tag:blogger.com,1999:blog-43193663297086835572024-03-27T07:37:48.689+01:00Oracle FMW and more ...Oracle Fusion Middleware, Database and Systems EngineeringJaaphttp://www.blogger.com/profile/13814974223890398431noreply@blogger.comBlogger14125tag:blogger.com,1999:blog-4319366329708683557.post-52195927047149717772017-05-27T18:36:00.000+02:002017-05-28T14:43:13.927+02:00Configuring Oracle Traffic Director 12c with WebGate<br />
At a recent customer install, I was faced with configuring Oracle Traffic Director (OTD) 12.2.1.2.0 Webgate with Oracle Access Manager.<br />
<br />
Deploying Webgate on OD 12c is very well described in the documentation. See <a href="https://docs.oracle.com/middleware/12212/otd/install/GUID-EFC43C1A-858A-43A3-8E1E-840926BE4F2C.htm#OTINS870" target="_blank">A Configuring OAM Agent (WebGate) for Oracle Traffic Director 12.2.1.2</a><br />
<br />
There is however a flaw in the documentation. I came across that when I reached the point where Webgate get's configured in the conf files of OTD.<br />
<br />
When you configure Webgate for OTD 12c, the OTD Conf files such as magnus.conf and virtual-server-*-obj.conf are updated. (on a collocated installation)<br />
If you follow the documentation completely, you will end up with conf files that either have no WebGate configuration in them or with the configuration dedicated to the first OTD instance on both servers. In the latter case, the second instance will no longer start.<br />
I created a Service Request at Oracle support to address the issue. They didn't have a solution for the problem and I ended up being bounced between the OTD and the WebGate support teams. Finally one of the guys from the WebGate team really tried to help me, but couldn't resolve the issue. So I went along and solved the problem myself. As I will describe below.<br />
<br />
When you reach pt.5 of the documentation <a href="https://docs.oracle.com/middleware/12212/otd/install/GUID-EFC43C1A-858A-43A3-8E1E-840926BE4F2C.htm#OTINS1003" target="_blank">A.2 Configuring Oracle Traffic Director 12c WebGate</a><br />
<br />
Change the EditObjConf line as follows<br />
<br />
<span style="font-family: "courier new" , "courier" , monospace;">./EditObjConf -f Domain_Home/config/fmwconfig/components/OTD/<b>otd_configuration_name</b>/config/<b>virtual_server_name-obj.conf</b>
-w webgate_instanceDirectory [-oh Oracle_Home] -ws otd</span><br />
<br />
For example<br />
<br />
OTD Configuration Name: TST1<br />
OTD Instance 1: otd_TST1_host1.domain.local<br />
OTD Instance 2: otd_TST1_ host1.domain.local<br />
Domainhome: /u01/app/oracle/config/domains/otd_domain_tst
<br />
<div>
<br /></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">./EditObjConf -f /u01/app/oracle/config/domains/otd_domain_tst/config/fmwconfig/components/
OTD/TST1/config/virtual-server-tst1-obj.conf
-w /u01/app/oracle/config/domains/otd_domain_tst/config/fmwconfig/components/
OTD/instances/otd_TST1_ host1.domain.local -oh $ORACLE_HOME -ws otd
</span></div>
<div>
<br /></div>
<div>
Where TST1 is the name of the configuration and host1.domain.local is the name of the first server.<br />
This will change the magnus.conf and virtual-server-tst1-obj.conf for Webgate.<br />
In virtual-server-tst1-obj.conf there are no instance specific references.<br />
However in the magnus.conf there are references to the first instance, since this is the one that we used with EditObjConf.<br />
<br />
This is what the magnus.conf in the OTD configuration section (on global level) looks like after EditObjConf command.<br />
Notice the hardcoded instance name in four places.<br />
<br /></div>
<span style="font-family: "courier new" , "courier" , monospace;">/u01/app/oracle/config/domains/otd_domain_tst/config/fmwconfig/components/
OTD/TST1/config/magnus.conf</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"># </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># Copyright (c) 2011, 2016, Oracle and/or its affiliates. All rights reserved.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">Init fn="load-modules" shlib="libwebapp-firewall.so"</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"># Oracle WebGate Init FNs start #WGINITFN </span><br />
<span style="font-family: "courier new" , "courier" , monospace;">Init fn="load-modules"</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">funcs="OBWebGate_Init,OBWebGate_Authent,OBWebGate_Control,</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">OBWebGate_Err,OBWebGate_Handle401,
OBWebGate_Response" </span><br />
<span style="font-family: "courier new" , "courier" , monospace;">shlib="/u01/app/oracle/product/otd1221/webgate/otd/lib/webgate.so" </span><br />
<span style="font-family: "courier new" , "courier" , monospace;">obinstalldir="/u01/app/oracle/product/otd1221/webgate/otd" </span><br />
<span style="font-family: "courier new" , "courier" , monospace;">obinstancedir="/u01/app/oracle/config/domains/otd_domain_tst/config/</span><span style="font-family: "courier new" , "courier" , monospace;">fmwconfig/</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">components/OTD/instances/<b>otd_TST1_host1.domain.local</b>"</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">#ESSO#Init fn="load-modules"</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">funcs="EssoBasicAuthInit,EssoBasicAuth,EssoClean" </span><br />
<span style="font-family: "courier new" , "courier" , monospace;">shlib="/u01/app/oracle/product/otd1221/webgate/otd/lib/webgate.so" </span><br />
<span style="font-family: "courier new" , "courier" , monospace;">obinstalldir="/u01/app/oracle/product/otd1221/webgate/otd" </span><br />
<span style="font-family: "courier new" , "courier" , monospace;">obinstancedir="/u01/app/oracle/config/domains/otd_domain_tst/config/</span><span style="font-family: "courier new" , "courier" , monospace;">fmwconfig/</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">components/OTD/instances/<b>otd_TST1_host1.domain.local</b>"</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">Init fn="OBWebGate_Init" </span><br />
<span style="font-family: "courier new" , "courier" , monospace;">obinstalldir="/u01/app/oracle/product/otd1221/webgate/otd" </span><br />
<span style="font-family: "courier new" , "courier" , monospace;">obinstancedir="/u01/app/oracle/config/domains/otd_domain_tst/config/fmwconfig/</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">components/OTD/instances/<b>otd_TST1_host1.domain.local</b>" Mode="PEER"</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">#WebGateLockFileDir="<some_local_dir>"</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"># WebGateLockFileDir: Optional directive specifying the location to create </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># webgate lock files. </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># If configured, then all webgate lock files will be created under </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># <WebGateLockFileDir>/<Hash of WebGateInstancedir>. The hash subdir is to </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># ensure uniqueness for each webserver instance and avoid locking conflicts </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># if two different instances have configured the directive with same value. </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># If the dir does not exist before, will try to create it first. If dir </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># creation failed or the directive not configured, webgate falls back to old </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># model, i.e. use same location as original file that lock is based upon. </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># This directive is useful when webgate instance is located on NFS mounted </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># disks and performance greatly impacted. Configure it to local dir will solve </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># the issue. </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">#ESSO#Init fn="EssoBasicAuthInit" </span><br />
<span style="font-family: "courier new" , "courier" , monospace;">obinstalldir="/u01/app/oracle/product/otd1221/webgate/otd" </span><br />
<span style="font-family: "courier new" , "courier" , monospace;">obinstancedir="/u01/app/oracle/config/domains/otd_domain_tst/config/fmwconfig/</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">components/OTD/instances/<b>otd_TST1_host1.domain.local</b>" Mode="PEER" </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># Oracle WebGate Init FNs end #WGINITFN</span><br />
<div>
<br /></div>
Leaving it like this will result in this hardcoded instance name being distributed to all instance. Hence only one instance would start.<br />
<br />
<h4>
Now how to fix this.</h4>
<div>
<br /></div>
<div>
Open magnus.conf with an editor</div>
<div>
<br /></div>
<div>
<div>
Replace the hardcoded instance name with a variable called ${INSTANCE_NAME}</div>
<div>
<span style="font-size: x-small;">(I picked up the existence of this variable in the server.xml which is also on the OTD Configuration level and get distributed all instances.)</span></div>
</div>
<div>
<br /></div>
<div>
In our example the magnus.conf now looks like this.<br />
<br />
<span style="font-family: "courier new" , "courier" , monospace;">#</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># Copyright (c) 2011, 2016, Oracle and/or its affiliates. All rights reserved.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">Init fn="load-modules" shlib="libwebapp-firewall.so"</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"># Oracle WebGate Init FNs start #WGINITFN </span><br />
<span style="font-family: "courier new" , "courier" , monospace;">Init fn="load-modules"</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">funcs="OBWebGate_Init,OBWebGate_Authent,OBWebGate_Control,</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">OBWebGate_Err,</span><span style="font-family: "courier new" , "courier" , monospace;">OBWebGate_Handle401,OBWebGate_Response" </span><br />
<span style="font-family: "courier new" , "courier" , monospace;">shlib="/u01/app/oracle/product/otd1221/webgate/otd/lib/webgate.so" </span><br />
<span style="font-family: "courier new" , "courier" , monospace;">obinstalldir="/u01/app/oracle/product/otd1221/webgate/otd"
</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">obinstancedir="/u01/app/oracle/config/domains/otd_domain_tst/config/fmwconfig/components/OTD/instances/<b>${INSTANCE_NAME}</b>"</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">#ESSO#Init fn="load-modules" </span><br />
<span style="font-family: "courier new" , "courier" , monospace;">funcs="EssoBasicAuthInit,EssoBasicAuth,EssoClean"
</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">shlib="/u01/app/oracle/product/otd1221/webgate/otd/lib/webgate.so"
</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">obinstalldir="/u01/app/oracle/product/otd1221/webgate/otd"
</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">obinstancedir="/u01/app/oracle/config/domains/otd_domain_tst/config/fmwconfig/components/OTD/instances/<b>${INSTANCE_NAME}</b>"
Init fn="OBWebGate_Init" </span><br />
<span style="font-family: "courier new" , "courier" , monospace;">obinstalldir="/u01/app/oracle/product/otd1221/webgate/otd"
</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">obinstancedir="/u01/app/oracle/config/domains/otd_domain_tst/config/fmwconfig/components/OTD/instances/<b>${INSTANCE_NAME}</b>" Mode="PEER" </span><br />
<span style="font-family: "courier new" , "courier" , monospace;">#WebGateLockFileDir="<some_local_dir>" </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"># WebGateLockFileDir: Optional directive specifying the location to create </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># webgate lock files. </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># If configured, then all webgate lock files will be created under </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># <WebGateLockFileDir>/<Hash of WebGateInstancedir>. The hash subdir is to </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># ensure uniqueness for each webserver instance and avoid locking conflicts </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># if two different instances have configured the directive with same value. </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># If the dir does not exist before, will try to create it first. If dir </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># creation failed or the directive not configured, webgate falls back to old </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># model, i.e. use same location as original file that lock is based upon. </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># This directive is useful when webgate instance is located on NFS mounted </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># disks and performance greatly impacted. Configure it to local dir will solve </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># the issue. </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">#ESSO#Init fn="EssoBasicAuthInit"</span></div>
<span style="font-family: "courier new" , "courier" , monospace;">obinstalldir="/u01/app/oracle/product/otd1221/webgate/otd" </span>
<span style="font-family: "courier new" , "courier" , monospace;">obinstancedir="/u01/app/oracle/config/domains/otd_domain_tst/config/fmwconfig/components/OTD/instances/<b>${INSTANCE_NAME}</b>" Mode="PEER"</span>
<br />
<span style="font-family: "courier new" , "courier" , monospace;"># Oracle WebGate Init FNs end #WGINITFN</span>
<br />
<div>
</div>
<h3>
<span style="font-weight: normal;">Now to distributed these files</span></h3>
Open Enterprise ManagerFusion Middleware Control 12c and go to the OTD Configuration
<br />
<div>
<br /></div>
<div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiHiZTDcBXNOdbqVskMeE9kG3Sit6AVp_qrsZ1BDds-2VksZVfUgcw3PyE4BEFrPjNfhhIDAUFAAUPGPDC1ekmCGdnGC9iKh_eMtAly-mqAkc6MrvgrOJE3vDbLGLbu5_ZOkKCqnF6_mjA/s1600/otdem1.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" data-original-height="192" data-original-width="1275" height="96" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiHiZTDcBXNOdbqVskMeE9kG3Sit6AVp_qrsZ1BDds-2VksZVfUgcw3PyE4BEFrPjNfhhIDAUFAAUPGPDC1ekmCGdnGC9iKh_eMtAly-mqAkc6MrvgrOJE3vDbLGLbu5_ZOkKCqnF6_mjA/s640/otdem1.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
Go
to Virtual Server section and click Lock and Edit</div>
<div>
<div class="MsoNormalCxSpMiddle">
<br /></div>
<div class="MsoNormalCxSpMiddle">
<span lang="EN-US">EM
will show the Pull Components Changes bar.<o:p></o:p></span></div>
<div class="MsoNormalCxSpMiddle">
<span lang="EN-US"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgGXFyAjkYneTcTbeWmAXEAPIqfhWqMxedlIwEsb44Vwtr9gf7qvPDQuNL7-cB5Arw9ZPDqRGV_LLo2_n5UC55DUn15oph5U5McWtv5NJBUiJazQJeg9hlgJNvHE25dz3PT58VmCc_BPCE/s1600/otdem2.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" data-original-height="90" data-original-width="1248" height="46" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgGXFyAjkYneTcTbeWmAXEAPIqfhWqMxedlIwEsb44Vwtr9gf7qvPDQuNL7-cB5Arw9ZPDqRGV_LLo2_n5UC55DUn15oph5U5McWtv5NJBUiJazQJeg9hlgJNvHE25dz3PT58VmCc_BPCE/s640/otdem2.png" width="640" /></a></div>
<div class="MsoNormalCxSpMiddle">
<br /></div>
<div class="MsoNormalCxSpMiddle">
<br /></div>
<div class="MsoNormalCxSpMiddle">
<br /></div>
<div class="MsoNormalCxSpMiddle">
<br /></div>
<div class="MsoNormalCxSpFirst">
<b>DON'T pull the changes!</b><br />
This will replace the conf files of the configuration with those currently in use by the instances.<br />
<br />
Instead make a minor, insignificant, change in the configuration.<br />
For example add a hostname to the Virtual Server Settings. (We remove it later)<br />
Now activate the changes<br />
<b>Again, don’t Pull the changes</b><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDtmQQDr-QWsyzLB8LX3gnZtXZxLE51gJmtu25Jrt0Xgh0l3X-4xxx3AOxmt9Qw8bYtvo4P1T6uLulO01srLUL7Ta_UfKuiVGAxxl7OI725QN08xiL4sdgT2OzUnrAYqd2UAVJ6L9YKFI/s1600/otdem3.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><br /></a><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDtmQQDr-QWsyzLB8LX3gnZtXZxLE51gJmtu25Jrt0Xgh0l3X-4xxx3AOxmt9Qw8bYtvo4P1T6uLulO01srLUL7Ta_UfKuiVGAxxl7OI725QN08xiL4sdgT2OzUnrAYqd2UAVJ6L9YKFI/s1600/otdem3.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" data-original-height="240" data-original-width="213" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDtmQQDr-QWsyzLB8LX3gnZtXZxLE51gJmtu25Jrt0Xgh0l3X-4xxx3AOxmt9Qw8bYtvo4P1T6uLulO01srLUL7Ta_UfKuiVGAxxl7OI725QN08xiL4sdgT2OzUnrAYqd2UAVJ6L9YKFI/s200/otdem3.png" width="177" /></a></div>
<div>
<br /></div>
</div>
<div class="MsoNormalCxSpMiddle">
<span lang="EN-US"><br /></span></div>
</div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhes5FRCWkCqHa8a4kkGX4hkJhoX_cpL74HwQy9SxjbSfSb1OxaLjCB0b-HXu1BHEOzPAgMqZm9o3RM1CDPmfOcE2KpxijWihv0XHUh8J-hsC4Yi9p3oVVnDqNe25VXXWL46bAx2KSAjuA/s1600/otdem4.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" data-original-height="584" data-original-width="1015" height="368" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhes5FRCWkCqHa8a4kkGX4hkJhoX_cpL74HwQy9SxjbSfSb1OxaLjCB0b-HXu1BHEOzPAgMqZm9o3RM1CDPmfOcE2KpxijWihv0XHUh8J-hsC4Yi9p3oVVnDqNe25VXXWL46bAx2KSAjuA/s640/otdem4.png" width="640" /></a></div>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjscSHDZ8JkGqVEufCr_5t7oijJNHX2YQUNKjrl1NwqhuKLt6qznTJ-p4QT-qsRjX18Gb0l-Q4UKycl75wbJIiSw-plCpC-9ZL_Ja-xyHNk8O3YYLzzHwHWDvBoEOa-9SfH7DibY3qecqc/s1600/otdem4.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><br /></a>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
Discard the Instance Changes and Activate Changes.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJrJgb6j1DSzWUAT3hLjMRId5iCxs6fw6WDjanzya195WvPtwLRNUmR6hLjQHAJAEOdgpp3F1TqTnoxaLdVYubVp9X4i4dlkGvImEZjXVYzbCy3AaFlwYPfZ-djLHdEwdTXUaEfzZIVTU/s1600/otdem5.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" data-original-height="284" data-original-width="1273" height="142" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJrJgb6j1DSzWUAT3hLjMRId5iCxs6fw6WDjanzya195WvPtwLRNUmR6hLjQHAJAEOdgpp3F1TqTnoxaLdVYubVp9X4i4dlkGvImEZjXVYzbCy3AaFlwYPfZ-djLHdEwdTXUaEfzZIVTU/s640/otdem5.png" width="640" /></a></div>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
Again Discard Changes<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4-oywZ22aN48V7VGUfoXY6XIHui38lma0Z0r-hhbLq2BVnrxzyNGCgqCkMKYXY6QcULjp8G_C-1mdbSIPZM1m6JEAQu_kCPd2PtABkMcJT2QHrBlJKa_o62PxDeBA3ZOtDxVymxt9SpI/s1600/otdem6.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" data-original-height="157" data-original-width="627" height="160" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4-oywZ22aN48V7VGUfoXY6XIHui38lma0Z0r-hhbLq2BVnrxzyNGCgqCkMKYXY6QcULjp8G_C-1mdbSIPZM1m6JEAQu_kCPd2PtABkMcJT2QHrBlJKa_o62PxDeBA3ZOtDxVymxt9SpI/s640/otdem6.png" width="640" /></a></div>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
And finally Discard Changes to distributed the correct conf files to the instances.<br />
<br />
Now let's look at the magnus.conf on both instances (We already know that the virtual-server-tst1-obj.conf is the same everywhere)<br />
<br />
<h4>
On Instance 1</h4>
</div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">#</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># Copyright (c) 2011, 2016, Oracle and/or its affiliates. All rights reserved.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">#</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">Init fn="load-modules" shlib="libwebapp-firewall.so"</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"># Oracle WebGate Init FNs start #WGINITFN</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">Init fn="load-modules"</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">funcs="OBWebGate_Init,OBWebGate_Authent,OBWebGate_Control,</span></div>
<span style="font-family: "courier new" , "courier" , monospace;">OBWebGate_Err,OBWebGate_Handle401,OBWebGate_Response" </span><br />
<span style="font-family: "courier new" , "courier" , monospace;">shlib="/u01/app/oracle/product/otd1221/webgate/otd/lib/webgate.so"
</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">obinstalldir="/u01/app/oracle/product/otd1221/webgate/otd"
</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">obinstancedir="/u01/app/oracle/config/domains/otd_domain_tst/config/fmwconfig/</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">components/OTD/instances/<b>otd_TST1_host1.domain.local</b>" </span><br />
<span style="font-family: "courier new" , "courier" , monospace;">#ESSO#Init fn="load-modules" funcs="EssoBasicAuthInit,EssoBasicAuth,EssoClean"
</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">shlib="/u01/app/oracle/product/otd1221/webgate/otd/lib/webgate.so"
</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">obinstalldir="/u01/app/oracle/product/otd1221/webgate/otd"
</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">obinstancedir="/u01/app/oracle/config/domains/otd_domain_tst/config/fmwconfig/</span><span style="font-family: "courier new" , "courier" , monospace;">components/OTD/instances/</span><b style="font-family: "courier new", courier, monospace;">otd_TST1_host1.domain.local</b><span style="font-family: "courier new" , "courier" , monospace;">"
Init fn="OBWebGate_Init" </span><br />
<span style="font-family: "courier new" , "courier" , monospace;">obinstalldir="/u01/app/oracle/product/otd1221/webgate/otd"
</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">obinstancedir="/u01/app/oracle/config/domains/otd_domain_tst/config/fmwconfig/</span><span style="font-family: "courier new" , "courier" , monospace;">components/OTD/instances/</span><b style="font-family: "courier new", courier, monospace;">otd_TST1_host1.domain.local</b><span style="font-family: "courier new" , "courier" , monospace;">" Mode="PEER" </span><br />
<span style="font-family: "courier new" , "courier" , monospace;">#WebGateLockFileDir="<some_local_dir>" </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"># WebGateLockFileDir: Optional directive specifying the location to create
# webgate lock files.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># If configured, then all webgate lock files will be created under </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># <WebGateLockFileDir>/<Hash of WebGateInstancedir>. The hash subdir is to </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># ensure uniqueness for each webserver instance and avoid locking conflicts </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># if two different instances have configured the directive with same value. </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># If the dir does not exist before, will try to create it first. If dir </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># creation failed or the directive not configured, webgate falls back to old </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># model, i.e. use same location as original file that lock is based upon. </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># This directive is useful when webgate instance is located on NFS mounted </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># disks and performance greatly impacted. Configure it to local dir will solve </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># the issue. </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">#ESSO#Init fn="EssoBasicAuthInit"
</span><br />
<div>
</div>
<span style="font-family: "courier new" , "courier" , monospace;">obinstalldir="/u01/app/oracle/product/otd1221/webgate/otd"
</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">obinstancedir="/u01/app/oracle/config/domains/otd_domain_tst/config/fmwconfig/</span><span style="font-family: "courier new" , "courier" , monospace;">components/OTD/instances/</span><b style="font-family: "courier new", courier, monospace;">otd_TST1_host1.domain.local</b><span style="font-family: "courier new" , "courier" , monospace;">" Mode="PEER" </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># Oracle WebGate Init FNs end #WGINITFN</span><br />
<h4>
And on Instance 2</h4>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">#</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># Copyright (c) 2011, 2016, Oracle and/or its affiliates. All rights reserved. </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">Init fn="load-modules" shlib="libwebapp-firewall.so" </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"># Oracle WebGate Init FNs start #WGINITFN </span><br />
<span style="font-family: "courier new" , "courier" , monospace;">Init fn="load-modules" funcs="OBWebGate_Init,OBWebGate_Authent,OBWebGate_Control,</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">OBWebGate_Err,OBWebGate_Handle401,OBWebGate_Response" </span><br />
<span style="font-family: "courier new" , "courier" , monospace;">shlib="/u01/app/oracle/product/otd1221/webgate/otd/lib/webgate.so"
</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">obinstalldir="/u01/app/oracle/product/otd1221/webgate/otd"
</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">obinstancedir="/u01/app/oracle/config/domains/otd_domain_tst/config/fmwconfig/components/OTD/instances/<b>otd_TST1_host2.domain.local</b>"</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">#ESSO#Init fn="load-modules" </span><br />
<span style="font-family: "courier new" , "courier" , monospace;">funcs="EssoBasicAuthInit,EssoBasicAuth,EssoClean"
</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">shlib="/u01/app/oracle/product/otd1221/webgate/otd/lib/webgate.so"
</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">obinstalldir="/u01/app/oracle/product/otd1221/webgate/otd"
</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">obinstancedir="/u01/app/oracle/config/domains/otd_domain_tst/config/fmwconfig/components/OTD/instances/<b>otd_TST1_host2.domain.local</b>" </span><br />
<span style="font-family: "courier new" , "courier" , monospace;">Init fn="OBWebGate_Init" </span><br />
<span style="font-family: "courier new" , "courier" , monospace;">obinstalldir="/u01/app/oracle/product/otd1221/webgate/otd"
</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">obinstancedir="/u01/app/oracle/config/domains/otd_domain_tst/config/fmwconfig/components/OTD/instances/<b>otd_TST1_host2.domain.local</b>" Mode="PEER"</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">#WebGateLockFileDir="<some_local_dir>" </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;"># WebGateLockFileDir: Optional directive specifying the location to create </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># webgate lock files. </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># If configured, then all webgate lock files will be created under </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># <WebGateLockFileDir>/<Hash of WebGateInstancedir>. The hash subdir is to </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># ensure uniqueness for each webserver instance and avoid locking conflicts </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># if two different instances have configured the directive with same value. </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># If the dir does not exist before, will try to create it first. If dir </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># creation failed or the directive not configured, webgate falls back to old </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># model, i.e. use same location as original file that lock is based upon. </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># This directive is useful when webgate instance is located on NFS mounted </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># disks and performance greatly impacted. Configure it to local dir will solve </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># the issue.</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">#ESSO#Init fn="EssoBasicAuthInit"</span></div>
<div>
</div>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span>
<span style="font-family: "courier new" , "courier" , monospace;">obinstalldir="/u01/app/oracle/product/otd1221/webgate/otd"
</span><br />
<span style="font-family: "courier new" , "courier" , monospace;">obinstancedir="/u01/app/oracle/config/domains/otd_domain_tst/config/fmwconfig/components/OTD/instances/<b>otd_TST1_host2.domain.local</b>" Mode="PEER" </span><br />
<span style="font-family: "courier new" , "courier" , monospace;"># Oracle WebGate Init FNs end #WGINITFN
</span><br />
<br />
<div>
The files look good on both instances.<br />
<br /></div>
<div>
</div>
<div>
Now Restart Instances<br />
<br /></div>
<div>
</div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">Validate Restart operation on target /Domain_otd_domain_tst/otd_domain_tst/otd_TST1_host2.domain.local
Validate Restart operation on target /Domain_otd_domain_tst/otd_domain_tst/otd_TST1_host1.domain.local
------------------------------------------------</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">Perform Restart operation on target /Domain_otd_domain_tst/otd_domain_tst/TST1</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">Perform Restart operation on target /Domain_otd_domain_tst/otd_domain_tst/otd_TST1_host2.domain.local</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">Perform Restart operation on target /Domain_otd_domain_tst/otd_domain_tst/otd_TST1_host1.domain.local</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">------------------------------------------------</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">Checking operation status on target /Domain_otd_domain_tst/otd_domain_tst/TST1</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> Operation Restart on target /Domain_otd_domain_tst/otd_domain_tst/otd_TST1_host2.domain.local succeeded</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> Operation Restart on target /Domain_otd_domain_tst/otd_domain_tst/otd_TST1_host1.domain.local succeeded</span></div>
<br />
Now you're good to go with WebGate correctly configured on OTD 12c.
