talk it_ oracle_임기성_110907
DESCRIPTION
TRANSCRIPT
<Insert Picture Here>
Introducing Oracle Unified Directory 11g
<Insert Picture Here>
Agenda
• Changing Landscape
• Introducing Oracle Unified Directory
• Interoperability and Upgrade
• Comparison and Contrast
• Summary
• Q&A
2
Directory Landscape Is Changing
Identity as a Service
Cloud Applications
Mobile Access
Personalization
Social Networking
Federated Sign-on Scale
Performance
3
Demand for Write Operations is Increasing
Host Access
Enterprise/
Extranet
Cloud and
Social
NetworkingMobile
Reads:70%
Writes:30%
Reads:60%
Writes:40%
Reads:80%
Writes:20%
Reads:90%
Writes:10%
“Percentage of Writes Increasing”
• Personalization data
• Location data
• Mobile applications
Thousands
Millions
Billions
10s Billions
“Read Performance Still Important”
• Billions of users and devices
• Millions of operations per second
• Elastic growth
4
A Trend Towards Unification
Virtual
SynchStorage
Corporate
LDAP
Extranet
LDAP
Customer
LDAP
LOB
More Directory Convergence• More RFP’s Require Integrated Capability
• Expansion Shared Services vs. LOB IT
• Compliance and Security Requirements
“Convergence drives Unification”• Lower TCO
• Lower Administration Effort
• Improved User Experience
Employees/Partners/Customers
Business Affiliates/Subsidiaries
5
Introducing Oracle Unified Directory 11g
Extreme Scale
Next Generation
Integrated and Interoperable
• Scale to 10’s of Billions
• Convergence of directories
• Integrated with ODSM for
configuration and Enterprise
Manager
• Inter-operable with all certified
ODSEE ISV software
• Integrated with ODS+
Optimized for cloud, mobile and social
6
Extreme Scale
Synch
Proxy
3XRead
Performance
5XWrite
Performance
Compared to ODSEE
Oracle
Unified
Directory
• Built on OpenDS
• Convergence of directories
• Advanced Replication
• Flexible Deployment
• Horizontal data vs. Monolithic
data scale approach
Highlights
Will continue to enhance and maintain existing directory offerings
• Directory Server
• Proxy Server
• Replication Server
Core Components
7
Next Generation
Unified Directory
Mobile Devices
Social
Application
Location Based
Application
8
Interoperable and Compatible
• Fully Compatible With
ODSEE
• Bi-directional replication
with ODSEE
• Run mixed OUD and DSEE
environment
• Zero down time upgrade
from ODSEE to OUD
Simplified Deployment
OUD
Replication
Topology
ODSEE
Replication
Topology
OUD Directory Server 1
OUD Directory Server 2
ODSEE Directory Server 1
ODSEE Directory Server 2
OUD Replication Gateway
OUD Replication Gateway
9
OUD is Included in ODS Plus Suite
• Oracle Internet Directory
• Oracle Unified Directory
• Oracle Virtual Directory
• Oracle Directory Server Enterprise Edition
ODSEE OVD
OIDOUD
• New Architecture
Industry first 100 % Java
directory service solution
• New Scale Approach
Horizontal vs. Monolithic data
scale approach
• Certification
Will be certified with Oracle
technology that requires OID
ODS +
ODS Plus Customers get OUD included in license
10
Oracle Unified Directory 11gR1
• Core directory functions
• A directory server, equivalent of DSEE directory server
• A directory proxy server for fail-over, load-balancing, data distribution and
security
• Dedicated replication server and replication gateway modes
• Full compatibility with ODSEE
• What works with ODSEE will work with OUD
• Replication gateway for ODSEE and OUD co-existence
• Complete Java directory services solution with OVD and DIP
• OVD for identity virtualization
• Directory Integration platform (DIP) for synchronization
• OUD is a J2SE app that runs in a JVM which does not require a J2EE
container
11
Oracle Unified Directory 11gR1
• Elastic scalability
• Global index for high performance and data distribution
• Advanced replication
• Fractional replication, priority replication, and assured replication
• Flexible deployment options
• Multiple algorithms for proxy load-balancing
• Proportional, saturation, failover, optimal
• Multiple algorithms for proxy data distribution/ partition
