A couple of days ago, I was in charge to install a new SQL Server AlwaysOn and availability group with one of my colleague Nathan Courtine. During the installation, we talked about testing a disaster recovery scenario where we have to restart the Windows Failover cluster in forced quorum mode.

Restarting a WSFC in such mode implies some internal stuff especially for the cluster database data synchronization between nodes. The WSFC uses internally the paxos algorithm to synchronize and guarantee consistency across distributed systems. But what is paxos concretely? To be honest, I already saw some records inside a generated cluster log but I never cared about it. But as usual my curiosity led me to investigate further and I learn some very interesting stuff from 2001 paper Paxos Made Simple and from other pointers on the internet. Just to be clear, I’m not claiming to master completely this protocol and this is simply my attempt to demystify the subject.

So let’s begin with the introduction of some important concepts to understand:

First of all, Paxos is an algorithm for agreeing a value (in other words a configuration change in our case) across a cluster using atomic broadcast. This is known as the consensus problem which is described in this Paxos Paper. In short, this algorithm lets a majority of nodes agree one value at a time.

According to this KB947713 we may read that the WSFC uses a paxos tag that consists of three numbers with the following format:

<NetxEpoch number>:<LastUpdateEpoch number>:<sequence number>.

Let’s have a focus on the last part. The KB947713 says:

Each time the configuration is changed every time that an update is made to the cluster configuration. The synchronization process in a cluster sends out a proposal to all the nodes in the cluster. The proposal consists of a sequence number and a proposal number.

Why a proposal number here? In the next part of this blog post I will discuss how important this concept may be but at the moment, let’s go back to the paxos algorithm protocol and let’s see how it works. In fact, we may identify two distinct phases in this protocol:

Phase 1:

A proposer will send a proposal (prepare message) to a set of acceptors in the form of a proposal {Sequence, Number}. The concerned acceptors acknowledge that they guarantee that once the proposal is accepted, they cannot accepted any more proposals numbered less than n.

Phase 2:

Once the proposer obtains the required consensus from the majority of nodes (we don’t need to get responses from all the nodes here), it will choose in turn a value (if no acceptors are already accept proposals with value) and will broadcast an accept message to the corresponding acceptors to commit the value. Finally, the acceptors acknowledge the leadership of the proposer. Note that in the cluster implementation a leader plays both the roles proposer and learner.

What about having two proposers at a time here? In fact, Paxos is designed to protect against this kind of scenario that may lead to a situation where each proposer keeps issuing a sequence of proposals with increasing numbers, none of them is ever chosen because, as you remember, the corresponding acceptors will refuse them (no promise or no accept acknowledgement because of a new higher proposal). It addresses this scenario by electing one distinguished proposer to communicate with a set of acceptors at a time.

Let’s now continue by introducing a little bit more complexity with a distributed scenario where failures may occur at different time of the paxos protocol. For those who work with distributed environments, failures may occur more than expected. For example, we may face disruptive network issues that lead to missing messages from nodes in the paxos phases or acceptors / proposers that fail. We may also have to deal with failover scenarios (either planned or unplanned).

So we need a protocol that is both fail-stop and fail-recover resilient algorithm. These scenarios are handle by the Paxos phases design. Indeed, in case of a leader failure, sending a prepare-to-commit request allows any participant to take over the role of the new leader and query the state from other nodes. If any acceptor reports to the new leader that it has not received the “prepare to commit” message, the latter knows that the transaction has not been committed at any acceptor. Now either the transaction can be pessimistically aborted, or the protocol instance can be re-run. In the same manner, if an acceptor that has committed the transaction crashes, we know that every other acceptors would have received and acknowledged the prepare-to-commit message since otherwise the coordinator would not have moved to the commit phase. So the coordinator can proceed with the last phase.

We should also take into account cluster network partition scenarios. Paxos is partition tolerant because it requires a consensus from a node majority. So a partition that cannot come to a consensus needs to accept value from other partitions when they merge back.

Behind the scene, Paxos will handle failures by implementing a machine state system where each component may play all roles (proposer, learner and acceptor). Multi-paxos protocol will be used across the system to guarantee that all server will execute the same sequence of the same machine. We may think this concept is similar to a database transaction log where operations are written sequentially and in order.

Let’s describe how Paxos deals with different kind of failures. In order to facilitate understanding the protocol, I voluntary simplified the process. For example, I always assume that the consensus is correctly made when a proposer send a proposal to a set of acceptors. In addition, I illustrate each scenario with only one leader and one proposer and I obviously image that the scenario is not as simple in all cases.

Firstly, let’s say an acceptor missed an accept message from the proposer caused by a network failure in my case.

The acceptor may ask the retransmission of the concerned message to the leader for a particular sequence of the state machine. Optionally, the concerned acceptor may also request additional accept messages in the same time to keep it up-to-date.

Let’s now have a look at the failures about the leader. When a new leader is mandated, the system must firstly prevent the older leader (which may have recovered from failure and think it is still the leader) from disrupting consensus once it is reached. Remember that in this case the system guarantee that only one distinguish leader must propose values.

When a node is mandated as a new leader (which acts as a learner in all instances of the consensus algorithm) it should be aware of commands already committed from the older one as well as other uncommitted slots. The process may be different here regarding if the new leader is aware or not of uncommitted slots it has to fix. But let’s deal with the scenario where it is aware of uncommitted commands.

You may see an uncommitted command at slot 3. The consensus was made for the concerned proposal but old leader didn’t send the corresponding value (probably caused by a failure) leaving the command uncommitted. Then a new leader has been elected and it should fix all uncommitted slots from the old leader.

For that, it must send new fresh proposal to get info from the acceptors that will respond by sending the highest uncommitted proposal along the slot position.

At this point, assuming the consensus was made for the set of acceptors, the proposer then broadcasts an accept message with the corresponding value and fix all the uncommitted proposals in the slot. Of course, the process is a little bit more complex with probably other many failure and recovery scenarios as well as some additional optimizations. But we get the basics here.

So now let’s go back to the WSFC. Several components are involved to manage the global cluster configuration. Firstly the database manager (DM) on each cluster node stores a local copy of the cluster configuration. Each configuration change is handled by the database manager that uses in turn the global update manager (GUM) to broadcast changes to other nodes. DM uses paxos tag to coordinate and guarantee the consistency of the cluster configuration across all the nodes. The GUM guarantees changes are mare atomically either all healthy nodes are updated, or none are updated.

So let me show you how the WSFC deals with a node join operation (WIN20121 is the existing cluster node and WIN20122 node is added in my case) by taking a look at the cluster log. I firstly changed the log level from 3 to 5 to add INFO and DEBUG messages. Indeed, such information is not recorded by default into the cluster.log.

Here the WIN20111 cluster node is the current the leader of the distributed topology. The current epoch number is 0 because this is the first time the cluster is formed.

On the other side, WIN20122 starts up with an initial configuration that uses the same epoch number.

We may notice here the current paxos tag is 0:0:0 meaning that no changes occurred yet. A new transaction is then started by the database manager.

The paxos algorithm is in action here and we may notice the phase 2 of the protocol. The leader is sending an accept message for each proposal (P, V)

And finally we may see the paxos commit phase from the new joining node. The paxos tag value is incremented by 1 and new value is 0:0:1.

In this final section, I just want to cover briefly a misconception about file share witness (FSW). I often heard that the witness (regardless its type) stores the cluster configuration. This is true only when we talk about disk witness. However, file share witness stores only store the last paxos tag in the witness.log file.

Let’s take a look at the cluster.log when joining a new FSW.

…

Firstly, the system must acquire a lock on the witness log. It then compares paxos tag between the leader and the FSW. In this case it writes the more recent paxos tag value into the witness file (FSWITNESS_SET_EPOCH_INFO) with a payload of 88 bytes. We may notice the size of the file witness.log corresponds to the payload size as shown below:

Hope this article will help to demystify the paxos basis. Happy clustering!

Cet article Windows Failover Cluster : Introduction to paxos tag est apparu en premier sur Blog dbi services.

Some weeks ago, I wrote a blog post about the creation of SCOM groups in order to subscribe to alerts. Subscribe to alert is mandatory, of course, to be able to receive alerts concerning our group. But during operations like an update, a patching, …, we don’t want to be spoiled by lots of alerts. To avoid those unexpected Emails, we need to place our group and so, objects contained in this group, in maintenance mode.

I will use a PowerShell script to do this job.
The parameter of my script will be:

• ManagementServer: mandatory parameter containing management server name
• GroupName: mandatory parameter containing display name of the target group
• DurationTimeMin: mandatory parameter containing the duration maintenance time in minutes
• Comment: mandatory parameter containing a comment for the maintenance time
• Reason: mandatory parameter containing the reason of the maintenance, value are predifined and should be: PlannedOther, UnplannedOther, PlannedHardwareMaintenance, UnplannedHardwareMaintenance, PlannedHardwareInstallation, UnplannedHardwareInstallation, PlannedOperatingSystemReconfiguration,     UnplannedOperatingSystemReconfiguration, PlannedApplicationMaintenance, ApplicationInstallation, ApplicationUnresponsive, ApplicationUnstable, SecurityIssue, LossOfNetworkConnectivity

In PowerShell:

param(
 [Parameter(Mandatory=$true)][string]
 $ManagementServer,
 [Parameter(Mandatory=$true)][string]
 $GroupName,
 [Parameter(Mandatory=$true)][int32]
 $DurationTimeMin,
 [Parameter(Mandatory=$true)][string]
 $Reason,
 [Parameter(Mandatory=$true)][string]
 $Comment
 )

I need to import the necessary module for SCOM:

# Import necessary module for SCOM
 Import-Module OperationsManager

I will now create a persistent connection to my Management Group:

# Create connection to SCOM Management Group
 New-SCOMManagementGroupConnection -ComputerName $ManagementServer

 I have now just to find my SCOM group with his name and to place it in maintenance mode for the duration period I specified before:

# Find group and place in maintenance mode
ForEach ($Group in (Get-ScomGroup -DisplayName $GroupName))
    {
   If ($group.InMaintenanceMode -eq $false)
         {
            $group.ScheduleMaintenanceMode([datetime]::Now.touniversaltime(), `
            ([datetime]::Now).addminutes($DurationTimeMin).touniversaltime(), `
 
             "$Reason", "$Comment" , "Recursive")
         }
    }

To run my script I open a PowerShell screen and execute the following command:

I go now to SCOM and check for my group. I see that my group contains two SQL Server instances:

Those two instances are now in maintenance mode:

This simple script will be very practical to place group in maintenance mode and I will use it in a future blog post to schedule with PowerShell maintenance mode for SCOM groups.
See you soon

Cet article SCOM: change group state to maintenance mode with PowerShell est apparu en premier sur Blog dbi services.

In my last blog post, here, I spoke about how to place SCOM group in maintenance mode. This script is really interesting with an integration in Windows Task Scheduler. At the end, the main purpose is to plan a maintenance window of our different servers.

Let’s see how we can do that with PowerShell script.

First, I try to use the cmdlet Register-ScheduledTask, which can be used to register a scheduled task definition on a local computer. But, I quickly encountered a problem when I wanted to schedule my task every fourth Thursday of each month with the cmdlet New-ScheduledTaskTrigger. I was a little bit disappointed to see that it is not possible… Just daily and weekly recurring schedule are available… no monthly possibility… oups

After a small search on the web, I found what I was looking for. I will create a COM object with the “schedule.service” ProgID (Programmatic IDentifier). It is an older method than the first solution I found but it guaranteed the possibility to schedule my task as I want.

First I need to provide some input parameters to my script:

• TaskName: mandatory parameter containing the name ot the scheduled task
• TaskDescr: mandatory parameter containing the description of the scheduled task
• ManagementServer: mandatory parameter containing management server name
• GroupName: mandatory parameter containing display name of the target group
• DurationTimeMin: mandatory parameter containing the duration maintenance time in minutes of the maintenance task
• Comment: mandatory parameter containing a comment for the maintenance task

Of course, I could define more parameters. Please, feel free to add more parameters to this script, according to your needs.
With PowerShell:

param(
[Parameter(Mandatory=$true)][string]
$TaskName,
[Parameter(Mandatory=$true)][string]
$TaskDescr,
[Parameter(Mandatory=$true)][string]
$ManagementServer,
[Parameter(Mandatory=$true)][string]
$GroupName,
[Parameter(Mandatory=$true)][string]
$DurationTimeMin, 
[Parameter(Mandatory=$true)][string]
$Comment
)

Now, I create my new Com object:

# Attach the Task Scheduler com object
$service = new-object -ComObject("Schedule.Service")

I connect it to my local machine:

# connect to the local machine.
$service.Connect()
$rootFolder = $service.GetFolder("\")

I define a new task which I enable, add my description coming from a parameter, allow to start my task on demand and enable the task as now:

$TaskDefinition = $service.NewTask(0)
$TaskDefinition.RegistrationInfo.Description = "$TaskDescr"
$TaskDefinition.Settings.Enabled = $true
$TaskDefinition.Settings.AllowDemandStart = $true
# Time when the task starts
$TaskStartTime = [datetime]::Now

My task will execute the script to set my SCOM group in maintenance mode. I will specify the path to my script, use PowerShell to execute my command and give arguments to my script:

# Task Action command
$TaskCommand = "powershell.exe"
# PowerShell script to be executed
$TaskScript = "C:\powershell\GroupMaintenanceMode.ps1"
# The Task Action command argument
$TaskArg = '-ExecutionPolicy Bypass "c:\powershell\GroupMaintenanceMode.ps1" -ManagementServer "' + $ManagementServer + '" -GroupName "''' + $GroupName + '''" -DurationTimeMin ' + $DurationTimeMin + ' -Reason "PlannedOther" -Comment "''' + $Comment + '''"'

At this step my task is now created, but it still needs a schedule time. You can find all the information about how to schedule a task in MSDN here. In my context, I will use create(5) to trigger the task every fourth Thursday of each month:

$triggers = $TaskDefinition.Triggers
$trigger = $triggers.Create(5)
$trigger.DaysOfWeek = '16'
$trigger.MonthsOfYear = '4095' #all month: j:1 f:2 m:4 a:8 m:16 j:32 j:64...
$trigger.WeeksOfMonth = '8'
$trigger.StartBoundary = $TaskStartTime.ToString("yyyy-MM-dd'T'HH:mm:ss"

To trigger my task one time at a specific time of day, I should use:

$trigger = $triggers.Create(1)
$trigger.StartBoundary = $TaskStartTime.ToString("yyyy-MM-dd'T'HH:mm:ss")

To trigger my task on a monthly schedule, every first day of the month, I can use:

$trigger = $triggers.Create(1)
$trigger.StartBoundary = $TaskStartTime.ToString("yyyy-MM-dd'T'HH:mm:ss")

All scheduling time is possible and have to be tried.
I create the action part of my schedule task, assign my command and the argument for my command:

$Action = $TaskDefinition.Actions.Create(0)
$action.Path = "$TaskCommand"
$action.Arguments = "$TaskArg"

It’s time to create my task. There are multiple possibilities to create the task, you can have a look here for more details.
I will create or update my task depending on whether or not it already exists. For information, I use the domain administrator credentials for the execution.

# 6: create or update the task if it exists
$rootFolder.RegisterTaskDefinition("$TaskName",$TaskDefinition,6,"ADSTS\Administrator","*********",1)

I open a PowerShell windows to execute my script with the following command:

.\ScheduleTask.ps1 -TaskName "Schedule Maintenance 1" -TaskDescr "Task schedule with PowerShell" –ManagementServer 'SCOM2012R2.adsts.local' -GroupName "SQL Server Production Instances" -DurationTimeMin "5" -Comment "Maintenance for Patching"

My schedule task has been created with the action and trigger I mentioned earlier:

I  hope this blog post will help you managing your maintenance periods for SCOM groups.
Happy scripting

Cet article SCOM: schedule group maintenance task with PowerShell est apparu en premier sur Blog dbi services.

In this blog I would like to talk about Shrinking a Virtual Machine with Oracle databases and MySQL which is install.
Unfortunately, whilst Virtual Box will dynamically expand the hard drive as it’s required, it won’t dynamically shrink it again if you free up space in the VM. The good news is You can shrink a dynamic Virtual Box disk image and so reduce the size of your VM infrastructure.

I have use the Zerofree utility for scans the free blocks in an ext2 and ext3 file system and fills any non-zero blocks with zeroes. Source

Step by step:

• Convert .vmdk to .vdi
• Mount the .vdi to another VM
• Stop processes Oracle and MySQL
• Mount file system on read only
• Use zerofree
• Shutdown VM
• Vboxmanage compact
• Convert .vdi to .vmdk is you find any reason not to keep the .vdi

I have my Virtual Box extension “.vmdk”. The fist step is clone the virtual-disk to “.vdi” extension.

root@computer:/media/pio/Elements1/Workshop Oracle DBA1 11g/vmreforadba01# vboxmanage clonehd "vmrefdba01.vmdk" "vmrefdba01.vdi" --format vdi
0%...10%...20%...30%...40%...50%...60%...70%...80%...