<br />
<br />
<div>
</div>
<br />
I put the solution in the service request and got thanks from the guys at Oracle Support. They told me, they where going to change the documentation to match my solution.
Always nice to get this kind of appreciation from them
Jaaphttp://www.blogger.com/profile/13814974223890398431noreply@blogger.com4tag:blogger.com,1999:blog-4319366329708683557.post-59414574103706743212016-07-19T20:51:00.000+02:002016-07-19T20:51:35.220+02:00Two sessions accepted for DOAG2016<br />
Today I received confirmation that two sessions have been accepted by DOAG.<br />
<br />
- High density deployments using Weblogic Multitenancy<br />
<br />
- Continuous Availability with Weblogic Server 12cR2<br />
<br />
Both sessions in the stream Middleware.<br />
<br />
Looking forward to present at DOAG2016 on 15th -18th november 2016 in Nuremberg.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhhbGiJEnVFQhHT7gLRaGpe3ZvrvA-Pz4Ja-FvLAX6yzEzp4QLv9GH__UBJviU6mRBcBgMBz2ZU9q0yLBV1KdjUw_rWBKwUw132JSWaaISdiWfLzEgK-lWJfP0uIJknOtxZOdi7Rz2EhVY/s1600/2016-K-A-Banner-600x100_engl.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhhbGiJEnVFQhHT7gLRaGpe3ZvrvA-Pz4Ja-FvLAX6yzEzp4QLv9GH__UBJviU6mRBcBgMBz2ZU9q0yLBV1KdjUw_rWBKwUw132JSWaaISdiWfLzEgK-lWJfP0uIJknOtxZOdi7Rz2EhVY/s1600/2016-K-A-Banner-600x100_engl.jpg" /></a></div>
<br />Jaaphttp://www.blogger.com/profile/13814974223890398431noreply@blogger.com0tag:blogger.com,1999:blog-4319366329708683557.post-81431491925262953532016-06-29T23:58:00.000+02:002016-06-30T07:28:49.054+02:00How To create a private 10 Gb network on an ODA X5-2In my previous post <a href="http://www.fmwadmin.com/2016/06/network-considerations-on-oda-x5-2.html">Network considerations on an ODA X5-2</a> I described a solution where I created a private network to optimize network performance between the components running on an Oracle Database Appliance. I am talking about a Virtualized setup in this article, and rebuilding the second pair of public interfaces to become a private network bond, in order to get a faster connection between the virtual machines.
<br />
In this article I will describe the steps how to create a private network on an ODA X5-2 and configure an additional SCAN-listener for this private network.
<br />
<br />
<h3>
Connect the nodes</h3>
<br />
Let's start by connecting the two nodes of the ODA directly to each other using Cat. 6 Ethernet cables. Make sure that the cables are long enough to route them through the Cable Management Arm. This way you don't have to disconnect the cables when you have to do maintenance on the nodes.<br />
We will use the second pair of interfaces for the configuration of the private network. Connect interfaces net2 and net3 on node0 to net2 and net3 on node1. This will create a 10 Gb network between the two nodes.
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi9v5msfJHomBbN64LpJpZTb0FSCkhBDiZsjkicqfsw2q-gNG4HKN8oP7TGBmGX5rU9z7Mc4Fu4ai3wxLBN5XbJw9khPrkbee5JjNCBeFpPRZgqPAefaqnz_9NIxrR_xp19z5NKPuAmkes/s1600/ODA-Backplane.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="354" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi9v5msfJHomBbN64LpJpZTb0FSCkhBDiZsjkicqfsw2q-gNG4HKN8oP7TGBmGX5rU9z7Mc4Fu4ai3wxLBN5XbJw9khPrkbee5JjNCBeFpPRZgqPAefaqnz_9NIxrR_xp19z5NKPuAmkes/s640/ODA-Backplane.jpg" width="640" /></a></div>
<span style="font-size: 9pt;"><br /></span>
<span style="font-size: 9pt;">Pict. 1 - Oracle Database Appliance X5-2 Back Panel with net2 and net3 on both nodes connected to each other</span>
<br />
<br />
Now actually, you have a private network configured that you can assign to the VM's.
<br />
<br />
<h3>
Configure the interface on the ODA_BASE
</h3>
<br />
In Dom0 the pair of interfaces is known as net2 and is assigned to the ODA_BASE.<br />
Within the ODA_BASE the interface is known as eth1.
<br />
<br />
In this example we will use subnet 192.168.10.0/24 for the private network.
<br />
<br />
Node0 : 192.168.10.10<br />
Node1 : 192.168.10.11
<br />
<br />
There are several ways to assign an IP addresses to eth1 on the ODA_BASE on both nodes.
<br />
<br />
<h3>
Using the Oracle Appliance Manager Configurator
</h3>
<br />
If you are preparing for Oracle Database Appliance Installation and Deployment you configure the interface and ip-address during the deployment. The Oracle Appliance Manager Configurator will guide you through the process.
<br />
<br />
<h4>
Using oakcli
</h4>
<br />
If eth1 is unconfigured, you can use oakcli on the ODA_BASE of both nodes to configure it.<br />
<pre class="brush:bash">oakcli configure additionalnet
</pre>
<br />
Provide Interface Name, DHCP, IP and Netmask
<br />
<br />
<h4>
Manually change the IP address
</h4>
<div>
<br /></div>
<h4>
<strong><span style="font-size: 9pt;">Note. Don't change the primary public IP addresses this way!!!</span></strong></h4>
<strong><span style="font-size: 9pt;">If you need to change the IP Address of the primary public interface, you need to follow the procedure described in <br /><a href="https://support.oracle.com/epmos/faces/DocumentDisplay?id=1504734.1">ODA: How to Change Oracle Database Appliance IP Addresses Post Deployment (Doc ID 1504734.1)</a> on Oracle support.</span>
</strong><br />
<br />
If eth1 is already configured and you want to give it another IP address we can edit the ifcfg-eth1 file on the ODA_BASE of both nodes.
<br />
<br />
On Node0
<br />
<pre class="brush:bash">cd /etc/sysconfig/network-scripts
vi ifcfg-eth1
#auto generated by OAK
DEVICE=eth1
ONBOOT=yes
BOOTPROTO=none
TYPE=ETHERNET
IPADDR=192.168.10.10
NETMASK=255.255.255.0
</pre>
Enable eth1 interface once.<br />
<pre class="brush:bash">ifup eth1</pre>
<br />
The next time the ODA_BASE is restarted, the interface will start automatically with the new address.
<br />
<br />
On Node1<br />
<pre class="brush:bash">cd /etc/sysconfig/network-scripts
vi ifcfg-eth1
#auto generated by OAK
DEVICE=eth1
ONBOOT=yes
BOOTPROTO=none
TYPE=ETHERNET
IPADDR=192.168.10.11
NETMASK=255.255.255.0</pre>
<br />
Enable eth1 interface once.<br />
<pre class="brush:bash">ifup eth1
</pre>
The next time the ODA_BASE is restarted, the interface will start automatically with the new address.
<br />
<br />
Note that the eth1 interface on the ODA_BASE is also known as net2 on the Dom0 and in the GRID infrastructure. Continuing this article I will use the term net2 for the private network.
<br />
<br />
<h3>
Configure an additional SCAN Listener</h3>
<br />
When an ODA is installed and deployed, the Oracle Appliance Manager Configurator configures the SCAN listener on the interface defined as firstnet. Usually this will be net1.<br />
<br />
Now that we have a private network, we wat to be able to use it for connections to the database. So we are going to add a SCAN listener to net2.<br />
<br />
As a guide to creating another SCAN listener I am using <a href="https://support.oracle.com/epmos/faces/DocumentDisplay?id=2101109.1">ODA (Oracle Database Appliance): HowTo Configure Multiple Public Network on GI (Grid Infrastructure) 12c (Doc ID 2101109.1)</a>
<br />
<br />
<h3>
Configure hosts file and DNS
</h3>
<br />
Before you configure the SCAN listeners we are going to add some entries to the /etc/hosts file of the ODA_BASE on both nodes.<br />
After initial deployment, the /etc/hosts file is filled with default values. For example.<br />
<br />
<pre class="brush:bash"># Following added by OneCommand
127.0.0.1 localhost.localdomain localhost
# PUBLIC HOSTNAMES
# PRIVATE HOSTNAMES
192.168.16.27 oda11-priv0.foo.bar oda11-priv0
192.168.16.28 oda12-priv0.foo.bar oda12-priv0
# VIP HOSTNAMES
10.10.1.13 oda11-vip.foo.bar oda11-vip
10.10.1.14 oda12-vip.foo.bar oda12-vip
# NET(0-3) HOSTNAMES
10.10.1.10 oda11.foo.bar oda11
10.10.1.11 oda12.foo.bar oda12
# Below are SCAN IP addresses for reference.
# SCAN_IPS=(10.10.1.7 10.10.1.8)
# ASR entry
141.146.1.169 transport.oracle.com
</pre>
Where 10.10.1.0/24 is the subnet for net1 in this example.
<br />
<br />
Add the VIP hostnames of the newly created private network on net2. <br />
To make things easy, used the same hostname as the public hostname and added -int to it.<br />
<pre class="brush:bash"># INTERNAL HOSTNAMES, ADDED MANUALLY
192.168.10.10 oda11-int.foo.bar oda11-int
192.168.10.11 oda12-int.foo.bar oda12-int
# INTERNAL VIP HOSTNAMES, ADDED MANUALLY
192.168.10.12 oda11-int-vip.foo.bar oda11-int-vip
192.168.10.11 oda12-int-vip.foo.bar oda12-int-vip
</pre>
<br />
Also add the vip addess of the SCAN listener to DNS before you create the new SCAN listener. On an ODA by default there are two ip addresses registered for the SCAN listener, so for the new SCAN listener we will also register two addresses on the private interface.<br />
<pre class="brush:bash">192.168.10.7 oda1-int-scan
192.168.10.8 oda1-int-scan
</pre>
<br />
<h3>
Configure Listener in GI Infrastructure
</h3>
<br />
Logon to the ODA_BASE of node0 as user grid
<br />
<br />
Set environment to GI<br />
<pre class="brush:bash">[grid@oda11 ~]$ . oraenv
ORACLE_SID = [grid] ? +ASM1
The Oracle base has been set to /u01/app/grid
</pre>
<br />
Set interface type to pubic for eth1<br />
<pre class="brush:bash">[grid@oda11 ~]$ oifcfg setif -global eth1/192.168.10.0:public
[grid@odadbsandta01 ~]$ oifcfg getif
eth0 10.10.1.0 global public
ibbond0 192.168.16.0 global cluster_interconnect,asm
eth1 192.168.10.0 global public
</pre>
<br />
Logon to the ODA_BASE of node0 as user root
<br />
<br />
Set environment to GI<br />
<pre class="brush:bash">[root@odadbsandta01 ~]# . oraenv
ORACLE_SID = [root] ? +ASM1
The Oracle base has been set to /u01/app/grid
</pre>
<br />
Add a network and vip addresses to GI<br />
<pre class="brush:bash">[root@oda11 grid]# srvctl add network -netnum 2 -S 192.168.10.0/255.255.255.0/eth1 -w static
[root@oda11 grid]# srvctl add vip -n oda11 -A oda11-int-vip.foo.bar /255.255.255.0 -netnum 2
[root@oda11 grid]# srvctl add vip -n oda12 -A oda12-int-vip.foo.bar/255.255.255.0 -netnum 2
</pre>
<br />
Logon to the ODA_BASE of node0 as user grid
<br />
<br />
Set environment to GI<br />
<pre class="brush:bash">[grid@oda11 ~]$ . oraenv
ORACLE_SID = [grid] ? +ASM1
The Oracle base has been set to /u01/app/grid
</pre>
<br />
Start the newly created vip's
<br />
<pre class="brush:bash">[grid@oda11 ~]$ srvctl start vip -i oda11-int-vip.foo.bar
[grid@oda11 ~]$ srvctl start vip -i oda12-int-vip.foo.bar
</pre>
<br />
Check if vip's are enabled and running on both nodes<br />
<pre class="brush:bash">[grid@oda11 ~]# srvctl status vip -n oda11
VIP oda11-vip.foo.bar is enabled
VIP oda11-vip.foo.bar is running on node: oda11
VIP oda11-int-vip.foo.bar is enabled
VIP oda11-int-vip.foo.bar is running on node: oda11
[grid@oda11 ~]# srvctl status vip -n oda12
VIP oda12-vip.foo.bar is enabled
VIP oda12-vip.foo.bar is running on node: oda12
VIP oda12-int-vip.foo.bar is enabled
VIP oda12-int-vip.foo.bar is running on node: oda12
</pre>
<br />
Add a listener on the net2 interface and start it<br />
<pre class="brush:bash">[grid@oda11 ~]$ srvctl add listener -l INT_LISTENER -p 1521 -netnum 2 -s
[grid@oda11 ~]$ srvctl start listener -l INT_LISTENER
[grid@oda11 ~]$ srvctl status listener
Listener INT_LISTENER is enabled
Listener INT_LISTENER is running on node(s): oda12,oda11
Listener LISTENER is enabled
Listener LISTENER is running on node(s): oda12,oda11
</pre>
<br />
Logon to the ODA_BASE of node0 as user root
<br />
<br />
Set environment to GI<br />
<pre class="brush:bash">[root@odadbsandta01 ~]# . oraenv
ORACLE_SID = [root] ? +ASM1
The Oracle base has been set to /u01/app/grid
</pre>
<br />
Add SCAN and SCAN listener<br />
<pre class="brush:bash">[root@oda11 grid]# srvctl add scan -scanname oda1-int-scan -netnum 2
[root@oda11 grid]# srvctl start scan -netnum 2
[root@oda11 grid]# srvctl add scan_listener -netnum 2 -listener int -endpoints TCP:1521
[root@oda11 grid]# srvctl start scan_listener -netnum 2
</pre>
<br />
<pre class="brush:bash">[grid@oda11 ~]$ srvctl status scan
SCAN VIP scan1 is enabled
SCAN VIP scan1 is running on node oda12
SCAN VIP scan2 is enabled
SCAN VIP scan2 is running on node oda12
[grid@oda11 ~]$ srvctl status scan_listener
SCAN Listener LISTENER_SCAN1 is enabled
SCAN listener LISTENER_SCAN1 is running on node oda12
SCAN Listener LISTENER_SCAN2 is enabled
SCAN listener LISTENER_SCAN2 is running on node oda12
</pre>
<br />
<h3>
Register databases
</h3>
<br />
In normal circumstances the databases should register themselves to the new listener. I have seen this working on an ODA X5-2 running version 12.1.2.4.0.<br />
So normally you are done with the database part.
<br />
<br />
Unfortunately version 12.1.2.6.0 introduced a bug which prevents the registration of the database with the new listener.<br />
The bug is related to bug 19884033 :<br />
ORA-2097 AND ORA-119 ATTEMPTING TO SET LISTENER_NETWORKS PARAMETER BY THE AGENT<br />
Unfortunately the fix for this bug didn't make it to the next release, nor the patchset of version 12.1.2.7.0.<br />
<br />
<b>DO NOT</b> try to install the normal server patchset Patch 19884033!! I have tried this and almost ruined our ODA installation.<br />
Please wait for a patch specifically for the ODA.
