup is installed contains a configuration file. The configuration file is called obconfig.txt in the db subdirectory where you install Oracle Secure Backup on Windows, and it is called obconfig in the /etc directory on UNIX and Linux systems. These directories contain the following types of files: admin: Administrative and configuration data for the administrative domain, also the backup catalog apache: Apache Web server files (used by Web tool) bin: Executables or links to executables device: Data on the tape drives and libraries that are supported by the Oracle Secure Backup device driver Configuration file Oracle Database 10g: Backup and Recovery

Installed Files for Host Role: Media Server
<OSB_Home> directory /usr/local/oracle/backup .drv.<OS> help bin device Installed Files for Host Role: Media Server The slide illustrates the directories created for a media server or client. The bin and device subdirectories are created on every machine, regardless of the operating system used. The other directories shown in the slide are created for machines that use the Windows operating system. For a UNIX or Linux host, the following files and directories are installed in addition to the bin and device subdirectories: Media server: .bin.<operating_system>/ .drv.<operating_system>/ etc/ .etc.<operating_system>/ man/ /usr/etc/ob/.hostid /usr/etc/ob/xcr/ /usr/tmp/ .wrapper Oracle Database 10g: Backup and Recovery

Installed Files for Host Role: Client
<OSB_Home> directory /usr/local/oracle/backup help bin device Installed Files for Host Role: Client The slide illustrates the directories created for a media server or client. The bin and device subdirectories are created on every machine, regardless of the operating system used. The other directories shown in the slide are created for machines that use the Windows operating system. Client: .bin.<operating_system>/ etc/ .etc.<operating_system>/ man/ /usr/etc/ob/.hostid /usr/etc/ob/xcr/ /usr/tmp/ .wrapper Oracle Database 10g: Backup and Recovery

Specifying Installation Parameters
# Once you've customized this obparameters file, change the # following line to 'yes' to make installob less chatty. customized obparameters: yes … # _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ # # D e f a u l t " o r a c l e " u s e r c r e a t i o n # After the installation is successful and the # administrative domain has been initialized, this option # allows you to automatically create an Oracle Secure Backup # user "oracle" which belongs to the "oracle" class and is # pre-authorized to perform Oracle backup & restore # operations. create pre-authorized oracle user: yes Specifying Installation Parameters Oracle Secure Backup provides an obparameters file to help users customize their installations. The obparameters file is located in the install subdirectory of your Oracle Secure Backup home directory. For a Linux installation, you can alter the behavior of Oracle Secure Backup by modifying the following options in this file: customized obparameters: Indicates you no longer want to be prompted to review this file during installation start daemons at boot: Indicates whether you want to automatically start Oracle Secure Backup each time you boot the system identity certificate key size: 1024: Configures the level of security associated with the host identity certificates issued by the administrative service daemon create pre-authorized oracle user: Instructs Oracle Secure Backup to create the oracle Oracle Secure Backup user and configure it as a preauthorized user default UNIX user and default UNIX group: Is used to specify the UNIX or Linux groups and usernames to which the oracle Oracle Secure Backup user will be mapped <OS type> ob dir: Identifies the name of the Oracle Secure Backup directory for each platform type in your network. Currently, you can set directories for Solaris, HP-UX, AIX, Linux, and Solaris64. The default value is the <OSB_Home> directory. Oracle Database 10g: Backup and Recovery

Client Installation: Example
Would you like to install Oracle Secure Backup on any other machine [yes]? yes Enter the name of a host onto which you'd like to install Oracle Secure Backup: client_z Just a moment while I learn about client_z...done. Looking for an acceptable temporary work area on client_z... Making sure target file system has enough space I'm ready to install Oracle Secure Backup on client_z as a client. The work area on client_z to be used for temporary install files is /tmp. OK to proceed [yes]? yes Installing Oracle Secure Backup onto client_z (HP-UX version 10.20) packaging Oracle Secure Backup distribution for copy to client_z copying Oracle Secure Backup distribution to client_z copying Oracle Secure Backup installation tools to client_z completing installation on remote host ... Oracle Secure Backup installed successfully onto client_z Client Installation: Example Assume in the example shown in the slide that you have just installed Oracle Secure Backup on the administrative server, and you now want to install Oracle Secure Backup on a client named “client_z.” When the installob script gives you the possibility to install Oracle Secure Backup on another machine, you choose yes. You need to specify the name of the machine and answer some basic questions, as shown. For formatting reasons, the complete output is not shown in the slide. Note: In this particular example, no choice is provided regarding the new machine’s role. This is because the installob script determined that the target machine could not be configured as an administrative or media server. Thus, a client installation is performed automatically. Oracle Database 10g: Backup and Recovery

