Oracle RAC Scan Listener Status Test
Oracle RAC 11g release 2 introduces the Single Client Access Name (SCAN), which provides a single name for clients to access Oracle Databases running in a cluster and simplify the database connection strings that an Oracle Client uses to connect.
Without SCAN, till Oracle Clusterware 11g release 1, every client and server that participated in the RAC environment needed to have a tnsnames.ora file, which contains a single entry for every node in the cluster. This meant that, whenever the cluster configuration changes - say, a node is added/removed from the cluster - the tnsnames.ora file of every client had to be updated with this change. SCAN on the other hand, completely eliminates the need for these edits! In short, with SCAN, clients can access any database in the cluster, independent of the number of databases or servers running in the cluster, or the server(s) on which the requested database is actually active.
The RAC components that play a crucial role in SCAN are as follows:
-
SCAN VIP: SCAN VIPs are physical IP addresses that you allocate to a SCAN listener.
-
SCAN Listener: SCAN Listener is an Oracle RAC component, which starts running a service on the port [default 1521] using IP address assigned to SCAN VIPs. The name that is given to a SCAN Listener is referred as SCAN name, which should be registered in DNS server.
-
Node VIP: Each node in the RAC cluster has its own node VIP. It is a high availability resource of RAC that enables a client to initially connect to the database service on its node or to fail over to another cluster node and advise that its node is down.
SCAN listeners can run on any node in the cluster. Typically, each cluster will have a minimum of 1 and a maximum of 3 SCAN listeners, regardless of the number of nodes in the cluster. Three SCAN listeners are recommended considering load balancing and high availability requirements. A SCAN listener can be started only when the SCAN VIPs are online. The root.sh script automatically configures the SCAN VIPs and SCAN listeners. When the root.sh is run on the first node, all 3 scan IPs are plugged on to the first node’s public interface. The SCAN/VIP combination will failover to another node in the cluster, if the current node fails. Likewise, SCAN also load balances across the instances providing a service, by selecting and routing requests to the least loaded node. Also, if a single SCAN listener IP stops running on a node, connection requests will automatically failover to another SCAN listener IP address on that node.
This means that, if all SCAN listeners in a cluster are down or are not enabled, then users will not be able to connect to the database service. To avoid this, administrators must track the status of each SCAN listener in an RAC cluster, promptly identify the listener that is down, and quickly start it. This can be achieved using the Oracle RAC SCAN Listener Status test! This test auto-discovers the SCAN listeners in a target cluster, and reports the status of each listener. In the process, the test alerts administrators to listeners that are not enabled or are not running. Detailed diagnostics point administrators to the exact node on which the failure has occurred, thereby easing troubleshooting.
Note:
This test is applicable for Oracle Clusters with Multi-tenancy i.e., CDB(Container Database) and PDB (Pluggable Database) configuration.
Target of the test : Oracle RAC
Agent deploying the test : An internal agent
Outputs of the test : One set of results for every SCAN listener.
| Parameter | Description |
|---|---|
|
Test Period |
How often should the test be executed. |
|
Host |
The host for which the test is to be configured. |
|
Port |
The port on which the server is listening. |
|
SCAN Name |
SCAN stands for Single Client Access Name, it is a feature used in Oracle RAC environments that provide a single name for clients to access any Oracle Database running in the cluster. You can provide SCAN as an alternative to IP/Host Name. If this parameter value is provided, it will be used for connectivity otherwise IP/Hostname will be used. |
|
ORASID |
The variable name of the oracle instance. |
|
Service Name |
A Service Name exists for the entire Oracle RAC system. When clients connect to an Oracle cluster using the Service Name, then the cluster routes the request to any available database instance in the cluster. By default, the Service Name is set to none. In this case, the test connects to the cluster using the ORASID and pulls out the metrics from that database instance which corresponds to that ORASID. If a valid Service Name is specified instead, then, the test will connect to the cluster using that Service Name, and will be able to pull out metrics from any available database instance in the cluster. To know the Service Name of a cluster, execute the following query on any node in the target cluster: select name, value from v$parameter where name =’service_names’ |
|
User |
In order to monitor an Oracle database server, a special database user account has to be created in every Oracle database instance that requires monitoring. A Click here hyperlink is available in the test configuration page, using which a new oracle database user can be created. Alternatively, you can manually create the special database user. When doing so, ensure that this user is vested with the select_catalog_role and create session privileges. The sample script we recommend for user creation (in Oracle database server versions before 12c) for eG monitoring is: create user oraeg identified by oraeg ; create role oratest; grant create session to oratest; grant select_catalog_role to oratest; grant oratest to oraeg; The sample script we recommend for user creation (in Oracle database server 12c) for eG monitoring is: alter session set container=<Oracle_service_name>; create user <user_name>identified by <user_password> container=current default tablespace <name_of_default_tablespace> temporary tablespace <name_of_temporary_tablespace>; Grant create session to <user_name>; Grant select_catalog_role to <user_name>; The name of this user has to be specified here. |