When the clone is finish, start the VM with the new file extension “.vdi”:

Install Zerofree on your VM:

[root@vmrefdba01 zerofree-1.0.4]# yum install e2fsprogs-devel -y
[root@vmrefdba01 zerofree-1.0.4]# wget http://frippery.org/uml/zerofree-1.0.3.tgz
[root@vmrefdba01 zerofree-1.0.4]# tar -zxf zerofree-1.0.3.tgz
[root@vmrefdba01 zerofree-1.0.4]# cd zerofree-1.0.3
[root@vmrefdba01 zerofree-1.0.3]# make
[root@vmrefdba01 zerofree-1.0.3]# cp zerofree /usr/bin


Stopping all processes Oracle and MySQL for umount the File system:

mysql@vmrefdba01:/home/mysql/ [DUMMY] mysqld_multi stop
oracle@vmrefdba01:/home/oracle/ [WSDBA2] sqh
SQL*Plus: Release 12.1.0.2.0 Production on Thu Jul 28 10:27:29 2016
Copyright (c) 1982, 2014, Oracle. All rights reserved.

Connected to:
Oracle Database 12c Enterprise Edition Release 12.1.0.2.0 - 64bit Production
With the Partitioning, OLAP, Advanced Analytics and Real Application Testing options

SQL> shutdown;
Database closed.
Database dismounted.
ORACLE instance shut down.


Mount the File system on Read Only mode:

[root@vmrefdba01 ~]# mount -o ro /dev/mapper/vgdata-lvdata /oracle/
[root@vmrefdba01 ~]# mount -l
/dev/sda2 on / type ext3 (rw)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
tmpfs on /dev/shm type tmpfs (rw,size=3G)
/dev/sda1 on /boot type ext3 (rw)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
gvfs-fuse-daemon on /root/.gvfs type fuse.gvfs-fuse-daemon (rw,nosuid,nodev)
/dev/mapper/vgdata-lvdata on /oracle type ext3 (ro)


Use the utility Zerofree for scans free blocks:

[root@vmrefdba01 ~]# zerofree /dev/mapper/vgdata-lvdata


Shutdown the VM and compact the disk:

[root@vmrefdba01 ~]# shutdown -h now
root@computer:/media/pio/Elements1/Workshop Oracle DBA1 11g/vmreforadba01# vboxmanage modifyhd vmrefdba01.vdi --compact
0%...10%...20%...30%...40%...50%...


Check the size with the new VirtualDisk and you can see.. we have won 20Gb with the shrink space

root@computer:/media/pio/Elements1/Workshop Oracle DBA1 11g/vmreforadba01# du -sh *
740K Logs
44M Snapshots
34G vmrefdba01.vdi --> New disk
54G vmrefdba01.vmdk --> Old disk


Optional : If you want you can clone again the VM with the extension “.vmdk”.

root@computer:/media/pio/Elements1/Workshop Oracle DBA1 11g/vmreforadba01# vboxmanage clonehd "vmrefdba01.vdi" "vmrefdba01_v1.vmdk" --format vmdk
0%...10%...20%...30%...40%...


Cet article Shrinking Oracle VM VirtualBox with Zerofree est apparu en premier sur Blog dbi services.

A filesystem resize can be done in several ways, online, offline, with LVM2 or without LVM2.  However, this blog will describe how to do an online resize of ext3/ext4 filesystems where a virtual disk (vmdk) is online added to a VMware Redhat guest OS.

So let’s start with the online filesystem resize of ext3/4 filesystems on the Redhat guest OS.  A new virutal disk (preferably an eagerd zero thick on VM running Oracle) was added as a pre requirement. Adding a new virtual disk is an online operation and no downtime is required to do it.

The whole procedure in this document is described by using the command line only. There is also a graphical user interface `system-config-lvm` that can perform the job, but that tool is out of scope in this document.

Online resize a ext3/4 filesystem

There are several steps that have to be done. These are in general:

1. Scanning for new LUN’s
2. Partition the new LUN’s and partprobe
3. Create the physical volume
4. Extend the volume group and the logical volume
5. Extend the filesystem online

Rescan for new LUN’s

Depending on the number of virtual controllers, you have to scan for your new LUN’s on each of these. In case you know on which the disk was added, then of course, you need to scan only the appropriate one.

Rescan for new LUN’s on the first SCSI Controller (LSI Logic Parallel)

# echo "- - -"  > /sys/class/scsi_host/host0/scan*

Rescan for new LUN’s on the second SCSI Controller (Paravirtualized)

# echo "- - -"  > /sys/class/scsi_host/host1/scan*

Create a Primary Partion on the new devices

# fdisk /dev/sdx??

# fdisk /dev/sdy??

Partprobe the new devices

Partprobe is a program that informs the operating system kernel of partition table changes, by requesting that the operating system re-read the partition table.

# partprobe /dev/sdx??

# partprobe /dev/sdy??

Create the Pysical Volumes

# pvcreate /dev/sdx??

Physical volume "/dev/sdx??" successfully created

# pvcreate /dev/sdy??

Physical volume "/dev/sdy??" successfully created

Extend the Volume Group

# vgextend VGOracle /dev/sdx??

Volume group "VGOracle" successfully extended

# vgextend VGOracle /dev/sdy??

Volume group "VGOracle" successfully extended

Extend the Logical Volume

# lvextend -L 72G /dev/VGOracle/LVOracleu??

Extending logical volume LVOracleu?? to 72.00 GB

Logical volume LVOracleu01 successfully resized

Online Resize the ext3/ext4 Filesystem

After the logical volume is resized successfully, you can resize, in fact any filesystem that is online re-sizable. The following are examples for the ext3/ext4 filesystems. The syntax for ext3 and ext4 differ only slightly. For ext3 you use `resize2fs` even if its ext3 and not ext2, and in case of ext4 you use `resize4fs` were the command name is more logically.

ext3

# resize2fs /dev/VGOracle/LVOracleu??

ext4

# resize4fs /dev/VGOracle/LVOracleu??

That’s it. Now have fun with the bigger filesystem.

Cheers,

William

Cet article How to do a Filesystem Resize (ext3/ext4) on Redhat running on VMware est apparu en premier sur Blog dbi services.

Have your ever faced such a situation. You have usernames in your /etc/passwd file with more than 8 characters. This is no problem for Linux at all, usernames may be up to 32 characters long, only your ps output might look a little scrambled.

It shows you the uid instead of the username like in the following example:

$ id

uid=20001(longuser01) gid=10002(oinstall) groups=10002(oinstall)

$ sleep 1000000 &

$ ps -ef | grep sleep | grep -v grep

20001    14069 11739  0 14:11 pts/0    00:00:00 sleep 1000000

But you want to see the username instead of the uid. The workaround is

• Don’t use more than eight characters for your usernames 
• Or …. format your ps output the right way

You could use the following alias to get the job done.

$ alias psx='export PS_FORMAT="user:12,pid,%cpu,%mem,vsz,rss,tty,stat,start,time,command"; ps ax'

$ psx | grep sleep | grep -v grep

longuser01 14069  0.0  58940 520 pts/0 S 14:11:50 sleep 1000000

Now it looks better.

Cheers, William

Cet article List usernames instead of uids with the ps command for long usernames est apparu en premier sur Blog dbi services.

Recently, there is a new way to manage the Azure infrastructure with Resource Manager. It brings many advantages regarding the classic deployment.
The differences between these two deployments will not be covered in this blog because it is not the initial goal, and it already exists a very good Microsoft topic on this subject.

In this blog, we will generate a new Windows Azure Virtual Machine using Resource Manager deployment with PowerShell from On-Premise.

Remember, only RM object can be listed with RM cmdlets! On the contrary, only Classic object can be listed with Classic cmdlets!

We can connect automatically to Azure Account with this command:
Select-AzureRmProfile -Path "C:\temp\AzureCert.json"


But to download this certificate, we need to connect manually to Azure Account at least once as follows:
Add-AzureRmAccount -SubscriptionId "<YourSubscriptionID>"


Enter your personal credentials and then run the following command:
Save-AzureRmProfile -Path "C:\temp\AzureCert.json"


If you want to navigate through your different attached Azure Subscriptions, use the cmdlets Get-AzureRmSubscription/Set-AzureRmSubcription.

To obtain the different existing Azure Locations:
Get-AzureRmLocation | Select DisplayName


For the end of this blog, we will work in this specific Azure Location:
$location = "West Europe"


Hardware Profile

To list all different available Resource Group:
Get-AzureRmResourceGroup | Select ResourceGroupName, Location


And select your specific Azure Resource Group:
$resourceGroupName = (Get-AzureRmResourceGroup).ResourceGroupName[0]

To choose the correct VM size, list all available Azure formats:
Get-AzureRmVMSize -location $location | Select Name, NumberOfCores, MemoryInMB
$vmSize = "Standard_A3"


And initialize the VM object to build:
$vm = New-AzureRMVMConfig -Name $vmname -VMSize $vmsize


Image Profile

Now we want to select a specific image available from a publisher in Azure. In this case, we will choose the last SQL Server 2016 Enterprise edition ISO.
The different steps will describe the method to find out all the elements to select the correct available image.

Select all publishers from a specific Azure Location:
Get-AzureRmVMImagePublisher -Location $location | Select PublisherName
$publisher = "MicrosoftSQLServer"


Now select all offers from a specific Azure Publisher:
Get-AzureRmVMImageOffer -Location $location -PublisherName $publisher | Select Offer
$offer = "SQL2016-WS2012R2"


Then select all Skus from a specific Azure Offer:
Get-AzureRmVMImageSku -Location $location -PublisherName $publisher -Offer $offer | Select Skus
$skus = "Enterprise"


Finally choose your version:
(Get-AzureRmVMImage -Location $location -PublisherName $publisher -Offer $publisher -Skus $skus).version


To obtain the last version of the image:
$Version = (Get-AzureRmVMImage -Location $location -PublisherName $publisher -Offer $offer -Skus $skus | sort -Descending).version[0]

Add the image profile to the existing VM object:
$vm = Set-AzureRmVMSourceImage -VM $vm -PublisherName $publisher -Offer $offer -Skus $skus -Version $version


OS Profile

According to the Image Profile, the Virtual Machine will be a Windows Server. So enter the specifications as follows:
$username = "dbi"
$password = ConvertTo-SecureString "B3stPa$$w0rd3v3r" -AsPlainText –Force
$cred = New-Object System.Management.Automation.PSCredential ($username, $password)
$vm = Set-AzureRmVMOperatingSystem -VM $VM -ComputerName "Artanis" -Windows -Credential $cred -ProvisionVMAgent


Disk Profile

As the VM will be created from an Azure Image, we need to specify a location and a name for the OS disk.

To list all your available Azure Storage Accounts, run this command:
Get-AzureRmStorageAccount | Select StorageAccountName, Location


To list the different containers available in your Azure Storage:
(Get-AzureRmStorageAccount | Get-AzureStorageContainer).CloudBlobContainer


And now add a disk profile to the existing VM:
$diskLocation = "https://<accountStorageName>.blob.core.windows.net/vhds/"
$vm = Set-AzureRmVMOSDisk -VM $vm -Name "artanisVHDOS.vhd" -VhdUri ($diskLocation+"artanisVHDOS.vhd") -CreateOption FromImage


IP Profile

Here is an example of Network configuration:
$subnet = New-AzureRmVirtualNetworkSubnetConfig -Name "CloudSubnet" -AddressPrefix "10.0.64.0/24"
$ain = New-AzureRmVirtualNetwork -Name "VirtualNetwork" -ResourceGroupName $resourceGroupName -Location $location -AddressPrefix "10.0.0.0/16" -Subnet $subnet
$pip = New-AzureRmPublicIpAddress -Name "AzurePublicIP" -ResourceGroupName $resourceGroupName -AllocationMethod Dynamic -Location $location
$nic = New-AzureRMNetworkInterface -Name "AzureNetInterface" -ResourceGroupName $resourceGroupName -Location $location SubnetId $ain.Subnets[0].Id -PublicIpAddressId $pip.Id


Conclusion: VM generation

Now we have entered all different profiles required to generate a new Windows Azure VM:
$azurevm = New-AzureRmVM -ResourceGroupName $resourceGroupName -Location $location -VM $vm


Use “Get-AzureRmVM” cmdlet to list all available VMs.

To download the remote desktop file to connect to this new virtual machine, use the following command:
Get-AzureRmRemoteDesktopFile -ResourceGroupName $resourceGroupName -Name $vmName -LocalPath "C:\Temp\Artanis.rdp"


With all these commands, you can realize how simple it is to automate the generation of a new Virtual Machine in Azure. Moreover you should probably have noticed the construction of the VM object (with the different profiles) is similar to Hyper-V structure.

I hope it helps you

Cet article Generate Azure VM with Resource Manager deployment in PowerShell est apparu en premier sur Blog dbi services.

Ausgangslage

Ein Kunde hat mich kürzlich angefragt, wie am effizientesten alle Kernel Tuning Parameter für Oracle bei Red Hat 7 konfiguriert werden können. Daraus habe ich untersucht welche Möglichkeiten es gibt, ausser dem seit langer Zeit bekannten /etc/sysctl.conf. Bei dieser Analyse führt der Weg natürlich über tuned. Dieser Dienst erlaubt es Profile zu definieren welche ein ganzes Set von Kernel Tuningparametern enthält. Das habe ich bereits in einem BLOG “Stay tuned with kernel parameters” publiziert. Tuned ist seit Red Hat Linux 7 standardmässig enabled!

Welche Möglichkeiten gibt es?

Bei Red Hat Linux 7 sind standardmässig die THP (Transparent Hugepages) eingeschalten. Wird eine Oracle Datenbank auf diesem Server installiert, ist es dringend zu empfehlen die THP auszuschalten. Oracle gibt einen erheblichen Performance verlust an werden die THP nicht ausgeschalten.

Um die THP auszuschalten gibt es nun unterschiedliche Wege (der Weg führt über Kernel Boot-Parameter):

• Variante 1: Kernel Boot-Parameter /boot/grub2/grub.cfg
• Variante 2: Kernel Boot-Parameter /etc/default/grub.conf
• Variante 3: Kernel Boot-Parameter /usr/lib/tuned/oracle/tuned.conf

Jeder der aufgeführten Varianten hat wie immer Vor und Nachteile.

Variante 1: (/boot/grub2/grub.cfg)

menuentry 'Red Hat Enterprise Linux Server (3.10.0-327.28.3.el7.x86_64) 7.2 (Maipo)' --class red --class gnu-linux --class gnu --class os --unrestri
cted $menuentry_id_option 'gnulinux-3.10.0-327.28.3.el7.x86_64-advanced-5b1a0ee8-c384-47be-99be-6d09a44d9583' {
        load_video
        set gfxpayload=keep
        insmod gzio
        insmod part_msdos
        insmod xfs
        set root='hd0,msdos1'
        if [ x$feature_platform_search_hint = xy ]; then
          search --no-floppy --fs-uuid --set=root --hint-bios=hd0,msdos1 --hint-efi=hd0,msdos1 --hint-baremetal=ahci0,msdos1 --hint='hd0,msdos1'  69
06b305-a050-4815-8e4b-79202d7ba9fa
        else
          search --no-floppy --fs-uuid --set=root 6906b305-a050-4815-8e4b-79202d7ba9fa
        fi
        linux16 /vmlinuz-3.10.0-327.28.3.el7.x86_64 root=/dev/mapper/rhel-root ro crashkernel=auto rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quie
t transparent_hugepage=never


        initrd16 /initramfs-3.10.0-327.28.3.el7.x86_64.img
}

Hier wurde die Zeile in der der Kernel Aufruf ist, mit “transparent_hugepage=never” erweitert.

Nachteil, wird eine neue Kernel Version installiert muss dieser Eintrag dort manuell nachgeführt werden. Hier handelt es sich bestenfalls um eine schnelle Möglichkeit für einen Test und nicht um eine permanente Lösung.

Variante 2: (/etc/default/grub.cfg)

GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)"
GRUB_DEFAULT=saved
GRUB_DISABLE_SUBMENU=true
GRUB_TERMINAL_OUTPUT="console"
GRUB_CMDLINE_LINUX="crashkernel=auto rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet transparent_hugepage=never hugepages=100"
GRUB_DISABLE_RECOVERY="true" GRUB_CMDLINE_LINUX_DEFAULT="${GRUB_CMDLINE_LINUX_DEFAULT:+$GRUB_CMDLINE_LINUX_DEFAULT }"

Hier wurde die Zeile “GRUB_CMDLINE_LINUX=”, mit “transparent_hugepage=never hugepages=100″ erweitert. Vorteil, es wird bei jedem neuen Kernel der installiert wird automatisch ergänzt im /boot/grub2/grub.cfg. Im Vergleich zur Variante 1, schon eher am richtigen Ort, aber es geht noch etwas besser….

Variante 3: (/usr/lib/tuned/oracle/tuned.conf)

Jetzt kommen in Abhängigkeit des gewählten tuned Profile, die Kernel Boot-Parameter in die /boot/grub2/grub.cfg. Ein solches tuned Profile z.B. für Oracle:

[root@redhat72 ~]# cat /usr/lib/tuned/oracle/tuned.conf 
#
# tuned configuration
# maintained by dbi services, GGR 24.08.2016
[main]
include=throughput-performance
[bootloader]
cmdline = "transparent_hugepage=never"
[sysctl]
vm.swappiness = 1
vm.dirty_background_ratio = 3
vm.dirty_ratio = 80
vm.dirty_expire_centisecs = 500
vm.dirty_writeback_centisecs = 100
vm.nr_hugepages = 100
kernel.shmmax = 4398046511104
#
# Half the size of physical memory in bytes
# See My Oracle Support Note 567506.1 for additional information about
# configuring shmmax
#
kernel.shmall = 1073741824
#
# 40 percent of the size of physical memory in pages
# Note: If the server supports multiple databases, or uses a large SGA,
# then set this parameter to a value that is equal to the total amount
# of shared memory, in 4K pages, that the system can use at one time
#
kernel.shmmni = 4096
kernel.msgmni = 2878
kernel.msgmnb = 65536
kernel.msgmax = 65536
# kernel.sem = 250 32000 100 128
# on oracle engineered systems
kernel.sem = 4096 256000 100 4096
fs.file-max = 6815744
fs.aio-max-nr = 3145728
net.ipv4.ip_local_port_range = 9000 65500
net.core.rmem_default = 262144
net.core.rmem_max = 4194304
net.core.wmem_default = 262144
net.core.wmem_max = 1048576
kernel.panic_on_oops = 1

Der spezielle Abschnitt in dem Konfigurationsfile ist die “bootloader” Sektion, mit darauf folgendem Befehl: tuned-adm profile oracle wird das Profile aktiviert.