<br />
<br />
Waiting for the bugfix, Oracle support supplied the following workaround.<br />
<pre class="brush:bash">ALTER SYSTEM SET listener_networks='((NAME=net2)(LOCAL_LISTENER=(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=<net2_node1_vip>)(PORT=1521)))))','((NAME=net2)(REMOTE_LISTENER=net2_scan:1521))' SCOPE=BOTH SID='<instance1>';
ALTER SYSTEM SET listener_networks='((NAME=net2)(LOCAL_LISTENER=(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=<net2_node2_vip>)(PORT=1521)))))','((NAME=net2)(REMOTE_LISTENER=net2_scan:1521))' SCOPE=BOTH SID='<instance2>';
</pre>
<br />
Login to both the DB instances and run:<br />
<pre class="brush:bash">SQL> alter system register;
</pre>
<br />
I am still working with Oracle support to get a one-off patch for this issue.
<br />
<br />
<h3>
Using the private network
</h3>
<br />
To use the private network, just add another network adapter to the vm or vmtemplate.<br />
<pre class="brush:bash">oakcli configure vm <vm name> -network "['type=netfront,bridge=net1','type=netfront,bridge=net2']"
oakcli configure vmtemplate <vm template name> -network "['type=netfront,bridge=net1','type=netfront,bridge=net2']"
</pre>
<br />
In the VM the interfaces will be present as eth0 and eth1
<br />
<br />
Let's take a look at the pictures I used in the previous blog, which are part of the design as an example.
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh5Iqlp5hXPYu2CGCEMAgtVdcMtTJ1zJlPhU-zWPXBzsxhPBy6hNC6mmxei1_gf4mIKFDecj-czJ10nT1IVUa7_8bu4JTp_FIbiPMYiVQNlT10l3_IxM-hDtT86zgNqmLlLJ97vApcte10/s1600/ODA-net1-net2.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh5Iqlp5hXPYu2CGCEMAgtVdcMtTJ1zJlPhU-zWPXBzsxhPBy6hNC6mmxei1_gf4mIKFDecj-czJ10nT1IVUa7_8bu4JTp_FIbiPMYiVQNlT10l3_IxM-hDtT86zgNqmLlLJ97vApcte10/s1600/ODA-net1-net2.jpg" /></a></div>
In this design I configured the Oracle Traffic Director (OTD) and Fusion Middleware (in this case SOA Suite and MFT) VM's with two interfaces.
<br />
<br />
The OTD is configured to listen on the public interface and routes traffic to the FMW components on the private interface.
<br />
<br />
The FMW components are configured to listen only on the private network. That way all traffic to the FMW components have to come from the OTD. <br />
Also all cluster communication between the FMW components is routed through the private interface.
<br />
<br />
The FMW components route database traffic to and from the ODA_BASE through the private interface.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg2MoD6XSP0aJ3I9_489zXw7pHjdduQ2ZdgSEnRseGn8SCKE7enqxiibd240eRy7cLdtpL4RBKbID02woCRLxTXuGWcDT4VH107X5o7LO0qe65i8H5uZqadU0TgNLZeV_rH5FHJ09GlGz8/s1600/network.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="638" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg2MoD6XSP0aJ3I9_489zXw7pHjdduQ2ZdgSEnRseGn8SCKE7enqxiibd240eRy7cLdtpL4RBKbID02woCRLxTXuGWcDT4VH107X5o7LO0qe65i8H5uZqadU0TgNLZeV_rH5FHJ09GlGz8/s640/network.jpg" width="640" /></a></div>
Note. The public interface on the FMW VM's is only used for SSH.<br />
<br />
<h3>
Summary
</h3>
By creating a private network on an ODA, you are not only able to improve performance. You are also capable of separating traffic from public to private. This creates a real one-box solution and, if implemented correctly, increases security. You are able to hide the back-end systems from the clients. <br />
At customer sites where I have implemented the private network, they are very pleased with the solution.
<br />
<br />
<h3>
Related Documents
</h3>
<br />
<a href="https://docs.oracle.com/cd/E75549_01/index.htm">Oracle Database Appliance Documentation</a><br />
<a href="https://support.oracle.com/epmos/faces/DocumentDisplay?id=1504734.1">ODA: How to Change Oracle Database Appliance IP Addresses Post Deployment (Doc ID 1504734.1)</a><br />
<a href="https://support.oracle.com/epmos/faces/DocumentDisplay?id=2101109.1">ODA (Oracle Database Appliance): HowTo Configure Multiple Public Network on GI (Grid Infrastructure) 12c (Doc ID 2101109.1)</a><br />
<a href="http://www.oracle.com/technetwork/products/clustering/overview/scan-129069.pdf">Oracle White Paper on Oracle Single Client Access Name (SCAN)</a><br />
<a href="https://support.oracle.com/epmos/faces/BugDisplay?parent=DOCUMENT&sourceId=19884033.8&id=19884033">Oracle Support Bug 19884033 : ORA-2097 AND ORA-119 ATTEMPTING TO SET LISTENER_NETWORKS PARAMETER BY THE AGENT</a><br />
<a href="https://technology.amis.nl/2016/06/24/network-considerations-on-an-oda-x5-2/">Network considerations on an ODA X5-2</a>Jaaphttp://www.blogger.com/profile/13814974223890398431noreply@blogger.com24tag:blogger.com,1999:blog-4319366329708683557.post-5268474382764742732016-06-24T11:13:00.000+02:002016-06-25T10:28:26.371+02:00Network considerations on an ODA X5-2When you buy an Oracle Database Appliance (ODA) X5-2 off the shelve, you will get a machine with four times 10Gb copper Ethernet (bonded into two interfaces) for public communication and two 40Gb InfiniBand (bonded into one interface) for interconnect communication between the two ODA_BASE's. You would think that should be more than enough. Well in most cases it is. The interconnect running through InfiniBand is stunning for RAC and the public interface should be enough for most uses.
<br />
<br />
Oracle is doing a great job in selling the ODA X5-2 to their customers. It is a great machine with a lot of capabilities especially when you implement it with a Virtualized Platform Setup. In this configuration an Oracle VM hypervisor is put on top of the hardware and the ODA_BASE is placed in a special virtual machine (VM). The ODA_BASE is primarily used for running all databases and for managing, almost, all aspects of the entire ODA X5-2. Besides this special VM, you can create your own VM's. This gives you the opportunity to make optimal use of the hardware the ODA has to offer and keep track of your licenses. For most of our customers the virtualized ODA provides a one-box solution for their Fusion Middleware (FMW) implementations.
<br />
<br />
<h3>
Experiences
</h3>
One thing I experienced at customers is the network configuration they ordered for their ODA X5-2. Several times the ODA X5-2 was ordered off the shelve without consulting any of the network engineers on what kind of switches they have and what available bandwidth they support. Customers, at least the ones I visit, have more than enough 10Gb fiber interfaces available on their core switches, but 10Gb copper switches are not yet common to them. So they are faces with the fact that their new high performance machine is connected to 1Gb switch ports interfaces.
<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhfVYaqO7hjpznFvJortXZSW999gJHghVPZiNxDhyphenhyphen2gtdS9OBfuptW7nSSR8iCllmr4Xt0An508oQNekC9EPeafo2bS7k-yiTHoikzCQB2addbwcpBunR71Jg-NcQaFChVThJs1yz-IE2w/s1600/ODA-1net.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhfVYaqO7hjpznFvJortXZSW999gJHghVPZiNxDhyphenhyphen2gtdS9OBfuptW7nSSR8iCllmr4Xt0An508oQNekC9EPeafo2bS7k-yiTHoikzCQB2addbwcpBunR71Jg-NcQaFChVThJs1yz-IE2w/s1600/ODA-1net.jpg" /></a></div>
<span id="goog_1936371869"></span><span id="goog_1936371870"></span><br />
<br />
Since all traffic between components, with exception of interconnect traffic, runs through these interfaces. This could potentially cause a performance bottleneck.
<br />
<br />
<h3>
Customer case
</h3>
At a customer where I was asked to setup two ODA's last year this was also the case. They bought two ODA's with the standard configuration. Again the switches at the customer site supported 10Gb on fiber, but not on copper. Their copper switches supported 1Gb only. You can replace the InfiniBand card with a 10Gb fiber card, but this was not ordered and the ODA's where already re-imaged by an Oracle Engineer. Ordering the fiber cards and re-imaging the ODA's would delay the project too much, so I was asked to provide a solution with full bandwidth between the VM's (with clustered FMW products) and the Oracle databases on the ODA_BASE.
<br />
<br />
<h4>
A quick solution was requested
</h4>
I decided to take the second public interface and use it to create a private network within the ODA. This was done by directly connecting the interfaces of the two ODA nodes to each other. This created a 10Gb private network. All traffic between Oracle Traffic Director (OTD) and FMW components and between FMW components (including cluster communication) and the database now runs through that interface.
<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg-A7ugzSpEPwRqMyKxh3akIF3K-O4yCajuL8cnAGRgr8J-o1ykffCsr42zMSk6lShZCperMIKk0rI2uP13T2ByLmhyphenhyphen8T8TPq_Q1nejvk-HLIIfL5dC_SlmyoNERX3jUQS4G9I4LzWNRjg/s1600/ODA-2net.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg-A7ugzSpEPwRqMyKxh3akIF3K-O4yCajuL8cnAGRgr8J-o1ykffCsr42zMSk6lShZCperMIKk0rI2uP13T2ByLmhyphenhyphen8T8TPq_Q1nejvk-HLIIfL5dC_SlmyoNERX3jUQS4G9I4LzWNRjg/s1600/ODA-2net.jpg" /></a></div>
<br />
<br />
This way only the traffic from clients to OTD is going through the public interface.<br />
<br />
Another solution would be to use the InfiniBand interface for this purpose. This would involve installing and configuring InfiniBand drivers, etc. in the VM's. (There is a whitepaper from Oracle about the configuration of InfiniBand on VM's.) This was considered as an option, but the use a normal Ethernet connection was favored because the impact on the VM's is minimal with that configuration.
<br />
<br />
The picture below is part of the design. Just to give you an idea about the flow of traffic. There are more FMW products running on this ODA, hence more traffic.
<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEir_ZzWqXWLloEJXJilGK6kby-gbbYuKCgtpcqWtlvhEb276l0WQJgMzwqsueiOarV31PbhqJUZPiSo0dgb81-4Da9hDfkdo2qiYjPsiCC7efeymMta8jyiIxQzwG8wdHh7ndIdbXp60qk/s1600/FMW+design.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEir_ZzWqXWLloEJXJilGK6kby-gbbYuKCgtpcqWtlvhEb276l0WQJgMzwqsueiOarV31PbhqJUZPiSo0dgb81-4Da9hDfkdo2qiYjPsiCC7efeymMta8jyiIxQzwG8wdHh7ndIdbXp60qk/s1600/FMW+design.jpg" /></a></div>
<br />
All traffic you see in this picture stays within the ODA.
<br />
<br />
A little over a month ago, I was faced with the same issue at a customer where I was asked to install an ODA X5-2 which will be used for JD Edwards.<br />
At this customer I was, again, asked to implement the solution with the private network to optimize performance between the JD Edwards components.
<br />
<br />
And currently I am implementing a third ODA at the customer site I talked about earlier. They now have 10Gb copper switches at their new datacenter so the performance impact on the one interface would be less. However they still asked me to implement the private network configuration. The fact that traffic was not running through their LAN network and connections to the backend components (FMW and Database) are controlled by the OTD was considered an extra benefit.
<br />
<br />
<h3>
Summary
</h3>
Needless to say, it would be best to involve the network engineers as early as possible in the process. Just to make sure your fresh new ODA X5-2 gets the network connection it deserves.
Jaaphttp://www.blogger.com/profile/13814974223890398431noreply@blogger.com0tag:blogger.com,1999:blog-4319366329708683557.post-17914656794193635692016-04-06T15:21:00.001+02:002016-06-29T21:52:07.076+02:00Create an oracledb enabled Node.js application containerIn my previous article, <a data-mce-href="https://technology.amis.nl/2016/04/03/first-setup-connection-node-js-oracle-database/" href="https://technology.amis.nl/2016/04/03/first-setup-connection-node-js-oracle-database/">First setup of a connection from Node.js to an Oracle Database</a>, I demonstrated how to make a connection to a remote database using Node.js and the node-oracledb module. I used a dedicated VM with Linux 7 installed and Oracle Instantclient provided the 12.1 client libraries.
<br />
<br />
Now it's time to take it a step further.<br />
Let's create an application container and just start it multiple time running any .js script and be able to connect to an Oracle database.
<br />
<br />
I will start by demonstrating you how to manually build a Docker image with Node.js and the node-oracledb module. This image can then be used to launch as many application containers as you like. (Depending on your resources off course)
<br />
<br />
For this setup I have installed Docker on an Oracle Linux 7 VM in VirtualBox.
<br />
<br />
<h3>
Create the Docker image manually</h3>
<br />
<h4>
Create a Linux base image</h4>
<br />
Logon as root (or use sudo) on the Oracle Linux VM.<br />
<br />
First we need an operating system for the container.
<br />
<br />
<h4>
Pull docker image of oraclelinux from the Docker hub.</h4>
<pre class="brush:bash">docker pull oraclelinux</pre>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidKHi1QltwzMzgvarHmK5Ooq7KFUV2IlSpmGstjPj0zabv8GpCxGCAr8Ce18XOTlyOQrIb3W1Fa8jJMyeWOpKearDuruRuINAZOPGcFl7A6eEUkaFie2PVSBmkLpJZbMtld6VB-h5R-oA/s1600/Manual1.JPG" imageanchor="1"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidKHi1QltwzMzgvarHmK5Ooq7KFUV2IlSpmGstjPj0zabv8GpCxGCAr8Ce18XOTlyOQrIb3W1Fa8jJMyeWOpKearDuruRuINAZOPGcFl7A6eEUkaFie2PVSBmkLpJZbMtld6VB-h5R-oA/s1600/Manual1.JPG" /></a><br />
<br />
<br />
Now start an interactive Docker container.<br />
<pre class="brush:bash">docker run -ti oraclelinux /bin/bash</pre>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6T_3fXCObK3nBKyi0KWG7-___8gQrTuYf3SBvgLKsW2jj4MwuGrn0tTKavZlVuVzVmeqrODp3YK0CSgYM9RPlmrkGJaYPV5TFf4Ho1S151zq7SgadAUp8gbrG8YT_fh9ZHJvbNUqGhFI/s1600/Manual2.JPG" imageanchor="1"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6T_3fXCObK3nBKyi0KWG7-___8gQrTuYf3SBvgLKsW2jj4MwuGrn0tTKavZlVuVzVmeqrODp3YK0CSgYM9RPlmrkGJaYPV5TFf4Ho1S151zq7SgadAUp8gbrG8YT_fh9ZHJvbNUqGhFI/s1600/Manual2.JPG" /></a><br />
<br />
<br />
Within the container we will creating a non-privileged user and install the required OS packages (including dependencies).<br />
The user can be used to run Node.js scripts in the container without root privileges.<br />
<pre class="brush:bash">useradd nodejs -p '$6$salt$ZjJzVKp5xtoIl7cfXqZe0mQjWeOpsV2pMiIYpWzkR4ExCBpPdT3mi3eXtG1MSawJnZfXFjBcq0UUmenLq1Cj//'</pre>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiM62DmFBtzdaHeBtpgbh6m-pHjq4uaKY46w3mBqZJHGGcVWIN7F5WLdnLDimmafqR_l9nmllxwGrsLBoS0nUd9CzEbLuZpxgDY7l3l-Q2TO5SaA0YjZmZVtpnKc6Ua8qAHQIHTqek9KV4/s1600/Manual3.JPG" imageanchor="1"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiM62DmFBtzdaHeBtpgbh6m-pHjq4uaKY46w3mBqZJHGGcVWIN7F5WLdnLDimmafqR_l9nmllxwGrsLBoS0nUd9CzEbLuZpxgDY7l3l-Q2TO5SaA0YjZmZVtpnKc6Ua8qAHQIHTqek9KV4/s1600/Manual3.JPG" /></a><br />
<br />
<br />
note. I used python to created the encrypted password I used when creating the os user. For your convenience the command:
<br />
<pre class="brush:bash">python -c 'import crypt; print crypt.crypt("Welcome01", "$6$salt$")'</pre>
<br />
<h4>
Install the required OS packages including dependencies</h4>
<pre class="brush:bash">yum -y install unzip libaio gcc-c++ tar make curl</pre>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjKnPD9wocxeSHMAhGbPvaptDlXjIfyfIhzdx0zNXOeG8GRD5muvxLnrTIuMdWUtO019ricpqO76sfns4F40qMIoZZlLUpPTBg3Kh6VG2mvPwwzAbb__r7CR13NQ1CZhvgL_K85A73JtLk/s1600/Manual4.JPG" imageanchor="1"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjKnPD9wocxeSHMAhGbPvaptDlXjIfyfIhzdx0zNXOeG8GRD5muvxLnrTIuMdWUtO019ricpqO76sfns4F40qMIoZZlLUpPTBg3Kh6VG2mvPwwzAbb__r7CR13NQ1CZhvgL_K85A73JtLk/s1600/Manual4.JPG" /></a><br />
<br />
<h4>
Create the base image</h4>
<br />
Exit the container and commit the container to create a base image.<br />
<pre class="brush:bash">exit
docker ps -a
docker commit 51ce97aa511f</pre>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhSLBzVmtFLGbgJcr8YxI56ts7wYGsYJewhZ1pzYabaXXl6Qxtk0f6zdtszGwh1n3ZGIdBm2Z6H0f_H3-M2vQfkp59U1DT36a3C7TcEtHe9IT4i7YxNU4-Tq_zhoHu_4PjcNtU7Lgyxg3U/s1600/Manual5.JPG" imageanchor="1"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhSLBzVmtFLGbgJcr8YxI56ts7wYGsYJewhZ1pzYabaXXl6Qxtk0f6zdtszGwh1n3ZGIdBm2Z6H0f_H3-M2vQfkp59U1DT36a3C7TcEtHe9IT4i7YxNU4-Tq_zhoHu_4PjcNtU7Lgyxg3U/s1600/Manual5.JPG" /></a><br />
<br />
Tag the image to give it a name and version, linux-base:1.0<br />
<pre class="brush:bash">docker images
docker tag 19de63788941 linux-base:1.0
docker images</pre>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEikWIKWZ5iAvxrxKS9Az8gdlMXlfBi7KskXa2jsCFGw-1DfsRR4A0WTXFW_VEez_MHSVA4O867rn_GH8Qwx_GITTadSPPF93PpKNmVoJB-2c2HIV2LCtGUzRlZYUP_5nwlE90Bo_No34O0/s1600/Manual6.JPG" imageanchor="1"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEikWIKWZ5iAvxrxKS9Az8gdlMXlfBi7KskXa2jsCFGw-1DfsRR4A0WTXFW_VEez_MHSVA4O867rn_GH8Qwx_GITTadSPPF93PpKNmVoJB-2c2HIV2LCtGUzRlZYUP_5nwlE90Bo_No34O0/s1600/Manual6.JPG" /></a><br />
<br />
<h4>
Install Oracle Instantclient, Node.js and the node-oracledb module</h4>
<br />
Now that we have a base image, we are going to run a new container based on this image.<br />
I have downloaded the Oracle Instantclient from the OTN site and put them in the /tmp/Downloads directory.
<br />
<br />
instantclient-basic-linux.x64-12.1.0.2.0.zip from <a data-mce-href="http://www.oracle.com/technetwork/topics/linuxx86-64soft-092277.html" href="http://www.oracle.com/technetwork/topics/linuxx86-64soft-092277.html">Oracle OTN</a><br />
instantclient-sdk-linux.x64-12.1.0.2.0.zip from <a data-mce-href="http://www.oracle.com/technetwork/topics/linuxx86-64soft-092277.html" href="http://www.oracle.com/technetwork/topics/linuxx86-64soft-092277.html">Oracle OTN</a>
<br />
<br />
Start an interactive container using the created linux-base image and share the /tmp/Downloads directory using a volume in Docker.<br />
<pre class="brush:bash">docker run -ti -v /tmp/Downloads:/tmp/Downloads linux-base:1.0 /bin/bash</pre>
<br />
<h4>
Install Oracle Instantclient</h4>
<pre class="brush:bash">mkdir /opt/oracle
cd /opt/oracle
unzip -q /tmp/Downloads/instantclient-basic-linux.x64-12.1.0.2.0.zip
unzip -q /tmp/Downloads/instantclient-sdk-linux.x64-12.1.0.2.0.zip
mv instantclient_12_1 instantclient
cd instantclient
ln -s libclntsh.so.12.1 libclntsh.so</pre>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgSOTq6NB3JcwitbJhdcnHMt7RPDir0HYhiLz1MPZtkD2pTHohW_jQy2evNy0bOgHNeict-ODpugaGPBCb_CQUmbqvQrHX5omJPzTvWe7uN-uP_p4ZzCO4RUcdD7kpTbyXQdxILI7V9pPc/s1600/Manual7.JPG" imageanchor="1"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgSOTq6NB3JcwitbJhdcnHMt7RPDir0HYhiLz1MPZtkD2pTHohW_jQy2evNy0bOgHNeict-ODpugaGPBCb_CQUmbqvQrHX5omJPzTvWe7uN-uP_p4ZzCO4RUcdD7kpTbyXQdxILI7V9pPc/s1600/Manual7.JPG" /></a><br />
<br />
<h4>
Install Node.js</h4>
<br />
Use curl to download the Node.js software from <a data-mce-href="https://nodejs.org/en/download/" href="https://nodejs.org/en/download/">nodejs.org</a> and the linux pipe (|) function to pass it to the tar utility which unpacks the software in the /opt/ directory.
