Multitenant Architecture---PDB與CDB

時間 2019-12-11

標籤 multitenant architecture pdb cdb 简体版

原文原文鏈接

1、多租戶框架

多租戶技術（英語：multi-tenancy technology）或稱多重租賃技術，是一種軟件架構技術，它是在探討與實現如何於多用戶的環境下共用相同的系統或程序組件，而且仍可確保各用戶間數據的隔離性。

1.1CDB與PDB

多租戶技術（英語：multi-tenancy technology）或稱多重租賃技術，是一種軟件架構技術，它是在探討與實現如何於多用戶的環境下共用相同的系統或程序組件，而且仍可確保各用戶間數據的隔離性。php

Oracle 12c Multitenant Architecture多租戶框架最重要的2個概念是容器數據庫（CDB,multitenant container database）和可熱插拔數據庫（pluggable databases，PDB）。能夠把CDB想象成一個大的容器，這個大的容器在物理上是一個總體，在這個大的容器中還有一些小的容器PDB。容器的目的是將Oracle固有元數據和用戶數據（包括用戶元數據）隔離。數據庫

The multitenant architecture enables an Oracle database to function as a multitenant container database (CDB) that includes zero, one, or many customer-created pluggable databases (PDBs). A PDB is a portable collection of schemas, schema objects, and nonschema objects that appears to an Oracle Net client as a non-CDB.api

CDB(容器數據庫) :安全

其實就是咱們之前的數據庫，只是它被分紅了幾部分，每一部分（即PDB）都能做爲一個總體（數據庫）對外獨立提供服務，就像多個之前傳統的非容器數據庫。服務器

PDB(可插拔式數據庫):架構

一系列Schema的集合，從用戶和應用看來是一個邏輯上獨立的數據庫。可是在物理角度上，實例和全部數據庫文件都是屬於容器數據庫(CDB)的。oracle

Container Database (CDB) : app

On the surface this seems very similar to a conventional Oracle database, as it contains most of the working parts you will be already familiar with (controlfiles, datafiles, undo, tempfiles, redo logs etc.). It also houses the data dictionary for those objects that are owned by the root container and those that are visible to all PDBs.框架

Pluggable Database (PDB) : less

Since the CDB contains most of the working parts for the database, the PDB only needs to contain information specific to itself. It does not need to worry about controlfiles, redo logs and undo etc. Instead it is just made up of datafiles and tempfiles to handle it's own objects. This includes it's own data dictionary, containing information about only those objects that are specific to the PDB.

1.2和傳統非容器數據庫的對比

使用

CREATE DATABASE ... ENABLE PLUGGABLE DATABASE

能夠建立一個新的CDB. 若是不帶 ENABLE PLUGGABLE DATABASE, 則新建立的數據庫爲非容器數據庫(non-CDB )，不能包含PDB。咱們將容器數據庫和傳統的非容器數據庫放在同一個server上比對，很容易歸納出Oracle公司即將推出的Oracle 12c容器數據庫和可插拔式數據庫的基本架構。

從文件角度：

圖示PDBA、PDBB、PDBC、CDB1和NDB。其中PDBA、PDBB、PDBC均屬於容器數據庫CDB1的可插拔式數據庫，NDB則爲傳統的非容器數據庫。因此也能夠這樣描述：只有兩個數據庫CDB1和NDB保存在存儲設備上。

從實例角度：

在圖示服務器節點上，運行着兩個實例，對應的數據庫分別是CDB1和NDB。能夠清楚地看到只有容器數據庫和非容器數據庫纔有對應的實例，可插拔式數據庫PDBA、PDBB和PDBC共用容器數據庫的實例，並無自身對應的實例。