Das hat den grossen Vorteil, wird ein anderes tuned Profile selektiert können andere Parameter gesetzt werden. Diese Methode erlaubt die Konfiguration, ausschalten der THP und festlegen der grösse der HugePages in einem Profile und das nur an einer Stelle, im oracle/tune.cfg.

Nachteil, es muss nach der Anpassung mit grub2-mkconfig -o /boot/grub2/grub.cfg, noch die /boot/grub2/grub.cfg neu Erstellt werden.

Generating grub configuration file ...
Found linux image: /boot/vmlinuz-3.10.0-327.28.3.el7.x86_64
Found initrd image: /boot/initramfs-3.10.0-327.28.3.el7.x86_64.img
Found linux image: /boot/vmlinuz-3.10.0-327.28.2.el7.x86_64
Found initrd image: /boot/initramfs-3.10.0-327.28.2.el7.x86_64.img
Found linux image: /boot/vmlinuz-3.10.0-327.el7.x86_64
Found initrd image: /boot/initramfs-3.10.0-327.el7.x86_64.img
Found linux image: /boot/vmlinuz-0-rescue-29b38e2132e04639809cde7749271d64
Found initrd image: /boot/initramfs-0-rescue-29b38e2132e04639809cde7749271d64.img
done
[root@redhat72 ~]#

Mit dem letzten Schritt, werden einige Dinge automatisch angepasst:

• Parameter auf der command_line_linux_default im /etc/default/grub
• Parameter auf der Kernelzeile im /boot/grub2/grub.cfg
• angepasstes File unter /etc/tuned/bootcmdline

/boot/grubs/grub.cfg

linux16 /vmlinuz-3.10.0-327.28.3.el7.x86_64 root=/dev/mapper/rhel-root ro crashkernel=auto rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quie
t $tuned_params

/etc/default/grub

GRUB_CMDLINE_LINUX_DEFAULT="${GRUB_CMDLINE_LINUX_DEFAULT:+$GRUB_CMDLINE_LINUX_DEFAULT }\$tuned_params"

/etc/tuned/bootcmdline

TUNED_BOOT_CMDLINE="transparent_hugepage=never"

Damit die ganzen Anpassungen Wirkung zeigen, muss ein Reboot des Servers durchgeführt werden.

Prüfen der Anpassungen:

Nun wollen wir die ganzen Anpassungen auch überprüfen, speziell die AnonHugePages sind die transparenten Hugepages, auf das achten wir jetzt:

Wie sehen uns die HugePage Konfiguration vor der Konfiguration an:

[root@redhat72 ~]# cat /proc/meminfo | grep Huge
AnonHugePages: 6144 kB
HugePages_Total: 100
HugePages_Free: 100
HugePages_Rsvd: 0
HugePages_Surp: 0
Hugepagesize: 2048 kB

Wir sehen uns die Konfiguration nach der Konfiguration an:

[root@redhat72 ~]# cat /proc/meminfo | grep Huge
AnonHugePages: 0 kB
HugePages_Total: 100
HugePages_Free: 100
HugePages_Rsvd: 0
HugePages_Surp: 0
Hugepagesize: 2048 kB

Fazit:

Wird mit tuned gearbeitet und werden auf diese Art die Kernel-Parameter für z.B. für Oracle gesetzt, so können auf die gleiche Art auch gerade noch die THP ausgeschaltet und die Anzahl der HugePages welche bereitsgestellt werden sollen konfiguriert werden.

Cet article Disable Red Hat 7 Transparent Hugepages est apparu en premier sur Blog dbi services.

In this post, I will present a usefull and easy-to-use Oracle tool : OSWatcher.

What is it ?

OSWatcher Black Box (OSWBB), for its full name, is a free Oracle Tool which will help you to diagnose performance issues on the OS side.
Of course, it will not solve the issue for you, but it gives a system health state at a given moment.
OSWBB is multi-platforms supported (AIX, Solaris, HP-UX, Linux and Windows) and is installed by default on Oracle Database Appliance (ODA).

How does it work ?

OSWatcher invoke OS utilities like vmstat, netstat, iostat, etc. by creating a “Data Collectors” for each of them available on the system. The “Data Collectors” works as background processes to collect periodically the data provided by these different OS utilities.
Once collected, all the statistics are stored inside a common destination (archive directory).

Below is the content of the archive directory. As you can see there is a dedicated folder for each type of OS statistics collected :
oracle@srvtestoel7:/u01/app/oracle/product/oswbb/archive/ [JOCDB1] ll
total 36
-rw-r--r-- 1 oracle oinstall 1835 28 sept. 16:55 heartbeat
drwxr-xr-x 2 oracle oinstall 4096 28 sept. 16:52 oswifconfig
drwxr-xr-x 2 oracle oinstall 4096 28 sept. 16:52 oswiostat
drwxr-xr-x 2 oracle oinstall 4096 28 sept. 16:52 oswmeminfo
drwxr-xr-x 2 oracle oinstall 4096 28 sept. 16:52 oswmpstat
drwxr-xr-x 2 oracle oinstall 4096 28 sept. 16:52 oswnetstat
drwxr-xr-x 2 oracle oinstall 6 23 sept. 09:18 oswprvtnet
drwxr-xr-x 2 oracle oinstall 4096 28 sept. 16:52 oswps
drwxr-xr-x 2 oracle oinstall 6 23 sept. 09:18 oswslabinfo
drwxr-xr-x 2 oracle oinstall 4096 28 sept. 16:52 oswtop
drwxr-xr-x 2 oracle oinstall 4096 28 sept. 16:52 oswvmstat


Downloading

You can download OSWatcher from My Oracle Support – Doc ID 301137.1 (.tar file – 6Mb)

Installing

To install OSWatcher, you simply have to untar the downloaded file :
$ tar -xvf oswbb733.tar
All necessary files are stored in the oswbb folder.

Uninstalling

To remove OSWatcher from your server, you only have to :
– Stop all OSWatcher running processes
– Delete the oswbb folder

Starting

$ nohup ./OSWatcher.sh P1 P2 P3 P4

Parameters

– P1 = snapshot interval in seconds (default : 30 seconds)
– P2 = number of hours of archive data to store (default : 48 hours)
– P3 = name of a compress utility to compress each file automatically (default : none)
– P4 = alternate location to store the archive directory (default : oswbb/archive)

You can also set the UNIX environment variable oswbb_ARCHIVE_DEST to specify a non-default location.

Startup steps

Starting OSWatcher involve 4 steps :

1. Check parameters
   $ ./OSWatcher.sh 60 24 gzip /tmp/oswbb/archive
Info...Zip option IS specified.
Info...OSW will use gzip to compress files.
...
2. Discover OS utilities
   Testing for discovery of OS Utilities...
VMSTAT found on your system.
IOSTAT found on your system.
MPSTAT found on your system.
...
...
Discovery completed.
3. Discover CPU count
   Testing for discovery of OS CPU COUNT
oswbb is looking for the CPU COUNT on your system
CPU COUNT will be used by oswbba to automatically look for cpu problems
CPU COUNT found on your system.
CPU COUNT = 1
4. Data collection
   Data is stored in directory: /tmp/oswbb/archive
Starting Data Collection...
oswbb heartbeat:mar. sept. 13 22:03:33 CEST 2016
oswbb heartbeat:mar. sept. 13 22:04:33 CEST 2016
oswbb heartbeat:mar. sept. 13 22:05:33 CEST 2016

Check if OSWBB is running

$ ps -ef | grep OSWatcher | grep -v grep
oracle    8130     1  0 13:47 pts/0    00:00:33 /bin/sh ./OSWatcher.sh 5 48
oracle    8188  8130  0 13:47 pts/0    00:00:00 /bin/sh ./OSWatcherFM.sh 48 /u01/app/oracle/product/oswbb/archive
The OSWatcherFM.sh process is the file manager who delete collected statitstics once they have reached their retention.

Stopping

Run the stopOSWbb.sh to stop all OSWatcher processes
$ ./stopOSWbb.sh

Configure automatic startup

Oracle provide a RPM package to configure auto-start of OSWatcher when the system starts.
You can download it here : My Oracle Support – Doc ID 580513.1
Once downloaded, install the package (as root) :
$ rpm -ihv oswbb-service-7.2.0-1.noarch.rpm
Preparing... ######################################### [100%] 1:oswbb-service    ######################################### [100%]
You can adapt the following values in /usr/libexec/oswbb-service/oswbb-helper to define the parameters with which OSWatcher will auto-starts :
OSW_HOME='/u01/app/oracle/product/oswbb/'
OSW_INTERVAL='10'
OSW_RETENTION='48'
OSW_USER='oracle'
OSW_COMPRESSION='gzip'
OSW_ARCHIVE='archive'
Start the service :
$ service oswbb start
Starting oswbb (via systemctl): [ OK ]
Check the service :
$ service oswbb status
OSWatcher is running.

Stop the service :
$ service oswbb stop
Stopping oswbb (via systemctl):  Warning: Unit file of oswbb.service changed on disk, 'systemctl daemon-reload' recommended.
[  OK  ]

Enable the service when the system start :
$/sbin/chkconfig oswbb on

Systemd commands (Linux 7) :
$ systemctl stop oswbb.service
$ systemctl start oswbb.service
$ systemctl status oswbb.service
$ systemctl enable oswbb.service

Inside the archive directory, one dedicated folder is created by type of collected statistics :
oracle@srvtestoel7:/u01/app/oracle/product/oswbb/archive/ [JOCDB1] ll
total 0
drwxr-xr-x 2 oracle oinstall 136 23 sept. 10:00 oswifconfig
drwxr-xr-x 2 oracle oinstall 132 23 sept. 10:00 oswiostat
drwxr-xr-x 2 oracle oinstall 134 23 sept. 10:00 oswmeminfo
drwxr-xr-x 2 oracle oinstall 132 23 sept. 10:00 oswmpstat
drwxr-xr-x 2 oracle oinstall 134 23 sept. 10:00 oswnetstat
drwxr-xr-x 2 oracle oinstall 6 23 sept. 09:18 oswprvtnet
drwxr-xr-x 2 oracle oinstall 124 23 sept. 10:00 oswps
drwxr-xr-x 2 oracle oinstall 6 23 sept. 09:18 oswslabinfo
drwxr-xr-x 2 oracle oinstall 126 23 sept. 10:00 oswtop
drwxr-xr-x 2 oracle oinstall 132 23 sept. 10:00 oswvmstat

In a following blog post, I’ll present OSWatcher Black Box Analyzer (oswbaa), which is a tool used to analyze graphically the collected data.

Cet article OTN Appreciation Day : OSWatcher Black Box (OSWBB) est apparu en premier sur Blog dbi services.

Following my last blog post about OSWatcher, I will present in this one OSWatcher Black Box Analyzer (OSWBBA), which is the tool that you can use to display graphically the data collected by OSWBB.
This tool is a Java utility and exists since OSWatcher version 4.0.0. It permits to create graphs and complete HTML reports containing collected OS statistics.  

OSWBBA require no installation. It is embedded in the OSWatcher home directory.
To start the Analyser, run oswbba.jar :
$ java -jar oswbba.jar -i ./archive
Starting OSW Analyzer V7.3.3
OSWatcher Analyzer Written by Oracle Center of Expertise
Copyright (c)  2014 by Oracle Corporation
Parsing Data. Please Wait...
Scanning file headers for version and platform info...
Parsing file srvtestoel7.it.dbi-services.com_iostat_16.07.25.2000.dat
...
The ”–i” parameter indicates the OSWatcher archive directory and is mandatory.
Once launched, the main menu is displayed :
Enter 1 to Display CPU Process Queue Graphs
Enter 2 to Display CPU Utilization Graphs
Enter 3 to Display CPU Other Graphs
Enter 4 to Display Memory Graphs
Enter 5 to Display Disk IO Graphs
Enter 6 to Generate All CPU Gif Files
Enter 7 to Generate All Memory Gif Files
Enter 8 to Generate All Disk Gif Files
Enter L to Specify Alternate Location of Gif Directory
Enter T to Alter Graph Time Scale Only (Does not change analysis dataset)
Enter D to Return to Default Graph Time Scale
Enter R to Remove Currently Displayed Graphs
Enter A to Analyze Data
Enter S to Analyze Subset of Data(Changes analysis dataset including graph time scale)
Enter P to Generate A Profile
Enter X to Export Parsed Data to File
Enter Q to Quit Program

You must enable a X-Windows environment to display graphs.

If you don’t want to go through this menu every time you want to display graph or generate report, you can pass all of the above options to OSWBBA from the command line, for example :
$ java -jar oswbba.jar -i ./archive -4 -P last_crash

• -i  : Specify the archive directory
• -4 : Create memory graphs
• -P : Create a profile called “last_crash”

Other options :

• -6..8 : Same options as in the menu
• -L : User specified location to place gif files
• -A : Create a report
• -B : Specify the start time to analyze (format Mon DD HH:MM:SS YYYY)
• -E : Specify the end time to analyze  (format Mon DD HH:MM:SS YYYY)
• -F : Specify a filename of a text file containing a list of options
  (all others options are ignored if –F is used)

Example :
$ java -jar oswbba.jar -i ./archive -6 -B Sep 23 09:25:00 2016 -E Sep 23 09:30:00 2016
Will start OSWatcher Analyzer with the following parameters :

• Archive directory : $OSWatcher_HOME/archive
• Generate all CPU GIF files
• Time slot : 23 of Septembre 2016 – 09:25:00 to 09:30:00

Generated file :

It’s also possible to specify in a text file all options you want to use and then run OSWBBA with the “-f” parameter :
$ cat input.txt
-P today_crash -B Sep 23 09:00:00 2016 -E Sep 23 11:00:00 2016
$ java -jar oswbba.jar -i ./archive -F input.txt

This will generate a complete HTML report (called “today_crash”) with all available graphs based on the statistics stored in the archive directory.

Cet article OTN Appreciation Day : OSWatcher Black Box Analyzer (OSWBBA) est apparu en premier sur Blog dbi services.

Azure offers two deployment models for cloud components: Resource Manager (RM) and Classic deployment model. Newer and more easier to manage, Microsoft recommends to use the Resource Manager.
Even if these two models can exist at the same time in Azure, they are different and managed differently: in PowerShell cmdlets are specific to RM.

In order to be able to communicate with Azure from On-Premises in PowerShell, you need to download and install the Azure PowerShell from WebPI. For more details, please refer to this Microsoft Azure post “How to install and configure Azure PowerShell“.
 