<br />
cd /opt<br />
<pre class="brush:bash">curl -sSL https://nodejs.org/dist/v4.4.2/node-v4.4.2-linux-x64.tar.xz | tar -xJC /opt/</pre>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrO2gRko82vy30Y3axmo7aNO_AlNe25CdNBQi3-qwfyTpNALg8prZZ75W6FCCAKS-4s4573qbKUQmQf9q74PUuQtKNwm-xMx0ACXHrOZMDCle9MPPcQIA6uT_e3c-gDguUAT2fo5BUUPw/s1600/Manual8.JPG" imageanchor="1"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrO2gRko82vy30Y3axmo7aNO_AlNe25CdNBQi3-qwfyTpNALg8prZZ75W6FCCAKS-4s4573qbKUQmQf9q74PUuQtKNwm-xMx0ACXHrOZMDCle9MPPcQIA6uT_e3c-gDguUAT2fo5BUUPw/s1600/Manual8.JPG" /></a><br />
<br />
<h4>
Install node-oracledb module</h4>
<br />
The node-oracedb will be installed as global module by the npm (node package manager). Before running npm, set some environment parameters so the node binaries are in the search path and the Oracle libraries can be found.
<br />
<pre class="brush:bash">export PATH=/opt/node-v4.4.2-linux-x64/bin:$PATH
export LD_LIBRARY_PATH=/opt/oracle/instantclient:$LD_LIBRARY_PATH
npm install -g oracledb</pre>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgADES0Wyq6qfZ2M5QSK_FigZeqAw35yCBJQq-Er7QvIUm0jCPXQnkrcwDRyVXUVHJeKQ0O6kLu-fZW2F2Jm4Qsg51MklFLVPel3qm8PISIAiJ12VRJ66xzcBEjZipxv8BMv-_JZNNrDWA/s1600/Manual9.JPG" imageanchor="1"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgADES0Wyq6qfZ2M5QSK_FigZeqAw35yCBJQq-Er7QvIUm0jCPXQnkrcwDRyVXUVHJeKQ0O6kLu-fZW2F2Jm4Qsg51MklFLVPel3qm8PISIAiJ12VRJ66xzcBEjZipxv8BMv-_JZNNrDWA/s1600/Manual9.JPG" /></a><br />
<br />
<h4>
Create the jpoot/node_oracledb image.</h4>
<pre class="brush:bash">exit
docker commit a42c4d9b4434 jpoot/node_oracledb:1.0</pre>
<pre class="brush:bash"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjtrftMnFWGUuJC0SojkBjT3HGpXQSB2tqamBGJ365q9L4kwoXFCrfqJ2ZYiEC27iMN2_X2wA39FZmgmu6Hyi-q_u6yPXxHcM9BziwWEbeakmePjwUfUg9v5o0H1OhuUmJ_3twLv3Tzleo/s1600/Manual11.JPG" imageanchor="1"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjtrftMnFWGUuJC0SojkBjT3HGpXQSB2tqamBGJ365q9L4kwoXFCrfqJ2ZYiEC27iMN2_X2wA39FZmgmu6Hyi-q_u6yPXxHcM9BziwWEbeakmePjwUfUg9v5o0H1OhuUmJ_3twLv3Tzleo/s1600/Manual11.JPG" /></a> </pre>
<br />
<h4>
Testing the created Docker image</h4>
<br />
Now that I have created the Node.js enabled image, I can test the functionality of it.
<br />
<br />
I have downloaded examples scripts from de <a data-mce-href="https://github.com/oracle/node-oracledb/blob/master/examples" href="https://github.com/oracle/node-oracledb/blob/master/examples">node-oracle/examples</a> on Github.
<br />
<br />
Start with running a simple select1.js against an Oracle database. This script connects to the database and selects one row from the Departments table.<br />
I have an Oracle Database 12.1.0.2.0 pluggable database running on a separate VM, with the Oracle example schema's installed in it.
<br />
I need to provide some environment variables to provide the PATH, user, password and connect string for the .js scripts to be able to connect to the database.
<br />
<br />
Create a file called env.list and place the following entries in it.
<br />
<pre class="brush:bash">vi env.list</pre>
<span data-mce-style="font-family: Courier New;" style="font-family: "courier new";"><span data-mce-style="font-size: 10pt;" style="font-size: 10pt;">PATH=/opt/node-v4.4.2-linux-x64/bin:$PATH<br />LD_LIBRARY_PATH=/opt/oracle/instantclient:$LD_LIBRARY_PATH<br />NODE_PATH=/opt/node-v4.4.2-linux-x64/lib/node_modules<br />NODE_ORACLEDB_USER=hr<br />NODE_ORACLEDB_PASSWORD=hr<br />NODE_ORACLEDB_CONNECTIONSTRING=192.168.100.45:1521/fmwdb1.domain.local</span></span><br />
<br />
Explanation of the environment variables
<br />
<br />
PATH - Add the path to the node and npm binaries to the search path<br />
LD_LIBRARY_PATH - Provides the path to the Oracle libraries<br />
NODE_PATH - Provides the path to the global modules of Node.js<br />
NODE_ORACLE_* - Provides the user, password and connect string to the .js scripts. See dbconfig.js for details
<br />
<br />
I know, I know… Putting a plaintext password in a file is not secure. Keep in mind that this is for demonstration purposes only.<br />
Don't do this in any non-demo environment!!!
<br />
<br />
<h3>
Run the container with the necessary parameters.</h3>
<pre class="brush:bash">docker run --rm -u nodejs -w /home/nodejs/examples --env-file ./env.list \
--add-host=db01.domain.local:192.168.100.45 -v /tmp:/home/nodejs/examples \
jpoot/node_oracledb:1.0 node select1.js</pre>
<br />
Let's walk through the parameters of the docker run command I used.
<br />
<br />
<span data-mce-style="font-family: Courier New; font-size: 10pt;" style="font-family: "courier new"; font-size: 10pt;">docker run</span><br />
Main docker command to run the container<br />
<span data-mce-style="font-family: Courier New; font-size: 10pt;" style="font-family: "courier new"; font-size: 10pt;"><br /></span>
<span data-mce-style="font-family: Courier New; font-size: 10pt;" style="font-family: "courier new"; font-size: 10pt;">--rm</span><br />
Remove the container after it has completed<br />
<span data-mce-style="font-family: Courier New; font-size: 10pt;" style="font-family: "courier new"; font-size: 10pt;"><br /></span>
<span data-mce-style="font-family: Courier New; font-size: 10pt;" style="font-family: "courier new"; font-size: 10pt;">-u nodejs</span><br />
User to run within the container<br />
<span data-mce-style="font-family: Courier New; font-size: 10pt;" style="font-family: "courier new"; font-size: 10pt;"><br /></span>
<span data-mce-style="font-family: Courier New; font-size: 10pt;" style="font-family: "courier new"; font-size: 10pt;">-w /home/nodejs/examples</span><br />
Working directory, the container starts in this directory<br />
<span data-mce-style="font-family: Courier New; font-size: 10pt;" style="font-family: "courier new"; font-size: 10pt;"><br /></span>
<span data-mce-style="font-family: Courier New; font-size: 10pt;" style="font-family: "courier new"; font-size: 10pt;">--env-file ./env.list</span><br />
File that contains the environment variables to be provided to the container<br />
<span data-mce-style="font-family: Courier New; font-size: 10pt;" style="font-family: "courier new"; font-size: 10pt;"><br /></span>
<span data-mce-style="font-family: Courier New; font-size: 10pt;" style="font-family: "courier new"; font-size: 10pt;">--add-host=db01.domain.local:192.168.100.4</span>5<br />
Add a host entry for the database server to the /etc/hosts file. This is used because I don't have a DNS server running.<br />
<span data-mce-style="font-family: Courier New; font-size: 10pt;" style="font-family: "courier new"; font-size: 10pt;"><br /></span>
<span data-mce-style="font-family: Courier New; font-size: 10pt;" style="font-family: "courier new"; font-size: 10pt;">-v /tmp:/home/nodejs/examples</span><br />
Add a volume to the container, mapping a local directory to a directory in the running container.<br />
In this case this mounts a directory with the .js scripts I want to run. So you don't have to add the scripts to the image, making it not dependent on script changes.<br />
<span data-mce-style="font-family: Courier New; font-size: 10pt;" style="font-family: "courier new"; font-size: 10pt;"><br /></span>
<span data-mce-style="font-family: Courier New; font-size: 10pt;" style="font-family: "courier new"; font-size: 10pt;">jpoot/node_oracledb:1.0</span><br />
Docker image used as base for the container. In this case it is the image I created earlier.
<span data-mce-style="font-family: Courier New; font-size: 10pt;" style="font-family: "courier new"; font-size: 10pt;">node </span><br />
<span data-mce-style="font-family: Courier New; font-size: 10pt;" style="font-family: "courier new"; font-size: 10pt;"><br /></span>
<span data-mce-style="font-family: Courier New; font-size: 10pt;" style="font-family: "courier new"; font-size: 10pt;">select1.js</span><br />
Command to run in the container. Run node command with the select1.js script.
<br />
<br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh-GIbMIDDHwRwsMN33AuHFURkQcFaV-Lrxm0NB-ZCAlZEqk3VFxJKbXwgSNi_jcObUoYCQrU58oxtSNcSS6zXOZw_QPNCa7c_ZFMzH7nivPiVMGYlhJD-wU7_5d4mzJP2X5eYbP_N_6ZY/s1600/Manual12.JPG" imageanchor="1"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh-GIbMIDDHwRwsMN33AuHFURkQcFaV-Lrxm0NB-ZCAlZEqk3VFxJKbXwgSNi_jcObUoYCQrU58oxtSNcSS6zXOZw_QPNCa7c_ZFMzH7nivPiVMGYlhJD-wU7_5d4mzJP2X5eYbP_N_6ZY/s1600/Manual12.JPG" /></a><br />
<br />
<h3>
YES!!! The scripts ran correctly in the container.</h3>
<br />
<br />
<h3>
And now the easy way</h3>
<br />
In the previous chapters I have created a Docker images that can run Node.js with the capability to connect to an Oracle database.<br />
As you have seen, this involves a lot of manual labor. Manual labor, means greater change of mistakes.
<br />
<br />
So let's automate the way to create this image.
<br />
<br />
In the next steps I will create and use a Dockerfile to automated the creation of the image.
<br />
<br />
A Dockerfile is a text document that contains all the commands a user could call on the command line to assemble an image. Using docker build, users can create an automated build that executes several command-line instructions in succession.
<br />
<br />
See. <a data-mce-href="https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/" href="https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/">Best practices for writing Dockerfiles</a> and <a data-mce-href="https://docs.docker.com/engine/reference/builder/" href="https://docs.docker.com/engine/reference/builder/">Dockerfile reference</a> for more details on the Dockerfile
<br />
<br />
<h4>
Dockerfile</h4>
<br />
Create an empty directory to place the Dockerfile in.<br />
I will use the same Instantclient zip files as previously downloaded.
<br />
<br />
instantclient-basic-linux.x64-12.1.0.2.0.zip<br />
instantclient-sdk-linux.x64-12.1.0.2.0.zip
<br />
<br />
Put these files in the same directory as the Dockerfile for our convenience. (Or create a symlink to the files)
<br />
<pre class="brush:bash">mkdir docker-file
cd docker-file
vi Dockerfile</pre>
<span data-mce-style="font-family: Courier New; font-size: 10pt;" style="font-family: "courier new"; font-size: 10pt;"># Pull Oracle Linux 7 image from Docker hub<br />FROM oraclelinux</span><br />
<span data-mce-style="font-family: Courier New; font-size: 10pt;" style="font-family: "courier new"; font-size: 10pt;"><br /></span><span data-mce-style="font-family: Courier New; font-size: 10pt;" style="font-family: "courier new"; font-size: 10pt;"># Install OS packages<br />RUN yum -y install unzip libaio gcc-c++ tar make curl \<br />&& useradd nodejs -p '$6$salt$ZjJzVKp5xtoIl7cfXqZe0mQjWeOpsV2pMiIYpWzkR4ExCBpPdT3mi3eXtG1MSawJnZfXFjBcq0UUmenLq1Cj//'</span><br />
<span data-mce-style="font-family: Courier New; font-size: 10pt;" style="font-family: "courier new"; font-size: 10pt;"><br /></span><span data-mce-style="font-family: Courier New; font-size: 10pt;" style="font-family: "courier new"; font-size: 10pt;"># Add Node.js<br />RUN curl -sSL https://nodejs.org/dist/v4.4.2/node-v4.4.2-linux-x64.tar.xz \<br />| tar -xJC /opt/</span><br />
<span data-mce-style="font-family: Courier New; font-size: 10pt;" style="font-family: "courier new"; font-size: 10pt;">ENV PATH /opt/node-v4.4.2-linux-x64/bin:$PATH</span>
<span data-mce-style="font-family: Courier New; font-size: 10pt;" style="font-family: "courier new"; font-size: 10pt;"><br /></span><br />
<span data-mce-style="font-family: Courier New; font-size: 10pt;" style="font-family: "courier new"; font-size: 10pt;"># Add Oracle Instantclient<br />ADD instantclient-basic-linux.x64-12.1.0.2.0.zip /tmp/<br />ADD instantclient-sdk-linux.x64-12.1.0.2.0.zip /tmp/</span>
<span data-mce-style="font-family: Courier New; font-size: 10pt;" style="font-family: "courier new"; font-size: 10pt;"><br /></span><br />
<span data-mce-style="font-family: Courier New; font-size: 10pt;" style="font-family: "courier new"; font-size: 10pt;">RUN unzip -q /tmp/instantclient-basic-linux.x64-12.1.0.2.0.zip -d /opt/oracle/ \<br />&& unzip -q /tmp/instantclient-sdk-linux.x64-12.1.0.2.0.zip -d /opt/oracle/ \<br />&& mv /opt/oracle/instantclient_12_1 /opt/oracle/instantclient \<br />&& ln -s /opt/oracle/instantclient/libclntsh.so.12.1 /opt/oracle/instantclient/libclntsh.so\<br />&& rm /tmp/instantclient-*</span>
<span data-mce-style="font-family: Courier New; font-size: 10pt;" style="font-family: "courier new"; font-size: 10pt;"><br /></span><br />
<span data-mce-style="font-family: Courier New; font-size: 10pt;" style="font-family: "courier new"; font-size: 10pt;">ENV LD_LIBRARY_PATH /opt/oracle/instantclient</span>
<span data-mce-style="font-family: Courier New; font-size: 10pt;" style="font-family: "courier new"; font-size: 10pt;"><br /></span><br />
<span data-mce-style="font-family: Courier New; font-size: 10pt;" style="font-family: "courier new"; font-size: 10pt;"># Install the node-oracledb module as global module to Node.js using npm<br />RUN npm install -g oracledb</span>
<span data-mce-style="font-family: Courier New; font-size: 10pt;" style="font-family: "courier new"; font-size: 10pt;"><br /></span><br />
<span data-mce-style="font-family: Courier New; font-size: 10pt;" style="font-family: "courier new"; font-size: 10pt;">ENV NODE_PATH /opt/node-v4.4.2-linux-x64/lib/node_modules</span>
<br />
<br />
<h4>
Build the Docker image</h4>
<br />
From the docker-file directory run the docker build command an tag the created images with a name and version.
<br />
<pre class="brush:bash">docker build -t="jpoot/node_oracledb:1.1" .</pre>
Note. Mind the <strong>.</strong> at the end of the command. It says, build the image using the Dockerfile here.<br />
<br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgnVUPfNI2Uc83bxlWLbRe7GlUb7YwVEQKJevat3XwdoVx_S_hxTSTkrj4Z6s-2ifdQEWG4JRgwF6hnYrXezuwesgh4p20g-pre4_bpgQSwcFiZCcpHltjQ26t4KKIYRvQSLHNR9cQyj9g/s1600/Manual13.JPG" imageanchor="1"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgnVUPfNI2Uc83bxlWLbRe7GlUb7YwVEQKJevat3XwdoVx_S_hxTSTkrj4Z6s-2ifdQEWG4JRgwF6hnYrXezuwesgh4p20g-pre4_bpgQSwcFiZCcpHltjQ26t4KKIYRvQSLHNR9cQyj9g/s1600/Manual13.JPG" /></a><br />
<br />
Skipping the yum install lines ….<br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgh5OH7gy4DOVfWtuXH5SgM-k4BUVj09VqZu_hh11IXX0crk7pu1A0R2eROn6qajCmh02VResWgeNqrqGD_dJzfF1DTt3se9Z4Ok82ZErYXq6i_BQBwY_SnfZkQ464ClWUTsHHUTFoMD4w/s1600/Manual14.JPG" imageanchor="1"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgh5OH7gy4DOVfWtuXH5SgM-k4BUVj09VqZu_hh11IXX0crk7pu1A0R2eROn6qajCmh02VResWgeNqrqGD_dJzfF1DTt3se9Z4Ok82ZErYXq6i_BQBwY_SnfZkQ464ClWUTsHHUTFoMD4w/s1600/Manual14.JPG" /></a><br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgM38O-yFq8Hkfmiu23YunrCOC1iqYm8T2RDTAB_bOZ-c8-_v3ghcjn46hr0dkx_csBTdxccC4gQN4361xLniRheLJVydm-9Nh1JKnAbhZ_nUMdrOMXO9450O1Lq4WX2wvRbc9JGVbKvtA/s1600/Manual15.JPG" imageanchor="1"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgM38O-yFq8Hkfmiu23YunrCOC1iqYm8T2RDTAB_bOZ-c8-_v3ghcjn46hr0dkx_csBTdxccC4gQN4361xLniRheLJVydm-9Nh1JKnAbhZ_nUMdrOMXO9450O1Lq4WX2wvRbc9JGVbKvtA/s1600/Manual15.JPG" /></a><br />
<br />
Within two minutes I have a fully functional Docker image ready. <span data-mce-style="font-family: Wingdings;" style="font-family: "wingdings";">J</span>
<br />
<pre class="brush:bash">docker images</pre>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiZ0XqKpNiwSmwOKeuhyKIiRVKl42DNs1jVXbscTSh1SZiO1YxA1-yLl2MdlEqchhjCq_jLEnaiqMfq1T9ANI6fMPIFwyslwtGolR8f6i0Fw_ZGOcAScminK_5CDynWIUvPFMw1QdgKKq0/s1600/Manual16.JPG" imageanchor="1"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiZ0XqKpNiwSmwOKeuhyKIiRVKl42DNs1jVXbscTSh1SZiO1YxA1-yLl2MdlEqchhjCq_jLEnaiqMfq1T9ANI6fMPIFwyslwtGolR8f6i0Fw_ZGOcAScminK_5CDynWIUvPFMw1QdgKKq0/s1600/Manual16.JPG" /></a><br />
<br />
Now let's see if the image works.
<br />
<br />
Remove the PATH, LD_LIBRARY_PATH and NODE_PATH from the env.list.<br />
These environment variables where already provided in the Dockerfile.
<br />
<pre class="brush:bash">docker run --rm -u nodejs -w /home/nodejs/examples --env-file ./env.list \
--add-host=db01.domain.local:192.168.100.45 -v /tmp:/home/nodejs/examples \
jpoot/node_oracledb:1.1 node select1.js</pre>
<br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgEXxYhgcF59D60UTuPA58Pf6nbR79VHVJtcmEc0l7ypXp30hEsAQ5KV2lJrf3X2Ci4hNJr0w54iMM9nNJ1NaVuz3C-fY7O3T_XjoSY_ZzGcxbypDuJtpvMgFpozWudku2MNhanUq7b_D4/s1600/Manual17.JPG" imageanchor="1"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgEXxYhgcF59D60UTuPA58Pf6nbR79VHVJtcmEc0l7ypXp30hEsAQ5KV2lJrf3X2Ci4hNJr0w54iMM9nNJ1NaVuz3C-fY7O3T_XjoSY_ZzGcxbypDuJtpvMgFpozWudku2MNhanUq7b_D4/s1600/Manual17.JPG" /></a><br />
<h3>
<br />
Yeah, it works as expected!!!</h3>
<br />
To test the functionality I used Node.js to run a sql script. The same Docker image can be used to run other .js scripts. As another example, run a simple webserver.<br />
<pre class="brush:bash">docker run -d -u nodejs -w /home/nodejs/examples -p 80:3000/tcp -v /tmp:/home/nodejs/examples
jpoot/node_oracledb:1.1 node http.js</pre>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIjqszlegf_tMvZny_0qfpH3L6OnIWJVWPnLQjFxW85qY_BExKM03EWVAfbaoVWxc4MVZ4W21QiqEPrbnuZfSB8xkyaZnkK-6GWv61HIaB9ilhTsCCDyYGBrV6J_Vf03c6Hswyd90TfEU/s1600/Manual18.JPG" imageanchor="1"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIjqszlegf_tMvZny_0qfpH3L6OnIWJVWPnLQjFxW85qY_BExKM03EWVAfbaoVWxc4MVZ4W21QiqEPrbnuZfSB8xkyaZnkK-6GWv61HIaB9ilhTsCCDyYGBrV6J_Vf03c6Hswyd90TfEU/s1600/Manual18.JPG" /></a><br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhMv0EEkfaDnSb3tDfu_vlGJ33D_NlJiaBs9gzVOe8S1aetpBH9wt3pYQftOimycp72W_Zb42aV0uCqfAZ6mMXbYk0iKze7j4nDpl2TrP_hzzXJEYfanfSYkRjt3vFNVSBfBq3zbmXF6T4/s1600/Manual19.JPG" imageanchor="1"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhMv0EEkfaDnSb3tDfu_vlGJ33D_NlJiaBs9gzVOe8S1aetpBH9wt3pYQftOimycp72W_Zb42aV0uCqfAZ6mMXbYk0iKze7j4nDpl2TrP_hzzXJEYfanfSYkRjt3vFNVSBfBq3zbmXF6T4/s1600/Manual19.JPG" /></a><br />
<br />
Btw. Don't forget to kill this running container when you're done.
