romfast/ROMFASTSQL
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
dfc64ec632d35a3517b7cc22bd798baa028e91ee
ROMFASTSQL/oracle/standby-server-scripts/README.md
Marius d5bfc6b5c7 Add Oracle DR standby server scripts and Proxmox troubleshooting docs 
- Add comprehensive Oracle backup and DR strategy documentation
- Add RMAN backup scripts (full and incremental)
- Add PowerShell transfer scripts for DR site
- Add bash restore and verification scripts
- Reorganize Oracle documentation structure
- Add Proxmox troubleshooting guide for VM 201 HA errors and NFS storage issues

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-10-08 13:37:33 +03:00

446 lines
13 KiB
Markdown
Raw Blame History

# Oracle ROA - Disaster Recovery Setup
## Backup-Based DR: Windows PRIMARY (10.0.20.36) → Linux DR (10.0.20.37)
**Database:** ROA (Contabilitate)
**Strategie:** 4-Level Backup Protection
**RTO:** 45-75 minute
**RPO:** Max 1 zi (ultimul backup de la 02:00 AM)
---
## 📋 COMPONENTE SISTEM
### PRIMARY Server (10.0.20.36 - Windows)
- Oracle 19c SE2 database ROA (producție)
- RMAN backup zilnic la 02:00 AM (COMPRESSED)
- Transfer DR la 03:00 AM
- Copiere HDD extern la 21:00
### DR Server (10.0.20.37 - Linux LXC 109)
- Docker container: `oracle-standby`
- Oracle 19c instalat (database OPRIT până la dezastru)
- Primește backup-uri automat de pe PRIMARY
- Retenție: 1 backup (DOAR cel mai recent - relevant pentru contabilitate!)
---
## 🗂️ FIȘIERE ÎN ACEST DIRECTOR
| Fișier | Descriere | Folosit Pe |
|--------|-----------|------------|
| `01_rman_backup_upgraded.txt` | Script RMAN upgrade cu compression | PRIMARY (Windows) |
| `02_transfer_to_dr.ps1` | Script PowerShell transfer backups → DR | PRIMARY (Windows) |
| `03_setup_dr_transfer_task.ps1` | Setup Task Scheduler pentru transfer | PRIMARY (Windows) |
| `04_full_dr_restore.sh` | Script COMPLET restore pe DR (disaster recovery) | DR (Linux) |
| `05_test_restore_dr.sh` | Test restore LUNAR (verificare DR capability) | DR (Linux) |
| `06_quick_verify_backups.sh` | Verificare ZILNICĂ backup-uri (monitoring) | DR (Linux) |
| **OPȚIONAL - Incremental Backups (RPO îmbunătățit):** | | |
| `01b_rman_backup_incremental.txt` | Script RMAN incremental (midday) | PRIMARY (Windows) |
| `02b_transfer_incremental_to_dr.ps1` | Transfer incremental → DR | PRIMARY (Windows) |
| `03b_setup_incremental_tasks.ps1` | Setup tasks pentru incremental | PRIMARY (Windows) |
| **Documentație:** | | |
| `STRATEGIE_BACKUP_CONTABILITATE.md` | Documentație strategiei complete | Referință |
| `STRATEGIE_INCREMENTAL.md` | Backup incremental pentru RPO mai bun (OPȚIONAL) | Referință |
| `PLAN_BACKUP_DR_SIMPLE.md` | Plan tehnic detaliat original | Referință |
| `VERIFICARE_DR.md` | Ghid verificare și testare DR capability | Referință |
| `RATIONAL_RETENTIE.md` | Justificare REDUNDANCY 1 pentru contabilitate | Referință |
| `README.md` | Acest fișier - quick start guide | Referință |
---
## 🚀 SETUP RAPID (Quick Start)
### Pas 1: Setup SSH Keys (PRIMARY → DR)
```powershell
# Pe PRIMARY (10.0.20.36) - PowerShell ca Administrator
ssh-keygen -t rsa -b 4096 -f "$env:USERPROFILE\.ssh\id_rsa" -N '""'
# Afișează public key
Get-Content "$env:USERPROFILE\.ssh\id_rsa.pub"
# Copiază OUTPUT-ul
```
```bash
# Pe DR Server (10.0.20.37)
ssh root@10.0.20.37
# Adaugă cheia publică
mkdir -p /root/.ssh
chmod 700 /root/.ssh
nano /root/.ssh/authorized_keys
# PASTE cheia publică aici, save (Ctrl+X, Y, Enter)
chmod 600 /root/.ssh/authorized_keys
exit
```
```powershell
# Test conexiune (pe PRIMARY)
ssh -i "$env:USERPROFILE\.ssh\id_rsa" root@10.0.20.37 "echo 'SSH OK'"