 
Azure PowerShell installs many modules located in C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell:
Get-module -ListAvailable -Name *AzureRm*
ModuleType Version Name ExportedCommands
---------- ------- ---- ----------------
Manifest 1.1.3 AzureRM.ApiManagement {Add-AzureRmApiManagementRegion, Get-AzureRmApiManagementSsoToken, New-AzureRmApiManagementHostnam...
Manifest 1.0.11 AzureRM.Automation {Get-AzureRMAutomationHybridWorkerGroup, Get-AzureRmAutomationJobOutputRecord, Import-AzureRmAutom...
Binary 0.9.8 AzureRM.AzureStackAdmin {Get-AzureRMManagedLocation, New-AzureRMManagedLocation, Remove-AzureRMManagedLocation, Set-AzureR...
Manifest 0.9.9 AzureRM.AzureStackStorage {Add-ACSFarm, Get-ACSEvent, Get-ACSEventQuery, Get-ACSFarm...}
Manifest 1.0.11 AzureRM.Backup {Backup-AzureRmBackupItem, Enable-AzureRmBackupContainerReregistration, Get-AzureRmBackupContainer...
Manifest 1.1.3 AzureRM.Batch {Remove-AzureRmBatchAccount, Get-AzureRmBatchAccount, Get-AzureRmBatchAccountKeys, New-AzureRmBatc...
Manifest 1.0.5 AzureRM.Cdn {Get-AzureRmCdnCustomDomain, New-AzureRmCdnCustomDomain, Remove-AzureRmCdnCustomDomain, Get-AzureR...
Manifest 0.1.2 AzureRM.CognitiveServices {Get-AzureRmCognitiveServicesAccount, Get-AzureRmCognitiveServicesAccountKey, Get-AzureRmCognitive...
Manifest 1.3.3 AzureRM.Compute {Remove-AzureRmAvailabilitySet, Get-AzureRmAvailabilitySet, New-AzureRmAvailabilitySet, Get-AzureR...
Manifest 1.0.11 AzureRM.DataFactories {Remove-AzureRmDataFactory, Get-AzureRmDataFactoryRun, Get-AzureRmDataFactorySlice, Save-AzureRmDa...
Manifest 1.1.3 AzureRM.DataLakeAnalytics {Get-AzureRmDataLakeAnalyticsDataSource, Remove-AzureRmDataLakeAnalyticsCatalogSecret, Set-AzureRm...
Manifest 1.0.11 AzureRM.DataLakeStore {Add-AzureRmDataLakeStoreItemContent, Export-AzureRmDataLakeStoreItem, Get-AzureRmDataLakeStoreChi...
Manifest 1.0.2 AzureRM.DevTestLabs {Get-AzureRmDtlAllowedVMSizesPolicy, Get-AzureRmDtlAutoShutdownPolicy, Get-AzureRmDtlAutoStartPoli...
Manifest 1.0.11 AzureRM.Dns {Get-AzureRmDnsRecordSet, New-AzureRmDnsRecordConfig, Remove-AzureRmDnsRecordSet, Set-AzureRmDnsRe...
Manifest 1.1.3 AzureRM.HDInsight {Get-AzureRmHDInsightJob, New-AzureRmHDInsightSqoopJobDefinition, Wait-AzureRmHDInsightJob, New-Az...
Manifest 1.0.11 AzureRM.Insights {Add-AzureRmMetricAlertRule, Add-AzureRmLogAlertRule, Add-AzureRmWebtestAlertRule, Get-AzureRmAler...
Manifest 1.1.10 AzureRM.KeyVault {Get-AzureRmKeyVault, New-AzureRmKeyVault, Remove-AzureRmKeyVault, Remove-AzureRmKeyVaultAccessPol...
Manifest 1.0.7 AzureRM.LogicApp {Get-AzureRmIntegrationAccountAgreement, Get-AzureRmIntegrationAccountCallbackUrl, Get-AzureRmInte...
Manifest 0.9.2 AzureRM.MachineLearning {Export-AzureRmMlWebService, Get-AzureRmMlWebServiceKeys, Import-AzureRmMlWebService, Remove-Azure...
Manifest 1.0.12 AzureRM.Network {Add-AzureRmApplicationGatewayBackendAddressPool, Get-AzureRmApplicationGatewayBackendAddressPool,...
Manifest 1.0.11 AzureRM.NotificationHubs {Get-AzureRmNotificationHubsNamespaceAuthorizationRules, Get-AzureRmNotificationHubsNamespaceListK...
Manifest 1.0.11 AzureRM.OperationalInsights {Get-AzureRmOperationalInsightsSavedSearch, Get-AzureRmOperationalInsightsSavedSearchResults, Get-...
Manifest 1.0.0 AzureRM.PowerBIEmbedded {Remove-AzureRmPowerBIWorkspaceCollection, Get-AzureRmPowerBIWorkspaceCollection, Get-AzureRmPower...
Manifest 1.0.11 AzureRM.Profile {Enable-AzureRmDataCollection, Disable-AzureRmDataCollection, Remove-AzureRmEnvironment, Get-Azure...
Manifest 1.1.3 AzureRM.RecoveryServices {Get-AzureRmRecoveryServicesBackupProperties, Get-AzureRmRecoveryServicesVault, Get-AzureRmRecover...
Manifest 1.0.3 AzureRM.RecoveryServices.Backup {Backup-AzureRmRecoveryServicesBackupItem, Get-AzureRmRecoveryServicesBackupManagementServer, Get-...
Manifest 1.1.9 AzureRM.RedisCache {Reset-AzureRmRedisCache, Export-AzureRmRedisCache, Import-AzureRmRedisCache, Remove-AzureRmRedisC...
Manifest 2.0.2 AzureRM.Resources {Get-AzureRmADApplication, Get-AzureRmADGroupMember, Get-AzureRmADGroup, Get-AzureRmADServicePrinc...
Manifest 1.0.2 AzureRM.ServerManagement {Install-AzureRmServerManagementGatewayProfile, Reset-AzureRmServerManagementGatewayProfile, Save-...
Manifest 1.1.10 AzureRM.SiteRecovery {Stop-AzureRmSiteRecoveryJob, Get-AzureRmSiteRecoveryNetwork, Get-AzureRmSiteRecoveryNetworkMappin...
Manifest 1.0.11 AzureRM.Sql {Get-AzureRmSqlDatabaseImportExportStatus, New-AzureRmSqlDatabaseExport, New-AzureRmSqlDatabaseImp...
Manifest 1.1.3 AzureRM.Storage {Get-AzureRmStorageAccount, Get-AzureRmStorageAccountKey, Get-AzureRmStorageAccountNameAvailabilit...
Manifest 1.0.11 AzureRM.StreamAnalytics {Get-AzureRmStreamAnalyticsFunction, Get-AzureRmStreamAnalyticsDefaultFunctionDefinition, New-Azur...
Manifest 1.0.11 AzureRM.Tags {Remove-AzureRmTag, Get-AzureRmTag, New-AzureRmTag}
Manifest 1.0.11 AzureRM.TrafficManager {Disable-AzureRmTrafficManagerEndpoint, Enable-AzureRmTrafficManagerEndpoint, Set-AzureRmTrafficMa...
Manifest 1.0.11 AzureRM.UsageAggregates Get-UsageAggregates
Manifest 1.1.3 AzureRM.Websites {Get-AzureRmAppServicePlanMetrics, New-AzureRmWebAppDatabaseBackupSetting, Restore-AzureRmWebAppBa...
 
The basic cmdlets to connect and navigate between your different Accounts or Subscriptions are located in “AzureRM.Profile” module:
PS C:\> Get-Command -Module AzureRM.Profile
CommandType Name Version Source
----------- ---- ------- ------
Alias Login-AzureRmAccount 1.0.11 AzureRM.Profile
Alias Select-AzureRmSubscription 1.0.11 AzureRM.Profile
Cmdlet Add-AzureRmAccount 1.0.11 AzureRM.Profile
Cmdlet Add-AzureRmEnvironment 1.0.11 AzureRM.Profile
Cmdlet Disable-AzureRmDataCollection 1.0.11 AzureRM.Profile
Cmdlet Enable-AzureRmDataCollection 1.0.11 AzureRM.Profile
Cmdlet Get-AzureRmContext 1.0.11 AzureRM.Profile
Cmdlet Get-AzureRmEnvironment 1.0.11 AzureRM.Profile
Cmdlet Get-AzureRmSubscription 1.0.11 AzureRM.Profile
Cmdlet Get-AzureRmTenant 1.0.11 AzureRM.Profile
Cmdlet Remove-AzureRmEnvironment 1.0.11 AzureRM.Profile
Cmdlet Save-AzureRmProfile 1.0.11 AzureRM.Profile
Cmdlet Select-AzureRmProfile 1.0.11 AzureRM.Profile
Cmdlet Set-AzureRmContext 1.0.11 AzureRM.Profile
Cmdlet Set-AzureRmEnvironment 1.0.11 AzureRM.Profile

According to the cmdlets present in “AzureRM.Profile” module, you will be able to connect to your Azure Account(enter your credentials):
PS C:\> Login-AzureRmAccount
Environment : AzureCloud
Account : n.courtine@xxxxxx.com
TenantId : a123456b-789b-123c-4de5-67890fg123h4
SubscriptionId : z123456y-789x-123w-4vu5-67890ts123r4
SubscriptionName : ** Subscription Name **
CurrentStorageAccount :
 
You can list your associated Azure Subscriptions:
Get-AzureRmSubscription
SubscriptionName : ** Subscription Name **
SubscriptionId : z123456y-789x-123w-4vu5-67890ts123r4
TenantId : a123456b-789b-123c-4de5-67890fg123h4
 
To switch your Subscription, do as follows:
Select-AzureRmSubscription -SubscriptionId z123456y-789x-123w-4vu5-67890ts123r4
Environment : AzureCloud
Account : n.courtine@xxxxxx.com
TenantId : a123456b-789b-123c-4de5-67890fg123h4
SubscriptionId : z123456y-789x-123w-4vu5-67890ts123r4
SubscriptionName : ** Subscription Name **
CurrentStorageAccount :
 
Or you can take a specific “snapshot” of your current location in Azure. It will help you to easily return to a specific context at the moment you ran the command:
PS C:\> $context = Get-AzureRmContext
Environment : AzureCloud
Account : n.courtine@xxxxxx.com
TenantId : a123456b-789b-123c-4de5-67890fg123h4
SubscriptionId : z123456y-789x-123w-4vu5-67890ts123r4
SubscriptionName : ** Subscription Name **
CurrentStorageAccount :
...
PS C:\> Set-AzureRmContext -Context $context
Environment : AzureCloud
Account : n.courtine@xxxxxx.com
TenantId : a123456b-789b-123c-4de5-67890fg123h4
SubscriptionId : z123456y-789x-123w-4vu5-67890ts123r4
SubscriptionName : ** Subscription Name **
CurrentStorageAccount :
 
It is also possible to list all the available Storage Account associated to your current subscriptions:
PS C:\> Get-AzureRmStorageAccount | Select StorageAccountName, Location
StorageAccountName Location
------------------ --------
semicroustillants259 westeurope
semicroustillants4007 westeurope
semicroustillants8802 westeurope
 
To see the existing blob container in each Storage Account:
PS C:\> Get-AzureRmStorageAccount | Select StorageAccountName, ResourceGroupName, Location
Blob End Point: https://dbimssql.blob.core.windows.net/
Name Uri LastModified
---- --- ------------
bootdiagnostics-t... https://dbimssql.blob.core.windows.net/bootdiagnostics-ta... 30.09.2016 12:36:12 +00:00
demo https://dbimssql.blob.core.windows.net/demo 05.10.2016 14:16:01 +00:00
vhds https://dbimssql.blob.core.windows.net/vhds 30.09.2016 12:36:12 +00:00
Blob End Point: https://semicroustillants259.blob.core.windows.net/
Name Uri LastModified
---- --- ------------
mastervhds https://semicroustillants259.blob.core.windows.net/master... 28.09.2016 13:41:19 +00:00
uploads https://semicroustillants259.blob.core.windows.net/uploads 28.09.2016 13:41:19 +00:00
vhds https://semicroustillants259.blob.core.windows.net/vhds 28.09.2016 13:55:57 +00:00
Blob End Point: https://semicroustillants4007.blob.core.windows.net/
Name Uri LastModified
---- --- ------------
artifacts https://semicroustillants4007.blob.core.windows.net/artif... 28.09.2016 13:59:47 +00:00

Azure infrastructure can be easily managed from On-Premises in PowerShell. In a previous post, I explained how to deploy a Virtual Machine from an Image in Azure PowerShell.
If you have remarks or advises, do not hesitate to share

Cet article Manage Azure in PowerShell (RM) est apparu en premier sur Blog dbi services.

In case you are not interested in IPv6, you can use the following HowTo to disable it on Oracle Linux 7. Unless you have something very very special on your System, these 10 Steps should do it.

1. First of all, check if IPv6 is active at all
2. Add the disable_ipv6 = 1 entries to the /etc/sysctl.conf file
3. Disable IPv6 in all /etc/sysconfig/network-scripts/ifcfg-* files, e.g.
4. Disable IPv6 in /etc/sysconfig/network
5. Remove the “::1″ line from the /etc/hosts file
6. Remove the “restrict -6″ line from the /etc/ntp.conf
7. Add ipv6.disable=1 to the GRUB_CMDLINE_LINUX entry in the /etc/default/grub file
8. Regenerate a GRUB configuration file and overwrite the existing one
9. Reboot the server
10. Confirm if IPV6 is disabled

First of all, check if IPv6 is active at all

[root@dbidg01 ~]# /sbin/ip -6 addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 1000
    inet6 fe80::ad02:9b6a:bf40:5a3a/64 scope link
       valid_lft forever preferred_lft forever
3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 1000
    inet6 fe80::a00:27ff:feb8:3544/64 scope link
       valid_lft forever preferred_lft forever

Add the disable_ipv6 = 1 entries to the /etc/sysctl.conf file

#-- Disable IPv6
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1

Disable IPv6 in all /etc/sysconfig/network-scripts/ifcfg-* files, e.g.

cat /etc/sysconfig/network-scripts/ifcfg-enp0s3 | grep IPV6INIT
IPV6INIT=no

Disable IPv6 in /etc/sysconfig/network

cat /etc/sysconfig/network | grep NETWORKING_IPV6
NETWORKING_IPV6=no

Remove the following line from the /etc/hosts file

::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

Remove the following line from the /etc/ntp.conf

cat /etc/ntp.conf | egrep ' -6'
restrict -6 default kod nomodify notrap nopeer noquery
restrict -6 ::1

Add ipv6.disable=1 to the GRUB_CMDLINE_LINUX entry in the /etc/default/grub file

[root@dbidg01 /]# cat /etc/default/grub | grep GRUB_CMDLINE_LINUX
GRUB_CMDLINE_LINUX="ipv6.disable=1 crashkernel=auto rd.lvm.lv=ol/root rd.lvm.lv=ol/swap rhgb quiet numa=off transparent_hugepage=never"

Regenerate a GRUB configuration file and overwrite the existing one

[root@dbidg01 /]# grub2-mkconfig -o /boot/grub2/grub.cfg
Generating grub configuration file ...
Found linux image: /boot/vmlinuz-4.1.12-61.1.19.el7uek.x86_64
Found initrd image: /boot/initramfs-4.1.12-61.1.19.el7uek.x86_64.img
Found linux image: /boot/vmlinuz-4.1.12-61.1.18.el7uek.x86_64
Found initrd image: /boot/initramfs-4.1.12-61.1.18.el7uek.x86_64.img
Found linux image: /boot/vmlinuz-3.10.0-514.el7.x86_64
Found initrd image: /boot/initramfs-3.10.0-514.el7.x86_64.img
Found linux image: /boot/vmlinuz-0-rescue-547c48bd53614a2ca2d16909b3c14419
Found initrd image: /boot/initramfs-0-rescue-547c48bd53614a2ca2d16909b3c14419.img
done

Reboot the server

init 6

Confirm if IPV6 is disabled

[root@dbidg01 ~]# /sbin/ip -6 addr
[root@dbidg01 ~]# lsmod | grep -i v6

In case the ip and the lsmod command do not return anything back, then you have successfully disabled IPv6.

Cheers, William

Cet article OEL 7 – How to disable IPv6 on Oracle Linux 7 est apparu en premier sur Blog dbi services.

User and group quotas do exist for quite a while for all kind of file systems, like ext4 or vxfs and maybe many others.

However, for my use case, I do need quotas for different directories on the same file system. My mount point is /u01 and in that file system, I do have different Oracle Homes which belong to the same user, oracle. However, I do not want that my 11.2.0.4 Oracle Home influences my 12.1.0.2 Oracle Home in respect of file system usage. e.g. if the 11.2.0.4 home is core dumping, it should not fill up the space of the 12.1.0.2 home, and the other way around. But how can I do that?

The idea is to create XFS project quotas, and this is how it works.

First of all, we need to enable project quotas on the XFS file system.  /u01 is currently mounted with XFS default options, which are (rw,relatime,attr2,inode64,noquota). As you can see, the default is “noquota”.

[root@dbidg01 ~]# mount | grep u01
/dev/mapper/vg_ora_u01-lv_ora_u01 on /u01 type xfs (rw,relatime,attr2,inode64,noquota)

We can enable project quotas by adding the “prjquota” mount option to the /etc/fstab and afterwards remounting the file system.

[root@dbidg01 ~]# mount | grep u01
/dev/mapper/vg_ora_u01-lv_ora_u01 on /u01 type xfs (rw,relatime,attr2,inode64,noquota)

Unfortunately, the remount option does not work with the XFS filesystem. Meaning, I can remount the file system, but my new option “prjquota” is not reflected.

[root@dbidg01 ~]# mount -o remount,rw,relatime,attr2,inode64,prjquota /u01
[root@dbidg01 ~]# mount | grep u01
/dev/mapper/vg_ora_u01-lv_ora_u01 on /u01 type xfs (rw,relatime,attr2,inode64,noquota)

So I have to do a umount, mount. Not a good thing from my point of view, because it means that I cannot enable project quotas online for my /u01 directory, where I have different Oracle homes located. In other words, I need to shutdown all Oracle databases.

[root@dbidg01 ~]# umount /u01
[root@dbidg01 ~]# mount /u01
[root@dbidg01 ~]# mount | grep u01
/dev/mapper/vg_ora_u01-lv_ora_u01 on /u01 type xfs (rw,relatime,attr2,inode64,prjquota)

Ok. Now it looks better. The next step is to define unique project id’s for the different directory hierarchies in the /etc/projects file.

For example, to set a project ID of 11 for the directory hierarchy /u01/app/oracle/product/11.2.0, and the project ID of 12 for the directory hierarchy /u01/app/oracle/product/12.1.0 we can do the following.

# echo "11:/u01/app/oracle/product/11.2.0" >> /etc/projects
# echo "12:/u01/app/oracle/product/12.1.0" >> /etc/projects

[root@dbidg01 ~]# cat /etc/projects
11:/u01/app/oracle/product/11.2.0
12:/u01/app/oracle/product/12.1.0

If you don’t want to work with ID’s, you have the possibility to map project names to the project ID’s in your /etc/projid file. It is much easier in regards of reporting quota usage, which we will see later.

For example, to map the project name oracle11gR2 to the project with ID 11 or to map the project name oracle12cR1 to 12 do the following.

# echo "oracle11gR2:11" >> /etc/projid
# echo "oracle12cR1:12" >> /etc/projid

Now use the project subcommand of xfs_quota to define a managed tree in the XFS file system for the different projects.

For example, to define a managed tree in the /u01 file system for the project oracle11gR2, which corresponds to the directory hierarchy /u01/app/oracle/product/11.2.0, do the following.