<br />
<pre class="brush:bash">docker kill <container id></pre>
<h3>
Remarks</h3>
<br />
In this article I have shown you two ways to create a Docker image Node.js with a functional node-oracledb module.<br />
There is now right or wrong way to create the image. It is however much easier to use the Dockerfile method. It is fast, easy and prevents human errors. Also, if you want to add modules or functionality to the image just add the commands to the Dockerfile and create a new image in a couple of minutes.
<br />
<br />
<h3>
Sources and references</h3>
<br />
<a data-mce-href="https://nodejs.org/en/download/" href="https://nodejs.org/en/download/" target="_blank">nodejs.org</a><br />
<a data-mce-href="https://github.com/oracle/node-oracledb" href="https://github.com/oracle/node-oracledb" target="_blank">node-oracledb on Github</a><br />
<a data-mce-href="http://www.oracle.com/technetwork/topics/linuxx86-64soft-092277.html" href="http://www.oracle.com/technetwork/topics/linuxx86-64soft-092277.html">Oracle Instant Client on OTN</a><br />
<a data-mce-href="https://technology.amis.nl/2016/04/03/first-setup-connection-node-js-oracle-database/" href="http://www.fmwadmin.com/2016/04/first-setup-of-connection-from-nodejs.html" target="_blank">First setup of a connection from Node.js to an Oracle Database</a><br />
<a data-mce-href="https://technology.amis.nl/2016/04/01/running-node-oracledb-the-oracle-database-driver-for-node-js-in-the-pre-built-vm-for-database-development" href="https://technology.amis.nl/2016/04/01/running-node-oracledb-the-oracle-database-driver-for-node-js-in-the-pre-built-vm-for-database-development" target="_blank">Running node-oracledb - the Oracle Database Driver for Node.js - in the Pre Built VM for Database Development</a>Jaaphttp://www.blogger.com/profile/13814974223890398431noreply@blogger.com3tag:blogger.com,1999:blog-4319366329708683557.post-41766553854464328252016-04-03T21:59:00.000+02:002016-04-03T21:59:26.028+02:00First setup of a connection from Node.js to an Oracle DatabaseIn this article I will demonstrate how to make a connection to a remote Oracle database from Node.js running on linux 7. We will be using the node-oracledb module to accomplish this. My colleague Lucas Jellema gave a great explanation about this module in his recent article <a href="https://technology.amis.nl/2016/04/01/running-node-oracledb-the-oracle-database-driver-for-node-js-in-the-pre-built-vm-for-database-development/" target="_blank">Running node-oracledb - the Oracle Database Driver for Node.js - in the Pre Built VM for Database Development</a><br />
<br />
As described in that article, the node-oracldb module is depending on the Oracle 11.2 or 12.1 client libraries. So you need to install a full Oracle client, local database or the Oracle Instant Client. I will be using the Oracle Instant Client since it is small and easy to install.
<br />
<br />
<h3>
Why Linux 7?</h3>
As of Node.js 4 the compiler must support C++11.<br />
This is not included in the default compiler on Linux 6. You can either install another compiler or use Linux 7.
<br />
<br />
<h3>
Setup</h3>
In this article I will be using the following setup.<br />
<br />
Oracle Linux 7 VM on VirtualBox<br />
Node.js 4.4.2 (64-bits)<br />
node-oracledb 1.8<br />
Oracle Instantclient 12.1.0.2.0
<br />
<br />
<h4>
OS prerequisites</h4>
unzip<br />
libaio<br />
gcc-c++<br />
<br />
Use yum to install the OS prerequisites.<br />
<pre class="brush:bash">yum install unzip libaio gcc-c++</pre>
<br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjQLgsqE6pKkiARYSYKVjyTy6iMX2KhrX8drsCh-V-vYhD4BXaTXDPTvQH9VqnMpLijQ6wLv9a3uexVlZwf-_CCXnWntvLWecnHSsJXcXe3a0H0VGOw9Su5vyF8CVdQh4zR3Qi30u105LI/s1600/Firststeps1.png" imageanchor="1"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjQLgsqE6pKkiARYSYKVjyTy6iMX2KhrX8drsCh-V-vYhD4BXaTXDPTvQH9VqnMpLijQ6wLv9a3uexVlZwf-_CCXnWntvLWecnHSsJXcXe3a0H0VGOw9Su5vyF8CVdQh4zR3Qi30u105LI/s1600/Firststeps1.png" /></a><br />
<br />
On another VM, I have an Oracle Database 12.1.0.2.0 pluggable database running.
<br />
<br />
<h4>
Download the components</h4>
<a href="https://nodejs.org/dist/v4.4.2/node-v4.4.2-linux-x64.tar.xz">node-v4.4.2-linux-x64.tar.xz</a> from <a href="https://nodejs.org/en/download/">nodejs.org</a><br />
instantclient-basic-linux.x64-12.1.0.2.0.zip from <a href="http://www.oracle.com/technetwork/topics/linuxx86-64soft-092277.html">Oracle OTN</a><br />
instantclient-sdk-linux.x64-12.1.0.2.0.zip from <a href="http://www.oracle.com/technetwork/topics/linuxx86-64soft-092277.html">Oracle OTN</a><br />
node-oracledb will be installed via node package manager, npm<br />
<br />
Put the files in the /tmp directory of the VM using any sftp tool you like.<br />
<br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiZavnYVAGqFhABoXjU-uUDRty5TTpA-RyU9BffTytSyz6HyKxlP2HW_rDrRamvgPDgq3L4yiH3U5BL6onwBh4MzOS1U3SDGq_8T0Lxa-KTcUIUXXeXWLxofRnINngTV8x1Rfy31KcFC2c/s1600/Firststeps2.png" imageanchor="1"><img border="0" height="50" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiZavnYVAGqFhABoXjU-uUDRty5TTpA-RyU9BffTytSyz6HyKxlP2HW_rDrRamvgPDgq3L4yiH3U5BL6onwBh4MzOS1U3SDGq_8T0Lxa-KTcUIUXXeXWLxofRnINngTV8x1Rfy31KcFC2c/s320/Firststeps2.png" width="320" /></a><br />
We will remove them when we are done.
<br />
<br />
<h4>
Installing components</h4>
Logon as root (or use sudo)
<br />
<br />
<h4>
Install Node.js</h4>
<pre class="brush:bash">cd /opt
tar -Jxf /tmp/node-v4.4.2-linux-x64.tar.xz</pre>
<br />
<h4>
Install Oracle instant client</h4>
<pre class="brush:bash">mkdir /opt/oracle
cd /opt/oracle
unzip -q /tmp/instantclient-basic-linux.x64-12.1.0.2.0.zip
unzip -q /tmp/instantclient-sdk-linux.x64-12.1.0.2.0.zip</pre>
<br />
Rename the directory so we don't have to tell the installer where to find the OCI libraries, etc...<br />
If you install the Oracle Instant Client in another location, you will have to set two environment variables, OCI_LIB_DIR and OCI_INC_DIR before installing th oracledb module. See <a href="https://github.com/oracle/node-oracledb/blob/master/INSTALL.md" target="_blank">INSTALL.md on Github</a> for more details about this.
<br />
<br />
<pre class="brush:bash">mv instantclient_12_1 instantclient
cd instantclient
ln -s libclntsh.so.12.1 libclntsh.so</pre>
<pre class="brush:bash"></pre>
<pre class="brush:bash"></pre>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4p4-HwvysNBToYZMhttwsAazvNJPPb6-cn8FWO0vF_Xx2wZUP_doJFQu3yctKf0S8C855G0yn3HviKLHBGW7Za3jktU4BsgJd4elesiaCLg2GRc3ZBBqCLe_CV9iLIRGQeeQOAl-nIXU/s1600/Firststeps3.png" imageanchor="1"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4p4-HwvysNBToYZMhttwsAazvNJPPb6-cn8FWO0vF_Xx2wZUP_doJFQu3yctKf0S8C855G0yn3HviKLHBGW7Za3jktU4BsgJd4elesiaCLg2GRc3ZBBqCLe_CV9iLIRGQeeQOAl-nIXU/s1600/Firststeps3.png" /></a><br />
<br />
Remove files from /tmp
<br />
<pre class="brush:bash">rm /tmp/instantclient-* node-v4.4.2-linux-x64.tar.xz</pre>
<br />
<h4>
Install oracledb module</h4>
You can choose to install the module local to the user of global for the system.<br />
If you install it local to the user, you don't need to be a privileged user. You can choose any user you need to run Node.js.<br />
For this demonstration I created a user called nodejs and will install the module local to the user.<br />
<br />
Logon as user nodejs
<br />
<br />
<h4>
Set environment variables</h4>
<pre class="brush:bash">export PATH=/opt/node-v4.4.2-linux-x64/bin:$PATH
export LD_LIBRARY_PATH=/opt/oracle/instantclient:$LD_LIBRARY_PATH
npm install oracledb</pre>
<pre class="brush:bash"></pre>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEju5ZBTb8-4_fkJSLJndvhzmq6oA-olEV-xaoqCt_sHonoDd5iAqmLyB6af60vXj2usNZFKeV7QMNNb-ngug79IZnb0mK9N1hOEpKVLy54Jn4_5LRY7vPjkjE1y17zXCofPAd5wKGH-Bdk/s1600/Firststeps4.png" imageanchor="1"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEju5ZBTb8-4_fkJSLJndvhzmq6oA-olEV-xaoqCt_sHonoDd5iAqmLyB6af60vXj2usNZFKeV7QMNNb-ngug79IZnb0mK9N1hOEpKVLy54Jn4_5LRY7vPjkjE1y17zXCofPAd5wKGH-Bdk/s1600/Firststeps4.png" /></a><br />
<br />
The module is created in /home/nodejs/node_modules<br />
<br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDDKQE-fUHDjH0hLuyDpmgx8EbOPgBcj9e6g0f5pJ0ygIUBZj5ox8_CWYoRg6Tw815iRDRk6nc7yyGBM9LX1Y6ELZT0O2C96TMrS2_EOiv4gUqQRVH13f5a5-YhSezZMLwf9OhAKIsH_U/s1600/Firststeps5.png" imageanchor="1"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDDKQE-fUHDjH0hLuyDpmgx8EbOPgBcj9e6g0f5pJ0ygIUBZj5ox8_CWYoRg6Tw815iRDRk6nc7yyGBM9LX1Y6ELZT0O2C96TMrS2_EOiv4gUqQRVH13f5a5-YhSezZMLwf9OhAKIsH_U/s1600/Firststeps5.png" /></a><br />
<br />
<h3>
Test the module</h3>
On Github there are several example scripts available for use with the node-oracledb module. See. <a href="https://github.com/oracle/node-oracledb/tree/master/examples%20%20">node-oracledb examples</a><br />
Download dbconfig.js and select1.js for a test of a db connection.<br />
You can either change the dbconfig.js to match you db connection or set some environment variables.<br />
<br />
<pre class="brush:bash">export=NODE_ORACLEDB_USER=hr
export NODE_ORACLEDB_PASSWORD=hr
export NODE_ORACLEDB_CONNECTIONSTRING=db01.domain.local:1521/fmwdb1.domain.local</pre>
<br />
Run the select1.js<br />
<br />
This will perform a simple query on the departments table from the HR sample schema.<br />
<br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiGZCDSy87sMeOuFubslgFtvhxg5Bvp2Ed36nRqGub6gOOw5U5iGj1xylT1CzAYh4jmkQHbkZ3-aPrdclrl1q3uhaPwZLf8HDLpQb3neARJmG8yd_mEjEwuPyx0ML4iaqIihClN2C5ntwA/s1600/Firststeps6.png" imageanchor="1"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiGZCDSy87sMeOuFubslgFtvhxg5Bvp2Ed36nRqGub6gOOw5U5iGj1xylT1CzAYh4jmkQHbkZ3-aPrdclrl1q3uhaPwZLf8HDLpQb3neARJmG8yd_mEjEwuPyx0ML4iaqIihClN2C5ntwA/s1600/Firststeps6.png" /></a><br />
<br />
<h3>
Some remarks</h3>
<div>
<br /></div>
<h4>
Set the environment variables permanent.</h4>
You can set the environment variables permanently for either the specific user or system wide.<br />
Place them in the .bash_profile of the user that will run Node.js or create a .sh file in /etc/profile.d so the environment variables are set at logon for every user.
<br />
<br />
<h4>
Install oracledb module global and set additional environment variable.</h4>
<pre class="brush:bash">npm install -g oracledb</pre>
Set the environment variable NODE_PATH so Node.js knows where to find the modules.<br />
export NODE_PATH=/opt/node-v4.4.2-linux-x64/lib/node_modules<br />
<br />
<h3>
Sources and references</h3>
<div>
<br /></div>
<a href="https://nodejs.org/en/download/">nodejs.org
</a><a href="https://github.com/oracle/node-oracledb" target="_blank">node-oracledb on Github </a><br />
<a href="http://oracle%20otn/" target="_blank">Oracle Instant Client on OTN </a><br />
<a href="https://technology.amis.nl/2016/04/01/running-node-oracledb-the-oracle-database-driver-for-node-js-in-the-pre-built-vm-for-database-development/" target="_blank">Running node-oracledb - the Oracle Database Driver for Node.js - in the Pre Built VM for Database Development</a>Jaaphttp://www.blogger.com/profile/13814974223890398431noreply@blogger.com5tag:blogger.com,1999:blog-4319366329708683557.post-37496554542365948072015-06-04T08:09:00.003+02:002015-06-04T08:11:32.685+02:00Presenting at OGH DBA / Middleware day 2015Deliver my presentation "Dynamically scale Weblogic in a private Cloud" on the OGH DBA / Middleware day 2015 today at 13:15.<br />
<div>
<br /></div>
Jaaphttp://www.blogger.com/profile/13814974223890398431noreply@blogger.com0tag:blogger.com,1999:blog-4319366329708683557.post-29310771491397518152015-04-10T09:35:00.001+02:002015-06-08T15:09:54.420+02:00Creating and scaling Dynamic Clusters using wlstIn my previous article, <a href="http://www.fmwadmin.com/2015/04/creating-and-scaling-dynamic-clusters.html" target="_blank">Creating and scaling Dynamic Clusters in Weblogic 12c</a>, I described the creation and scaling of Dynamic Clusters. I used the Weblogic Console to create the Dynamic Clusters and change the number of servers.<br />
<br />
Most of the time you will use some wlst scripting to create and manage your Weblogic environments.<br />
In this article I will show you how to create Dynamic Clusters en how you can scale them.<br />
<br />
The example scripts from the <a href="https://docs.oracle.com/middleware/1213/wls/CLUST/dynamic_clusters.htm#CLUST721" target="_blank">Oracle documentation</a> where used as base for the following script.<br />
It is just a simple create script to show you how easy it is to create a Dynamic Cluster via wlst. So no fancy functions and exception handling in there. Yet ...<br />
<br />
createDynamicCluster.py<br />
<pre class="brush:python">print '--- Set properties for dynamic Cluster creation'
clusterName='dyna-cluster'
serverTemplate='dyna-server-Template'
serverNamePrefix='dyna-server-'
listenAddress='192.168.100.4${id}'
listenPort=8000
listenPortSSL=9000
maxServerCount=2
print '--- Connect to the AdminServer'
try:
connect('weblogic','Welcome01','t3://hostname.domain.local:7001')
except err:
print "--- Can't connect to AdminServer, "+err
sys.exit(2)
print '--- Start an edit session'
edit()
startEdit()
print '--- Creating the server template '+serverTemplate+' for the dynamic servers and set the attributes'
dynamicServerTemplate=cmo.createServerTemplate(serverTemplate)
dynamicServerTemplate.setListenAddress(listenAddress)
dynamicServerTemplate.setListenPort(listenPort)
dynamicServerTemplateSSL=dynamicServerTemplate.getSSL()
dynamicServerTemplateSSL.setListenPort(listenPortSSL)
print '--- Creating the dynamic cluster '+clusterName+', set the number of dynamic servers and designate the server template to it.'
dynamicCluster=cmo.createCluster(clusterName)
dynamicServers=dynamicCluster.getDynamicServers()
dynamicServers.setMaximumDynamicServerCount(maxServerCount)
dynamicServers.setServerTemplate(dynamicServerTemplate)
print '--- Designating the Cluster to the ServerTemplate'
dynamicServerTemplate.setCluster(dynamicCluster)
print '--- Set the servername prefix to '+serverNamePrefix
dynamicServers.setServerNamePrefix(serverNamePrefix)
print '--- Set Calculate Listen Port and Machinename based on server template'
dynamicServers.setCalculatedMachineNames(true)
dynamicServers.setCalculatedListenPorts(true)
print '--- Save and activate the changes'
save()
activate()
serverConfig()
</pre>
<br />
<br />
Running the script with wlst will produce the following output and will create a Dynamic Cluster with two Dynamic Servers.<br />
<br />
<pre class="brush:bash">[oracle@wls01 ~]$ ${WL_HOME}/common/bin/wlst.sh createDynamicCluster.py
Initializing WebLogic Scripting Tool (WLST) ...
Welcome to WebLogic Server Administration Scripting Shell
Type help() for help on available commands
--- Set properties for dynamic Cluster creation
--- Connect to the AdminServer
Connecting to t3://wls01.domain.local:7001 with userid weblogic ...
Successfully connected to Admin Server "AdminServer" that belongs to domain "demo_domain".
Warning: An insecure protocol was used to connect to the
server. To ensure on-the-wire security, the SSL port or
Admin port should be used instead.
Start an edit session
Location changed to edit tree. This is a writable tree with
DomainMBean as the root. To make changes you will need to start
an edit session via startEdit().
For more help, use help('edit')
Starting an edit session ...
Started edit session, please be sure to save and activate your
changes once you are done.
--- Creating the server template dyna-server-Template for the dynamic servers and set the attributes
--- Creating the dynamic cluster dyna-cluster, set the number of dynamic servers and designate the server template to it.
--- Designating the Cluster to the ServerTemplate
--- Set the servername prefix to dyna-server-
--- Set Calculate Listen Port and Machinename based on server template
--- Save and activate the changes
Saving all your changes ...
Saved all your changes successfully.
Activating all your changes, this may take a while ...
The edit lock associated with this edit session is released
once the activation is completed.
Activation completed
</pre>
<br />
As you might expect, it is way faster than clicking through the Weblogic Console.<br />
<br />
<br />
Next step will be to scale the Dynamic Cluster up to four Dynamic Servers.<br />
<br />
scaleDynamicCluster.py<br />
<pre class="brush:python">print '--- Set properties for dynamic Cluster creation'
clusterName='dyna-cluster'
maxServerCount=4
print '--- Connect to the AdminServer'
try:
connect('weblogic','Welcome01','t3://wls01.domain.local:7001')
except err:
print "Can't connect to AdminServer, "+err
sys.exit(2)
print '--- Start an edit session'
edit()
startEdit()
print '--- Change the maximum number of dynamic servers'
cd('/Clusters/%s' % clusterName )
dynamicServers=cmo.getDynamicServers()
dynamicServers.setMaximumDynamicServerCount(maxServerCount)
print '--- Save and activate the changes'
save()
activate()
serverConfig()
</pre>
<br />
Running the script with wlst will produce the following output and will scale up to four Dynamic Servers.<br />
<pre class="brush:bash">[oracle@wls01 ~]$ ${WL_HOME}/common/bin/wlst.sh scaleDynamicCluster.py
Initializing WebLogic Scripting Tool (WLST) ...
Welcome to WebLogic Server Administration Scripting Shell
Type help() for help on available commands
--- Set properties for dynamic Cluster creation
--- Connect to the AdminServer
Connecting to t3://wls01.domain.local:7001 with userid weblogic ...
