OCI Fleet Application Management for Oracle Base Database patching
Before you start please read this doc about how to do database patching and to know some of the recommendations.
Fleet Application Management provides centralised operations across your entire cloud footprint — enabling IT automation, resource management, and patch compliance at scale for any technology deployed on OCI.
Why do we need this service for patching database. ?
If you want to patch a single or couple of DB system you can do it via the OCI console. If you have multiple DB systems in different compartments then you have to write your own scripts using OCI cli ,API or SDK to make the job easy. If a job fails /succeed we will not get notification or you need to add those logic into your scripts as well.
Fleet application management can do all this for you and can tell whether your databases across the compartments in your tenancy are using latest patch or not to be compliant. Refer this doc for supported version and database edition .
To start using Fleet application Management you need your tenancy administrator to onboard this service which will create couple of dynamic groups and number of policies for the service to work.
Once FAM(Fleet Application Management) is onboarded you can start creating the Fleet.In this blog we are focusing on Database product but the steps will be more or less similar for other products as well.
Add the database resources you would like to patch
Enable Auto confirm to allow targets to be auto confirmed.
Set the notification topic to receive notifications. I have selected to receive notifications only for job failures and upcoming schedules.
After this step the validation and discovery will start for the resources added.Once succeeded it will be added to the targets list in the fleet.
If the Database resources are not using the latest patch the fleet will show as non-compliant.
Next Create a schedule for patching.If you click on Fix now it will schedule the patch in the next 15 mins. Its best to schedule during the non business hours if there will be some downtime during patching.
The time should be at least 15 mins ahead from the current UTC time.Add the Base database product fleets for which you want to apply the patch runbook.
Next you will select the default runbook .There are no runbook arguments for this .You can create the schedule after reviewing it.
You can see the status of the job either in the fleet page or navigate to Lifecycle management to see status of all jobs.
The below image shows patch job is in progress .Pre-check is completed and the Apply job is in progress. If pre-check fails it will abort the job. It will apply the latest patch .
The resources which are already compliant will be skipped.
You can see the work request for patching in the database page as well.
It will take an hour or less to complete. Once the job is successfully completed you will see the fleet as compliant and the database is upgraded to latest patch version.
Automation:
You can create fleet using Terraform,cli or API. You can find the terraform sample code in the github repo.
It will be useful to create multiple fleet one for dev environment and another for production environment. Apply the patch in dev fleet and make sure its working fine before proceeding to production or higher environment.
Pricing:
The first 25 resources are free . You can always check the OCI cost estimator for the latest pricing.
NOTE: As of now Database OS patching is not included in the Fleet Application Management for Base Database Service.
