ORACLE 19C cman 连接管理器配置案例

郑全

1.环境说明
   客户端IP：192.168.133.1
   CMAN服务器：192.168.133.121
   数据库服务器：192.168.133.120
   数据库服务：orclcdb
   监听端口：1524
   数据库版本：ORACLE 19.12
   连接管理器：21.3

   操作系统：
         数据库服务器，ORACLE LINUX 8.4
         CMAN 服务器：ROCKY LINUX 8.4
         客户端：WIN10

2.安装 Oracle Connection Manager
   2.1 软件介质，直接到ORACLE 官网下载ORACLE CLIENT 21.3 即可，下载19.3也可以，我这边由于是LINUX 8.4 ,不想去设置，下载的21.3 CLIENT
   2.2 安装CMAN
        在cman服务器上安装oracle client
        现在定制安装，只需要选择 监听 和 connection manager 即可。

3.配置ORACLE CONNECTION MANAGER
  3.1 拷贝$ORACLE_HOME/network/admin/samples/cman.ora 到 $ORACLE_HOME/network/admin/cman.ora
  3.2 修改CMAN监听的名字，
       修改为CMAN_SZDB
  3.3 修改监听的主机为：192.168.133.121
  3.4 修改监听的端口为:1524
  3.5 设置白名单
        这个是由于数据库和CMAN服务器不在同一台机器，所以，需要，如果在同一台机器，就不需要设置
        (registration_invited_nodes=192.168.133.120)
  3.6 设置访问控制
       (rule_list=
    (rule=
       (src=*)(dst=*)(srv=*)(act=accept)
       (action_list=(aut=off)(moct=0)(mct=0)(mit=0)(conn_stats=on))
    )
  )
完整的配置文件如下：
  [oracle@szdb admin]$ grep -v '#' cman.ora |grep -v '^$'
cman_szdb =
(configuration=

  (address=(protocol=tcp)(host=szdb)(port=1524))
  (parameter_list =
    (aso_authentication_filter=off)
    (connection_statistics=yes)
    (log_directory=/u01/app/oracle/cman/log)
    (log_level=ADMIN)
    (max_connections=256)
    (idle_timeout=0)
    (inbound_connect_timeout=0)
    (session_timeout=0)
    (outbound_connect_timeout=0)
    (max_gateway_processes=8)
    (min_gateway_processes=3)
    (trace_directory=/u01/app/oracle/cman/trace)
    (trace_level=off)
    (trace_timestamp=off)
    (trace_filelen=1000)
    (trace_fileno=1)
    (max_cmctl_sessions=4)
    (event_group=init_and_term,memory_ops)
    (registration_invited_nodes=192.168.133.120)

  )
  (rule_list=
    (rule=
       (src=192.168.133.1/24)(dst=*)(srv=*)(act=accept)
       (action_list=(aut=off)(moct=0)(mct=0)(mit=0)(conn_stats=on))
    )
  )
)

4.配置数据库端
  在数据库服务器192.168.133.120，在TNSNAMES.ORA创建一个服务名到CMAN服务器(192.168.133.121)

  LISTENER_cman =
  (ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.133.121)(PORT = 1524))

  设置REMOTE_LISTENER指向LISTENER_cman

  SQL> alter system set remote_listener=LISTENER_CMAN;