# Ar trebui să vezi "SSH OK" FĂRĂ parolă!
```
---
### Pas 2: Upgrade Script RMAN Backup (PRIMARY)
```powershell
# Pe PRIMARY - backup scriptul vechi
Copy-Item "D:\rman_backup\rman_backup.txt" "D:\rman_backup\rman_backup.txt.backup_$(Get-Date -Format 'yyyyMMdd')"
# Copiază conținutul din 01_rman_backup_upgraded.txt
# în D:\rman_backup\rman_backup.txt
# SAU direct:
# Copy-Item "\\path\to\01_rman_backup_upgraded.txt" "D:\rman_backup\rman_backup.txt"
```
**Ce face upgrade-ul:**
- ✅ Adaugă compression → reduce de la 23GB la ~8GB
- ✅ Include ARCHIVELOG DELETE INPUT
- ✅ REDUNDANCY 1 (păstrează doar ultimul backup - relevant pentru contabilitate!)
- ✅ BACKUP VALIDATE (verificare integritate după backup)
- ✅ Parallelism 2 channels (mai rapid)
---
### Pas 3: Instalare Script Transfer (PRIMARY)
```powershell
# Creare director logs
New-Item -ItemType Directory -Force -Path "D:\rman_backup\logs"
# Copiere script
Copy-Item "\\path\to\02_transfer_to_dr.ps1" "D:\rman_backup\transfer_to_dr.ps1"
# Test manual
PowerShell -ExecutionPolicy Bypass -File "D:\rman_backup\transfer_to_dr.ps1"
```
---
### Pas 4: Setup Task Scheduler (PRIMARY)
```powershell
# Rulează scriptul de setup ca Administrator
PowerShell -ExecutionPolicy Bypass -File "\\path\to\03_setup_dr_transfer_task.ps1"
# SAU manual:
$action = New-ScheduledTaskAction -Execute "PowerShell.exe" `
-Argument "-ExecutionPolicy Bypass -File D:\rman_backup\transfer_to_dr.ps1"
$trigger = New-ScheduledTaskTrigger -Daily -At "03:00AM"
$principal = New-ScheduledTaskPrincipal -UserId "SYSTEM" `
-LogonType ServiceAccount -RunLevel Highest
Register-ScheduledTask -TaskName "Oracle_DR_Transfer" `
-Action $action -Trigger $trigger -Principal $principal
# Verificare
Get-ScheduledTask -TaskName "Oracle_DR_Transfer"
```
---
### Pas 5: Setup DR Server (Linux)
```bash
# Pe DR Server (10.0.20.37)
ssh root@10.0.20.37
# Directoare sunt deja create, verificare:
ls -la /opt/oracle/backups/primary/
ls -la /opt/oracle/scripts/dr/
ls -la /opt/oracle/logs/dr/
# Verificare container Docker
docker ps | grep oracle-standby
# Verificare Oracle software
docker exec -u oracle oracle-standby bash -c 'ls -la $ORACLE_HOME/bin/rman'
```
**Script-ul de restore (`04_full_dr_restore.sh`) e deja instalat pe DR!**
---
## 🔥 DISASTER RECOVERY - Procedură Urgență
### Când să activezi DR?
**✅ DA - Activează DR dacă:**
- PRIMARY server 10.0.20.36 NU răspunde >30 minute
- Oracle database corupt (nu se deschide)
