New Dell servers on Oracle Linux 6.2 ... using red hat compatible kernel aka:
The new dell boxes have an internal raid controller ( Perc H700 ? ) and are connected to EMC direct attached storage using emulex HBA's. All operating system and linux software installed on internal disks ( mirrored ) ... all database stuff going to be on EMC storage.
Our new servers had a very strange set of behaviors when booting up from internal disks. Most of the time they would boot up and see the first internal raid drive as /dev/sda ( so /boot partition is on /dev/sda1 ) ... but at other times they would see /boot on a different device ( for example /boot on /dev/sdi1 ).
The entries in /etc/fstab for 6.x systems now apparently use UUID entries ... ( for example ):
UUID=e6964e7e-62a9-450c-a66e-a411b40a4ed9 / ext4 defaults 1 1
So when the servers came up on a different boot drive they would run ok ... looking strange ... but we ran into a different problem using ( still trying to use ... don't get me started ) a backup linux imaging product ( Acronis ) that just did not understand at all backing up or restoring a system when it was not running from /dev/sda.
Logically it seemed pretty straight forward. Force a way somehow so that first internal drive is always on /dev/sda.
We pay Oracle for linux support so open a ticket with them. We now have a solution but it took a very very long time for oracle linux support to come up with solution. Might be a by product of working with a junior level person ... might be from a strange new problem. Tried all sorts of stuff initially with udev rules ... nope none of this worked at all.
Eventually the solution that is now deployed and working involved removing lpfc ( emulex ? HBA support ? ) modules from the initramfs image that is invoked on first boot up. Of course we run stuff on EMC storage and yes eventually after booting our HBA's are working just fine.
Anyway here is what we had to do to get this working in our 6.2 redhat compatible kernel environment. It is some low level pretty esoteric linux stuff and well beyond what I wanted to have to deal with ... but it is working nicely.
Step 1: get the latest available dracut rpm's and stick them into directory for updating:
dracut]# ls -ltr | more
total 140-rw-r--r-- 1 root root 114884 Jan 11 13:29 dracut-004-284.0.1.el6_3.1.noarch.rpm-rw-r--r-- 1 root root 21524 Jan 11 13:29 dracut-kernel-004-284.0.1.el6_3.1.noarch.rpm
Step2: Update to latest rpm's ... ( not sure why the 100% 50% 100% stuff gone from below )
rpm -Uvh dracut*.rpm | more
warning: dracut-004-284.0.1.el6_3.1.noarch.rpm: Header V3 RSA/SHA256 Signature,YPreparing... ##################################################dracut ##################################################dracut-kernel ##################################################
Step 3: Verify installation of new dracut rpms
# rpm -qa | grep dracut
Step 4: Now change to the /boot directory and create a new initramfs image file.
Use this command: dracut --omit-drivers lpfc initramfs-$(uname -r)-no-lpfc.img
# dracut --omit-drivers lpfc initramfs-$(uname -r)-no-lpfc.img
Step 5: Check img file created ...
# ls -ltr *.img | more
-rw-r--r-- 1 root root 15875365 Jan 11 13:39 initramfs-2.6.32-220.el6.x86_64-no-lpfc.img
Step 6: Verify that no lpfc moduels are in the new initramfs image file
# zcat *no-lpfc.img | cpio -t | grep lpfc | more
Agove output is correct ... if you see something like this ... lpfc is still in the img file:
Final step ... create an entry in /etc/grub.conf to point to the new initramfs img file.
Copy the current /etc/grub.conf to something else.
Change the default= value to point to new lines at the end of the /etc/grub.conf file. My change was to change default=1 to default=2.