• Numeric, lexicographic, DN pattern, and capacity based
• ODSM Admin UI
• J2EE app that is certified for WLS
• Enterprise Manager Grid Control monitoring
• Certified as identity store for IDM product as well as FMW through
OPSS
12
Deployment in two Data Centers with
DS and Proxy
13
Deployment in two Data Centers with
Distribution DS and Proxy with Global
Index
14
Architecture
Oracle Unified Directory
Naming Context
Directory Service
Front End
Local
Back-End
Load Balancing
Distribution
Local DB backend
Schema BE
Protocol Handling
(LDAP, LDAPS, JMX, …)
Provide access to…
Naming Context, request filtering policy, resource limits
List of accessible
naming context
Distribution
algorithms
Proxy
(Load-balancing algorithms)
Default data store
(Oracle BDB JE, ACID)
15
Zero Down-time Upgrade
• Follow the documented upgrade process
Upgrade to ODSEE 11gR1
• Each Server can be done one at a time
Upgrade ODSEE Servers to OUD
• Use the built in OUD replication gateway
Replication between OUD and ODSEE
• Upgrade with Zero down-time
Continue Upgrading Additional Servers
16
Upgrade from DSEE 5.2 to OUDDSEE5.2 to OUD
DSEE 11gR1
DS Master 3
DSEE 11gR1
DS Master 4
DSEE 11gR1
DS Master 1
DSEE 11gR1
DS Master 2
DSEE 11gR1
DSEE 5.2
DS Master 3
DSEE 5.2
DS Master 4
DSEE 5.2
DS Master 1
DSEE 5.2
DS Master 2
Initial deployment
• All masters are upgraded to ODSEE 11gR1
• Change password policy from old 5.2 compatibility mode to 11gR1 mode
17
Upgrade from DSEE 5.2 to OUDDSEE5.2 to OUD
DSEE 11gR1
DS Master 3
DSEE 11gR1
DS Master 4
DSEE 11gR1
DS Master 1
DSEE 11gR1
DS Master 2
DSEE 11gR1
OUD Replication
Server 1
OUD Directory Server 1
OUD Replication
Server 2OUD
Directory Server 2
• Install an OUD topology
• Initialize OUD topology by exporting data from ODSEE 11gR1 and importing in
OUD
OUD topology
18
Upgrade from DSEE 5.2 to OUDDSEE5.2 to OUD
DSEE 11gR1
DS Master 3
DSEE 11gR1
DS Master 4
DSEE 11gR1
DS Master 1
DSEE 11gR1
DS Master 2
DSEE 11gR1
OUD Replication
Server 1
OUD Directory Server 1
OUD Replication
Server 2OUD
Directory Server 2
OUD Replication Gateway
OUD Replication Gateway
• Install Replication Gateway
OUD topology
19
Upgrade from DSEE 6.x/7.0 to OUDDSEE 6.x/7.0 to OUD
DSEE 11gR1
DS Master 3
DSEE 11gR1
DS Master 4
DSEE 6.x/7.0 DS Master 1
DSEE 6.x/7.0
DS Master 2
DSEE6.x/7.0 &
DSEE 11gR1
DSEE 6.x/7.0
DS Master 3
DSEE 6.x/7.0
DS Master 4
DSEE 6.x/7.0
DS Master 1
DSEE 6.x/7.0
DS Master 2
Initial deployment
• Master 3, 4 are upgraded to ODSEE 11gR1
• Change password policy from old 6.x/7.0 compatibility mode to 11gR1 mode
20
Upgrade from DSEE 6.x/7.0 to OUDDSEE 6.x/7.0 to OUD
DSEE 11gR1
DS Master 3
DSEE 11gR1
DS Master 4
DSEE 6.x/7.0 DS Master 1
DSEE 6.x/7.0
DS Master 2
OUD Replication
Server 1
OUD Directory Server 1
OUD Replication
Server 2OUD
Directory Server 2
• Install an OUD topology
• Initialize OUD topology by exporting data from ODSEE 11gR1 and importing in
OUD
OUD topologyDSEE6.x/7.0 &
DSEE 11gR1
21
Upgrade from DSEE 6.x/7.0 to OUDDSEE 6.x/7.0 to OUD
DSEE 11gR1
DS Master 3
DSEE 11gR1
DS Master 4
DSEE 6.x/7.0 DS Master 1
DSEE 6.x/7.0
DS Master 2
OUD Replication
Server 1
OUD Directory Server 1
OUD Replication
Server 2OUD
Directory Server 2
OUD Replication Gateway
OUD Replication Gateway
• Install Replication Gateway
OUD topologyDSEE6.x/7.0 &
DSEE 11gR1
22
Comparing OUD to Existing Oracle Directories
Oracle Virtual Directory
Oracle Internet Directory
Oracle Directory Server Enterprise
Edition
• Embedded Berkley
DB vs. external
Oracle DB
• Horizontal partition
vs. monolithic
• Will certify with all
technologies requiring
OID
• Not a substitute for
OVD
• Works with OVD
• OUD provides better
performance 5x write
and 3x read
• OUD provides elastic
scale
• OUD provides better
administration ODSM
23
Summary
• Extreme Scale
• Next Generation
• Integrated and Inter-operable
• Market demands higher scale
• 5x Write Performance
• 3x Read Performance
• Elastic scalability
• Unified Directory reduces TCO
• Lower admin cost
• Lower deployment cost
24