Successfully connected to Admin Server "AdminServer" that belongs to domain "demo_domain".
Warning: An insecure protocol was used to connect to the
server. To ensure on-the-wire security, the SSL port or
Admin port should be used instead.
--- Start an edit session
Location changed to edit tree. This is a writable tree with
DomainMBean as the root. To make changes you will need to start
an edit session via startEdit().
For more help, use help('edit')
Starting an edit session ...
Started edit session, please be sure to save and activate your
changes once you are done.
--- Change the maximum number of dynamic servers
--- Save and activate the changes
Saving all your changes ...
Saved all your changes successfully.
Activating all your changes, this may take a while ...
The edit lock associated with this edit session is released
once the activation is completed.
Activation completed
</pre>
<br />
As mentioned before, the scripts are very limited and just show you how easy it is to create Dynamic Clusters using wlst. The scripts can be made as comprehensive as you need (want) them to be.<br />
I will create some more examples and post them as I get them ready.<br />
<br />
Imagine the possibilities when you create scripts you can connect to your monitoring system. Capacity on demand!<br />
<br />Jaaphttp://www.blogger.com/profile/13814974223890398431noreply@blogger.com4tag:blogger.com,1999:blog-4319366329708683557.post-40911039042611215142015-04-07T08:57:00.001+02:002015-04-07T08:57:29.092+02:00Creating and scaling Dynamic Clusters in Weblogic 12cIntroduced in Weblogic 12.1.2, dynamic clusters is a great feature to scale your private cloud.<br />
Dynamic clusters provides you easy scaling of Weblogic clusters by adding and removing managed server instances on demand. They contain one or more dynamic servers. These dynamic servers are based on a single servertemplate that guarantees that every member of the cluster is exactly the same.<br />
<br />
<h3>
Creating Dynamic Clusters</h3>
<div>
<br /></div>
<div>
Let's take a look at some of the possibilities as we create a dynamic cluster.</div>
<br />
I have created a virtualbox environment.<br />
This environment consists of four VM's with the following specs.<br />
<br />
<ul>
<li>2 vCPU's</li>
<li>4 Gb memory</li>
<li>50 Gb disk</li>
</ul>
<ul>
<li>Oracle Linux 6.6</li>
<li>Java 1.7.0_75</li>
<li>Weblogic 12.1.3.0.2</li>
</ul>
<br />
I created a simple domain called demo_domain with only an AdminServer and four machines.<br />
After unpacking the domain to the four servers, the nodemanagers where started and are reachable by the AdminServer.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjh8haZSkqAlejnXKUe0dtFTqgjKlN5ZHqajEaYPU-lU-8VfRSjpsYgDzIWmaKeCYwlrnwEGFeQwKXUvWNoSL-hX6qzeLb1DVU0jybDELFkQicNYjDEHL3yMpZX1Ot9bSqKKah3_elCdSg/s1600/Domain-pic1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjh8haZSkqAlejnXKUe0dtFTqgjKlN5ZHqajEaYPU-lU-8VfRSjpsYgDzIWmaKeCYwlrnwEGFeQwKXUvWNoSL-hX6qzeLb1DVU0jybDELFkQicNYjDEHL3yMpZX1Ot9bSqKKah3_elCdSg/s1600/Domain-pic1.png" height="323" width="640" /></a></div>
<br />
Now let go through the process of creating a dynamic cluster.<br />
<br />
Open the Weblogic Console and navigate to Environment -> Clusters<br />
Lock and Edit the domain in the Change Center<br />
<span style="font-size: xx-small;">note. I make it a good practice always creating a domain in production mode, even in Development and Test.</span><br />
<br />
Create a new dynamic cluster<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhROgoUY0gYMPExob_TAx_7BB6N_ZrzDYRPa0wQXV6QIaDg6HsCCylYmz9_aWr28aNeU_pJ_91Jcjm5Rvxr9oJXt3Vt4PMmrl9Pkqc4YcP5OpgOYhU-ce3b7O6DHW6K3IJHcGQO2_2YKyE/s1600/Domain-cap1.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhROgoUY0gYMPExob_TAx_7BB6N_ZrzDYRPa0wQXV6QIaDg6HsCCylYmz9_aWr28aNeU_pJ_91Jcjm5Rvxr9oJXt3Vt4PMmrl9Pkqc4YcP5OpgOYhU-ce3b7O6DHW6K3IJHcGQO2_2YKyE/s1600/Domain-cap1.JPG" height="477" width="640" /></a></div>
New -> Dynamic Cluster<br />
<br />
Provide the Clustername<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEit4CJBvDOAEpVEvHLdEUhR13DW_WU5bsQzBbQOzlCx5UVnTb375tgEUHIBupCMsxNUGH05KbaYNdsVnXHTuyTnDwb-Nv_rytMGpJicKYQOpguxMBfb4inEDi4ECqpVz6gNh_5BuwQvWT4/s1600/Domain-cap2.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEit4CJBvDOAEpVEvHLdEUhR13DW_WU5bsQzBbQOzlCx5UVnTb375tgEUHIBupCMsxNUGH05KbaYNdsVnXHTuyTnDwb-Nv_rytMGpJicKYQOpguxMBfb4inEDi4ECqpVz6gNh_5BuwQvWT4/s1600/Domain-cap2.JPG" height="387" width="640" /></a></div>
Cluster name: dyna-cluster<br />
Click Next<br />
<br />
We will start of with a cluster containing two dynamic servers.<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjgSsHtV8jLaKqp4IIDUmbAWaH3wWapAx9np1KgDt2MV47BOYLkuVBJ6Iq7Au2XNkHiIY8mPTZ0Mion_KXMRQvu-6aPUoaxwrK6S9nWLSFCNDznf0Z2Kp_8RRfph3sKXWIP9wgGglHDFC4/s1600/Domain-cap3.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjgSsHtV8jLaKqp4IIDUmbAWaH3wWapAx9np1KgDt2MV47BOYLkuVBJ6Iq7Au2XNkHiIY8mPTZ0Mion_KXMRQvu-6aPUoaxwrK6S9nWLSFCNDznf0Z2Kp_8RRfph3sKXWIP9wgGglHDFC4/s1600/Domain-cap3.JPG" height="356" width="640" /></a></div>
Number of Synamic Servers: 2<br />
Server Name Prefix: dyna-server-<br />
Click Next<br />
<br />
For this demo all machines will take part.<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJUmF144Mwolw2u5ozra28noLnG-p0QcninAG_cvqTlLqmcueOLPWpk5qBrwRWAAas_LCI_nKJed0jZZ9vlSqoN3LpQ58JoNcyoGi_tKflvs39q2GQWzzDnhPDaYhwC4sJ_HlIeqvhl3w/s1600/Domain-cap4.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJUmF144Mwolw2u5ozra28noLnG-p0QcninAG_cvqTlLqmcueOLPWpk5qBrwRWAAas_LCI_nKJed0jZZ9vlSqoN3LpQ58JoNcyoGi_tKflvs39q2GQWzzDnhPDaYhwC4sJ_HlIeqvhl3w/s1600/Domain-cap4.JPG" height="320" width="640" /></a></div>
Select 'Use any machine configured in this domain'<br />
Click Next<br />
<br />
Assign each dynamic server unique listen ports<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiYxj-SSRnR82oLtTZRzUqPnC0N1csoSSOzFqavjklMLSGlYlm2sVty-4xmYps6TyPyM1Nv_EM5j2L2PNHeoKW0UxTa_b7KwO3su871xUdlhNAvBjfGVwEDpSuT5Sibb9zwUOj3e98Ra-I/s1600/Domain-cap5.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiYxj-SSRnR82oLtTZRzUqPnC0N1csoSSOzFqavjklMLSGlYlm2sVty-4xmYps6TyPyM1Nv_EM5j2L2PNHeoKW0UxTa_b7KwO3su871xUdlhNAvBjfGVwEDpSuT5Sibb9zwUOj3e98Ra-I/s1600/Domain-cap5.JPG" height="432" width="640" /></a></div>
Listen Port for First Server: 8000<br />
SSL Listen Port for First Server: 9000<br />
<div>
Click Next</div>
<div>
<br /></div>
<div>
Summary screen</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiuqyO6XIQGA7NaRDUAHt9HWfEBr8fX_jstX_frX12ESKZ8WiaRI1PMd3jCx7FNWN1tsC_hd52iz0cA7pk3nZJtUrhXxZ0oBBnv0OXu4TALbgF-xeBJZGHHZjo2SfeCOK94A2cCz8hm1gY/s1600/Domain-cap6.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiuqyO6XIQGA7NaRDUAHt9HWfEBr8fX_jstX_frX12ESKZ8WiaRI1PMd3jCx7FNWN1tsC_hd52iz0cA7pk3nZJtUrhXxZ0oBBnv0OXu4TALbgF-xeBJZGHHZjo2SfeCOK94A2cCz8hm1gY/s1600/Domain-cap6.JPG" height="428" width="640" /></a></div>
Click Finish<br />
<br />
With the creation of the Dynamic Cluster there is also a Server Template created for it.<br />
<span style="font-family: inherit;"><br />
</span> <br />
<h3>
<span style="font-family: inherit;">Server templates</span></h3>
<span style="font-family: inherit;">A single server template provides the basis for the creation of the dynamic servers. Using this single template provides the possibility of every member being created with exactly the same attributes. Where some of the server-specific attributes like Servername, listen-ports, machines, etc. can be calculated based upon tokens.</span><br />
<div>
<span style="font-family: inherit;">You can pre-create server templates and let Weblogic clone one when a Dynamic Cluster is created.</span></div>
<div>
<span style="font-family: inherit;">When none is available a server template is create with the Dynamic Cluster. </span><span style="font-family: inherit;">The name and the listen ports are the only server template attributes that you provide during Dynamic Cluster creation.</span></div>
<div>
<span style="font-family: inherit;"><br />
</span> <span style="font-family: inherit;">Before we activate the changes to the domain, we are going to make a change to the server template.</span></div>
<div>
<span style="font-family: inherit;">As an example we are going to demonstrate the use of tokens for server-specific configuration. </span></div>
<div>
<span style="font-family: inherit;"><br />
</span></div>
<div>
Navigate to Environment -> Clusters -> Server Templates</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3j7jiGOO_1DaAwzazJEiAJzDr042STvrImkeb3I6eHn_DRwieBVq1JhsfpNzsR0FQqbzg2M1z13U72jNNQmoXEbLV-G5uwXswDoARDNaTj4WECnJgXursm5QdvWVWULGmmH5Zz_KX4Z0/s1600/Domain-cap8.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3j7jiGOO_1DaAwzazJEiAJzDr042STvrImkeb3I6eHn_DRwieBVq1JhsfpNzsR0FQqbzg2M1z13U72jNNQmoXEbLV-G5uwXswDoARDNaTj4WECnJgXursm5QdvWVWULGmmH5Zz_KX4Z0/s1600/Domain-cap8.JPG" height="81" width="640" /></a></div>
Click on the name: dyna-server-Template<br />
<br />
We are going to use the ${ID} token in the Listen Address<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi9Uk8rCK8m4JT42IerfP6Azxe1GPA7jqgvhi8gEW1Mfs5klSboJXy0O-Lqs_0xrLi1v76fJ4pARh7RLNezRdh0p9ZKzPvKJqw9PY95JTzEOs5dQS6JydkAEfndBU8biofD6M7oAaBqRsE/s1600/Domain-cap10.JPG" imageanchor="1"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi9Uk8rCK8m4JT42IerfP6Azxe1GPA7jqgvhi8gEW1Mfs5klSboJXy0O-Lqs_0xrLi1v76fJ4pARh7RLNezRdh0p9ZKzPvKJqw9PY95JTzEOs5dQS6JydkAEfndBU8biofD6M7oAaBqRsE/s1600/Domain-cap10.JPG" height="331" width="640" /></a></div>
Listen Address: 192.168.100.4${ID}<br />
Click Save<br />
<br />
The last digit of the listen address is used to make the listen address dynamic.<br />
<br />
Activate changes in the Change Center of the Weblogic Console.<br />
After activation the cluster and two managed servers are created.<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUXiEj27utRKGtFIUQEAP6F3SG1Jt5iLoQt56fiTO4AkOq-yoJaD3XWrFxBShZ4yUpmcJq4b-b1gWCtPZ1py049jsBF7-jZqeh0WTP1kQPegBxvYzn_Hg6Oka2Og2MO03kaCFQmKrZIzo/s1600/Domain-cap12.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUXiEj27utRKGtFIUQEAP6F3SG1Jt5iLoQt56fiTO4AkOq-yoJaD3XWrFxBShZ4yUpmcJq4b-b1gWCtPZ1py049jsBF7-jZqeh0WTP1kQPegBxvYzn_Hg6Oka2Og2MO03kaCFQmKrZIzo/s1600/Domain-cap12.JPG" height="217" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg5MZmY8lxIMMdxYVcAC24t_lLmZI4zdZbkKvkJ5W8zRgdU7B5VCczNpcd7_2xSLRKrXNwmRxVDY6ORN0_7EzjZatfki2g7l8WK36st08h5803y8uAhqEi5xU1uwLdLhOAsIwZvcFsXWmU/s1600/Domain-cap11.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg5MZmY8lxIMMdxYVcAC24t_lLmZI4zdZbkKvkJ5W8zRgdU7B5VCczNpcd7_2xSLRKrXNwmRxVDY6ORN0_7EzjZatfki2g7l8WK36st08h5803y8uAhqEi5xU1uwLdLhOAsIwZvcFsXWmU/s1600/Domain-cap11.JPG" height="249" width="640" /></a></div>
<br />
We can now start the two servers.<br />
<br />
In the previous steps we have added a dynamic cluster with two dynamic servers, based on a single server template, to the domain.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEheYCG4Wgw3Myj4raYW0Q1WPXYQ45WZAkIjGJlCycqCLknOzSImJ8sR2j-9fQdghgSXm-RrQAr9wIq8RXpRZwpx9jqKkXN6D6_QLF3MsCkI2hlIEHhJMOEz7H2KUsguQd1cmb_n2GgOvq0/s1600/Domain-pic2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEheYCG4Wgw3Myj4raYW0Q1WPXYQ45WZAkIjGJlCycqCLknOzSImJ8sR2j-9fQdghgSXm-RrQAr9wIq8RXpRZwpx9jqKkXN6D6_QLF3MsCkI2hlIEHhJMOEz7H2KUsguQd1cmb_n2GgOvq0/s1600/Domain-pic2.png" height="326" width="640" /></a></div>
<div>
<h3>
Scaling a Dynamic Cluster</h3>
<br />
When the capacity is insufficient and you need to scale-up, you can add dynamic servers on demand.<br />
It requires only a few clicks.<br />
<br />
Navigate to Environment -> Clusters<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUXiEj27utRKGtFIUQEAP6F3SG1Jt5iLoQt56fiTO4AkOq-yoJaD3XWrFxBShZ4yUpmcJq4b-b1gWCtPZ1py049jsBF7-jZqeh0WTP1kQPegBxvYzn_Hg6Oka2Og2MO03kaCFQmKrZIzo/s1600/Domain-cap12.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUXiEj27utRKGtFIUQEAP6F3SG1Jt5iLoQt56fiTO4AkOq-yoJaD3XWrFxBShZ4yUpmcJq4b-b1gWCtPZ1py049jsBF7-jZqeh0WTP1kQPegBxvYzn_Hg6Oka2Og2MO03kaCFQmKrZIzo/s1600/Domain-cap12.JPG" height="217" width="640" /></a></div>
Click dyna-cluster<br />
<br />
On the Configuration tab go to the Servers tab</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSlU0hbGjRR28lOtqZBj7iM9WmiJ761qLB462CLn41MROERe7MJEL3K2NCt_0_5qcIjKleS9Gh2Nzodgmx_icdJ19DPob00PcSDm3-mOmEVX-QkMWOT8hyhkzQP5OoMRQOlJpLU3fMEkY/s1600/Domain-cap13.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSlU0hbGjRR28lOtqZBj7iM9WmiJ761qLB462CLn41MROERe7MJEL3K2NCt_0_5qcIjKleS9Gh2Nzodgmx_icdJ19DPob00PcSDm3-mOmEVX-QkMWOT8hyhkzQP5OoMRQOlJpLU3fMEkY/s1600/Domain-cap13.JPG" height="387" width="640" /></a></div>
Change the Maximum Number of DynamicServers to: 4<br />
Click save<br />
<br />
Activate changes in the Change Center of the Weblogic Console.<br />
After activation two Dynamic Servers are added to the Dynamic Cluster.<br />
<br />
Start the two new Dynamic Servers and you have doubled you capacity.<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjL1uIuCEHxqu5v4CEHLIEHEEe2BjrszJif23OQWHUtpUU5Chfuz_DIYoS09-MCaZpIUPy-kooTKRcFXIukxSH3GqVMtyctiY4ar7-SVsGh61agem1ZXQs3TsexUwAPDDKR_37qsdSFah8/s1600/Domain-cap14.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjL1uIuCEHxqu5v4CEHLIEHEEe2BjrszJif23OQWHUtpUU5Chfuz_DIYoS09-MCaZpIUPy-kooTKRcFXIukxSH3GqVMtyctiY4ar7-SVsGh61agem1ZXQs3TsexUwAPDDKR_37qsdSFah8/s1600/Domain-cap14.JPG" height="164" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEivXefYaMoX4ccvH8qlhHqWPiS0AfR_wYCifyv8rzIrjqhKEjQ073jDdtRyP9et1YXqsv0Kti_9UQUE8Hw1-cyAsaIP2YfmQiPbUQIe5tZxf4CFMEB7lDufLf0Zjb3zWARTveOk_-h8mJw/s1600/Domain-pic3.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEivXefYaMoX4ccvH8qlhHqWPiS0AfR_wYCifyv8rzIrjqhKEjQ073jDdtRyP9et1YXqsv0Kti_9UQUE8Hw1-cyAsaIP2YfmQiPbUQIe5tZxf4CFMEB7lDufLf0Zjb3zWARTveOk_-h8mJw/s1600/Domain-pic3.png" height="326" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
Scaling down works exactly the same.<br />
Just lower the Maximum Number of DynamicServers and activate.<br />
<br />
A few points to keep in mind when scaling up or down.<br />
<br />
Up<br />
<ul>
<li>New dynamic servers are not started upon creation</li>
<li>Think before you act with the use of Tokens.<br />For example.<br />In our demo, the number of Dynamic servers can't grow beyond nine servers, since we use the ${ID} as last digit of the listen address.</li>
</ul>
<br />
Down<br />
<ul>
<li>Dynamic Servers above the new Maximum have to be shutdown before the change can be activated.</li>
<li>Dynamic Servers are removed in order, Last -> First<br />(In our demo dyna-server-4 gets removed first, then dyna-server-3, etc..)</li>
<li>You cannot remove a Dynamic Server directly from the Environment -> Servers page</li>
</ul>
<br /><br />
<br />
<ul>
</ul>
Jaaphttp://www.blogger.com/profile/13814974223890398431noreply@blogger.com1tag:blogger.com,1999:blog-4319366329708683557.post-16156765871351036822015-01-13T14:44:00.001+01:002015-01-14T08:45:33.506+01:00Upgrade OVM 3.2 to 3.3Lately several people asked me how they should go about with upgrading their OVM 3.2.x environment to 3.3.x<br />
They have the backend repository running on an Oracle Database, which is no longer supported. In release 3.3, only MySQL is supported as a backend repository database.<br />
They were wondering how the migration process will take place.<br />
Furthermore the documentation states that there is only one way to upgrade the OVM Server from 3.2 to 3.3.<br />
<br />
See <a href="https://docs.oracle.com/cd/E50245_01/E50247/html/vmiug-overview-upgrading.html" target="_blank">Chapter 5.1 of the Installation and Upgrade Guide for Release 3.3</a><br />
<br />
If you are upgrading from Oracle VM Server Release 3.2 or earlier to Release 3.3:<br />
<br />
You must set up two Yum repositories, one as a transitional repository containing the packages for Release 3.2, and a second containing the target packages for Release 3.3. When the Yum repositories are in place, you can run the UpgradeServers.py script on the Oracle VM Manager host to batch update servers as required<br />
<br />
This would suggest that the ‘old fashion’ method of booting the OVM Server from CD no longer works.<br />
Well I have tested the upgrade the ‘old fashion’ way and I can say that it will work with a few tweaks.<br />
However, chapter 5.4.4 states that this method is not supported. So let’s see how the supported upgrade methods are carried out.<br />
<br />
<h4>
Test Environment</h4>
Let’s start with the setup of a small test environment based on VirtualBox VM’s.<br />
<br />
<b>Virtualbox Machines</b><br />
<table align="left" border="0" cellpadding="1">
<tbody>
<tr><td>Hostname</td> <td>eth0 (LAN)</td> <td>eth1 (Storage)</td></tr>
<tr><td>storage1.domain.local</td> <td></td> <td>10.10.10.170</td> </tr>
<tr><td>ovm01.domain.local</td> <td>192.168.100.171</td><td>10.10.10.171</td> </tr>
<tr><td>ovmmanager.domain.local</td><td>192.168.100.170</td><td></td> </tr>
</tbody>
</table>
<br />
<br />
<br />
<br />
<br />
<br />
<b>ISCSI Storage on storage1.domain.local (simulated by Openfiler)</b><br />
<table align="left" border="0" cellpadding="1">
<tbody>
<tr><td>Volumes (LUN’S)</td><td>Size</td><td>Description</td> </tr>
<tr><td>poolfs</td> <td>20Gb</td><td>OVM Pool filesystem</td></tr>
<tr><td>repfs</td> <td>50Gb</td><td>Storage Repository</td> </tr>
</tbody>
</table>
<br />
<br />
<br />
<br />
<br />
<b>OVM Server</b><br />
OVM Server 3.2.8 installed on ovm01.domain.local<br />
4 Gb memory<br />
12 Gb disk<br />
1 network interface for LAN connection<br />
1 network interface for Storage connection<br />
<br />
1 Virtual guest running OEL 6.5<br />
<br />
<b>OVM Manager</b><br />
OVM Manager 3.2.8 installed on ovmmanager.domain.local<br />
4 vCPU’s<br />
8 Gb memory<br />
25 Gb disk<br />
1 network interface for LAN connection<br />
<br />
Oracle 11.0.2.4 database as backend repository<br />
Instance name: ovsdb<br />
<br />
<h3>
Upgrade OVM Manager</h3>
<br />
As with all releases, the upgrade starts with upgrading the OVM Manager.<br />
The upgrade of OVM Manager is pretty straightforward.<br />
<br />
It involves<br />
<br />
<ul>
<li>Upgrading the OVM Manager software from 3.2.8 to 3.3.1</li>
<li>Migrating ovsdb from Oracle database to MySQL database</li>
</ul>
<br />
Make sure there is enough diskspace available for the upgrade. The runInstaller states that 7100MB should be available in the filesystem where the current OVM Manager is installed.<br />
<br />
Start the installer from the mounted iso or from the cd.<br />
In the example below I have mounted the iso on /media<br />
<br />
<pre class="brush:bash">[root@ovmmanager media]# ./runInstaller.sh
Oracle VM Manager Release 3.3.1 Installer
Oracle VM Manager Installer log file:
/var/log/ovmm/ovm-manager-3-install-2014-10-23-214811.log
Please select an installation type:
1: Install
2: Upgrade
3: Uninstall
4: Help
Select Number (1-4): 2
Verifying upgrading prerequisites ...