Add in new lines at the end of grub.conf ... my entries looked like this ( this is just part of my grub.conf file ).
title Oracle Linux Server (2.6.32-220.el6.x86_64) root (hd0,0)kernel /vmlinuz-2.6.32-220.el6.x86_64 ro root=UUID=e6964e7e-62a9-450c-a66e-a411b40a4ed9 rd_NO_LUKS LANG=en_US.UTF-8 rd_NO_MD quiet SYSFONT=latarcyrheb-sun16 rhgb crashkernel=auto KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DMinitrd /initramfs-2.6.32-220.el6.x86_64-no-lpfc.img
At this point the change should be complete ... start rebooting and test ... do we always come up on /dev/sda?
For me yes this finally fixed the problem.
My guess is that I will have to revisit all of this when doing next OL linux update. Probably going to sit out 6.3 and eventually move from 6.2 up to 6.4 ... probably will have to rebuild new initramfs image and of course test.
I hope this saves some other poor geek time ... it sure took us and oracle support a long time to get this working correctly!
The Configuration Migration Assistant is meta data driven. It uses the Oracle Utilities Application Framework meta data to drive the underlying engine to migrate the data. With the delivery of each product a predefined set of configuration objects are provided preconfigured to be used by sites. It is possible to extend these definitions and this next set of articles will introduce these objects and how to build your own configurations for custom objects.
Before we discuss the configuration objects there is one piece of information that you need to understand. For an object to be migrated using Configuration Migration Assistant it must have two attributes:
- It must not have a system generated random primary key. These types of keys may vary from environment to environment and attempting to migrate data with these types of keys may result in unintentional results and even corruption. Configuration data tends not to use random system generated keys but Master and Transaction data does. Configuration Migration Assistant cannot be used for Master or Transaction Data. Master data is things like Accounts, Meters, Crews, Persons, Assets etc.. Transaction Data is data like Bills, Payments, Meter Reads, Tasks etc...
- Fundamentally Configuration Migration Assitant uses Maintenance Objects to process data but each object to be migrated must have a Business Object for configuration purposes. The Business Object can be any valid Business Object definition. More guidelines about this are in Configuration Migration Assistant Overview (Doc Id: 1506830.1).
The first object to configure for Configuration Migration Assistant is the Migration Plan. This object defines a primary Business Object and any directly related subordinate Business Objects that must be migrated as a single entity. The relationship between the business objects and the sequence of migration is configured in this object.
The following information is configured:
- Instruction Sequence - The sequence number for the migration instruction. This is used to process the data in the correct order.
- Instruction Type - This sets the migration instruction type. There are two values: Primary or Subordinate. There can only be one Primary Instruction Type per Migration Plan.
- Parent Instruction Sequence - If the Instruction Type is Subordinate, then this is the Instruction Sequence for the parent object for this object. Subordinates can be related to other Subordinates to document multi-level structures.
- Description and Business Object - The Business object for this instruction. The description is a free format field to allow you to document the instruction. Usually this is populated with a short description of the object.
- Traversal Criteria Type and Traversal Criteria - This is a definition of how the subordinate is related to the parent object. Configuration Migration Assistant allows you to specify Constraints in the meta data, SQL Statements or XPATH statements to document the relationship. The latter is useful for relating complex business object relationships that arte buried in XML definitions. The Criteria Type determine which method you want to use to express the relationship and the Criteria is the statement to express the relationship. The online help contains examples and guidelines for the Criteria formats supported.
- Next Migration Plan - Configuration Migration Assistant allows you to reuse Migration Plans and this field allows you to link Migration Plans for consistency. We will discuss this feature in future posts.
- Algorithms - One of the features of the Configuration Migration Assistant is the ability to manipulate the data upon import. This is where the specification of the algorithm is performed. This is typically done on the target environment.
To do this use the Admin --> M --> Migration Plan menu option.
Note: Remember, the product ships with a predefined set of Migration Plans for you to use. You may not have to configure this unless you want to copy the provided plans to tailor them or add custom business objects.
Each object to migrate using the Configuration Migration Assistant must exist in at least one Migration Plan.