- Crash disk C:\ sau D:\
- Ransomware / malware
**❌ NU - Nu activa DR pentru:**
- Probleme minore de performance
- User șters accidental câteva înregistrări
- Restart Windows sau maintenance
- Erori fixabile în <30 minute
---
### Procedură DR (60 minute)
```bash
# Conectare la DR server
ssh root@10.0.20.37
# IMPORTANT: Verifică că PRIMARY e CU ADEVĂRAT down!
ping -c 10 10.0.20.36
# Dacă răspunde → STOP! NU continua!
# Rulează script restore
/opt/oracle/scripts/dr/full_dr_restore.sh
# Monitorizează progres
tail -f /opt/oracle/logs/dr/restore_*.log
# După ~45-60 minute, verifică database e OPEN
docker exec -u oracle oracle-standby bash -c "
export ORACLE_SID=ROA
export ORACLE_HOME=/opt/oracle/product/19c/dbhome_1
\$ORACLE_HOME/bin/sqlplus / as sysdba <<< 'SELECT name, open_mode FROM v\$database;'
"
# Output așteptat:
# NAME OPEN_MODE
# --------- ----------
# ROA READ WRITE
```
**După restore:**
1. Update connection strings: `10.0.20.36:1521/ROA` `10.0.20.37:1521/ROA`
2. Notifică utilizatori
3. Test aplicații
4. Monitorizează performance
---
## 📊 ARHITECTURĂ FLOW
```
┌──────────────────────────────────────────────┐
│ PRIMARY 10.0.20.36 (Windows) │
│ │
│ 02:00 → RMAN Backup COMPRESSED │
│ └─ FRA: ~8GB (vs 23GB original) │
│ ↓ │
│ 21:00 → MareBackup (EXISTENT) │
│ └─ Copiere → E:\backup_roa\ │
│ ↓ │
│ 03:00 → Transfer DR (NOU) │
│ └─ SCP → 10.0.20.37 │
│ │
└──────────────────────────────────────────────┘
↓ SSH/SCP
┌──────────────────────────────────────────────┐
│ DR 10.0.20.37 (Linux LXC 109) │
│ Docker: oracle-standby │
│ │
│ /opt/oracle/backups/primary/ │
│ ├─ *.BKP (backup files) │
│ └─ Retenție: 1 backup (doar ultimul!) │
│ │
│ Database: OPRIT (pornit la dezastru) │
│ │
│ La disaster: │
│ → /opt/oracle/scripts/dr/full_dr_restore.sh│
│ → RTO: 45-75 minute │
│ → RPO: Max 1 zi │
│ │
└──────────────────────────────────────────────┘
```
---
## ✅ CHECKLIST IMPLEMENTARE
### Pre-Implementation
- [ ] Backup script RMAN vechi (`rman_backup.txt.backup_*`)
- [ ] Verificare spațiu disk PRIMARY (C:\, D:\, E:\)
- [ ] Verificare spațiu disk DR (`/opt/oracle` >50GB free)
- [ ] Container `oracle-standby` rulează pe DR
### Setup SSH (30 minute)
- [ ] Generare SSH keys pe PRIMARY
- [ ] Copiere public key pe DR
- [ ] Test conexiune passwordless
- [ ] Verificare firewall permite port 22
### PRIMARY Setup (20 minute)
- [ ] Upgrade `rman_backup.txt` (adaugă compression)
- [ ] Copiere `transfer_to_dr.ps1` în `D:\rman_backup\`
- [ ] Creare director `D:\rman_backup\logs\`
- [ ] Setup Task Scheduler (Oracle_DR_Transfer la 03:00 AM)
- [ ] Test manual transfer script
### DR Setup (10 minute)
- [ ] Verificare directoare (`/opt/oracle/backups/primary`)
- [ ] Script `full_dr_restore.sh` instalat
- [ ] Permissions corecte (oracle:dba)
- [ ] Container Oracle functional
### Testing (60 minute)
- [ ] Test manual RMAN backup (verifică compression)
- [ ] Test manual transfer (verifică backup-uri ajung pe DR)
- [ ] Verificare logs transfer (fără erori)
- [ ] Test restore pe DR (OPȚIONAL dar RECOMANDAT!)