# xfs_quota -x -c 'project -s oracle11gR2' /u01

[root@dbidg01 etc]# xfs_quota -x -c 'project -s oracle11gR2' /u01
Setting up project oracle11gR2 (path /u01/app/oracle/product/11.2.0)...
xfs_quota: skipping special file /u01/app/oracle/product/11.2.0/dbhome_1/bin/lbuilder
xfs_quota: skipping special file /u01/app/oracle/product/11.2.0/dbhome_1/jdk/jre/lib/amd64/server/libjsig.so
xfs_quota: skipping special file /u01/app/oracle/product/11.2.0/dbhome_1/lib/libagtsh.so
xfs_quota: skipping special file /u01/app/oracle/product/11.2.0/dbhome_1/lib/libodm11.so
xfs_quota: skipping special file /u01/app/oracle/product/11.2.0/dbhome_1/lib/libclntsh.so.10.1
xfs_quota: skipping special file /u01/app/oracle/product/11.2.0/dbhome_1/lib/libocci.so
xfs_quota: skipping special file /u01/app/oracle/product/11.2.0/dbhome_1/lib/libclntsh.so
xfs_quota: skipping special file /u01/app/oracle/product/11.2.0/dbhome_1/lib/liborasdk.so
xfs_quota: skipping special file /u01/app/oracle/product/11.2.0/dbhome_1/lib/liborasdkbase.so
xfs_quota: skipping special file /u01/app/oracle/product/11.2.0/dbhome_1/network/admin/listener.ora
xfs_quota: skipping special file /u01/app/oracle/product/11.2.0/dbhome_1/network/admin/sqlnet.ora
xfs_quota: skipping special file /u01/app/oracle/product/11.2.0/dbhome_1/network/admin/tnsnames.ora
xfs_quota: skipping special file /u01/app/oracle/product/11.2.0/dbhome_1/network/admin/ldap.ora
xfs_quota: skipping special file /u01/app/oracle/product/11.2.0/dbhome_1/precomp/public/SQLCA.H
xfs_quota: skipping special file /u01/app/oracle/product/11.2.0/dbhome_1/precomp/public/ORACA.H
xfs_quota: skipping special file /u01/app/oracle/product/11.2.0/dbhome_1/precomp/public/SQLDA.H
xfs_quota: skipping special file /u01/app/oracle/product/11.2.0/dbhome_1/precomp/public/SQLCA.COB
xfs_quota: skipping special file /u01/app/oracle/product/11.2.0/dbhome_1/precomp/public/ORACA.COB
Processed 1 (/etc/projects and cmdline) paths for project oracle11gR2 with recursion depth infinite (-1).

The same applies to project oracle12cR1.

# xfs_quota -x -c 'project -s oracle12cR1' /u01

[root@dbidg01 etc]# xfs_quota -x -c 'project -s oracle12cR1' /u01
Setting up project oracle12cR1 (path /u01/app/oracle/product/12.1.0)...
xfs_quota: skipping special file /u01/app/oracle/product/12.1.0/dbhome_1/bin/lbuilder
xfs_quota: skipping special file /u01/app/oracle/product/12.1.0/dbhome_1/javavm/admin/classes.bin
xfs_quota: skipping special file /u01/app/oracle/product/12.1.0/dbhome_1/javavm/admin/cbp.jar
xfs_quota: skipping special file /u01/app/oracle/product/12.1.0/dbhome_1/javavm/admin/libjtcjt.so
xfs_quota: skipping special file /u01/app/oracle/product/12.1.0/dbhome_1/javavm/lib/security/US_export_policy.jar
xfs_quota: skipping special file /u01/app/oracle/product/12.1.0/dbhome_1/javavm/lib/security/cacerts
xfs_quota: skipping special file /u01/app/oracle/product/12.1.0/dbhome_1/javavm/lib/security/java.security
xfs_quota: skipping special file /u01/app/oracle/product/12.1.0/dbhome_1/javavm/lib/security/local_policy.jar
xfs_quota: skipping special file /u01/app/oracle/product/12.1.0/dbhome_1/javavm/lib/jce.jar
xfs_quota: skipping special file /u01/app/oracle/product/12.1.0/dbhome_1/javavm/lib/sunjce_provider.jar
xfs_quota: skipping special file /u01/app/oracle/product/12.1.0/dbhome_1/jdk/bin/ControlPanel
xfs_quota: skipping special file /u01/app/oracle/product/12.1.0/dbhome_1/jdk/jre/bin/ControlPanel
xfs_quota: skipping special file /u01/app/oracle/product/12.1.0/dbhome_1/jdk/jre/javaws/javaws
xfs_quota: skipping special file /u01/app/oracle/product/12.1.0/dbhome_1/jdk/jre/lib/amd64/server/libjsig.so
xfs_quota: skipping special file /u01/app/oracle/product/12.1.0/dbhome_1/lib/libagtsh.so
xfs_quota: skipping special file /u01/app/oracle/product/12.1.0/dbhome_1/lib/libjavavm12.a
xfs_quota: skipping special file /u01/app/oracle/product/12.1.0/dbhome_1/lib/libodm12.so
xfs_quota: skipping special file /u01/app/oracle/product/12.1.0/dbhome_1/lib/libocci.so
xfs_quota: skipping special file /u01/app/oracle/product/12.1.0/dbhome_1/lib/libclntshcore.so
xfs_quota: skipping special file /u01/app/oracle/product/12.1.0/dbhome_1/lib/libclntsh.so
xfs_quota: skipping special file /u01/app/oracle/product/12.1.0/dbhome_1/lib/libclntsh.so.10.1
xfs_quota: skipping special file /u01/app/oracle/product/12.1.0/dbhome_1/lib/libclntsh.so.11.1
xfs_quota: skipping special file /u01/app/oracle/product/12.1.0/dbhome_1/network/admin/listener.ora
xfs_quota: skipping special file /u01/app/oracle/product/12.1.0/dbhome_1/network/admin/sqlnet.ora
xfs_quota: skipping special file /u01/app/oracle/product/12.1.0/dbhome_1/network/admin/ldap.ora
xfs_quota: skipping special file /u01/app/oracle/product/12.1.0/dbhome_1/network/admin/tnsnames.ora
xfs_quota: skipping special file /u01/app/oracle/product/12.1.0/dbhome_1/precomp/public/SQLCA.H
xfs_quota: skipping special file /u01/app/oracle/product/12.1.0/dbhome_1/precomp/public/ORACA.H
xfs_quota: skipping special file /u01/app/oracle/product/12.1.0/dbhome_1/precomp/public/SQLDA.H
xfs_quota: skipping special file /u01/app/oracle/product/12.1.0/dbhome_1/precomp/public/SQLCA.COB
xfs_quota: skipping special file /u01/app/oracle/product/12.1.0/dbhome_1/precomp/public/ORACA.COB
Processed 1 (/etc/projects and cmdline) paths for project oracle12cR1 with recursion depth infinite (-1).

Now the fun part begins, and we can start using the limit subcommand to set the limits on the disk usage for the different projects. My 11.2.0.4 Oracle home is currently 5.7G in size, and the 12.1.0.2 Oracle home is 7.1G big. I want to configure for the 11g home a soft limit of 8G and a hard limit of 12G, and for the 12c home a soft limit of 10G and a hard limit of 16G.

oracle@dbidg01:/u01/app/oracle/product/ [rdbms112] du -hs 11.2.0
5.7G    11.2.0

oracle@dbidg01:/u01/app/oracle/product/ [rdbms112] du -hs 12.1.0
7.1G    12.1.0

# xfs_quota -x -c 'limit -p bsoft=8g bhard=12g oracle11gR2' /u01
# xfs_quota -x -c 'limit -p bsoft=10g bhard=16g oracle12cR1' /u01

[root@dbidg01 ~]# xfs_quota -x -c 'report -p' /u01
Project quota on /u01 (/dev/mapper/vg_ora_u01-lv_ora_u01)
                               Blocks
Project ID       Used       Soft       Hard    Warn/Grace
---------- --------------------------------------------------
#0            8776636          0          0     00 [--------]
oracle11gR2    5883604    8388608   12582912     00 [--------]
oracle12cR1    7415292   10485760   16777216     00 [--------]

[root@dbidg01 ~]# xfs_quota -x -c 'report -h -p' /u01
Project quota on /u01 (/dev/mapper/vg_ora_u01-lv_ora_u01)
                        Blocks
Project ID   Used   Soft   Hard Warn/Grace
---------- ---------------------------------
#0           8.4G      0      0  00 [------]
oracle11gR2   5.6G     8G    12G  00 [------]
oracle12cR1   7.1G    10G    16G  00 [------]

The quotas are immediately seen by the df command. The df on the /u01 shows the full filesystem size, which is 50G, however, if I navigate to my 11g or 12c home, I see the soft limit which I have configured beforehand.

[root@dbidg01 product]# df -h /u01
Filesystem                         Size  Used Avail Use% Mounted on
/dev/mapper/vg_ora_u01-lv_ora_u01   50G   22G   29G  43% /u01

[root@dbidg01 ~]# cd /u01/app/oracle/product/11.2.0
[root@dbidg01 11.2.0]# df -h .
Filesystem                         Size  Used Avail Use% Mounted on
/dev/mapper/vg_ora_u01-lv_ora_u01  8.0G  5.7G  2.4G  71% /u01

[root@dbidg01 ~]# cd /u01/app/oracle/product/12.1.0
[root@dbidg01 12.1.0]# df -h .
Filesystem                         Size  Used Avail Use% Mounted on
/dev/mapper/vg_ora_u01-lv_ora_u01   10G  7.1G  3.0G  71% /u01

Conclusion

The project quotas with XFS are a quite cool feature. Limiting file system usage per projects gives you a huge flexibility. Setting quotas on individual Oracle homes is one thing, but you could also limit filesystem usage for your Oracle databases in the DIAG directory based on ORACLE_SID, so that /u01/app/oracle/diag/rdbms/<SID1> can never fill up /u01/app/oracle/diag/rdbms/<SID2>. The only drawback I see, is that enabling project quotas is not an online operation. You need to umount and mount the file system to activate this feature.

Have fun with XFS quotas.

Cheers,
William

Cet article OEL 7 – Project Quotas on Oracle Homes with XFS on Oracle Linux 7 est apparu en premier sur Blog dbi services.

I was playing with my lab environment which includes Windows 2016 and SQL Server 2016 and I noticed an interesting scenario while testing cluster node failures. After simulating some network outage scenarios, I was not able to bring back my cluster node online immediately by using traditional way. A quick look at the cluster manager led me to notice something new:

A quarantined state value … interesting! But what does it mean exactly?

In respect of this Microsoft blog from the Server and management team, this is a new feature shipped with Windows Server 2016 that concerns Virtual Machine Compute Resiliency. To cut the long story short, this feature is intended to improve of response of the Windows Failover Cluster to transient failures. Initially, it was designed for Hyper-V virtual machines resiliency and it has been introduced to avoid “flapping nodes” phenomena which may impact negatively the overall cluster health.

To illustrate the benefit of this feature, let’s go back to my failure scenario which consisted in simulating random network failures. Experiencing such scenario in production environment may lead to an unstable cluster state including quorum loss in the worst scenario. In fact, after 3 failure events, the concerned cluster node was quarantined and we may confirm by looking at the new following parameters (QuarantineThreshold is our concern here). The other parameter QuarantineDuration defines the timeframe during which the cluster node is not able to join the cluster, so basically two hours.

In my case, the WIN20169SQL16 node will not automatically join the cluster until 22:56:38 in my case.

What about my availability group? Well no surprise here, the quarantined cluster node means an availability replica disconnected and a synchronization issue as well as confirmed below:

We many notice a corresponding error number 100060 with the message An error occurred while receiving data: ‘10060(A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.)’. There is no specific message from SQL Server error log about quarantine state. From the secondary replica, I got the following sample message into the SQL Server error log:

SQL Server is waiting for the cluster node to start and rejoin the WSFC. In short, the overall availability health state will not change while the quarantined node is active. So according to your context, it may be a good thing until you don’t fix the related issue on the concerned cluster node. Fortunately, as stated to the Microsoft document, this is not mandatory for us to wait for the quarantined period to finish by using the following PowerShell command:

Here we go! The cluster health state got back to normal

Happy clustering!

Cet article Dealing with WSFC 2016 quarantine state and availability groups est apparu en premier sur Blog dbi services.

By using Vagrant to manage your Virtual Machines and Ansible for configuration management and provisioning
you can easily automate the setup of your whole test environment in a standardized way.

If you have never heard about Ansible and Vagrant I try to give you an idea with the following very short  summary. There is a lot of good information available about Ansible and Vagrant.
Please check the provided links at the end of this blog for further information.

What is Vagrant ?

Vagrant is an open source tool on top of some virtualization solution like Oracle VirtualBox. It can automate the creation of VM’s. Additionally vagrant supports provisioning with scripts or with tools like Ansible, Puppet or Chef.
You can download a lot of useful  boxes from here: https://atlas.hashicorp.com/boxes/search

 What is Ansible ?

Ansible is an open source automation platform.
It is a radically simple IT automation engine designed for multi-tier deployments. [https://www.ansible.com/how-ansible-works]

Ansible just uses ssh and does not require agents or other software installed on the target nodes. You simply put your steps into an Ansible playbook, which is an easy to read text-file written in YAML syntax. Your playbook will simply look like documented steps.
Ansible will run the listed tasks described in the playbook on the target servers by invoking Ansible Modules.

Here is a simple example task from a playbook which will add a directory on a server. It uses the Ansible module “file”
- name: add home directory
file:
path: /home/myuser
state: directory

Ansible is quite well known to build up whole test environments including databases like mysql which are easy to install with simple tar balls or rpm files.

Unfortunately in the community of Oracle DBA’s usually Ansible is not on the radar despite there are already good Ansible playbooks available which proofed that you can also use Ansible to provision your whole Oracle Test Environment even with Oracle Real Application Cluster:
https://github.com/racattack/racattack-ansible-oracle

https://github.com/cvezalis/oracledb-ansible

Starting from these examples and adapting them for your needs you will experience how quick you will be able to automate your Oracle installations. This is what I did an want to show you here. Please keep in mind that this example is optimized for a fast installation and should not be used as it is for a productive system.

What you’ll get
In this blog I give you an example how to build an Oracle infrastructure from scratch containing
two virtual servers, installed and configured with CentOS 7.2 ,
each hosting an Oracle DB (12.1.0.2).

Of cause you do not want to start this without knowing what is going on.
I will go a little bit into details therefore next week ….

Further information about Ansible:
There will be some Introduction Webinars for Ansible coming soon
https://www.ansible.com/webinars-training

you can find more examples at:
http://galaxy.ansible.com
https://github.com/ansible/ansible-examples
https://groups.google.com/forum/#!forum/ansible-project
If you want to read a book I can recommend this:
Ansible: Up and Running
Print ISBN: 978-1-4919-1532-5
Ebook ISBN: 978-1-4919-1529-5

https://www.ansible.com/ebooks

Cet article vagrant up – get your Oracle infrastructure up an running est apparu en premier sur Blog dbi services.

Let’s say, the tnsnames.ora is a quite important file on your system, and you want to make sure that you notice when someone changes the file. Taking a look at the modification time of that file would be good idea, or not?

Per default, the ls -l command show only the (mtime) modification time. In my case, I know that the tnsnames.ora was changed on “Feb 9 11:24″.

oracle@dbidg03:/u01/app/oracle/network/admin/ [rdbms112] ls -l tnsnames.ora
-rw-r--r-- 1 oracle oinstall 1791 Feb  9 11:24 tnsnames.ora

But in reality, more time stamps are stored. The atime, the ctime and the mtime.