For more information about this aspect of the Configuration Migration Assistant and other aspects refer to the Configuration Migration Assistant Overview (Doc Id: 1506830.1) whitepaper available from My Oracle Support.
This year we are hitting it out of the ball park with Chris Date ( CJ Date ) the godfather of relational database design theory and principles along with Tom Kyte.
Conference renamed this year as GLOC Great Lakes Oracle Conference on May 14th/15th with additional 1/2 day workshop ( extra cost ) on monday May 13th by Tom Kyte/Joel Kallman/Craig Shallahamer. Joel Kallman for anyone who has not seen him is an incredible speaker an Oracle employee ( Director of Apex Development ) and will be doing a hands on / bring your laptop / hack up an Apex app.
GLOC is a joint venture between NEOOUG and the Columbus Oracle Users Group ( OOUG ). Hoping to see some people from Detroit/Toledo and the Chicago area also plus well those pesky Pittsburgh area Steeler fans.
We are looking for speakers and the call for presentations is now open! Accepted speakers receive ( as usual ) free conference registration.
Here's a couple of references:
First for my usergroup: NEOOUG
Next for the conference: Great Lakes Oracle Conference ... Call for Presentations ... Registration
The first configuration step that must be performed for the Configuration Migration Assistant, as part of Oracle Utilities Application Framework V126.96.36.199.0, is to setup a Master Configuration Record for the Migration Assistant Configuration. This record sets up the locations of files exported and imported for each environment. It also sets the suffix for the files.
This must be performed once per environment and before any export or import activities are performed.
To setup this record the following process can be used:
- Logon to the product environment you wish to configure using the browser
- Navigate to the Admin --> M --> Master Configuration menu item.
- Find the Migration Assistant Configuration item. If none, exists you can create it using the Add Action (+).
- Edit the Migration Assistant Configuration Master Configuration Record by clicking on the name or Action field. For example:
- Specify the following on the edit dialog:
- Export Directory - Directory to place export files into for exports initiated from this environment
- Import Directory - Directory to get import files from for imports reqeusted for this environment
- File Suffix - The file suffix (including the '.') to attach to the file automatically.The suffix is simply used to be able to denote the file. The choice of file suffix does not affect the format of the contents of the file at any stage.
- Save the Record.
For the Export and Import Directories you can use any valid directory but the directory must be read writeable by the user you will use for the export and readable for the user you will use for the import. Security will be discussed in a later post.
From an implementation point of view these directories can be setup as follows:
- You can use the same directories for import and export.
- You can use different directories for import and export.
- You can use a common directories or seperate directories for each environment. For example, you can specify a global set of directories to share files easily. If you use seperate directories you will have to manually transfer export files across these directories.
For more information about this aspect of the Configuration Migration Assistant and other aspects refer to the Configuration Migration Assistant Overview (Doc Id: 1506830.1) whitepaper available from My Oracle Support.
Hi, this is Eric Maurice.
Today, Oracle released the January 2013 Critical Patch Update. This Critical Patch Update provides fixes for 86 vulnerabilities across a number of product families including the Oracle Database, Oracle Database Mobile Server, Oracle Enterprise Manager Grid Control, Oracle Fusion Middleware, Oracle E-Business Suite, Oracle Supply Chain Products Suite, Oracle PeopleSoft Enterprise, Oracle JDEdwards Enterprise One, Oracle Siebel CRM, Oracle Sun Products Suite, Oracle Virtualization, and Oracle MySQL. As a reminder, fixes for Java SE continue to be released on a separate schedule due to contractual commitments previously made with customers (the next Critical Patch Update for Java SE will be released on February 19, 2013); accordingly, this Critical Patch Update does not contain fixes for Java SE and it is not related to the recently released Security Alert CVE-2013-0422 intended for Java SE.
