... Have you ever witnessed a DBA distribution like I describe? ...
Sure.
Think about it - ok, you have
a) security DBA
b) development DBA
c) infrastructure DBA
Now, you have two configurations
configuration 1:
(a), (b) and (c) manage a common set of databases. Who wins? Who is right? who is in charge. Remember, (a) doesn't report to and is not beholden to (b) or (c). Neither are (b) to (a)/(c) and so on.
So, who is "right" - who wins the "peeing" contest? Whose rules and regulations are the most right?
configuration 2:
they manage separate sets of databases. You have some really secure database - that cannot be developed against and use every worst infrastructure practice available. You have databases that every developer wants to code against - but have security holes the size of a space shuttle and so on.
As soon as you categorize, segregate, silo off - whatever you want to call it, you have organizations with differing agendas and individual groups of DBA's all of whom are supposed to be working together fighting each other. It is called competition, it happens pretty much whenever you verticalize like that.
again, this is seperatism & breeds intra departmental conflict instead of
fixing the issue.Ben - you are the one that is recommending intra-departmental groups - that breeds conflict.
... o you really want DBAs intimatly familiar with the inner workings
of your company's primary production applications spending their precious time
doing RMAN backups, dealing with disk space issues, doing account maint, etc.
...
No - I WANT ALL OF THEM WORKING TOGETHER - because you know what, I don't know how you can come up with the backup policy unless and until you know the application and the security issues and everything. Meaning - these people have to work together, in the same reporting chain.
Application 1 - stored credit card information, uptime = 100%, lose of information = not acceptable - ever, not even for a second.
Application 2 - stored nothing critical. uptime = pretty good is ok, loss of information - for a couple of minutes - but we ultimately do need it restored
and so on.
Now, do you have the same backup needs for both? No - based on the application requirements. One of them needs encryption, one needs more frequent backups - perhaps even disk based back ups - as well as data guard.
The other - no encryption (hence no key management issues etc - very simple needs). Weekly backups (once we understand the amount of redo the application generates - oh, there is that pesky application information rearing it's head again) and so on
In short, you need a team that has intimate knowledge of all of the options in the aggregate - each DBA might have a specialization, but they are very aware of the options in the other areas (even if they do not do it). That way - the TEAM - all of whom report to the same person, hence it is in their interest to get it right, get it fast, get it easy - works together.
You know what happens when I see a DBA team made up to do backups? You get "the ultimate backup scheme - everyone will use it - it is easier for us - because we don't really care WHO you are, we just backup stuff"
When you have a DBA team made up to secure stuff? It is so secure, no one can leave their chair without a pass from the CSO (chief security officer)
and the backup people, if you ask the security people - they are dumb as bricks and just don't get it.
and the security people, if you ask the backup people - they are dumb as bricks and just don't get it.
... Do you really want the DBAs responsible for ensuring backups are valid spending
their time tracking down a developers algorithmic flaw? ...
who ever said they would be - besides you?
And you know what, if they have the spare cycles, I'd rather they were doing that than playing tetris - sure.
Every time I see the specialized group, like the "backup group", the "security group", the "disaster recovery group"
I see a one size fits all output from each group.
Which means - there must be one way to do it for everyone
Which means - there must be one way for the entire planet to it (remember - you don't want your backup guys to be bothered by the nuances of an application right)
And if there were one way to do it for everyone - there would be no DBA's at all.
Because there wouldn't be anything to think about. Ever.
updated...was just answering another question
http://asktom.oracle.com/pls/asktom/f?p=100:11:0::::P11_QUESTION_ID:1202976400346852519#1225029200346712387 Here is what happens when you segregate.
DBA's not working with developers.
Developers discover "so sorry, access to that is unnecessary - go away"
Same thing happens with any two groups of people who have different agendas.
This is one of the primary reasons I firmly encourage DBA and Development to be virtually one in the same.