### Go-Live
- [ ] Monitorizare 3 nopți consecutive
- [ ] Review logs zilnic
- [ ] Documentare issues
- [ ] Update documentație
---
## 📈 MONITORING
### Daily Checks (5 minute)
```powershell
# Pe PRIMARY - quick health check
# Check 1: Ultimul backup
$lastBackup = Get-ChildItem "C:\Users\Oracle\recovery_area\ROA\BACKUPSET" -Recurse -File |
Sort-Object LastWriteTime -Descending | Select-Object -First 1
$age = (Get-Date) - $lastBackup.LastWriteTime
Write-Host "Last backup: $($age.Hours) hours ago"
# Check 2: Transfer log
Get-Content "D:\rman_backup\logs\transfer_*.log" | Select-String "completed successfully" | Select-Object -Last 1
# Check 3: Disk space
Get-PSDrive C,D,E | Format-Table Name, @{L="Free(GB)";E={[math]::Round($_.Free/1GB,1)}}
```
```bash
# Pe DR - săptămânal
ssh root@10.0.20.37 "ls -lth /opt/oracle/backups/primary/*.BKP | head -5"
```
### Weekly Checks (10 minute)
```bash
# Pe DR - verificare status backup-uri
ssh root@10.0.20.37 "/opt/oracle/scripts/dr/06_quick_verify_backups.sh"
```
### Monthly Tasks (OBLIGATORIU!)
**Prima Duminică a lunii - TEST RESTORE complet:**
```bash
# Pe DR - test restore (durează 45-75 min)
ssh root@10.0.20.37
/opt/oracle/scripts/dr/05_test_restore_dr.sh
# Verifică raport
cat /opt/oracle/logs/dr/test_report_$(date +%Y%m%d).txt
```
- **Review:** Metrics, logs, disk space, RTO
- **Update:** Documentație dacă e necesar
- **Notifică:** Management despre rezultat test
---
## 🐛 TROUBLESHOOTING
### "Transfer failed - SSH connection refused"
```powershell
# Test conexiune
ping 10.0.20.37
ssh -v -i "$env:USERPROFILE\.ssh\id_rsa" root@10.0.20.37 "echo OK"
```
**Soluții:**
- Verifică DR server pornit
- Check firewall (port 22)
- Regenerare SSH keys
---
### "RMAN backup failed"
```sql
-- Pe PRIMARY
sqlplus / as sysdba
-- Check FRA usage
SELECT * FROM v$recovery_area_usage;
-- Cleanup manual
RMAN> DELETE NOPROMPT OBSOLETE;
```
**Soluții:**
- Disk plin → cleanup old backups
- FRA quota exceeded → increase size
- Oracle process crash → restart database
---
### "Restore failed on DR"
```bash
# Check backup files integrity
md5sum /opt/oracle/backups/primary/*.BKP
# Check container logs
docker logs oracle-standby --tail 100
# Check Oracle alert log
docker exec oracle-standby tail -100 /opt/oracle/diag/rdbms/roa/ROA/trace/alert_ROA.log
```
---
## 📞 SUPPORT
### Log Locations
| Tip | Location |
|-----|----------|
| **RMAN Backup** | Oracle Alert Log |
| **Transfer DR** | `D:\rman_backup\logs\transfer_YYYYMMDD.log` |
| **Restore DR** | `/opt/oracle/logs/dr/restore_*.log` |
| **Task Scheduler** | Event Viewer > Task Scheduler |
### Escalation
| Severity | Response Time | Action |
|----------|---------------|--------|
| **P1 - PRIMARY Down** | Immediate | Activate DR |
| **P2 - Backup Failed** | 2 hours | Retry manual |
| **P3 - Transfer Failed** | 4 hours | Retry next night |
---
## 📚 DOCUMENTAȚIE COMPLETĂ
Pentru detalii tehnice complete, vezi:
- **`STRATEGIE_BACKUP_CONTABILITATE.md`** - Strategia completă 4-level protection
- **`PLAN_BACKUP_DR_SIMPLE.md`** - Plan tehnic detaliat original
---
## ✨ NEXT STEPS
1. **Citește acest README complet**
2. **Urmează CHECKLIST IMPLEMENTARE** (secțiunea de mai sus)
3. **Test manual** toate componentele
4. **Monitorizare** primele 3 zile după activare
5. **Schedule primul test restore** lunar (obligatoriu!)
---
**Ultima actualizare:** 2025-10-07
**Status:** Production Ready
**Versiune:** 1.0
Reference in New Issue View Git Blame Copy Permalink