Perform Prerequisites for Patching
Here's information on the required prerequisites to correctly configure and set up your Oracle Cloud environment to be able to use Observability and Management Patching.
General Prerequisites
The following is a list of general prerequisites required in order to successfully perform patch operations.Currently only External Databases running on on-premise or Oracle Cloud Infrastructure Virtual Machines on Linux operating system are supported.
- Install the Management Agent, the Oracle Cloud Infrastructure Management Agent service enables the communication and data collection between Database Management and an External Database.
For information on how to install Management Agents, see Install Management Agents.
- Create a DBLM directory under
/opt/oracle/dblmfor all hosts containing databases to be patched. Set the directory permission as750, and set the ownership to the Management Agent user and its primary group.This directory will contain all the script execution results.
The patching scripts will be copied into this directory for execution.
- A new Patch user must be created in all the hosts where the database to be patched is installed.
Note
For RAC databases the Patch user must have password-less SSH equivalence. This is required when executing scripts on RAC nodes where the Management Agent is not running. For more information see: About Passwordless SSH Configuration. - The Patch user's primary group must be same as Oracle Home owner's primary group.
- The Patch user must be added to Management Agent user's primary group.
- The Management Agent user must be added to Oracle Home owner's primary group.
- The Oracle Home owner must be added to Management Agent user's primary group
SUDOmust be setup on all the database hosts.- Permissions must be added in the
SUDOERSfile to allow the following user switches- Switch the Management Agent user to Patch user
- Switch the Patch user to Oracle Home/root user
- Switch the Oracle Home user to a Patch user, and grant the ability to execute limited scripts and commands.
On hosts where Management Agent is running, the Management Agent user will only switch as the Patch user, and then the Patch user will switch to the Oracle Home/root user for patching.
The Management Agent is installed on only one of the RAC nodes, all other RAC nodes must have permissions in the
SUDOERSfile to switch the Patch user to Oracle Home/root user, and Oracle Home user as Patch user.
Required Users, Directories, and Utilities
The following users, directories, and utilities are required to correctly orchestrate the patching process:| User | Example |
|---|---|
| Patch user | patchUser
|
| Database Home owner | oracle |
| Database Home owner primary group | oinstall |
| Management Agent user | mgmt_agent |
| Management Agent user primary group | mgmt_agent |
| Directories and Utilities Required | Location example |
|---|---|
| SUDO location | /scratch/sudo_setup/bin/sudo |
| Sudoers file Location | /scratch/sudo_setup/etc/sudoers |
| DBLM directory | /opt/oracle/dblm |
Patching Prerequisite Tasks to be Completed
| Task | Command | More Information & Examples |
|---|---|---|
| Create the DBLM directory across all hosts with correct permissions | |
|
| Create the Patch user in all the hosts | |
Patch user will be used to run the patching scripts as either Oracle Home or root user
For RAC databases, the Patch user must have password-less SSH equivalence across the nodes to run the scripts on RAC nodes where the Management Agent is not running. |
| Set the Patch user's primary group to be the same as Oracle Home owner's primary group | |
patchUser details: |
| Add the Patch user to the Management Agent user's primary group | |
patchUser details: |
| Add the Management Agent user must to the Oracle Home owner's primary group | |
mgmt_agent details: |
| Add the Oracle Home owner to the Management Agent user's primary group | |
oracle user details: |