5.启动CMAN
   $ cmctl
   CMCTL> admin cman_szdb
   CMCTL:cman_szdb> startup

   显示连接情况
   CMCTL>show status
   cmctl>  show service

   CMCTL:cman_szdb> show status
Status of the Instance
----------------------
Instance name             cman_szdb
Version                   CMAN for Linux: Version 21.0.0.0.0 - Production
Start date                25-OCT-2021 02:06:11
Uptime                    0 days 0 hr. 8 min. 32 sec
Num of gateways started   3
Average Load level        0
Log Level                 ADMIN
Trace Level               OFF
Instance Config file      /u01/app/oracle/product/21.3.0/client/network/admin/cman.ora
Instance Log directory    /u01/app/oracle/diag/netcman/szdb/cman_szdb/alert
Instance Trace directory  /u01/app/oracle/diag/netcman/szdb/cman_szdb/trace
The command completed successfully.
CMCTL:cman_szdb>
CMCTL:cman_szdb>
CMCTL:cman_szdb>
CMCTL:cman_szdb> show all
listener_address            | (DESCRIPTION=(address=(protocol=tcp)(host=szdb)(port=1524)))
aso_authentication_filter   |   OFF
connection_statistics       |    ON
event_group                 | (init_and_term, memory_ops)
log_directory               | /u01/app/oracle/diag/netcman/szdb/cman_szdb/alert
log_level                   | ADMIN
max_connections             |   256
idle_timeout                |     0
inbound_connect_timeout     |     0
session_timeout             |     0
outbound_connect_timeout    |     0
max_gateway_processes       |     8
min_gateway_processes       |     3
max_cmctl_sessions          |     4
password                    |   OFF
remote_admin                |   OFF
trace_directory             | /u01/app/oracle/diag/netcman/szdb/cman_szdb/trace
trace_level                 |   OFF
trace_timestamp             |   OFF
trace_filelen               |  1000
trace_fileno                |     1
service_rate                |     0
connection_rate             |     0
max_all_connections         |     0
max_reg_connections         |     0
compression                 |   OFF
sdu                         |  8192
expire_time                 |     0
non_tunnel_gateways         |  1000
use_sid_as_service          |   OFF
valid_node_checking_registration |   OFF
Number of filtering rules currently in effect: 1
(rule_list=
  (rule=
    (src=192.168.133.1/24)
    (dst=*)
    (srv=*)
    (act=accept)
    (action_list=(aut=off)(moct=0)(mct=0)(mit=0)(conn_stats=on))
  )
)
The command completed successfully.
CMCTL:cman_szdb>
CMCTL:cman_szdb>
CMCTL:cman_szdb> show service
Services Summary...
Proxy service "cmgw" has 1 instance(s).
  Instance "cman", status READY, has 3 handler(s) for this service...
    Handler(s):
      "cmgw002" established:0 refused:0 current:0 max:256 state:ready
         <machine: localhost, pid: 2955>
         (ADDRESS=(PROTOCOL=ipc)(KEY=#2955.1)(KEYPATH=/var/tmp/.oracle_100100))
      "cmgw001" established:0 refused:0 current:0 max:256 state:ready
         <machine: localhost, pid: 2953>
         (ADDRESS=(PROTOCOL=ipc)(KEY=#2953.1)(KEYPATH=/var/tmp/.oracle_100100))
      "cmgw000" established:0 refused:0 current:0 max:256 state:ready
         <machine: localhost, pid: 2951>
         (ADDRESS=(PROTOCOL=ipc)(KEY=#2951.1)(KEYPATH=/var/tmp/.oracle_100100))
Service "86b637b62fdf7a65e053f706e80a27ca" has 1 instance(s).
  Instance "orclcdb", status READY, has 1 handler(s) for this service...
    Handler(s):
      "DEDICATED" established:0 refused:0 state:ready
         REMOTE SERVER
         (ADDRESS=(PROTOCOL=TCP)(HOST=192.168.133.120)(PORT=1521))
Service "cbb47e352f7aaea7e0537885a8c03007" has 1 instance(s).
  Instance "orclcdb", status READY, has 1 handler(s) for this service...
    Handler(s):
      "DEDICATED" established:0 refused:0 state:ready
         REMOTE SERVER
         (ADDRESS=(PROTOCOL=TCP)(HOST=192.168.133.120)(PORT=1521))
Service "cdfd043675cc16a6e0537885a8c07810" has 1 instance(s).
  Instance "orclcdb", status READY, has 1 handler(s) for this service...
    Handler(s):
      "DEDICATED" established:0 refused:0 state:ready
         REMOTE SERVER
         (ADDRESS=(PROTOCOL=TCP)(HOST=192.168.133.120)(PORT=1521))
Service "cmon" has 1 instance(s).
  Instance "cman", status READY, has 1 handler(s) for this service...
    Handler(s):
      "cmon" established:1 refused:0 current:1 max:4 state:ready
         <machine: localhost, pid: 2945>
         (ADDRESS=(PROTOCOL=ipc)(KEY=#2945.1)(KEYPATH=/var/tmp/.oracle_100100))

Service "orclcdb" has 1 instance(s).
  Instance "orclcdb", status READY, has 1 handler(s) for this service...
    Handler(s):
      "DEDICATED" established:0 refused:0 state:ready
         REMOTE SERVER
         (ADDRESS=(PROTOCOL=TCP)(HOST=192.168.133.120)(PORT=1521))
Service "orclpdb" has 1 instance(s).
  Instance "orclcdb", status READY, has 1 handler(s) for this service...
    Handler(s):
      "DEDICATED" established:0 refused:0 state:ready
         REMOTE SERVER
         (ADDRESS=(PROTOCOL=TCP)(HOST=192.168.133.120)(PORT=1521))
The command completed successfully.
CMCTL:cman_szdb>

6.配置客户端
   配置客户端连接到CMAN
   vim tnsnames.ora
    ...
    C_orclcdb =
      (DESCRIPTION =
        (ADDRESS_LIST =
           (ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.133.121)(PORT = 1524))
        )
       (CONNECT_DATA =
         (service_name = orclcdb)
       )
     )

   192.168.133.121 是cman服务器的IP

7.测试客户端连接
    SQL> conn system/oracle_4U@c_orclcdb
    Connected.



注意：CMAN服务器到DBSERVER机器，一定要在/etc/hosts增加域名解析
/etc/hosts
192.168.133.120 dbserver

CMAN: ORA-12529: TNS:connect Request Rejected Based On Current Filtering Rules (Doc ID 2001767.1)