Of the 86 fixes, 1 is specific to Oracle Database Server; this vulnerability, which affects the Spatial component of the Database, has a CVSS Base Score of 9.0, and it is not remotely exploitable without authentication. 5 of the vulnerabilities are for the Oracle Database Mobile Server, typically used for connecting embedded devices and mobile applications to the Oracle Database. The maximum CVSS Base Score for the 5 Oracle Database Mobile Server vulnerabilities is 10.0, and these vulnerabilities are all remotely exploitable without authentication. Note also that 10 Enterprise Manager Grid Control fixes are applicable for Database deployments.
This Critical Patch Update includes fixes for 7 security vulnerabilities in Oracle Fusion Middleware, 5 of which are remotely exploitable without authentication. The maximum CVSS Base Score for these Fusion Middleware vulnerabilities is 5.0.
13 fixes are for Oracle Enterprise Manager Grid Control, 12 of which are remotely exploitable without authentication. The maximum CVSS Base Score for these Enterprise Manager vulnerabilities is 5.0. As stated earlier, 10 of these Enterprise Manager Grid Control fixes are applicable for Database deployments.
This Critical Patch Update provides the following applications security fixes: 9 for E-Business Suite, 1 for Supply Chain Product Suite, 12 for PeopleSoft Enterprise, 1 for JDEdwards EntepriseOne, 10 for Siebel CRM. As indicated in the Critical Patch Update Advisory, most Oracle applications deployments include Oracle Database and Oracle Fusion Middleware components that are affected by the vulnerabilities listed in the Oracle Database and Oracle Fusion Middleware sections for the Advisory, and these need to be patched as well.
Finally, this Critical Patch Update provides 8 fixes for Oracle Sun products Suite (the highest CVSS Base Score for these vulnerabilities is 6.6), 1 is for Oracle Virtualization (with a CVSS Base Score of 2.4), and 18 are for Oracle MySQL. The highest CVSS Base Score for the MySQL vulnerabilities is 9.0 on Windows platforms, and 6.5 on other platforms (e.g. Linux).
Oracle continues to recommend that, even though other mitigation measures may be available, Critical Patch Updates be applied as soon as possible in order for organizations to retain their security in depth posture.
For More Information:<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
The advisory for the January 2013 Critical Patch Update is located at http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html
More information about Oracle Software Security Assurance, including Oracle’s vulnerability fixing and disclosure policies is available at http://www.oracle.com/us/support/assurance/index.html.
I noticed in this article about Cassandra 1.2 that they have added the concept of vnodes, which allow you to have multiple nodes on a piece of hardware. This is pretty much the same as Oracle NoSQL Database's capability to place multiple Rep Nodes per Storage Node using the Capacity parameter. In general, the recommended starting point in configuring multiple Replication Nodes per Storage Node is one Rep Node per spindle or IO Channel.
The article also talks about Atomic Batching, which has been available in Oracle NoSQL Database since R1 through the various oracle.kv.KVStore.execute() methods. This capability allows an application to batch multiple operations against multiple records with the same major key in one atomic operation (transaction). Our users have all said that this is an important capability.
Hi, this is Eric Maurice again.
Oracle has just released Security Alert CVE-2012-0422 to address two vulnerabilities affecting Java in web browsers. These vulnerabilities do not affect Java on servers, Java desktop applications, or embedded Java. The vulnerabilities addressed with this Security Alert are CVE-2013-0422 and CVE-2012-3174. These vulnerabilities, which only affect Oracle Java 7 versions, are both remotely exploitable without authentication and have received a CVSS Base Score of 10.0. Oracle recommends that this Security Alert be applied as soon as possible because these issues may be exploited “in the wild” and some exploits are available in various hacking tools.
The exploit conditions for these vulnerabilities are the same. To be successfully exploited, an attacker needs to trick an unsuspecting user into browsing a malicious website. The execution of the malicious applet within the browser of the unsuspecting users then allows the attacker to execute arbitrary code in the vulnerable system. These vulnerabilities are applicable only to Java in web browsers because they are exploitable through malicious browser applets.