從服務角度：

傳統的非容器數據庫能夠經過實例名或服務名連接，可是可插拔式數據庫只能經過服務名連接。至於容器數據庫，就像一個非容器數據庫同樣，一樣能夠經過實例名或服務名連接。

2、CDB中的container

2.1三種容器類型

一個容器數據庫CDB含有3種類型的容器（以下圖所示）

一、 ROOT容器, CDB$ROOT，有且只有一個。包含元數據信息和Common User(在各個容器內都有效的用戶，好比sys)，

二、 SEED容器, PDB$SEED，有且只有一個。它就是一個模板，新的PDB能夠基於這個模板進行建立

三、 PDB容器， 0~n個，也是最重要的，包含用戶數據，咱們的建立的表就放在這裏。

Exactly one root

The root stores Oracle-supplied metadata and common users. An example of metadata is the source code for Oracle-supplied PL/SQL packages (see "Data Dictionary Architecture in a CDB"). A common user is a database user known in every container (see "Common Users in a CDB"). The root container is named CDB$ROOT.

Exactly one seed PDB

The seed PDB is a system-supplied template that the CDB can use to create new PDBs. The seed PDB is named PDB$SEED. You cannot add or modify objects in PDB$SEED.Since the bulk of the working parts are already present in the root container, creating a new PDB is a comparatively quick and simple task. When creating a completely new PDP, the PDB is created as a copy of a seed PDB, so it only takes as long as the files take to copy.

Zero or more user-created PDBs

A PDB is a user-created entity that contains the data and code required for a specific set of features. For example, a PDB can support a specific application, such as a human resources or sales application. No PDBs exist at creation of the CDB. You add PDBs based on your business requirements.

2.2三種容器類型的進一步解釋：

Seed是生成PDB的模板。能夠經過直接複製Seed快速建立PDB

每一個容器裏都包含一個SYSTEM表空間保存數據字典信息：

1. 在Root容器中的SYSTEM數據字典裏只保存Oracle固有元數據（只針對Oracle提供的對象，好比DBMS_%的包等等）。

2. 在每一個可插拔式數據庫（容器）中的SYSTEM數據字典只保存用戶在可插拔式數據庫建立的對象的元數據。

如圖所示，EMP和DEPT表的數據字典信息只保存在可插拔式數據庫的OBJ$和TAB$裏，Root容器中的OBJ$和TAB$裏並無EMP和DEPT表的相關信息。無論一個容器數據庫裏有多少個可插拔式數據庫，物理上的數據庫只有一個，可是它的SYSTEM表空間確有許多個，數量等於可插拔式數據庫的數量加一（Root容器的SYSTEM表空間）。

如上圖，邏輯層，包含一個Root,一個Seed,兩個PDB.不一樣的應用使用不一樣的PDB.不一樣的PDB 管理員管理各自的PDB.而整個CDB的Common User(好比sys)能夠管理整個CDB包含的全部的Container。而在物理層，只對應一個數據庫實例。

3、多租戶（Multitenant）的實現對比

3.1.獨立數據庫

這是第一種方案，即一個租戶一個數據庫，這種方案的用戶數據隔離級別最高，安全性最好，但成本也高。

優勢：

爲不一樣的租戶提供獨立的數據庫，有助於簡化數據模型的擴展設計，知足不一樣租戶的獨特需求；若是出現故障，恢復數據比較簡單。

缺點：

一個客戶、一套數據、一套部署。增大了數據庫的安裝數量，隨之帶來維護成本和購置成本的增長。若是面對的是銀行、醫院等須要很是高數據隔離級別的租戶，能夠選擇這種模式，不然這種方案通常來講是沒法承受的。

3.2. 共享數據庫、獨立 Schema

這是第二種方案，即多個或全部租戶共享Database，但一個Tenant一個Schema。(下圖的上半部分)

優勢：

爲安全性要求較高的租戶提供了必定程度的邏輯數據隔離，並非徹底隔離；每一個數據庫能夠支持更多的租戶數量。

缺點：

若是出現故障，數據恢復比較困難，由於恢復數據庫將牽扯到其餘租戶的數據；若是須要跨租戶統計數據，存在必定困難。管理、安全性、數據遷移都有困難。

所以就發生了以下的變化

3.3不一樣的PDB

好處：

整合多個小系統的數據庫
統一管理，物理上共用REDO和UNDO;
節省成本
數據便捷移動
易於遷移
易於應用測試
便於物理數據庫的管理和監控
PDB級別的數據恢復、隔離
減小數據庫管理任務
Oracle Database Resource Manager
統一備份、統一升級
職權分離
最適合大的數據中心項目

Cost reduction

By consolidating hardware and sharing database memory and files, you reduce costs for hardware, storage, availability, and labor. For example, 100 PDBs on a single server share one database instance and one set of database files, thereby requiring less hardware and fewer personnel.