Starting Upgrade ...
Reading database parameters from config ...
Choose option 2: Upgrade</pre>
<br />
Note. You can also start the installer with the Upgrade option directly on the commandline<br />
<pre class="brush:bash">./runInstaller.sh --installtype Upgrade</pre>
<br />
Provide the database password of the current ovs schema in the Oracle database.<br />
<pre class="brush:plain">Database Repository
==========================
Please enter the current Oracle VM Manager database password for user ovs: *******</pre>
<br />
Provide the current admin password, this is the password you use to logon to the OVM Console.<br />
<pre class="brush:plain">Oracle VM Manager application
=============================
Please enter the current Oracle VM Manager application password for user admin: ********</pre>
<br />
Now provide a password for the weblogic user for the new Weblogic 12c install. You can choose to make up a new password or just use the same as the old installation.<br />
<pre class="brush:plain">Oracle Weblogic Server 12c
==========================
Please enter a *new* Oracle WebLogic Server 12c user password for user weblogic: ********
Please enter a *new* Oracle WebLogic Server 12c user password for user weblogic (confirm): ********</pre>
<br />
Provide a FQDN name for which a SSL certificate will be created.<br />
<pre class="brush:plain">Please enter your fully qualified domain name, e.g. ovs123.us.oracle.com, (or IP address)
of your management server for SSL certification generation, more than one IP address are
detected: 192.168.100.170 10.0.3.15 [ovmmanager.domain.local]: ovmmanager.domain.local</pre>
<br />
The installer verifies the configuration and offers you the choice to continue with the upgrade or abort the installation.<br />
<pre class="brush:bash">Verifying configuration ...
Upgrading from version 3.2.8.733 to version 3.3.1.1065
Start upgrading Oracle VM Manager:
1: Continue
2: Abort
Select Number (1-2): 1</pre>
<br />
The upgrade will now proceed.<br />
The console output scrolls down on your screen. I will not bother you with the full output.<br />
You can monitor the progress in another terminal session via:<br />
<pre class="brush:bash">tail -f /var/log/ovmm/ovm-manager-3-install-YYYY-MM-DD-HHMISS.log</pre>
<br />
At the end of the upgrade an installation summary is presented, showing the relevant informantion.<br />
<pre class="brush:plain">Installation Summary
--------------------
Database configuration:
Database type : MySQL
Database host name : localhost
Database name : ovs
Database listener port : 49500
Database user : ovs
Weblogic Server configuration:
Administration username : weblogic
Oracle VM Manager configuration:
Username : admin
Core management port : 54321<
UUID : 0004fb00000100002482670af80b9a35
Passwords:
There are no default passwords for any users. The passwords to use for Oracle VM Manager, Database, and Oracle WebLogic Server have been set by you during this installation. In the case of a default install, all passwords are the same.
Oracle VM Manager UI:
https://ovmmanager.domain.local:7002/ovm/console
Log in with the user 'admin', and the password you set during the installation.
Note that you must install the latest ovmcore-console package for your Oracle Linux distribution to gain VNC and serial console access to your Virtual Machines (VMs).
Please refer to the documentation for more information about this package.
For more information about Oracle Virtualization, please visit:
http://www.oracle.com/virtualization/
Oracle VM Manager upgrade complete.
Please remove configuration file /tmp/ovm_configX4zw9Q.</pre>
<br />
A few points to mention that answer some customer questions.<br />
<br />
During the upgrade the content of the Oracle database is automatically exported.
<br />
<pre class="brush:plain">Exporting core database, please be patient this may take a long time ...</pre>
<br />
Further down the upgrade track, after MySQL database has been created, the export is imported into it.<br />
<pre class="brush:plain">Importing core database, please be patient this may take a long time ...</pre>
<br />
Don’t forget to shutdown and delete the Oracle database after the successful upgrade.<br />
<br />
After the upgrade to 3.3 the OVM Manager is set to communicate with OVM Server using TLS. Since this was not the case with to OVM Server 3.2, we disable this option until all OVM Servers are upgraded.<br />
To communicate with OVM Servers 3.2, disable TLS1 for SSL-based authentication in release 3.3.<br />
<pre class="brush:bash">vi /etc/sysconfig/ovmm
USETLS1=NO</pre>
After all OVM Servers have been upgraded, change it back to<br />
<pre class="brush:bash">USETLS1=YES</pre>
Remove any temporary files left by the installer.<br />
<pre class="brush:bash">rm -Rf /tmp/workdir_sel*
rm -Rf /tmp/ovm*</pre>
<br />
We can now proceed with the upgrade of the OVM Servers.<br />
<br />
<h3>
Upgrade OVM Server</h3>
<br />
Before you begin.<br />
<br />
Make sure you have downloaded the latest installation media from <a href="https://edelivery.oracle.com/linux" target="_blank">edelivery</a>.<br />
According to an unpublished bug, there is a defect on initial releases of Oracle VM 3.3.1 installation media. This could make some servers hang on boot.<br />
<br />
As mentioned earlier, the upgrade of OVM Server from release 3.2 or earlier to release 3.3 via booting from the CD is no longer supported.<br />
<br />
We are going to create two Yum repositories.<br />
A transitional repository containing 3.2 packages and a target repository containing 3.3 packages.<br />
Both repositories will be created from the 3.3 installation media.<br />
<br />
The repositories need to be accessible through http/https on any webserver.<br />
If you don’t have a webserver available, you can use the Python SimpleHTTPServer module.<br />
We will be using this module on the OVM Manager server as an example.<br />
<br />
<b>Creating the Yum repositories</b><br />
<br />
Logon as root on the server.<br />
<br />
Create a directory for the repository files.<br />
<pre class="brush:bash">mkdir -p /var/www/repos</pre>
Mount the iso on /media<br />
<pre class="brush:bash">mount -o loop OVS-3.3.1.iso /media</pre>
Copy the entire iso to the http root directory<br />
<pre class="brush:bash">cp -rp /media/* /var/www/repos/</pre>
<br />
Start the SimpleHTTPServer<br />
<pre class="brush:bash">cd /var/www
python –m SimpleHTTPServer 80
Serving HTTP on 0.0.0.0 port 80</pre>
Keep this session running until the upgrade has finished.<br />
<br />
If you have any additional packages installed, see “5.4.1.2 Adding Packages to a Yum Repository” on how to add them to the repository.<br />
<br />
Now configure the repositories in OVM Manager console.<br />
<br />
Open the OVM Manager webconsole in a browser.<br />
<br />
Go to : Tools and Resources -> Server Update Groups -> GlobalX86ServerUpdateConfiguration<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj41N5LW_F-wDYgngwR_-GtB1r0I9IRJIwUE0UWjHacAmRX-qJZkGmVyEKQMh5qkddXQp_yEIZwb8NuEo1oUaNb_BkHQOZ2d6bydUTL2Iox-pyYJNO42oTmtKtoItBWsA7V1PLVEruwHJ8/s1600/ovmm-repo1.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj41N5LW_F-wDYgngwR_-GtB1r0I9IRJIwUE0UWjHacAmRX-qJZkGmVyEKQMh5qkddXQp_yEIZwb8NuEo1oUaNb_BkHQOZ2d6bydUTL2Iox-pyYJNO42oTmtKtoItBWsA7V1PLVEruwHJ8/s1600/ovmm-repo1.JPG" height="121" width="640" /></a></div>
<br />
<br />
Create the two repositories Transitional and Target<br />
Click on the + to enter the “Create New Server Update Repository” screen.<br />
<br />
<b>Transitional repository</b><br />
<br />
<table align="left" border="0" cellpadding="1">
<tbody>
<tr><td>Name :</td> <td>3.3_trans_repo</td> </tr>
<tr><td>Repository name :</td> <td>3.3_trans_repo</td> </tr>
<tr><td>URL :</td> <td>http://ovmmanager.domain.local/repos/Transition</td> </tr>
<tr><td>Enabled :</td> <td>Yes</td> </tr>
<tr><td>Package Signature Type :</td><td>GPG</td> </tr>
<tr><td>Package Signature Key :</td> <td>http://ovmmanager.domain.local/repos/RPM-GPG-KEY-oracle-ol5</td></tr>
</tbody>
</table>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwsuHwYZov7gM9y6ZWOY1tqIlKmAiku_u6Al-wBCO1-iX92GTQPMvxIEBiEJ4C00Sv3HLw01c8WXfC3DVUFcLOPSxmuXklX2bgx4NV1EFwqg4ZKQQJV-zz1C6jt6fiUn8w3Kd4t7FpQPM/s1600/ovmm-repo2.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwsuHwYZov7gM9y6ZWOY1tqIlKmAiku_u6Al-wBCO1-iX92GTQPMvxIEBiEJ4C00Sv3HLw01c8WXfC3DVUFcLOPSxmuXklX2bgx4NV1EFwqg4ZKQQJV-zz1C6jt6fiUn8w3Kd4t7FpQPM/s1600/ovmm-repo2.JPG" height="400" width="381" /></a></div>
<br />
The Name must be exactly as above entered as the UpgradeServers.py will use this Name.<br />
<br />
<b>Target repository</b><br />
<br />
<table align="left" border="0" cellpadding="1">
<tbody>
<tr><td>Name :</td> <td>3.3_ovs_repo</td> </tr>
<tr><td>Repository name :</td> <td>3.3_ovs_repo</td> </tr>
<tr><td>URL :</td> <td>http://ovmmanager.domain.local/repos/Server</td> </tr>
<tr><td>Enabled :</td> <td>Yes</td> </tr>
<tr><td>Package Signature Type :</td><td>GPG</td> </tr>
<tr><td>Package Signature Key :</td> <td>http://ovmmanager.domain.local/repos/RPM-GPG-KEY-oracle</td></tr>
</tbody>
</table>
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgdI6V-6n2Ho71lHUOpR86tPqUKv970Dnf4RtVYgbYWIYG8en8z077HqzzSpX0_y-lTqj2IAGjquvp2nb6PvO5nCdctWd9eAeukVr4JpU2_k-t-OSCZ0D8teOts_nczL-WE2Wza73lkb3A/s1600/ovmm-repo3.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgdI6V-6n2Ho71lHUOpR86tPqUKv970Dnf4RtVYgbYWIYG8en8z077HqzzSpX0_y-lTqj2IAGjquvp2nb6PvO5nCdctWd9eAeukVr4JpU2_k-t-OSCZ0D8teOts_nczL-WE2Wza73lkb3A/s1600/ovmm-repo3.JPG" height="320" width="305" /></a></div>
<br />
The Name must be exactly as above entered as the UpgradeServers.py will use this Name.<br />
<br />
<h3>
Upgrade the OVM Servers</h3>
<br />
After the repositories have been created in OVM Manager we can proceed with the upgrade of the OVM Servers.<br />
The upgrade is performed by using the UpgradeServers.py script.<br />
<pre class="brush:bash">/u01/app/oracle/ovm-manager-3/ovm_tools/bin/UpgradeServers.py</pre>
For the upgrade from OVM Server 3.2 to 3.3 this script is the required method.<br />
It is possible to upgrade between 3.3.x versions using the webconsole, however the preferred method is using the script.<br />
<br />
With the UpgradeServers.py script you can upgrade one or multiple OVM Servers or complete Server Pools at once.<br />
See <a href="http://docs.oracle.com/cd/E50245_01/E50247/html/vmiug-server-upgrading.html#vmiug-server-update-script" target="_blank">5.4.2 Upgrading Oracle VM Server using the UpgradeServers.py Script</a> for the syntax.<br />
<br />
In our example I will upgrade the one OVM Server in the test setup.<br />
<br />
On the OVM Manager server<br />
<br />
<pre class="brush:bash">cd /u01/app/oracle/ovm-manager-3/ovm_tools/bin/
./UpgradeServers.py -u admin -v ovm01.domain.local
Enter your OVM Manager password: ******
Tue Jan 13 10:52:03 2015 INFO:
Tue Jan 13 10:52:03 2015 INFO: UpgradeServers script starting...
Tue Jan 13 10:52:03 2015 INFO: OVM Manager version: 3.3.1.1065
Tue Jan 13 10:52:03 2015 INFO: Command line args: ['UpgradeServers.py', '-v', 'ovm01.domain.local']
Tue Jan 13 10:52:04 2015 INFO: Server: ovm01.domain.local. Transition Server Update Repository: 3.3_trans_repo, URL/path: http://ovmmanager.domain.local/repos/Transition
Tue Jan 13 10:52:04 2015 INFO: Server: ovm01.domain.local. OVS Server Update Repository: 3.3_ovs_repo, URL/path: http://ovmmanager.domain.local/repos/Server
Tue Jan 13 10:52:04 2015 INFO: Getting update packages list in Server Update Repository: 3.3_ovs_repo, using old est server: ovm01.domain.local, version: 3.2.8-736
Tue Jan 13 10:52:07 2015 INFO: Checking servers for non-native packages (those installed after initial server in stallation)
Tue Jan 13 10:52:08 2015 INFO: Non-native package status:
Tue Jan 13 10:52:08 2015 INFO: Non-native package Status in 3.3_ovs_repo
Tue Jan 13 10:52:08 2015 INFO: ----------------------------- ----------------------
Tue Jan 13 10:52:08 2015 INFO: openscap OK: package exists
Tue Jan 13 10:52:08 2015 INFO: openscap-python OK: package exists
Tue Jan 13 10:52:08 2015 INFO: openscap-utils OK: package exists
Tue Jan 13 10:52:09 2015 INFO: No non-generic plug-ins have been found that are in use on existing storage arrays
Type YES to continue with upgrade: YES
Tue Jan 13 10:54:00 2015 INFO: Evaluating server: ovm01.domain.local, version: 3.2.8-736, for upgrading. [1 of 1 servers].
Tue Jan 13 10:54:00 2015 INFO: Disabling Server Update Repository: 3.3_ovs_repo
Tue Jan 13 10:54:00 2015 INFO: Enabling Server Update Repository: 3.3_trans_repo
Tue Jan 13 10:54:00 2015 INFO: Waiting up to 25 seconds for updates of the Server Update Repositories to complete on server ovm01.domain.local.
Tue Jan 13 10:54:02 2015 INFO: Finished updating Server Update Repositories.
Tue Jan 13 10:54:03 2015 INFO: Starting upgrade of server: ovm01.domain.local, type: X86_64, version: 3.2.8-736, using Server Update Repository: 3.3_trans_repo
Tue Jan 13 10:54:04 2015 INFO: No VMs are on server: ovm01.domain.local, starting server upgrade.
Tue Jan 13 10:55:14 2015 INFO: Waiting for upgrade of server: ovm01.domain.local, to complete. The server is performing the upgrade. [STOPPING]
Tue Jan 13 10:55:44 2015 INFO:
……
Tue Jan 13 11:02:46 2015 INFO: Waiting for upgrade of server: ovm01.domain.local, to complete. The server is performing the upgrade. [STOPPING]
Tue Jan 13 11:03:16 2015 INFO: Waiting for upgrade of server: ovm01.domain.local, to complete. The server is rebooting after the upgrade. [STOPPED]
Tue Jan 13 11:03:46 2015 INFO: Waiting for upgrade of server: ovm01.domain.local, to complete. The server is rebooting after the upgrade. [STOPPED]
Tue Jan 13 11:04:16 2015 INFO: Server: ovm01.domain.local, upgraded successfully to version: 3.3.1-1065 (using Server Update Repository: 3.3_ovs_repo).
Tue Jan 13 11:04:16 2015 INFO: Evaluating if any storage arrays need their plug-ins updated.
Tue Jan 13 11:04:16 2015 INFO: No plug-ins were found that needed updating.