With this Security Alert, and in addition to the fixes for CVE-2013-0422 and CVE-2012-3174, Oracle is switching Java security settings to “high” by default. The high security setting requires users to expressly authorize the execution of applets which are either unsigned or are self-signed. As a result, unsuspecting users visiting malicious web sites will be notified before an applet is run and will gain the ability to deny the execution of the potentially malicious applet. Note also that Java SE 7 Update 10 introduced the ability for users to easily disable Java in their browsers through the Java Control Panel.
To use the Configuration Migration Assistant facility in Oracle Utilities Application Framework V188.8.131.52.0 the are two main sets of step that must be performed:
- Configuration - The Configuration Migration Assistant must be configured at an environment level to determine the locations of data exports and imports as well as definitions of the migration specifications.
- Execution - Registering the intent to export and import data as well as physically exporting and importing the data. Once the data has been imported performing approval of specific changes and then applying the import data set.
These topics will be individually covered in subsequent entries in this blog to target specific settings. The flow diagrams illustrate a summary of the processes used in the Configuration Migration Assistant.Configuration Flow
To configure the Configuration Migration Assistant the following must be performed:
- Migration Master Configuration - Define the default location for import and export files generated by the Configuration Migration Assistant. Define the default file suffix for the export/import files. This task only has to be done once per environment and must be performed BEFORE the first export or import task is performed.
- Define Migration Plans - Define the Business Object definitions and their relationships to migrate the group of Business Objects as a single unit. The sequence and relationship is defined for the associated child objects. The relationship, known as Traversal Criteria, is expressed as Constraint, SQL expression or XPath statement describing the related data.
- Define Migration Requests - Define the groups of migration plans to migrate as a set including the selection criteria expressed as SQL expression, XPath statement or algorithm.
Once configuration is complete on the source environment then the execution component of the feature can be used to perform migrations. The following flow summarizes these processes:
- Define Migration Export - Register the intent to export the data with the Migration Request to use for the export and the file name to use for the export. The Migration Master Configuration record for the environment is used to set the location and suffix. This process wont actually export the data, hence the word intent, it simply registers the fact that you want to export the data.
- Export Data - Execute the Migration Monitor batch process to physically export all the active Migration Export requests using the specification on the Migration Export.
- Define Migration Import - Register the intent to import the data file from the import directory. The migration import directory and file prefix are taken from the Migration Master Configuration record for the environment.
- Import Data - Execute the Migration Monitor batch process to physically export all the active Migration Import requests using the specification on the Migration Import. At the is time the use of the Approval/Rejection process can be defaulted by change type. At this time a Migration Data Set is created to hold the changes.
- Approval Process - If there are any manual changes that require approval can be manually approved. Regardless of whether approvals are required, the Migration Data Set must be marked Ready to Apply.
- Apply Changes - Execute the Migration Monitor batch process to physically apply the changes. The Migration Data Set will display the status of each change at application time. Data is re-validated at the time of application to maximize data integrity.
Each of these processes will be expanded on in future blog entries with guidelines. For more information on this facility refer to Configuration Migration Assistant Overview (Doc Id: 1506830.1).
In the Oracle Identity Management Suite Integration with Oracle Utilities Application Framework based products (Doc Id: 1375600.1) whitepaper the Oracle Access Manager integration section mentions a custom landing page that can be used to complete the integration.
A sample landing page is now available from My Oracle Support for customers to use as a basis for their own landing pages. It is located within My Oracle Support under Sample Code oamlanding.jsp - refer to the Instructions in Note 1375600.1 (Doc Id 1518856.1).
This is a sample only and should be tested and modified to suit your individual site needs. Refer to Doc Id 1375600.1 for instructions on how to use the landing page.