• atime is the access time (only stored in filesystem is not mounted with the noatime option)
• ctime is the change time, meaning the inode was change, e.g. with the chmod command
• mtime is the modification time, meaning the content changed

The ctime is often misinterpreted as “creation time”, but this is not the case. The creation time of a file is not recorded with XFS. There are other file systems that can do it, like ZFS, but XFS does not support “creation time”. You can use the stat command to see all time stamps in one shot.

oracle@dbidg03:/u01/app/oracle/network/admin/ [rdbms112] stat tnsnames.ora
  File: ‘tnsnames.ora’
  Size: 2137            Blocks: 8          IO Block: 4096   regular file
Device: fb02h/64258d    Inode: 163094097   Links: 1
Access: (0644/-rw-r--r--)  Uid: (54321/  oracle)   Gid: (54321/oinstall)
Access: 2017-02-09 11:24:00.243281419 +0100
Modify: 2017-02-09 11:24:00.243281419 +0100
Change: 2017-02-09 11:24:00.254281404 +0100
 Birth: -

Ok. Now someone comes along and changes the tnsnames.ora

oracle@dbidg03:/u01/app/oracle/network/admin/ [rdbms112] vi tnsnames.ora

A change was done, and the modification time of that file changed immediately.

oracle@dbidg03:/u01/app/oracle/network/admin/ [rdbms112] ls -l tnsnames.ora
-rw-r--r-- 1 oracle oinstall 2136 Feb  9 11:31 tnsnames.ora

And also other timestamps might have changed like the atime and ctime.

oracle@dbidg03:/u01/app/oracle/network/admin/ [rdbms112] stat tnsnames.ora
  File: ‘tnsnames.ora’
  Size: 2136            Blocks: 8          IO Block: 4096   regular file
Device: fb02h/64258d    Inode: 161521017   Links: 1
Access: (0644/-rw-r--r--)  Uid: (54321/  oracle)   Gid: (54321/oinstall)
Access: 2017-02-09 11:31:06.733673663 +0100
Modify: 2017-02-09 11:31:06.733673663 +0100
Change: 2017-02-09 11:31:06.738673656 +0100
 Birth: -

Cool, now I know that the file was changed at “Feb 9 11:31″. But how reliable is that information? With the touch command, I can easily change the modification time to any value I like. e.g. I can set it to the same date as beforehand.

oracle@dbidg03:/u01/app/oracle/network/admin/ [rdbms112] touch -m --date="Feb  9 11:24" tnsnames.ora

oracle@dbidg03:/u01/app/oracle/network/admin/ [rdbms112] ls -l tnsnames.ora
-rw-r--r-- 1 oracle oinstall 2136 Feb  9 11:24 tnsnames.ora

Now I have set the modification time to almost the same value, as it was beforehand. (Almost, because the microseconds are different) Besides that, the access and the change time are different.

oracle@dbidg03:/u01/app/oracle/network/admin/ [rdbms112] stat tnsnames.ora
  File: ‘tnsnames.ora’
  Size: 2136            Blocks: 8          IO Block: 4096   regular file
Device: fb02h/64258d    Inode: 161521017   Links: 1
Access: (0644/-rw-r--r--)  Uid: (54321/  oracle)   Gid: (54321/oinstall)
Access: 2017-02-09 11:31:06.733673663 +0100
Modify: 2017-02-09 11:24:00.000000000 +0100
Change: 2017-02-09 11:36:51.631671612 +0100
 Birth: -

No problem, I can make it even more precise by specifying  the whole date format including microseconds and time zone.

oracle@dbidg03:/u01/app/oracle/network/admin/ [rdbms112] touch -m --date="2017-02-09 11:24:00.243281419 +0100" tnsnames.ora

oracle@dbidg03:/u01/app/oracle/network/admin/ [rdbms112] stat tnsnames.ora
  File: ‘tnsnames.ora’
  Size: 2136            Blocks: 8          IO Block: 4096   regular file
Device: fb02h/64258d    Inode: 161521017   Links: 1
Access: (0644/-rw-r--r--)  Uid: (54321/  oracle)   Gid: (54321/oinstall)
Access: 2017-02-09 11:31:06.733673663 +0100
Modify: 2017-02-09 11:24:00.243281419 +0100
Change: 2017-02-09 11:39:41.775993054 +0100
 Birth: -

And if I want to, I can even change the access time.

oracle@dbidg03:/u01/app/oracle/network/admin/ [rdbms112] touch -a --date="2017-02-09 11:24:00.243281419 +0100" tnsnames.ora

oracle@dbidg03:/u01/app/oracle/network/admin/ [rdbms112] stat tnsnames.ora
  File: ‘tnsnames.ora’
  Size: 2136            Blocks: 8          IO Block: 4096   regular file
Device: fb02h/64258d    Inode: 161521017   Links: 1
Access: (0644/-rw-r--r--)  Uid: (54321/  oracle)   Gid: (54321/oinstall)
Access: 2017-02-09 11:24:00.243281419 +0100
Modify: 2017-02-09 11:24:00.243281419 +0100
Change: 2017-02-09 11:42:22.935350329 +0100
 Birth: -

Only the ctime (change time) is not so easy to change. At least not with the touch command. For changing the ctime you need to invoke the file system debugger or stuff like that. In the end, monitoring my tnsnames.ora file changes by time is not so precise. So why not using the XFS extend attribute feature to help me. e.g. I could create md5 check sums and when the check sum differs, I know that the content was changed. Let’s do it with the root user.

As root:

[root@dbidg03 admin]# getfattr -d tnsnames.ora
[root@dbidg03 admin]#

[root@dbidg03 admin]# md5sum tnsnames.ora
d135c0ebf51f68feda895dac8631a999  tnsnames.ora

[root@dbidg03 admin]# setfattr -n user.md5sum -v d135c0ebf51f68feda895dac8631a999 tnsnames.ora
[root@dbidg03 admin]#
[root@dbidg03 admin]# getfattr -d tnsnames.ora
# file: tnsnames.ora
user.md5sum="d135c0ebf51f68feda895dac8631a999"

But this is also not so secure. Even if done with root, it can easily be removed by the oracle user.

oracle@dbidg03:/u01/app/oracle/network/admin/ [rdbms112] getfattr -d tnsnames.ora
# file: tnsnames.ora
user.md5sum="d135c0ebf51f68feda895dac8631a999"

oracle@dbidg03:/u01/app/oracle/network/admin/ [rdbms112] setfattr -x user.md5sum tnsnames.ora
oracle@dbidg03:/u01/app/oracle/network/admin/ [rdbms112] getfattr -d tnsnames.ora

To overcome this issue, XFS uses 2 disjoint attribute name spaces associated with every filesystem object. They are the root (or trusted) and user address spaces. The root address space is accessible only to the superuser, and then only by specifying a flag argument to the function call. Other users (like the oracle user in my case) will not see or be able to modify attributes in the root address space. The user address space is protected by the normal file permissions mechanism, so the owner of the file can decide who is able to see and/or modify the value of attributes on any particular file.

Ok. So let’s do it again by using the root (trusted) address space.

[root@dbidg03 admin]# setfattr -n trusted.md5sum -v "d135c0ebf51f68feda895dac8631a999" tnsnames.ora
[root@dbidg03 admin]# getfattr -n trusted.md5sum tnsnames.ora
# file: tnsnames.ora
trusted.md5sum="d135c0ebf51f68feda895dac8631a999"

However, from the oracle user point of view, no attributes exist, even if you know the attribute you are looking for.

oracle@dbidg03:/u01/app/oracle/network/admin/ [rdbms112] getfattr -d tnsnames.ora
oracle@dbidg03:/u01/app/oracle/network/admin/ [rdbms112] getfattr -n trusted.md5sum tnsnames.ora
tnsnames.ora: trusted.md5sum: No such attribute

You can take it even further, but adding another root attribute, e.g. the time when you created the md5 checksum.

[root@dbidg03 admin]# setfattr -n trusted.md5sumtime -v "09.02.2018 13:00:00" tnsnames.ora
[root@dbidg03 admin]# getfattr -n trusted.md5sumtime tnsnames.ora
# file: tnsnames.ora
trusted.md5sumtime="09.02.2018 13:00:00"

[root@dbidg03 admin]# getfattr -n trusted.md5sum tnsnames.ora
# file: tnsnames.ora
trusted.md5sum="d135c0ebf51f68feda895dac8631a999"

Now you have a good chance to find out if the file content was changed or not, by simply checking if the file has a different check sum.

Conclusion

XFS extended attributes are quite powerful features and you can use them in a lot of scenarios. Take care that you have a backup solution that support extended attributes, else you will lose all the information once you restore your data.

Cet article Linux – Securing your important files with XFS extendend attributes est apparu en premier sur Blog dbi services.

This is a follow up to the Blog were I explained how to disable IPv6 on Oracle Linux 7.

If you have done all the steps which I have explained here http://blog.dbi-services.com/oel-7-how-to-disable-ipv6-on-oracle-linux-7/  then you have already IPv6 successfully disabled. However, some tools require some special attention afterwards if you want to avoid some ugly warning or error messages. There are so many tools that can use IPv4 and IPv6, but it is impossible to mention all of them. I will just dig a little deeper into the following 4.

• Postfix
• Oracle
• NFS
• rsyslogd

Postfix

Let’s start with Postfix. This might be one of the first warning messages you see, in case you have disabled IPv6 on your system. If you receive the following warning message when you try to send an email, then you need to adjust your /etc/postfix/main.cf file.

$ mailx -s "Test" xxx.xxx@xxx.com
Test
.
EOT
$ send-mail: warning: inet_protocols: IPv6 support is disabled: Address family not supported by protocol
send-mail: warning: inet_protocols: configuring for IPv4 support only
postdrop: warning: inet_protocols: IPv6 support is disabled: Address family not supported by protocol
postdrop: warning: inet_protocols: configuring for IPv4 support only

The solution is to configure your /etc/postfix/main.cf file to allow only the ipv4 protocol.

[root@SVPCHODAC01 sbin]# /usr/sbin/postconf | grep inet_protocols
inet_protocols = all
/usr/sbin/postconf: warning: inet_protocols: IPv6 support is disabled: Address family not supported by protocol
/usr/sbin/postconf: warning: inet_protocols: configuring for IPv4 support only

[root@SVPCHODAC01 sbin]# cd /etc/postfix/
[root@SVPCHODAC01 postfix]# cp main.cf main.cf.20170203a
[root@SVPCHODAC01 postfix]# vi main.cf

Change “inet_protocols = all”  to “inet_protocols = ipv4″ and then restart PostFix.

[root@SVPCHODAC01 postfix]# /etc/init.d/postfix restart
Shutting down postfix: [ OK ]
Starting postfix: [ OK ]

[root@SVPCHODAC01 postfix]# /usr/sbin/postconf | grep inet_protocols
inet_protocols = ipv4

That’s it. Now the ugly Postfix warning messages disappear.

Oracle

The next candidate is the Oracle Listener. In some situations,  you might see the following error message in your listener.log file when working with Cloud Control 12c.

TNS-01189: The listener could not authenticate the user

This is related to an Oracle bug, to be more precise, it is “BUG 16054202 – TNLIN EXTRACTS WRONG SUBNETMASK FOR IPV6 ADDRESSES”. The bug can be fixed by configuring the Oracle Listener to work with IPv4 only. This is done via the listener.ora IP parameter, which knows the following options.

IP=FIRST

Listen on the first IP address returned by the DNS resolution of the host name.
If the user wants the listener to listen on the first IP to which the specified host name resolves,
then the address must be qualified with (IP=first).

IP=V4_ONLY

Listen only on IPv4 addresses.

IP=V6_ONLY

Listen only on IPv6 addresses.

Simply put the (IP=V4_ONLY) after your PORT setting, and then restart the listener like shown in the following example.

-- listener.ora
LISTENER =
  (DESCRIPTION_LIST =
    (DESCRIPTION =
      (ADDRESS = (PROTOCOL = TCP)(HOST = dbidg03)(PORT = 1521)(IP=V4_ONLY))
    )
    (DESCRIPTION =
      (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC1521))
    )
  )

-- restart

$ lsnrctl stop LISTENER; lsnrctl start LISTENER

Now the messages “TNS-01189: The listener could not authenticate the user” in the listener.log should disappear.

NFS

Under normal circumstances, no changes should be required for NFS unless you had proto=tcp6 configured for your mount options. If so, then your mount will not work anymore.

[root@dbidg02 etc]# mount /u99
mount.nfs: an incorrect mount option was specified

And you will see the following error in the /var/log/messages file.

Feb 14 10:26:48 dbidg02 kernel: NFS: server address does not match proto= option

Now you could either remove the proto option or change it to proto=tcp.

For NFS version 4 you have the following options:

proto=netid The netid determines the transport that is used to communicate with the NFS server. Supported options are tcp, tcp6, and rdma. tcp6 use IPv6 addresses and is only available if support for TI-RPC is built in. Both others use IPv4 addresses.

In my case, I have added the proto=tcp option to my NFS mount table in the /etc/fstab

#-- NFS mounts
dbidg03:/u99   /u99  nfs  vers=4.1,proto=tcp,rw,bg,hard,nointr,rsize=32768,wsize=32768,tcp,timeo=600

-- And now the mount works perfectly again.

[root@dbidg02 etc]# mount /u99
[root@dbidg02 etc]#
[root@dbidg02 etc]# mount | grep nfs
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw,relatime)
nfsd on /proc/fs/nfsd type nfsd (rw,relatime)
dbidg03:/u99 on /u99 type nfs4 (rw,relatime,vers=4.1,rsize=32768,wsize=32768,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=192.168.56.202,local_lock=none,addr=192.168.56.203)

Now the NFS mount works again.

rsyslogd

Almost the same applies to the rsyslogd. In case you have not specified “-6″ in your syslogd options, you are fine. If not, you need to either remove the option or replace it with “-4″

oracle@dbidg03:/etc/sysconfig/ [oms13c] rpm -qa  | grep rsyslog
rsyslog-7.4.7-16.0.1.el7.x86_64

-- from the doc
 -4  Causes rsyslogd to listen to IPv4 addresses only.  If neither -4 nor -6 is given, rsyslogd listens to all configured addresses of the system.

[root@dbidg03 sysconfig]# cat rsyslog
# Options for rsyslogd
# Syslogd options are deprecated since rsyslog v3.
# If you want to use them, switch to compatibility mode 2 by "-c 2"
# See rsyslogd(8) for more details
SYSLOGD_OPTIONS="-4"

[root@dbidg03 sysconfig]# systemctl restart rsyslog
[root@dbidg03 sysconfig]#

Conclusion

There might be some tools on your system that requires special attention after you have disable IPv6 on your system.

Cet article OEL 7 – How to disable IPv6 on Oracle Linux 7 – Follow Up est apparu en premier sur Blog dbi services.

I got an interesting question today from a customer which created a database on ODA. He selected the template odb-04 which shows 32GB Memory but got a database with a 16GB SGA… Is it due to the PGA size, a limitation in the system, the huge pages usage which is reached or even a bug?

Indeed, the answer is easier and funnier. If you look to the menu shown by OAKCLI while creating a database, you get something like that:

 Please select one of the following for Database Class  [1 .. 6]:

1    => odb-01s  (   1 cores ,     4 GB memory)

2    =>  odb-01  (   1 cores ,     8 GB memory)

3    =>  odb-02  (   2 cores ,    16 GB memory)

4    =>  odb-04  (   4 cores ,    32 GB memory)

5    =>  odb-06  (   6 cores ,    48 GB memory)

6    =>  odb-12  (  12 cores ,    96 GB memory)

4

Selected value is : odb-04  (   4 cores ,    32 GB memory)

So using the template odb-04 seems to use 32GB memory for the newly created database. However looking to what OAKCLI really does shows that the reality is a bit different. Following all files/scripts which are called by OAKCLI at execution, we come to following file

/opt/oracle/oak/lib/oakutilslib/DbSizingValues.pm

This script contains the definition of the DBCA template used including the memory definition

my $sga_size = $memory * $dbTypes{$dbtypeid}{sga_factor};
my $pga_size = $memory * $dbTypes{$dbtypeid}{pga_factor};

So the memory value is multiplied by a factor depending on the database type. Looking in the same script we find both information:

my  %dbTemplates  =

    (  1  => { name => 'odb-01s', cpus => 1,  sfactor  => 0.5},

       2  => { name => 'odb-01',  cpus => 1  },

       3  => { name => 'odb-02',  cpus => 2  },

       4  => { name => 'odb-04',  cpus => 4  },

       5  => { name => 'odb-06',  cpus => 6  },

       6  => { name => 'odb-12',  cpus => 12 },

       7  => { name => 'odb-16',  cpus => 16 },

       8  => { name => 'odb-24',  cpus => 24 },

       9  => { name => 'odb-32',  cpus => 32 },

       10 => { name => 'odb-36',  cpus => 36 }

    );

my  %dbTypes  =

    ( 1 => { name => 'OLTP', template_name => 'OAK_oltp.dbt',     sga_factor => 0.5,  pga_factor => 0.25 },

      2 => { name => 'DSS',  template_name => 'OAK_dss.dbt',      sga_factor => 0.25, pga_factor => 0.50 },

      3 => { name => 'In-Memory', template_name => 'OAK_oltp.dbt',sga_factor => 0.25, pga_factor => 0.25, in_mem_factor=>0.25, only12c=> 1}

    );

This means that If you create an OLTP database with the odb-04 template it takes 32GB as basis and multiplied them by 0,5.
Here we go we have our 16GB!!

In conclusion the memory information shown by OAKCLI CREATE DATABASE is the base memory used for the calculation and not the one assigned to the SGA. I must admit that this is quite confusing for the end users as the base memory as no signification and is useless…

To be fully fair, I have to mention that the correct information about SGA size per template is available in the documentation the appendix B:

http://docs.oracle.com/cd/E83239_01/doc.121/e83201/database-templates-oracle-database-appliance.htm#CMTAR269

Enjoy!

David

Cet article ODA – 32GB template but got a database with 16GB SGA??? est apparu en premier sur Blog dbi services.

Linux auditing is quite powerful and a lot of different use cases might be handled via the auditing framework. However, in this blog I would like to show you, how to audit changes on trusted files, like /etc/passwd or /etc/shadow. Of course, you are not limited to these files. You can audit whatever you want. Maybe the sqlnet.ora, the /etc/oratab or Oracle wallets are of more interest in your environment.

Before we start, we got to make sure that the the auditd deamon is enabled and running.

[root@dbidg03 ~]# systemctl list-unit-files | grep audit
auditd.service                                disabled

[root@dbidg03 ~]# systemctl enable auditd
Created symlink from /etc/systemd/system/multi-user.target.wants/auditd.service to /usr/lib/systemd/system/auditd.service.

[root@dbidg03 ~]# service auditd start
Redirecting to /bin/systemctl start  auditd.service

[root@dbidg03 ~]# ps -ef | grep auditd | grep -v grep
root       107     2  0 07:50 ?        00:00:00 [kauditd]
root      6772     1  0 13:03 ?        00:00:00 /sbin/auditd -n

[root@dbidg03 ~]# auditctl -s
enabled 1
failure 1
pid 6772
rate_limit 0
backlog_limit 64
lost 0
backlog 0
loginuid_immutable 0 unlocked

Now we can start implementing our first rules. One for auditing the passwd and on for shadow.