|
Password |
Password of the specified database user |
|
Confirm Password |
Confirm the password by retyping it here. |
|
SSL |
By default, this flag is set to No, as the target Oracle cluster is not SSL-enabled by default. If the target cluster is SSL-enabled, then set this flag to Yes. |
|
SSL Cipher |
This parameter is applicable only if the target Oracle Cluster is SSL-enabled, if not, set this parameter to none. A cipher suite is a set of cryptographic algorithms that are used before a client application and server exchange information over an SSL/TLS connection. It consist of sets of instructions on how to secure a network through SSL (Secure Sockets Layer) or TLS (Transport Layer Security). In this text box, provide a comma-seperated list of cipher suites that are allowed for SSL/TLS connection to the target cluster. By default, this parameter is set to none. |
|
Truststore File |
- This parameter is applicable only if the target Oracle Cluster is SSL-enabled, if not, set this parameter to none. TrustStore is used to store certificates from Certified Authorities (CA) that verify and authenticate the certificate presented by the server in an SSL connection. Therefore, the eG agent should have access to the truststore where the certificates are stored to authenticate and connect with the target cluster and collect metrics. For this, first import the certificates into the following default location <eG_INSTALL_DIR>/lib/security/mytruststore.jks. To know how to import the certificate into the truststore, refer toPre-requisites for monitoring Oracle Cluster. Then, provide the truststore file name in this text box. For example: mytruststore.jks. By default, none is specified against this text box. |
|
Truststore Type |
-This parameter is applicable only if the target Oracle Cluster is SSL-enabled, if not, set this parameter to none.Specify the type of truststore that contains the certificates for server authentication in this text box. For eg.,JKS. By default, this parameter is set to the value none. |
|
Truststore Password |
-This parameter is applicable only if the target Oracle Cluster is SSL-enabled, if not, set this parameter to none. If a Truststore File name is provided, then, in this text box, provide the password that is used to obtain the associated certificate details from the Truststore File. By default, this parameter is set to none. |
|
Keystore File |
This parameter is applicable only if the target Oracle Cluster is SSL-enabled, if not, set this parameter to none. Keystore contains the private keys for the certificates that the client can provide to the server upon request. eG agent requires access to the keystore where client certificate is stored to send that to the server so that the server validates the certificate against the one contained in its trustore. For this purpose, first create the client certificate in the following default location EG_INSTALL_DIR/jre/lib/security/mykeystore.jks. Then, provide the keystore file name in this text box. For example: mykeystore.jks. By default, none is specified against this text box. |
|
Keystore Password |
This parameter is applicable only if the target Oracle Cluster is SSL-enabled, if not, set this parameter to none. If a Keystore File name or file path is provided, then, in this text box, provide the password that is used to obtain the associated certificate details from the Keystore File. |
|
Confirm Password |
Confirm the Password for Keystore by retyping it here. |
|
Detailed Diagnosis |
To make diagnosis more efficient and accurate, the eG Enterprise embeds an optional detailed diagnostic capability. With this capability, the eG agents can be configured to run detailed, more elaborate tests as and when specific problems are detected. To enable the detailed diagnosis capability of this test for a particular server, choose the On option. To disable the capability, click on the Off option. The option to selectively enable/disable the detailed diagnosis capability will be available only if the following conditions are fulfilled:
|
| Measurement | Description | Measurement Unit | Interpretation | ||||||
|---|---|---|---|---|---|---|---|---|---|
|
Is listener enabled? |
Indicates whether this SCAN listener is enabled or not. |
|
The values that is measure reports and their corresponding numeric values are listed in the table below:
Note: This measure reports the Measure Values listed in the table above to indicate whether/not a listener is enabled. In the graph of this measure however, the same is indicated using the numeric equivalents only. If this measure reports the value No for a listener, then use the following command to enable that listener: srvctl enable scan_listener [-i ordinal_number] Example: srvctl enable scan_listener -i 2 Also, check whether the SCAN VIP is available in the corresponding node. |
||||||
|
Is listener running? |
Indicates whether/not this SCAN listener is currently running. |
|
The values that is measure reports and their corresponding numeric values are listed in the table below:
Note: This measure reports the Measure Values listed in the table above to indicate whether/not a listener is running. In the graph of this measure however, the same is indicated using the numeric equivalents only. If this measure reports the value No for a listener, then use the detailed diagnosis of the measure to quickly identify the node on which the listener is not running. |
||||||
|
Listener count |
Indicates the number of listeners that are successfully running in the cluster. |
Number |
This measure is reported only for the Summary descriptor. |