One of the main features of Oracle Utilities Application Framework V184.108.40.206.0 is the Configuration Migration Assistant. The Configuration Migration Assistant is a new facility to allow customer owned configuration data to be migrated from one environment to another. Customers using Oracle Utilities Customer Care and Billing and Oracle Enterprise Taxation and Policy Management will use this new facility instead of Configuration Lab for versions of those products using the Oracle Utilities Application FrameworkOracle Utilities Application Framework V220.127.116.11.0 and above.
The features of this new facility are:
- Meta Data Driven Migration - The Configuration Migration Assistant uses the meta data within the product to understand the data and the relationships. A set of new migration objects have been added to define reuseable data relationships, sequence of migration and groups of data to migrate.
- Reusability - The Configuration Migration Assistant emphasizes resuablility across migrations by providing reuseable migration plans allowing customers and partners to combine base and custom migration plans into reusable migrations.
- Simple design - The Configuration Migration Assistant simplifies the specification and exeuction of migrations. No technical setup outside the product is required.
- Support for different relationship types - Relationships between objects can be expressed using Constraints, SQL statements or XPATH statements. This allows Configuration Migration Assistant to support the wide variety of configuration objects in the products.
- Export Data to a File - The export process now exports data to a file rather than using database links. This allows the export to be checked in to a code respository to match the code components involved in a configuration. This also allows the exports to be reused and imported across many environments and even be used to rollback configuration changes on a global basis within an environment.
- Approval/Rejection of Changes - Individual changes can be forced to be approved before they are applied allowing customers fine levels of control over changes in their target environments.
- Data Manipulation upon Import - Data can be manipulated upon import, using algorithms, to avoid configuration conflicts. For example, when importing Batch Controls the batch run numbers can be manipulated upon import to ensure they are consistent in the target environment.
Over the next few weeks there will be a series of articles on this blog highlighting the Configuration Migration Assistant and its features and configuration. For more details about the facility refer to Configuration Migration Assistant Overview (Doc Id: 1506830.1) available from My Oracle Support.
From that desktop I connected to an internal desktop with a Remote Desktop session, since there were all the necessary tools, like Notepad++, jDeveloper, SoapUI, etc, installed. In the end I neede another RDP session to the server on which SoaSuite was running.
Anyway, during the analasis I kept a report document in Google Docs. At one point I needed to write an email in which I wanted to share some information from logs on the remote desktop. Now I could connect to gmail. But I was already writing the email in Thunderbird on my laptop. Since there were so may layers of RDP-in-RDP sessions, I could not copy and paste from the logs to my laptop anymore.
Then the team-cooperation functionality from Google Docs come in handy! I opened the same document again on my laptop and Google Docs neatly synchronized both sessions. So anything I wrote and copied-and-pasted into the document in the RDP session became visible on my laptop and vice-versa. Now, I know: it's not new, but it enabled me to copy-and-paste from the document into my email.
So, Google Docs turned out the perfect clipboard sharing tool. I found it a nice trick to share.
I have announced my webinar on Oracle ZFS Storage Appliance for Exadata Backup & Recovery in NYOUG DBA webinar series. You can download webinar slides and voice recod from NYOUG web site
Wish every one a very happy new year.
It's official: we've shipped Oracle NoSQL Database R2.
Of course there's a press release, but if you want to cut to the chase, the major features this release brings are:
- Elasticity - the ability to dynamically add more storage nodes and have the system rebalance the data onto the nodes without interrupting operations.
- Large Object Support - the ability to store large objects without materializing those objects in the NoSQL Database (there's a stream API to them).
- Avro Schema Support - Data records can be stored using Avro as the schema.
- Oracle Database External Table Support - A NoSQL Database can act as an Oracle Database External Table.
- SNMP and JMX Support
- A C Language API
There are both an open-source Community Edition (CE) licensed under aGPLv3, and an Enterprise Edition (EE) licensed under a standard Oracle EE license. This is the first release where the EE has additional features and functionality.
Congratulations to the team for a fine effort.