[root@dbidg03 ~]# auditctl -w /etc/passwd -p rwa -k audit_passwd
[root@dbidg03 ~]# auditctl -w /etc/shadow -p rwa -k audit_shadow
[root@dbidg03 ~]# auditctl -l
-w /etc/passwd -p rwa -k audit_passwd
-w /etc/shadow -p rwa -k audit_shadow

The options that I used are, -w, which is the path_to_file. In other words, the file or directory that is audited. The next one is -p. These are the permissions that are logged, which can be:

• r — read access to a file or a directory
• w — write access to a file or a directory
• x — execute access to a file or a directory
• a — change in the file’s or directory’s attribute

Last but not least, -k. This is the key_name which is an optional string. That one is a quite important one. The key_name is a tag that you can assign to your audit rule. Especially when your audit logs are huge, it can help you enormously to identify which rule or set of rules generated a particular log entry. We will see it later, when it comes to audit search, how beneficial the tagging is.

Be aware that audit rules defined by auditctl are not persistent across reboots.  You have to include them in the /etc/audit/audit.rules file, in case you want to make them persistent. The beauty of the audit.rule file is, that is uses the same auditctl command line syntax to specify the rules. E.g. you could simply pipe the auditctl output into your audit.rules file, and it works. A good practice, is of course to backup your current audit.rules file.

[root@dbidg03 rules.d]# pwd
/etc/audit/rules.d
[root@dbidg03 rules.d]# auditctl -l > audit.rules

Now we start doing our first test, by simulating a read on the /etc/passwd file by the oracle user.

oracle@dbidg03:/home/oracle/ [rdbms112] cat /etc/passwd

The read created immediately a log entry in the audit.log file.

[root@dbidg03 audit]# tail -50f /var/log/audit/audit.log
...
type=SYSCALL msg=audit(1495451317.823:32): arch=c000003e syscall=2 success=yes exit=3 a0=7ffc0e042dad 
a1=0 a2=1fffffffffff0000 a3=7ffc0e041e30 items=1 ppid=6863 pid=7066 
auid=54321 uid=54321 gid=54321 euid=54321 suid=54321 fsuid=54321 egid=54321 sgid=54321 
fsgid=54321 tty=pts2 ses=61 comm="cat" exe="/usr/bin/cat" key="audit_passwd"
type=CWD msg=audit(1495451317.823:32):  cwd="/home/oracle"
type=PATH msg=audit(1495451317.823:32): item=0 name="/etc/passwd" inode=39423106 dev=fb:00 
mode=0100644 ouid=0 ogid=0 rdev=00:00 nametype=NORMAL
type=PROCTITLE msg=audit(1495451317.823:32): proctitle=636174002F6574632F706173737764

The audit.log is kinda cryptic to read. This is where the ausearch and aureport come into play. E.g. we can combine the tag, which we have created beforehand with a start time.

[root@dbidg03 rules.d]# ausearch -k audit_passwd --start today | aureport -f

File Report
===============================================
# date time file syscall success exe auid event
===============================================
1. 05/22/2017 13:07:53 /etc/passwd 2 yes /usr/sbin/sshd -1 15
2. 05/22/2017 13:08:37 /etc/passwd 2 yes /usr/bin/cat 54321 32
3. 05/22/2017 13:10:01 /etc/passwd 2 yes /usr/sbin/crond -1 34
4. 05/22/2017 13:20:01 /etc/passwd 2 yes /usr/sbin/crond -1 43

Maybe, you want to limit the audit search, to display only data about user oracle. To do so, use the –uid switch.

[root@dbidg03 ~]# getent passwd | grep 54321
oracle:x:54321:54321::/home/oracle:/bin/bash

[root@dbidg03 rules.d]# ausearch -k audit_passwd --start today --uid 54321 | aureport -f

File Report
===============================================
# date time file syscall success exe auid event
===============================================
1. 05/22/2017 13:08:37 /etc/passwd 2 yes /usr/bin/cat 54321 32

Now we can see clearly, that user oracle run the cat command on the /etc/passwd this midday.

Conclusion

Setting up auditing is not so complicated, however finding your audit logs without tagging is not so easy. That’s why it is very important to give your audit rules meaningful key names (tags).

Cet article Oracle Linux 7 – How to audit changes to a trusted file such as /etc/passwd or /etc/shadow est apparu en premier sur Blog dbi services.

After having worked with OVM on various architectures I can say that it is a good technology to easily build virtualized environments for production applications. Because it is based on XEN and has simple ways to deal with existing storage (FC, ISCSI, NFS, …) and networking solution (bond, lacp, …) it is a robust and convenient way to virtualized IT infrastructures keeping “bare-metal” performance.
Besides, it is an hard partitioning technology which is compliant with the Oracle licensing policies for partitioned environments to control CPU counting for licensing.

The aim of this post is to demonstrate how simple it is to build an HA virtualized architecture with the OVM Manager command line tool only (doc link). So we will create 1 VM on each server including all Oracle OS , network and storage requirements to run RAC 12.2.

Initial state:

• 2 physical servers installed with Oracle VM Server 3.4 (namely OVS, installation procedure here ) to host VMs including:
  • 5 NICs on each (no bounding for the example but recommended for production system)
    • eth0: administrative network connected to the organization’s administrative network
    • eth1: application network dedicated to application
    • eth2: storage network cabled to the storage for ISCSI LUNs and NFS accessibility
    • eth3: cabled between both OVS Servers for RAC interconnect link #1/2
    • eth4: cabled between both OVS Servers for RAC interconnect link #2/2

• 1 server with Oracle VM Manager 3.4 yet installed (installation procedure here)
  • eth0: administrative network connector to the organization’s administrative network

• 1 storage system (Here we are going to use a ZFS Storage appliance)

• 1 OVM Template from Oracle Corp. (available here)

Summary

• Step 0: Connect to the OVM Manager client
• Step 1: Discover OVS servers
• Step 2: Discover file server
• Step 3: Discover NAS Storage
• Step 4: Creation of a server pool
• Step 5: Add servers to the server pool
• Step 6: Creation of a repository to store VMs’s configuration files and to import the Oracle Template
• Step 7: Create VMs called rac001 and rac002 for my 2 nodes RAC
• Step 8: Network definition for RAC interconnect and application network
• Step 9: Shared disks attachment to VMs for RAC ASM

Step 0: Connect to the OVM Manager client

Because the client connect through SSH protocol (default port number 10000, user admin), connecting to the OVM Manager client can be done from wherever you have network connectivity with OVM Server.
OVMCLI is a separate service from OVM Manager running on the OVM Manager server. Here I check the OVMCLI service status and I connect from within the VM Manager server.

service ovmcli status

ssh -l admin localhost -p 10000

OVM>                                            # --> prompt for OVM
OVM> ?                                          # --> to show which action can be done
OVM> list ?                                     # --> to show which options are available for command "list"
OVM> set OutputMode={ Verbose | Sparse | Xml }  # --> to make output matching your automation style

Step 1: discover OVS servers

discoverServer ipAddress=192.168.56.101 password=oracle takeOwnership=Yes
discoverServer ipAddress=192.168.56.102 password=oracle takeOwnership=Yes

Step 2: Discover file server

In this example I going to store the ServerPool FSs to NFS from the ZFS Storage appliance. But it could be whatever NFS technologies or directly can be stored in ISCSI/FC LUNs.

OVM> list FileServerPlugin
Command: list FileServerPlugin
Status: Success
Time: 2017-10-19 14:51:31,311 CEST
Data:
id:oracle.ocfs2.OCFS2.OCFS2Plugin (0.1.0-47.5)  name:Oracle OCFS2 File system
id:oracle.generic.NFSPlugin.GenericNFSPlugin (1.1.0)  name:Oracle Generic Network File System

OVM> create FileServer plugin="Oracle Generic Network File System" accessHost=192.168.238.10 adminServers=ovs001,ovs002 name=zfsstorage
Command: create FileServer plugin="Oracle Generic Network File System" accessHost=192.168.238.10 adminServers=ovs001,ovs002 name=zfsstorage
Status: Success
Time: 2017-10-19 14:58:46,411 CEST
JobId: 1508417926209
Data:
id:0004fb00000900004801ecf9996f1d43  name:zfsstorage

OVM> refreshAll
Command: refreshAll
Status: Success
Time: 2017-10-19 16:26:58,705 CEST
JobId: 1508422976145

OVM> list FileSystem
Command: list FileSystem
Status: Success
Time: 2017-10-19 17:41:35,737 CEST
Data:
id:75734f6d-704d-48ee-9853-f6cc09b5af65  name:nfs on 192.168.238.10:/export/RepoOracle
id:3f81dcad-e1ce-41b9-b0f3-3222b3816b17  name:nfs on 192.168.238.10:/export/ServerPoolProd01

OVM> refresh FileSystem id=75734f6d-704d-48ee-9853-f6cc09b5af65
Command: refresh FileSystem id=75734f6d-704d-48ee-9853-f6cc09b5af65
Status: Success
Time: 2017-10-19 17:42:28,516 CEST
JobId: 1508427714903

OVM> refresh FileSystem id=3f81dcad-e1ce-41b9-b0f3-3222b3816b17
Command: refresh FileSystem id=3f81dcad-e1ce-41b9-b0f3-3222b3816b17
Status: Success
Time: 2017-10-19 17:43:02,144 CEST
JobId: 1508427760257

Step 3: Discover NAS Storage

OVM> list StorageArrayPlugin
Command: list StorageArrayPlugin
Status: Success
Time: 2017-10-19 15:28:23,932 CEST
Data:
id:oracle.s7k.SCSIPlugin.SCSIPlugin (2.1.2-3)  name:zfs_storage_iscsi_fc
id:oracle.generic.SCSIPlugin.GenericPlugin (1.1.0)  name:Oracle Generic SCSI Plugin

OVM> create StorageArray plugin=zfs_storage_iscsi_fc name=zfsstorage storageType=ISCSI accessHost=192.168.238.10 accessPort=3260 adminHost=192.168.238.10 adminUserName=ovmuser adminPassword=oracle pluginPrivateData="OVM-iSCSI,OVM-iSCSI-Target"
Command: create StorageArray plugin=zfs_storage_iscsi_fc name=zfsstorage storageType=ISCSI accessHost=192.168.238.10 accessPort=3260 adminHost=192.168.238.10 adminUserName=ovmuser adminPassword=***** pluginPrivateData="OVM-iSCSI,OVM-iSCSI-Target"
Status: Success
Time: 2017-10-19 15:48:00,761 CEST
JobId: 1508420880565
Data:
id:0004fb0000090000c105d1003f051fbd  name:zfsstorage

OVM> addAdminServer StorageArray name=zfsstorage server=ovs001
Command: addAdminServer StorageArray name=zfsstorage server=ovs001
Status: Success
Time: 2017-10-19 16:11:32,448 CEST
JobId: 1508422292175

OVM> addAdminServer StorageArray name=zfsstorage server=ovs002
Command: addAdminServer StorageArray name=zfsstorage server=ovs002
Status: Success
Time: 2017-10-19 16:11:35,424 CEST
JobId: 1508422295266

OVM> validate StorageArray name=zfsstorage
Command: validate StorageArray name=zfsstorage
Status: Success
Time: 2017-10-19 16:10:04,937 CEST
JobId: 1508422128777

OVM> refreshAll
Command: refreshAll
Status: Success
Time: 2017-10-19 16:26:58,705 CEST
JobId: 1508422976145

Step 4: Creation of a server pool

OVM need to put its physical servers in a logical space called server pool. A server pool will use a least 2 storage spaces:

• a cluster storage configuration and disk Heartbeat (must be at least of 10GB regarding OVM 3.4’s recommendations) and it is better to separate the network access for this storage space in order to avoid unwanted cluster eviction.
• a storage space for the serverpool in which we can store VMs configuration file, Template, ISOs and so on.

OVM> list FileSystem
Command: list FileSystem
Status: Success
Time: 2017-10-19 17:41:35,737 CEST
Data:
id:75734f6d-704d-48ee-9853-f6cc09b5af65  name:nfs on 192.168.238.10:/export/RepoOracle
id:3f81dcad-e1ce-41b9-b0f3-3222b3816b17  name:nfs on 192.168.238.10:/export/ServerPoolProd01

OVM> create ServerPool clusterEnable=yes filesystem=3f81dcad-e1ce-41b9-b0f3-3222b3816b17 name=prod01 description='Server pool for production 001' startPolicy=CURRENT_SERVER
Command: create ServerPool clusterEnable=yes filesystem=3f81dcad-e1ce-41b9-b0f3-3222b3816b17 name=prod01 description='Server pool for production 001' startPolicy=CURRENT_SERVER
Status: Success
Time: 2017-10-19 17:15:11,431 CEST
Data:
id:0004fb0000020000c6b2c32fc58646e7  name:prod01

Step 5: Add servers to the server pool

OVM> list server
Command: list server
Status: Success
Time: 2017-10-19 17:15:28,111 CEST
Data:
id:65:72:21:77:7b:0d:47:47:bc:43:e5:1f:64:3d:56:d9  name:ovs002
id:bb:06:3c:3e:a4:76:4b:e2:9c:bc:65:69:4e:35:28:b4  name:ovs001

OVM> add Server name=ovs001 to ServerPool name=prod01
Command: add Server name=ovs001 to ServerPool name=prod01
Status: Success
Time: 2017-10-19 17:17:55,131 CEST
JobId: 1508426260895

OVM> add Server name=ovs002 to ServerPool name=prod01
Command: add Server name=ovs002 to ServerPool name=prod01
Status: Success
Time: 2017-10-19 17:18:21,439 CEST
JobId: 1508426277115

Step 6: Creation of a repository to store VMs’s configuration files and to import the Oracle Template

OVM> list filesystem
Command: list filesystem
Status: Success
Time: 2017-10-19 17:44:23,811 CEST
Data:
id:0004fb00000500009cbc79dde9b6649e  name:Server Pool File System
id:75734f6d-704d-48ee-9853-f6cc09b5af65  name:nfs on 192.168.238.10:/export/RepoOracle
id:3f81dcad-e1ce-41b9-b0f3-3222b3816b17  name:nfs on 192.168.238.10:/export/ServerPoolProd01

OVM> create Repository name=RepoOracle on FileSystem name="nfs on 192.168.238.10://export//RepoOracle"
Command: create Repository name=RepoOracle on FileSystem name="nfs on 192.168.238.10://export//RepoOracle"
Status: Success
Time: 2017-10-19 17:45:22,346 CEST
JobId: 1508427888238
Data:
id:0004fb0000030000f1c8182390a36c8c  name:RepoOracle

OVM> add ServerPool name=prod01 to Repository name=RepoOracle
Command: add ServerPool name=prod01 to Repository name=RepoOracle
Status: Success
Time: 2017-10-19 17:53:08,020 CEST
JobId: 1508428361049

OVM> refresh Repository name=RepoOracle
Command: refresh Repository name=RepoOracle
Status: Success
Time: 2017-10-19 17:53:40,922 CEST
JobId: 1508428394212

OVM> importTemplate Repository name=RepoOracle url="ftp:////192.168.56.200//pub//OVM_OL7U4_X86_64_12201DBRAC_PVHVM//OVM_OL7U4_X86_64_12201DBRAC_PVHVM-1of2.tar.gz,ftp:////192.168.56.200//pub//OVM_OL7U4_X86_64_12201DBRAC_PVHVM//OVM_OL7U4_X86_64_12201DBRAC_PVHVM-2of2.tar.gz"
Command: importTemplate Repository name=RepoOracle url="ftp:////192.168.56.200//pub//OVM_OL7U4_X86_64_12201DBRAC_PVHVM//OVM_OL7U4_X86_64_12201DBRAC_PVHVM-1of2.tar.gz,ftp:////192.168.56.200//pub//OVM_OL7U4_X86_64_12201DBRAC_PVHVM//OVM_OL7U4_X86_64_12201DBRAC_PVHVM-2of2.tar.gz"
Status: Success
Time: 2017-11-02 12:05:29,341 CET
JobId: 1509619956729
Data:
id:0004fb00001400005f68a4067eda1e6b  name:OVM_OL7U4_X86_64_12201DBRAC_PVHVM-1of2.tar.gz

Step 7: Create VMs called rac001 and rac002 for my 2 nodes RAC

Here we create VMs by cloning the template OVM_OL7U4_X86_64_12201DBRAC_PVHVM from Oracle.