Media Server Installation: Example
Would you like to install Oracle Secure Backup on any other machine [yes]? Enter the name of a host onto which you'd like to install Oracle Secure Backup: media_x You can install this host one of three ways: (a) an admin server, (b) a media server or,(c) a client Which would you like (one of a b c; q to quit) [c]? b Oracle Secure Backup's Web Server Interface software has been loaded. … Does media_x have any SCSI tape libraries that you'd like to use with Oracle Secure Backup [no]? yes How many Oracle Secure Backup tape drives are attached to media_x [1]? Please describe each tape drive by answering the following questions. Logical unit number [0]: SCSI bus address [0]: SCSI target ID [4]: 2 SCSI lun 0-7 [0]: Is the information you entered correct [yes]? OK to proceed [yes]? Oracle Secure Backup successfully onto media_x # cat /proc/scsi/scsi Attached devices: Host: scsi0 Channel: 00 Id: 02 Lun: 00 Vendor: IBM Model: … : 4772 Type: Sequential-Access… Media Server Installation: Example This example demonstrates a media server installation. First, specify the host name of the machine that you want to add as a media server. Then, you specify that you want this new machine to be a media server. The setup program automatically installs Oracle Secure Backup on the remote host and prompts for information about the devices attached to the new media server. In the example, it is assumed that the media server has only one SCSI tape drive attached. Note: The procedure for configuring tape libraries or Fibre Channel devices is the same as the process for configuring SCSI tape drives. Before you can configure the tape drive, you need to obtain some physical SCSI information about the device. For example, on a Linux platform, you can use the cat /proc/scsi/scsi command to obtain the necessary information. In addition to obtaining SCSI device information, you must also assign an Oracle Secure Backup logical unit number. This is a number between 0 and 31 and is used to create unique file names for the devices connected to the media server—for example, /dev/obt0, /dev/obt1, and so on. Note: For formatting reasons, the complete output is not shown in the slide. Oracle Database 10g: Backup and Recovery

Verifying Your Installation
Some examples: View Oracle Secure Backup processes in Linux: ps -e | grep ob Use obtool commands to view Oracle Secure Backup users and default media family: ob> lsuser ob> lsmf --long Verifying Your Installation In the slide are some examples of how you can verify your installation. To start the obtool utility, execute the following: $ obtool Oracle Secure Backup login: admin Password: oracle << Password not echoed >> ob> lsuser admin admin oracle oracle ob> lsmf --long RMAN-DEFAULT: Keep volume set: content manages reuse Appendable: yes Volume ID used: unique to this media family Comment: Default RMAN backup media family ob> quit Oracle Database 10g: Backup and Recovery

Uninstalling Oracle Secure Backup
Have all users log out of Oracle Secure Backup applications. Close all sessions of Web tool. Use the uninstallob script. You must be logged in as the root user. Call script from the parent directory of the Oracle Secure Backup home directory. Choose whether you want to save or remove the: Oracle Secure Backup directory Administrative directory Uninstalling Oracle Secure Backup You can uninstall Oracle Secure Backup from a client or the administrative server. If you uninstall Oracle Secure Backup from an administrative server, you are given the option of retaining the administrative directory and its contents. This enables you to safely uninstall and reinstall the product without deleting your administrative server data. You must be logged in as the root user on UNIX or Linux systems to uninstall Oracle Secure Backup completely. If you are not logged in as root when you uninstall the software, you may not have the privileges needed to delete files and shut down the Oracle Secure Backup daemons. Oracle Secure Backup–related processes such as the HTTP processes for Oracle Secure Backup Web tool should be shut down before beginning the uninstallation process. To identify processes for Oracle Secure Backup, you can use the following command: # /bin/ps -ef |grep ob You can then use kill -9 <pid> commands to kill each process in the list associated with Oracle Secure Backup. If you uninstall Oracle Secure Backup from the local machine, the uninstallob script removes the Oracle Secure Backup home directory when the script completes. For this reason, you should call the uninstallob script from the parent directory of the Oracle Secure Backup home directory. Oracle Database 10g: Backup and Recovery

Summary This appendix provided assistance with the following topics: Install Oracle Secure Backup on Windows Locate and describe the Oracle Secure Backup installed files Additional installation topics: Specify installation parameters Install Client: Example Install Media Server: Example Verify your UNIX installation Uninstall Oracle Secure Backup Oracle Database 10g: Backup and Recovery

Introduction.

Similar presentations

Presentation on theme: "Introduction."— Presentation transcript:

Similar presentations

About project

Feedback

Log in

Auth with social network:

Introduction.

Similar presentations

Presentation on theme: "Introduction."— Presentation transcript:

Similar presentations

About project

Feedback