On Nov 13, 2007 3:08 PM, Amir Hameed <[EMAIL PROTECTED]> wrote: > Folks, > > I am working on implementing "Shared Application Filesystem" > architecture with Oracle e-Business Applications suite for a > multi-node, mission critical system. What this means is that instead
When I think "mission critical" I normally say "eliminate single points of failure". Some would say that one set of binaries shared by a horizontally scaled tier (or multiple tiers) introduces a single point of failure. That is, one corrupt file system or one "oops, I patched production, not dev" takes you down. That being said, I think the approach you are looking at is in common use for Oracle Apps and other applications. > - NAS (EMC Celera) This will talk to Solaris via NFS. There is nothing magical about NAS other than it makes for shorter sentences when talking about the various protocols used by different operating systems. Initially NAS implied NFS + CIFS (SMB) and sometimes Apple's equivalent. Lately it has come to mean NFS + CIFS + iSCSI. iSCSI is not an option in your case unless you have some other cluster file system, which adds a layer of complexity. > - NFS > > I have already exlpored the EMC option and now I am researching on > the NFS option. I'm specially interesting in the following: > > - The security aspect of NFS: How secure it is and can it be made > secured. What are the risks associated with using it. How is the > security different from that offered by NAS devices? By default, NFS is relatively insecure. While you can restrict the hosts that it talks to, it (and many other IP-based protocols) are susceptible to a number of attacks. The potential for being attacked increases as the number of hosts reachable by the NFS server increases. There are several ways to increase the security: 1) Private network accessible only by the server(s) and clients that need access. This is the simplest approach and one that you seem to be going down already for performance reasons. 2) Use Secure NFS (e.g. with Kerberos). Depending on the configuration options you choose, this can be used to validate identity (of machines and people, I think), protect data integrity, and data confidentiality. 3) Use IPsec between the NFS server(s) and clients. This can ensure the integrity and confidentiality of the traffic (not just NFS, but oracle sessions too) between the various servers. Depending on the nature of your existing environment, going to great lengths to secure NFS (beyond having a reasonable exports list) may not be your greatest security bang for the buck. If you have a certain amount of time+money for security, many times things like identity management (everyone has an account and uses only that account, they get deleted when people leave, etc.), encrypted login sessions (transition from telnet to ssh), and various other things will have a higher payback. Keep in mind that Kerberos can help with NFS, account security, and more secure versions of telnet, rsh, ftp, etc. in the event that you are stuck on them. > - NFS Performance and reliability: Configuring NFS to use the > private gigabit network instead of the public network to improve > performance. Use IPMP for the network failover. Sounds reasonable, but not an absolute requirement. So long as your NFS clients are primarily read-only and have sufficient RAM, you will not likely have a lot of NFS traffic. If you are doing extremely heavy writes or your public network is otherwise already heavily taxed this becomes more important. > - Reliability: I understand that NAS devices offer multiple heads or > data-movers to provide failure resilience. But if I use the database > server as the NFS Server then this becomes a moot point as if the > database server fails then the application will become unavailable > any way. If you only have a single database server, that is likely to be the weak link in all of this. If it is mission critical and that mission is, well, critical, you really should cluster your database server. Ideally it would be with RAC for quickest recovery time but failover clusters work too. If your database is clustered, you can also cluster the NFS service so that it can act as a failover service between servers. -- Mike Gerdts http://mgerdts.blogspot.com/ _______________________________________________ perf-discuss mailing list perf-discuss@opensolaris.org