Easier and more rapid movement of data and code

By design, you can quickly plug a PDB into a CDB, unplug the PDB from the CDB, and then plug this PDB into a different CDB. The implementation technique for plugging and unplugging is similar to the transportable tablespace technique.

Easier management and monitoring of the physical database

The CDB administrator can attend to one physical database (one set of files and one set of database instances) rather than split attention among dozens or hundreds of non-CDBs. Backup strategies and disaster recovery are simplified.

Separation of data and code

Although consolidated into a single physical database, PDBs mimic the behavior of non-CDBs. For example, if user error loses critical data, a PDB administrator can use Oracle Flashback or point-in-time recovery to retrieve the lost data without affecting other PDBs.

Secure separation of administrative duties

A user account is common, which means that it can connect to any container on which it has privileges, or local, which means that it is restricted to a specific PDB. A CDB administrator can use a common user account to manage the CDB. A PDB administrator uses a local account to manage an individual PDB. Because a privilege is contained within the container in which it is granted, a local user on one PDB does not have privileges on other PDBs within the same CDB.

Ease of performance tuning

It is easier to collect performance metrics for a single database than for multiple databases. It is easier to size one SGA than 100 SGAs.

Support for Oracle Database Resource Manager

In a multitenant environment, one concern is contention for system resources among the PDBs running on the same computer. Another concern is limiting resource usage for more consistent, predictable performance. To address such resource contention, usage, and monitoring issues, you can use Oracle Database Resource Manager (see "Database Resource Manager").

Fewer database patches and upgrades

It is easier to apply a patch to one database than to 100 databases, and to upgrade one database than to upgrade 100 databases.

The multitenant architecture has benefits beyond database consolidation. These benefits derive from storing the data and data dictionary metadata specific to a PDB in the PDB itself rather than storing all dictionary metadata in one place. By storing its own dictionary metadata, a PDB becomes easier to manage as a distinct unit, even when only one PDB resides in a CDB.

Benefits of data dictionary separation include the following:

Easier migration of data and code

For example, instead of upgrading a CDB from one database release to another, you can unplug a PDB from the existing CDB, and then plug it into a newly created CDB from a higher release.

Easier testing of applications

You can develop an application on a test PDB and, when it is ready for deployment, plug this PDB into the production CDB.

4、舉例

圖片上展現的是一個容器數據庫，其內包含4個容器：Root容器和三個可插拔式數據庫。不一樣應用App一、App2和App3使用不一樣的不一樣PDB，每一個可插拔式數據庫爲特定應用提供數據。經過將非容器數據庫做爲可插拔式數據庫「插入」容器數據庫，很容易實現數據集中，實現對多個數據庫的合一管理，從而提升服務器的資源利用效率。三個應用所使用的數據庫它們既能夠被三個不一樣的DBA管理也可以由一個容器數據庫DBA統一管理，即用戶SYS。用戶SYS在這種架構中是典型的「通用」用戶，SYS能夠登陸在所有4個容器上，而且具有SYSDBA權限。通過有效的整合，這樣能夠減小成本、下降管理的複雜度。

在一個容器數據庫內的可插拔式數據庫共享後臺進程、SGA和數據字典。容器數據庫避免瞭如下結構沒必要要的冗餘：後臺進程、內存、數據字典內的元數據

同時App一、App2和App3具有各自的數據文件。不一樣應用對於不一樣PDB數據庫內容進行分別管理，可插拔式數據庫也擁有各自獨立的數據字典以及各自獨立的用戶（應用）數據，又保障了應用之間所需的獨立性與安全性。