Go to main content

Oracle® MiniCluster S7-2 Administration Guide

Exit Print View

Updated: October 2021
 
 

App VM Group Parameters

This section describes the parameters you define when you create an App VM group profile. Use this information in conjunction with these activities:

VM Group Profile Name

During the configuration process, you specify a group profile name of your choice. The name can be up to 12 characters, and can contain lowercase letters, numbers, and the - (hyphen) symbol. Later, the VM group name is automatically used as a prefix in the VM hostnames, so specifying a short name can lead to shorter VM names.

Description

You can specify an optional description of the VM group.

Number of VMs

You choose one of these options.

  • Pair – The utility configures two application VMs (one on each node) in the group.

  • Single – The utility configures one VM in the group.

Shared Storage

All App VMs are allocated with storage space. The shared storage provides additional storage, if enabled.

6 HDDs on each storage array are set aside for additional storage space (see MiniCluster Storage Overview).

  • If enabled – All the VMs in the group have access to the shared storage.

  • If disabled – The VMs will not have access to the shared storage space in the 6 HDDs.

Note - After the creation of VMs, you can enable or disable access to the shared storage at any time. See Enable or Disable NFS (BUI).

For systems in highly secure environments, do not enable shared storage. For additional security information, refer to the Oracle MiniCluster S7-2 Security Guide.

Security Profile

For current versions of MCMU, the security profile is automatically configured for each Oracle Solaris 11 VM based on what was selected for the system during the initial configuration. The following list describes the security profiles that can be selected at install time:

  • CIS Equivalent – Satisfies requirements comparable and equivalent to benchmarks set forth by the Center for Internet Security (CIS) and Security Technical Implementation Guidelines (STIG) assessments.

  • PCI-DSS – Complies with the Payment Card Industry Data Security Standard (PCI DSS) standard defined by the Payment Card Industry Security Standards Council.

  • DISA STIG – Builds on the CIS Equivalent security profile and introduces 75 additional security controls, and includes FIPS-140-2 cryptography.

VM Type

Select one of the to assign the VMs with an OS version:

  • Solaris 11 Native Zone – Configures Oracle Solaris 11 OS for the App VM. This is a native OS installation because the version is the same as what is installed in the global zones. Choose this VM type if you plan to use the App VM clustering feature.

  • Solaris 10 Branded Zone – (Introduced in software v1.1.25) Configures Oracle Solaris 10 OS for the App VM. This is a branded OS installation because the version is different than what is installed in the global zones. Branded zones are usually used when applications require a specific OS version.

    Oracle provides quarterly Critical Patch Updates (CPUs) for Oracle Solaris 10, including Solaris 10 Containers (Branded Zones). Review the knowledge articles titled How to find the Oracle Solaris Critical Patch Update (CPU) Patchsets, Recommended OS Patchsets for Oracle Solaris and Oracle Solaris Update Patch Bundles (Doc ID 1272947.1) and How Patches and Updates Entitlement Works (Doc ID 1369860.1). Both articles are available at My Oracle Support. Take any actions necessary to patch applicable Oracle Solaris 10 Branded Zone virtual machines.

Note -  For two VM configurations, MCMU automatically configures both VMs with the same VM type.

Enable Security

(Only for Oracle Solaris 10 branded zones) If selected, an Oracle Solaris 10 security service called Java Authentication and Authorization Service (JASS) is assigned to the VMs.

JASS hardens and minimizes the OS attack surface. The configuration is based on the Solaris Security Toolkit, which enforces security controls such as RBAC, allow-listed ports, protocols and services, and ensures that unnecessary services are disabled.

For more information about JASS, refer to the JASS Reference Guide at https://docs.oracle.com/javase/8/docs/technotes/guides/security/jaas/JAASRefGuide.html.

Note -  For two VM configurations, MCMU automatically configures both VMs with or without the security service based on your selection.

IP Pool

An IP pool is a range of IP addresses. Each IP pool is a separate subnet. As of v1.2.4, you can create multiple IP pools, then assign different VM groups to different IP pools. You can also assign a VLAN ID to an IP pool.

Create the IP pools before creating the App VM group. See View and Update Network Parameters in v1.2.4 and Later (BUI).

Public Hostname

For each VM, specify a unique hostname. This is the name that you add to your DNS. It is the hostname that is used for client access to the VM.

The hostname can be up to 32 lowercase alpha-numeric characters and include the - (hyphen) symbol.

Cores

For each VM, specify the number of cores. Before the creation of VMs, there are 24 cores available (12 on each node that are available for VMs). MCMU keeps track of how many cores are assigned to VMs and only enables you to select a number from what is available. If you select 0 (zero) cores, the VM shares available cores. You can assign a different number of cores to each VM within a group.

After the App VM group is deployed, you can change the number of cores on the VMs. See Edit an App VM Group (BUI).

Password

For each VM, set a password for the oracle and mcinstall users.

If you select image:A graphic showing the checkbox. , MCMU sets the password to a default value (see User Accounts).

For details about MCMU users, see User Accounts. Password policies vary based on the security profile that was selected. See MCMU Password Policies and Security Profile.

Define Cluster

(Introduced in software v1.1.25) If you selected the Oracle Solaris 11 VM type, MCMU BUI displays the Define Cluster section (see Create an App VM Group Profile (BUI)). If you enable Clusterware, MCMU configures the two App VMs into a cluster, providing a highly available configuration. If one VM goes down, the system automatically fails over. You can only cluster two App VMs.

Note -  If you want to cluster Oracle Solaris 10 branded zones, you must do so manually.

To enable this feature, slide the selector to Yes, and enter a name in the SCAN name field.

Single Client Access Name (SCAN) is a feature used in cluster configurations. The SCAN provides a single name for clients to access all VMs running in the cluster. The SCAN must be a name that is up to 15 characters long. You can use lowercase letters, numbers and the - (hyphen) symbol.

MCMU handles the configuration of the cluster, but if you want additional details, refer to the Database Clusterware Administration and Deployment Guide at: http://docs.oracle.com/database/121/nav/portal_booklist.htm.

Copyright © 2019, 2021, Oracle and/or its affiliates.  
Previous
Next