OVM> list vm
Command: list vm
Status: Success
Time: 2017-11-02 12:07:06,077 CET
Data:
id:0004fb00001400005f68a4067eda1e6b  name:OVM_OL7U4_X86_64_12201DBRAC_PVHVM-1of2.tar.gz

OVM> edit vm id=0004fb00001400005f68a4067eda1e6b name=OVM_OL7U4_X86_64_12201DBRAC_PVHVM
Command: edit vm id=0004fb00001400005f68a4067eda1e6b name=OVM_OL7U4_X86_64_12201DBRAC_PVHVM
Status: Success
Time: 2017-11-02 12:07:30,392 CET
JobId: 1509620850142

OVM> list vm
Command: list vm
Status: Success
Time: 2017-11-02 12:07:36,282 CET
Data:
id:0004fb00001400005f68a4067eda1e6b  name:OVM_OL7U4_X86_64_12201DBRAC_PVHVM

OVM> clone Vm name=OVM_OL7U4_X86_64_12201DBRAC_PVHVM destType=Vm destName=rac001 serverPool=prod01
Command: clone Vm name=OVM_OL7U4_X86_64_12201DBRAC_PVHVM destType=Vm destName=rac001 serverPool=prod01
Status: Success
Time: 2017-11-02 12:31:31,798 CET
JobId: 1509622291342
Data:
id:0004fb0000060000d4819629ebc0687f  name:rac001

OVM> clone Vm name=OVM_OL7U4_X86_64_12201DBRAC_PVHVM destType=Vm destName=rac002 serverPool=prod01
Command: clone Vm name=OVM_OL7U4_X86_64_12201DBRAC_PVHVM destType=Vm destName=rac002 serverPool=prod01
Status: Success
Time: 2017-11-02 13:57:34,125 CET
JobId: 1509627453634
Data:
id:0004fb0000060000482c8e4790b7081a  name:rac002

OVM> list vm
Command: list vm
Status: Success
Time: 2017-11-02 15:23:54,077 CET
Data:
id:0004fb00001400005f68a4067eda1e6b  name:OVM_OL7U4_X86_64_12201DBRAC_PVHVM
id:0004fb0000060000d4819629ebc0687f  name:rac001
id:0004fb0000060000482c8e4790b7081a  name:rac002

OVM> edit vm name=rac001 memory=2048 memoryLimit=2048
Command: edit vm name=rac001 memory=2048 memoryLimit=2048
Status: Success
Time: 2017-11-02 17:14:45,542 CET
JobId: 1509639285374

OVM> edit vm name=rac002 memory=2048 memoryLimit=2048
Command: edit vm name=rac002 memory=2048 memoryLimit=2048
Status: Success
Time: 2017-11-02 17:14:59,458 CET
JobId: 1509639299301

Step 8: Network definition for RAC interconnect and application network

create Network roles=VIRTUAL_MACHINE name=Application-Network
create Network roles=VIRTUAL_MACHINE name=Interco-Network-01
create Network roles=VIRTUAL_MACHINE name=Interco-Network-02

OVM> list network
Command: list network
Status: Success
Time: 2017-10-17 00:31:53,673 CEST
Data:
id:108572a7ca  name:Application-Network
id:10922ff6d7  name:Interco-Network-01
id:106765828d  name:Interco-Network-02

Next, we attach physical OVS’s NICs to corresponding networks

OVM> list port
Command: list port
Status: Success
Time: 2017-11-02 16:03:40,026 CET
Data:
id:0004fb00002000007667fde85d2a2944  name:eth0 on ovs002
id:0004fb00002000001fa791c597d71947  name:eth1 on ovs002
id:0004fb00002000003842bd1f3acb476b  name:eth2 on ovs002
id:0004fb000020000031652acb25248275  name:eth3 on ovs002
id:0004fb00002000006fb524dac1f2319c  name:eth4 on ovs001
id:0004fb0000200000748a37db41f80fb2  name:eth4 on ovs002
id:0004fb00002000000178e5cefb3c0161  name:eth3 on ovs001
id:0004fb000020000020373da7c0cdf4cf  name:eth2 on ovs001
id:0004fb0000200000b0e747714aa822b7  name:eth1 on ovs001
id:0004fb00002000002787de2e68f61ecd  name:eth0 on ovs001

add Port id=0004fb0000200000b0e747714aa822b7 to Network name=Application-Network
add Port id=0004fb00002000000178e5cefb3c0161 to Network name=Interco-Network-01
add Port id=0004fb00002000006fb524dac1f2319c to Network name=Interco-Network-02

add Port id=0004fb00002000001fa791c597d71947 to Network name=Application-Network
add Port id=0004fb000020000031652acb25248275 to Network name=Interco-Network-01
add Port id=0004fb0000200000748a37db41f80fb2 to Network name=Interco-Network-02

Then create Virtual NIC for Virtual Machines (the order matter as first created will fill first slot of the VM)

OVM> list vnic
Command: list vnic
Status: Success
Time: 2017-11-02 15:25:54,571 CET
Data:
id:0004fb00000700001fe86897bfb0ecd4  name:Template Vnic
id:0004fb00000700005351eb55314ab34e  name:Template Vnic

create Vnic name=rac001_vnic_admin network=Admin-Network on Vm name=rac001
create Vnic name=rac001_vnic_application network=Application-Network on Vm name=rac001
create Vnic name=rac001_vnic_interconnect network=Interco-Network-01 on Vm name=rac001
create Vnic name=rac001_vnic_interconnect network=Interco-Network-02 on Vm name=rac001

create Vnic name=rac002_vnic_admin network=Admin-Network on Vm name=rac002
create Vnic name=rac002_vnic_application network=Application-Network on Vm name=rac002
create Vnic name=rac002_vnic_interconnect network=Interco-Network-01 on Vm name=rac002
create Vnic name=rac002_vnic_interconnect network=Interco-Network-02 on Vm name=rac002

OVM> list vnic
Command: list vnic
Status: Success
Time: 2017-11-02 15:27:34,642 CET
Data:
id:0004fb00000700005631bb2fbbeed53c  name:rac002_vnic_interconnect
id:0004fb00000700005e93ec7e8cf529b6  name:rac001_vnic_interconnect
id:0004fb0000070000c091c9091b464846  name:rac002_vnic_admin
id:0004fb00000700001fe86897bfb0ecd4  name:Template Vnic
id:0004fb00000700009430b0a26566d6e3  name:rac002_vnic_application
id:0004fb0000070000c4113fb1d9375791  name:rac002_vnic_interconnect
id:0004fb00000700005351eb55314ab34e  name:Template Vnic
id:0004fb0000070000e1abd7e572bffc3a  name:rac001_vnic_admin
id:0004fb000007000079bb1fbf1d1942c9  name:rac001_vnic_application
id:0004fb000007000085d8a41dc8fd768c  name:rac001_vnic_interconnect

Step 9: Shared disks attachment to VMs for RAC ASM

Thanks to the Storage plugin available for the ZFS appliance we can directly create LUNs from the OVM Cli. You may find plugin for your Storage constructor in the Oracle Web Site https://www.oracle.com/virtualization/storage-connect-partner-program.html.
The storage plugin need to be installed on each OVS Servers and OVS servers need to be rediscovered after changes.

create PhysicalDisk size=5 shareable=yes thinProvision=yes userFriendlyName=clu001dgclu001 name=clu001dgclu001 on VolumeGroup  name=data/local/OracleTech
create PhysicalDisk size=5 shareable=yes thinProvision=yes userFriendlyName=clu001dgclu002 name=clu001dgclu002 on VolumeGroup  name=data/local/OracleTech
create PhysicalDisk size=5 shareable=yes thinProvision=yes userFriendlyName=clu001dgclu003 name=clu001dgclu003 on VolumeGroup  name=data/local/OracleTech
create PhysicalDisk size=5 shareable=yes thinProvision=yes userFriendlyName=clu001dgclu004 name=clu001dgclu004 on VolumeGroup  name=data/local/OracleTech
create PhysicalDisk size=5 shareable=yes thinProvision=yes userFriendlyName=clu001dgclu005 name=clu001dgclu005 on VolumeGroup  name=data/local/OracleTech
create PhysicalDisk size=5 shareable=yes thinProvision=yes userFriendlyName=clu001dgdata001 name=clu001dgdata001 on VolumeGroup  name=data/local/OracleTech
create PhysicalDisk size=5 shareable=yes thinProvision=yes userFriendlyName=clu001dgdata002 name=clu001dgdata002 on VolumeGroup  name=data/local/OracleTech
create PhysicalDisk size=5 shareable=yes thinProvision=yes userFriendlyName=clu001dgfra001 name=clu001dgfra001 on VolumeGroup  name=data/local/OracleTech
create PhysicalDisk size=5 shareable=yes thinProvision=yes userFriendlyName=clu001dgfra002 name=clu001dgfra002 on VolumeGroup  name=data/local/OracleTech

OVM> list PhysicalDisk
Command: list PhysicalDisk
Status: Success
Time: 2017-11-02 11:44:41,624 CET
Data:
id:0004fb0000180000ae02df42a4c8e582  name:clu001dgclu004
id:0004fb0000180000d91546f7d1a09cfb  name:clu001dgclu005
id:0004fb0000180000ab0030fb540a55b9  name:clu001dgclu003
id:0004fb0000180000d20bb1d7d50d6875  name:clu001dgfra001
id:0004fb00001800009e39a0b8b1edcf90  name:clu001dgfra002
id:0004fb00001800003742306aa30bfdd4  name:clu001dgdata001
id:0004fb00001800006131006a7a9fd266  name:clu001dgdata002
id:0004fb0000180000a5177543a1ef0464  name:clu001dgclu001
id:0004fb000018000035bd38c6f5245f66  name:clu001dgclu002

create vmdiskmapping slot=10 physicalDisk=clu001dgclu001 name=asm_disk_cluster_rac001_clu001dgclu001 on Vm name=rac001
create vmdiskmapping slot=11 physicalDisk=clu001dgclu002 name=asm_disk_cluster_rac001_clu001dgclu002 on Vm name=rac001
create vmdiskmapping slot=12 physicalDisk=clu001dgclu003 name=asm_disk_cluster_rac001_clu001dgclu003 on Vm name=rac001
create vmdiskmapping slot=13 physicalDisk=clu001dgclu004 name=asm_disk_cluster_rac001_clu001dgclu004 on Vm name=rac001
create vmdiskmapping slot=14 physicalDisk=clu001dgclu005 name=asm_disk_cluster_rac001_clu001dgclu005 on Vm name=rac001
create vmdiskmapping slot=15 physicalDisk=clu001dgdata001 name=asm_disk_cluster_rac001_clu001dgdata001 on Vm name=rac001
create vmdiskmapping slot=16 physicalDisk=clu001dgdata002 name=asm_disk_cluster_rac001_clu001dgdata002 on Vm name=rac001
create vmdiskmapping slot=17 physicalDisk=clu001dgfra001 name=asm_disk_cluster_rac001_clu001dgfra001 on Vm name=rac001
create vmdiskmapping slot=18 physicalDisk=clu001dgfra002 name=asm_disk_cluster_rac001_clu001dgfra002 on Vm name=rac001

create vmdiskmapping slot=10 physicalDisk=clu001dgclu001 name=asm_disk_cluster_rac002_clu001dgclu001 on Vm name=rac002
create vmdiskmapping slot=11 physicalDisk=clu001dgclu002 name=asm_disk_cluster_rac002_clu001dgclu002 on Vm name=rac002
create vmdiskmapping slot=12 physicalDisk=clu001dgclu003 name=asm_disk_cluster_rac002_clu001dgclu003 on Vm name=rac002
create vmdiskmapping slot=13 physicalDisk=clu001dgclu004 name=asm_disk_cluster_rac002_clu001dgclu004 on Vm name=rac002
create vmdiskmapping slot=14 physicalDisk=clu001dgclu005 name=asm_disk_cluster_rac002_clu001dgclu005 on Vm name=rac002
create vmdiskmapping slot=15 physicalDisk=clu001dgdata001 name=asm_disk_cluster_rac002_clu001dgdata on Vm name=rac002
create vmdiskmapping slot=16 physicalDisk=clu001dgdata002 name=asm_disk_cluster_rac002_clu001dgdata on Vm name=rac002
create vmdiskmapping slot=17 physicalDisk=clu001dgfra001 name=asm_disk_cluster_rac002_clu001dgfra001 on Vm name=rac002
create vmdiskmapping slot=18 physicalDisk=clu001dgfra002 name=asm_disk_cluster_rac002_clu001dgfra002 on Vm name=rac002

 

#Output of an attachment:
OVM> create vmdiskmapping slot=51 physicalDisk=clu001dgfra002 name=asm_disk_cluster_rac002_clu001dgfra002 on Vm name=rac002
Command: create vmdiskmapping slot=51 physicalDisk=clu001dgfra002 name=asm_disk_cluster_rac002_clu001dgfra002 on Vm name=rac002
Status: Success
Time: 2017-11-02 15:49:44,573 CET
JobId: 1509634184144
Data:
id:0004fb0000130000d1a3ecffefcc0b5b  name:asm_disk_cluster_rac002_clu001dgfra002

OVM> list vmdiskmapping
Command: list vmdiskmapping
Status: Success
Time: 2017-11-02 15:50:05,117 CET
Data:
id:0004fb0000130000a2e52668e38d24f0  name:Mapping for disk Id (0004fb00001200008e5043cea31e4a1c.img)
id:0004fb00001300000b0202b6af4254b1  name:asm_disk_cluster_rac002_clu001dgclu003
id:0004fb0000130000f573415ba8af814d  name:Mapping for disk Id (0004fb0000120000073fd0cff75c5f4d.img)
id:0004fb0000130000217c1b6586d88d98  name:asm_disk_cluster_rac002_clu001dgclu002
id:0004fb00001300007c8f1b4fd9e845c4  name:asm_disk_cluster_rac002_clu001dgclu001
id:0004fb00001300009698cf153f616454  name:asm_disk_cluster_rac001_clu001dgfra002
id:0004fb0000130000c9caf8763df6bfe0  name:asm_disk_cluster_rac001_clu001dgfra001
id:0004fb00001300009771ff7e2a1bf965  name:asm_disk_cluster_rac001_clu001dgdata002
id:0004fb00001300003aed42abb7085053  name:asm_disk_cluster_rac001_clu001dgdata001
id:0004fb0000130000ac45b70bac2cedf7  name:asm_disk_cluster_rac001_clu001dgclu005
id:0004fb000013000007069008e4b91b9d  name:asm_disk_cluster_rac001_clu001dgclu004
id:0004fb0000130000a8182ada5a07d7cd  name:asm_disk_cluster_rac001_clu001dgclu003
id:0004fb00001300009edf25758590684b  name:asm_disk_cluster_rac001_clu001dgclu002
id:0004fb0000130000a93c8a73900cbf80  name:asm_disk_cluster_rac002_clu001dgfra001
id:0004fb0000130000c8c35da3ad0148c4  name:asm_disk_cluster_rac001_clu001dgclu001
id:0004fb0000130000d1a3ecffefcc0b5b  name:asm_disk_cluster_rac002_clu001dgfra002
id:0004fb0000130000ff84c64175d7e6c1  name:asm_disk_cluster_rac002_clu001dgdata
id:0004fb00001300009c08b1803928536d  name:Mapping for disk Id (dd3c390b29af49809caba202f234a443.img)
id:0004fb0000130000e85ace19b45c0ad6  name:Mapping for disk Id (0004fb00001200002aa671facc8a1307.img)
id:0004fb0000130000e595c3dc5788b87a  name:Mapping for disk Id (0004fb000012000087341e27f9faaa17.img)
id:0004fb0000130000c66fe2d0d66b7276  name:asm_disk_cluster_rac002_clu001dgdata
id:0004fb00001300009c85bca66c400366  name:Mapping for disk Id (46da481163424b739feeb08b4d22c1b4.img)
id:0004fb0000130000768a2af09207e659  name:asm_disk_cluster_rac002_clu001dgclu004
id:0004fb000013000092836d3ee569e6ac  name:asm_disk_cluster_rac002_clu001dgclu005

OVM> add StorageInitiator name=iqn.1988-12.com.oracle:1847e1b91b5b to AccessGroup name=cluster001
Command: add StorageInitiator name=iqn.1988-12.com.oracle:1847e1b91b5b to AccessGroup name=cluster001
Status: Success
Time: 2017-11-02 16:59:32,116 CET
JobId: 1509638311277

OVM> add StorageInitiator name=iqn.1988-12.com.oracle:a5c84f2c8798 to AccessGroup name=cluster001
Command: add StorageInitiator name=iqn.1988-12.com.oracle:a5c84f2c8798 to AccessGroup name=cluster001
Status: Success
Time: 2017-11-02 16:57:31,703 CET
JobId: 1509638191228

add PhysicalDisk name=clu001dgclu001 to AccessGroup name=cluster001
add PhysicalDisk name=clu001dgclu002 to AccessGroup name=cluster001
add PhysicalDisk name=clu001dgclu003 to AccessGroup name=cluster001
add PhysicalDisk name=clu001dgclu004 to AccessGroup name=cluster001
add PhysicalDisk name=clu001dgclu005 to AccessGroup name=cluster001
add PhysicalDisk name=clu001dgdata001 to AccessGroup name=cluster001
add PhysicalDisk name=clu001dgdata002 to AccessGroup name=cluster001
add PhysicalDisk name=clu001dgfra001 to AccessGroup name=cluster001
add PhysicalDisk name=clu001dgfra002 to AccessGroup name=cluster001

#Output of an Access addition:
OVM> add PhysicalDisk name=clu001dgclu001 to AccessGroup name=cluster001
Command: add PhysicalDisk name=clu001dgclu001 to AccessGroup name=cluster001
Status: Success
Time: 2017-11-02 17:10:13,636 CET
JobId: 1509639013463

OVM> refreshStorageLayer Server name=ovs001
Command: refreshStorageLayer Server name=ovs001
Status: Success
Time: 2017-11-02 16:42:26,230 CET
JobId: 1509637330270

OVM> refreshStorageLayer Server name=ovs002
Command: refreshStorageLayer Server name=ovs002
Status: Success
Time: 2017-11-02 16:42:51,296 CET
JobId: 1509637355423

Final state: 2 VMs hosted on 2 different Servers with OS, Network and Storage requirements to run RAC 12.2.

This concluded this part and demonstrates how easy it can be to automate those commands and deploy many different architectures.
The next part will describe how to deploy a RAC 12.2 on top of this infrastructure with the Oracle DeployCluster Tool in few commands …

I hope it may help and please do not hesitate to contact us if you have any questions or require further information.

Cet article Automate OVM deployment for a production ready Oracle RAC 12.2 architecture – (part 01) est apparu en premier sur Blog dbi services.