Tue Jan 13 11:04:16 2015 INFO: Log file is available at /u01/app/oracle/ovm-manager-3/ovm_tools/bin/UpgradeServers.log
Tue Jan 13 11:04:16 2015 INFO: UpgradeServers script stopping...</pre>
The OVM Server has been upgraded to 3.3.1<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjgNxpULtd9S9VCATuq3pHaKBGD5JfvoopMuHqPsw2yJYPsrLRdFpQvRLFaila6_Ukdl_d2MmqeL1ArsnzQOdaFr2o2doflMv5AnvZw1hBZyz4qxDjHyO3-azZBQAoKNqDbolhK7gzsAsk/s1600/ovm-upgrade3.3.1.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjgNxpULtd9S9VCATuq3pHaKBGD5JfvoopMuHqPsw2yJYPsrLRdFpQvRLFaila6_Ukdl_d2MmqeL1ArsnzQOdaFr2o2doflMv5AnvZw1hBZyz4qxDjHyO3-azZBQAoKNqDbolhK7gzsAsk/s1600/ovm-upgrade3.3.1.JPG" height="347" width="640" /></a></div>
<br />
<br />
Related Oracle Documention:<br />
<a href="http://docs.oracle.com/cd/E50245_01/E50247/html/index.html" target="_blank">Oracle VM Installation and Upgrade Guide for Release 3.3</a><br />
<br />
Related Oracle support notes:<br />
<a href="https://support.oracle.com/epmos/faces/DocumentDisplay?id=1927958.1" target="_blank">Alert: Verify Sufficient Space in /boot on Your Hypervisor/dom0 Before Upgrading to Oracle VM 3.3.x (Doc ID 1927958.1</a><br />
<a href="https://support.oracle.com/epmos/faces/DocumentDisplay?id=1932065.1" target="_blank">During/After the Upgrade to Oracle VM 3.3.1 Using a Dell optiplex 755/780 Machine Does Not Boot Anymore (Doc ID 1932065.1)</a><br />
<a href="https://support.oracle.com/epmos/faces/DocumentDisplay?id=1918017.1" target="_blank">Oracle VM Server 3.3.1 Installation Hangs (Doc ID 1918017.1)</a><br />
<br />Jaaphttp://www.blogger.com/profile/13814974223890398431noreply@blogger.com1tag:blogger.com,1999:blog-4319366329708683557.post-26757752027318266412014-12-07T22:27:00.000+01:002014-12-26T10:52:27.521+01:00Securing OHS environments with latest SSL TLS protocols and SHA-2 certificates<h3>
Customer case</h3>
A while ago I was contacted by a customer about their old Oracle Application and Weblogic Server environment.<br />
They were receiving complaints from users that they can't connect to the secure site any longer. Most of the complaints came from users that just recently updated their tablet or smartphone.<br />
After a quick look in the logs of the OHS servers, I found out that the problem had to do with the SSL protocols being used.<br />
The servers were providing connections through either SSLv3 or TLSv1.0, while the devices requested at least TLSv1.1.<br />
The environment comprises of an Oracle HTTP server 10.1.x, for SSO, in front of their Application Server.<br />
For the applications they are using OHS 11.1.1.x. in front of a mix of applications. Varying from oc4j 10.1.2 all the way up to 11.1.1, including Oracle Forms and Reports.<br />
Unfortunately, due to this complexity of components, they were not able to upgrade the environment in time.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi4nb18LaXyISXwE4LL90ihgDIN9uuaaAS3__u8B8alrzuw_0DQYUhveguLpwY0l9XUJLx3ZkJvATv9Yn9f5Ynt4JnaYtQ5E6xqjZRatjFWPt3exZZQCWtG1gvkDkP6iuHljOO20Vkw7Qg/s1600/SSLPict11.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="SSL Current Situation" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi4nb18LaXyISXwE4LL90ihgDIN9uuaaAS3__u8B8alrzuw_0DQYUhveguLpwY0l9XUJLx3ZkJvATv9Yn9f5Ynt4JnaYtQ5E6xqjZRatjFWPt3exZZQCWtG1gvkDkP6iuHljOO20Vkw7Qg/s1600/SSLPict11.png" height="400" title="" width="396" /></a></div>
<div style="text-align: center;">
<span style="text-align: center;"><i>SSL Current Situation</i></span><br />
<div style="text-align: left;">
<span style="text-align: center;"><i><br /></i></span></div>
</div>
<h3>
Requirements</h3>
The customer asked to provide a solution with the following requirements.<br />
<br />
<ul>
<li>Disable the old, insecure, SSLv3</li>
<li>Enable TLSv1.1 and TLSv1.2 for all sites</li>
<li>Current hostnames for the url’s must not change</li>
<li>Support SHA-2 SSL certificates for all sites</li>
</ul>
<br />
<h3>
Circumstances I had to take into account</h3>
<ul>
<li>Oracle HTTP Server (OHS) 10.1.x and 11.1.1.x do not support TLS 1.1 and TLS 1.2.<br />This is due to the Oracle NZ layer used by OHS 10g/11g for its SSL implementation which doesn't support TLS 1.1/1.2.</li>
<li>There is no support for SHA2 certificates (SHA256 or SHA512) or algorithms in Oracle Application Server 10g (10.1.2.X.X/10.1.3.X.X)</li>
<li>SHA2 is certified for Fusion Middleware 11g (11.1.1.X) with caveats</li>
<li>As part of their SHA-2 migration plan, Microsoft, Google, and Mozilla have announced that they will stop trusting SHA-1 certificates.<br />Google will begin phasing out trust in SHA-1 certificates in November 2014.</li>
<li>Replacing the old 11.1.1.x OHS with FMW Webtier 12.1.3.0. is not an option.<br />OSSO from the 10.1.x appserver is being used and in FMW Webtier 12.1.x the mod_osso module is no longer supported.</li>
</ul>
<span style="font-size: x-small;">note. Oracle Traffic Director on Exalogic is also based on FMW 11.1.1.x !!</span><br />
<span style="font-size: x-small;"><br /></span>
<br />
<h3>
Solution</h3>
There are several options to meet the requirements set by the customer.<br />
Unfortunately the best solution, upgrading the environment, cannot yet be implemented.<br />
<br />
In this case the requirements were met by placing a reverse proxy in front of the entire environment.<br />
The reverse proxy acts as an SSL terminator for client connections using the latest SHA-2 SSL Certificates.<br />
To encrypt the connection, using TLSv1.0, between the reverse proxy and the backend OHS, I generated Self-Signed SHA-1 certificates compatible with the old servers .<br />
<br />
As a reverse proxy I had the choice between using Oracle Fusion Middleware 12c 12.1.3 Webtier or the plain Apache HTTP Server.<br />
I decided to go with Apache HTTP Server.<br />
<br />
The reasons for this choice were.<br />
<br />
(Security) Updates - (Security) updates are released more frequent for plain Apache than for Webtier<br />
Easier to maintain - The server will be managed by Linux engineers, not the Oracle Engineers<br />
Smaller footprint - I only need the reverse proxy functionality, not all the fancy stuff that comes with Oracle Webtier.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEimWyTe_DRrwTm5fiY4ydV8pJKlIM6Wh8AoKHRoHt-nj81IVj9NNRrShtKMgR0xHOyn_8rzeEkWnvyunp91T9ypdC1Q7QRebd1dOev0YTw1etndjmkjSYKXwarTUVzK2MxknbqCEd44YtY/s1600/SSLPict21.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="SSL Installed Solution" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEimWyTe_DRrwTm5fiY4ydV8pJKlIM6Wh8AoKHRoHt-nj81IVj9NNRrShtKMgR0xHOyn_8rzeEkWnvyunp91T9ypdC1Q7QRebd1dOev0YTw1etndjmkjSYKXwarTUVzK2MxknbqCEd44YtY/s1600/SSLPict21.png" height="400" title="" width="321" /></a></div>
<br />
<div style="text-align: center;">
<i>SSL Installed Solution</i></div>
<br />
Pretty much all requirements were met by using the latest Apache with the correct SSL settings and new SSL Certificates.<br />
<br />
For one requirement we needed to play a little trick:<br />
<br />
Current hostnames for the url's must not change<br />
After setup of the reverse proxy, all DNS entries for the url's hostnames where changed to the IP-addresses of the reverse proxy.<br />
For the reverse proxy to be able to do its work, I placed the old IP-addresses in the local hosts file of the server running Apache HTTP Server.<br />
So the clients browsers are accessing the url's via DNS resolving to the reverse proxy which on his turn resolves the hostsnames on the backend using /etc/hosts.<br />
<br />
<h3>
Final thoughts</h3>
It was not my intension to describe the complete setup of an Apache based reverse proxy here.<br />
There are tons of how-to’s, blogs, etc. that describe all the setups and features.<br />
The main purpose of this article is to make people aware of the fact that there are some changes in SSL security upcoming that can have a direct impact on your environment.<br />
<br />
In the case described above, users were already experiencing problems with mobile devices and tablets. And as I finished the setup, their developers discovered that Java 1.8 uses TLSv1.2 by default.<br />
So a problem, they did not yet relate to SSL protocols, was solved in the process.<br />
<br />
<h3>
As reminder</h3>
Oracle supports the use of TLSv1.1 and TLSv1.2 as of version FMW 12.1.x<br />
Oracle supports the use of SHA-2 as of FMW 11.1.1.x (with caveats)<br />
<br />
<h4>
Related Oracle support notes:</h4>
<a href="https://support.oracle.com/epmos/faces/DocumentDisplay?id=1503476.1" target="_blank">Does Oracle HTTP Server (OHS) 10g Or Higher Support TLS 1.1 and TLS 1.2? (Doc ID 1503476.1)</a><br />
<a href="https://support.oracle.com/epmos/faces/DocumentDisplay?id=1920143.1" target="_blank">Using OHS 12c With TLS 1.1 and 1.2 Protocols as an SSL Reverse-Proxy to OHS 11g (Doc ID 1920143.1)</a><br />
<a href="https://support.oracle.com/epmos/faces/DocumentDisplay?id=1485047.1" target="_blank">Is SSLHonorCipherOrder and TLS 1.1/1.2 Supported for Oracle HTTP Server? (Doc ID 1485047.1)</a><br />
<a href="https://support.oracle.com/epmos/faces/DocumentDisplay?id=1936300.1" target="_blank">How to Change SSL Protocols (to Disable SSL 3.0) in Oracle Fusion Middleware Products (Doc ID 1936300.1)</a>Jaaphttp://www.blogger.com/profile/13814974223890398431noreply@blogger.com6tag:blogger.com,1999:blog-4319366329708683557.post-88581991969628580172013-12-17T16:54:00.000+01:002014-12-28T16:59:39.377+01:00OVM Storage Repositories: Don’t overspend!During the last few months, I have been asked a couple of times to assist in solving problems with crashing Virtual Machines in Oracle VM environments.<br />
<br />
<span style="font-family: Courier New, Courier, monospace;">Failing disk checks on normal filesystems, read-only filesystems.</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">* Fsck could not correct all errors, manual repair needed [ !! ]</span><br />
<span style="font-family: Courier New, Courier, monospace;">Give root password for maintenance</span><br />
<span style="font-family: Courier New, Courier, monospace;">(or type Control-D to continue):</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Kernel panic – not syncing: Attempted to kill init!</span><br />
<br />
These are some of the errors I have seen during startup of VM’s.<br />
<br />
In all of these cases the symptoms were the same. Virtual Machines (VM’s) were crashing and restarting them failed.<br />
While watching the console windows during startup, they all seem to have problems with their filesystems. The errors occured on VM’s which, the engineers assured me, had enough disk space available.<br />
<br />
After taking a closer look at the Storage Repository in which the VM’s were created, I found that the engineers had assigned more virtual disk space to the VM’s in Storage Repository than there was physical diskspace available. That is possible because the VM’s were created using Sparse Allocation.<br />
Sparse Allocation creates a sparse disk, so the size of the disk is initially small and increases as it is used. Sparse allocation is faster than using Non-Sparse Allocation when creating a virtual machine. This is a great feature and has some other nice advantages, like faster migration, etc..<br />
<br />
The caveat however, lies in the fact that you can overspend your physical diskspace.<br />
When VM’s grow, they take up more and more space in your Storage Repository. Until ….. you run out of physical diskspace!! The Operating System (O/S) within the VM however, thinks that there is enough space. At that point the O/S within the VM’s start having i/o errors, choking up and finally crashing the VM.<br />
<br />
To solve the problems start by creating some free space in the Storage Repository, either by extending the iSCSI LUN, NFS Share or by simply moving a VM to another Storage Repository. After the free space has been created, come some old fashion linux filesystem repair actions.<br />
<br />
I found several different scenario’s after startup of VM’s and not all of them are recoverable!<br />
<ul>
<li>At startup, the O/S forced checks and corrections of filesystems and was able to repair any inconsistencies automatically and the system boots up correct.<br /><i>Problem solved</i></li>
</ul>
<ul>
<li>At startup, the O/S forced checks and corrections of filesystems and was unable to correct all errors and forced a manual repair.<br />After running fsck on the filesystem(s) in maintenance mode, the system boots up correct.<br /><i>Problem solved</i></li>
</ul>
<ul>
<li>At startup, the O/S failed with a Kernel Panic. Outch, this can be very nasty!<br />This usually means that there is something wrong on a part of either the boot or root filesystem, needed by the kernel.<br />Change the VM to start from DVD/ISO* and boot into Linux Rescue mode. In rescue mode I was able to repair a filesystem only ones. In other cases the filesystems had sustained to much damage and the VM’s needed to be re-created/re-installed.</li>
</ul>
<br />
In one case the customer was very lucky. This VM had two virtual disks, one for O/S and one for Oracle software and database. The O/S disk was unrecoverable, but the other disk had no problems. The VM had just recently been migrated from another OVM Server. The ‘old’ VM was stil available and very little changes were made to the O/S. I was able to migrate the O/S disk from the old OVM Server and start the VM again.<br />
<br />
Just to see what happens when you procede with filesystem repair on a filesystem with to much damage. I ran an fsck -y on this device. This ended up with a very large Lost&Found directory filled with #xxxxxx files and directories. Not quite the filesystem you can boot from. :-)<br />
<br />
I wrote this article not to show you how to repair disk corruptions.<br />
There ise enough information around to help you with that.<br />
However, you can prevent this from happening!<br />
<br />
<b>Don’t overspend disk space in your Oracle VM environment!</b><br />
<br />
(Or at least put some strict monitoring on physical diskspace usage)<br />
<br />
* Since it is not possible to boot a PVM from DVD/ISO, change the VM to HVM.<br />
see MOS Doc ID<br />
<a href="https://support.oracle.com/epmos/faces/DocumentDisplay?id=884085.1" target="_blank">884085.1: Oracle VM: How to configure a guest Virtual Machine to boot from CDROM/DVDROM</a>Jaaphttp://www.blogger.com/profile/13814974223890398431noreply@blogger.com0tag:blogger.com,1999:blog-4319366329708683557.post-38221591198127710662013-09-16T22:01:00.000+02:002014-12-29T15:37:48.318+01:00Quick & Easy migrate VM from Oracle VM 2.x to 3.xI have come across customers running their Virtual Machines (VM) on Oracle VM 2.x wanting to migrate them to Oracle VM 3.x<br />
Most of the time the engineers think the migration to 3.x is a lot of work. I have seen situations where they installed fresh new VM’s on Oracle VM 3.x and migrated the applications or they performed full system restores on them. A lot of work …, more than migrating!<br />
<br />
The migration of Oracle VM 2.x to 3.x is, simply put, nothing more than importing the VM as a template into Oracle VM 3.x and create a new VM based on this template.<br />
<br />
As of Oracle 3.x the only way to import a template, is to upload them using ftp of http(s).<br />
A standard approach is to copy the img and cfg files to local storage on, for example, a ftp- of webserver and from there upload them to Oracle VM 3.x as a template. In al this can be a very time consuming job due to network connectivity. Especially when moving to and from DMZ’s through firewalls.<br />
<br />
In this article I wil demonstrate a quick and easy way to migrate a VM from Oracle VM 2.x to 3.x<br />
Without the hassle of first copying them to a local disk storage and the uploading them to Oracle VM 3.x.<br />
<br />
Prerequisites:<br />
Network connectivity, ftp or http(s), between the OVM Server 2.x and the new OVM Server 3.x<br />
<br />
<h4>
Steps to a quick and easy migration</h4>
<div>
<br /></div>
<h4>
Make the VM files available on the OVM Server 2.2</h4>
<div>
<br /></div>
Shutdown the VM<br />
<pre class="brush:bash">[root@vm1 ~]# poweroff</pre>
<br />
Logon to the OVM Server<br />
Check if the VM is really down.<br />
<pre class="brush:bash">[root@ovmserver1]# xm list
Name ID Mem VCPUs State Time(s)
1548_vm1 8 13312 4 -b---- 544793.2</pre>
<div>
<br /></div>
Stop iptables (if running) for the duration of the migration.<br />
Or create a rule that allows http access to the OVM Server is you prefer.<br />
<pre class="brush:bash">[root@ovmserver1]# service iptables stop
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: filter [ OK ]
Unloading iptables modules: [ OK ]</pre>
<br />
Change directory to the location of the img and vmcfg files of the VM.<br />
<pre class="brush:bash">cd /OVS/running_pool/1548_vm1
ls -l<br />
-rw-r--r-- 1 root root 280 Nov 24 2011 README
-rw-r--r-- 1 root root 13316728320 Jun 10 17:11 System.img
-rw-rw-rw- 1 root root 209715200000 Sep 6 08:04 u01.img
-rw-r--r-- 1 root root 569 Sep 6 08:11 vm.cfg</pre>
<br />
Make a backup of the vm.cfg and remove the mac address and xenbr0 from it.<br />
A new mac address and network will me provided by OVM 3.x later.<br />
<pre class="brush:bash">cp vm.cfg vm.cfg.org
vi vm.cfg</pre>
<br />
Before<br />
<pre class="brush:bash">vif = ['bridge=xenbr0,mac=00:16:3E:44:0D:7F,type=netfront']</pre>
<br />
After<br />
<pre class="brush:bash">vif = ['type=netfront']</pre>
<br />
Now to make the file available for direct upload we need a http of ftp server on OVM 2.x<br />
I do not want to install additional software on the OVM Server.<br />
Luckily Oracle (xen) uses a lot of python!!<br />
Python has the SimpleHTTPServer module which provides a simple http Request handler.<br />
<br />
Make sure you are in the directory where the img and vm.cfg files are located.<br />
<pre class="brush:bash">pwd
/OVS/running_pool/1548_vm1</pre>
<br />
Start a simple Http server<br />
<pre class="brush:bash">python -m SimpleHTTPServer 80
Serving HTTP on 0.0.0.0 port 80 ...</pre>
<br />
Leave this session open for the duration of the migration.<br />
<br />
<h4>
Import the 2.x VM as a template in 3.x using OVM Manager</h4>
<br />
Open the OVM Manager<br />
<br />
Navigate to the Repository tab and go to the ‘VM Templates’.<br />
<br />
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgXSNkSY8BdPtmPQFHPZyDQKOyJNqhEb82NH3lRnnX7T30o50-fZr5HDE5poIdDX-olEU1DUVOKagSdWXv8b9MLX2w3LA9wamMLGCPmtHGpallif58sGmGbgfBhlTol9j_c_WG0Gdwf5TA/s1600/ovm2-3-1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgXSNkSY8BdPtmPQFHPZyDQKOyJNqhEb82NH3lRnnX7T30o50-fZr5HDE5poIdDX-olEU1DUVOKagSdWXv8b9MLX2w3LA9wamMLGCPmtHGpallif58sGmGbgfBhlTol9j_c_WG0Gdwf5TA/s1600/ovm2-3-1.png" height="265" title="Import VM Template" width="400" /></a></div>
<br />
Click on ‘Import VM Template’<br />
<br />
Provide the url to the img and vm.cfg files<br />
Put them all together in the the ‘VM Template URL’s’ box of the Import window.<br />
<br />
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiPq8dYE81yCNkarIXiJOFMrtlz-PPmzWqlIAZh_mYXA8BFhjYHOuqyLbhN-EzQEF4s6SHNomeAj15jw83Y4394rRBpXcJpxMJZroLPTjkwD3nICx8uoROT2kzO1SQQ_qhoCPoozmuqDKM/s1600/ovm2-3-2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiPq8dYE81yCNkarIXiJOFMrtlz-PPmzWqlIAZh_mYXA8BFhjYHOuqyLbhN-EzQEF4s6SHNomeAj15jw83Y4394rRBpXcJpxMJZroLPTjkwD3nICx8uoROT2kzO1SQQ_qhoCPoozmuqDKM/s1600/ovm2-3-2.png" height="165" width="400" /></a></div>
<pre class="brush:bash">http://10.x.x.10/System.img
http://10.x.x.10/u01.img
http://10.x.x.10/vm.cfg</pre>
<br />
Substitute the ip-adress with the ip-adress of your OVM Server 2.x<br />
<br />
The files will now be uploaded (Or downloaded, depending on perspective)<br />
<br />
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEihfZKnnWtVpJSc9VlAuBo7TViq-MdAB3ZnP9tJygr-UGSTm6G4aIvLQCoqaR8Etm_4lU4HT5NYhECAD2GowEOol3x3gbbLzx8X5vg_UESOQTrKvgYViobLcLjrouILsHzffT0AVDB7zQ0/s1600/ovm2-3-3.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEihfZKnnWtVpJSc9VlAuBo7TViq-MdAB3ZnP9tJygr-UGSTm6G4aIvLQCoqaR8Etm_4lU4HT5NYhECAD2GowEOol3x3gbbLzx8X5vg_UESOQTrKvgYViobLcLjrouILsHzffT0AVDB7zQ0/s1600/ovm2-3-3.png" height="263" width="400" /></a></div>
<br />
<br />
Now we have a template called System.img<br />
You can change this to a more descriptive name.<br />
<br />
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjfzlUdSK57mfhYG7-iBOPg5WVLjhSNVS3OvqVzmTuQqWZXATadK3uW7fwebapts26ShidMZeitRXoOhVrbmFpSZODxd_vKNoS9CAywU35KFS8gsyTYba7tsPsViuBPZo49RyGFB5y8Xao/s1600/ovm2-3-4.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjfzlUdSK57mfhYG7-iBOPg5WVLjhSNVS3OvqVzmTuQqWZXATadK3uW7fwebapts26ShidMZeitRXoOhVrbmFpSZODxd_vKNoS9CAywU35KFS8gsyTYba7tsPsViuBPZo49RyGFB5y8Xao/s1600/ovm2-3-4.png" height="291" width="400" /></a></div>
<br />
<br />
Now change the template to fit your needs.<br />
<br />
Check/change name, netwerk interface, boot order, etc.<br />
<br />
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgMWaLOzNMdIonoy6eJtoj2RMN0BugA_LZXPhs4uXKlEDAZORKkX5kjmiLLjz7uv4nWYSIXa-OiD4ydWMhQki-MWynBNvQ5sBbGllQXmRDVv_Gl5jtTsDm0PwvI9aP3-RbVz1PRyAzcf9A/s1600/ovm2-3-51.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgMWaLOzNMdIonoy6eJtoj2RMN0BugA_LZXPhs4uXKlEDAZORKkX5kjmiLLjz7uv4nWYSIXa-OiD4ydWMhQki-MWynBNvQ5sBbGllQXmRDVv_Gl5jtTsDm0PwvI9aP3-RbVz1PRyAzcf9A/s1600/ovm2-3-51.png" height="263" width="400" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiY2ZvANQgn189BnpugTPO2lIBAl1k7j8_n29lmsW_qOKsYrHhM69r-7drKhw-Ttjj6Nu4-uhWHWD0iVmtdLybdlGS4NIOR6op0YZdAlptFVdwV4D2Zj3IfBL_1m4lqI5RAVE-yJAqLTS8/s1600/ovm2-3-52.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiY2ZvANQgn189BnpugTPO2lIBAl1k7j8_n29lmsW_qOKsYrHhM69r-7drKhw-Ttjj6Nu4-uhWHWD0iVmtdLybdlGS4NIOR6op0YZdAlptFVdwV4D2Zj3IfBL_1m4lqI5RAVE-yJAqLTS8/s1600/ovm2-3-52.png" height="265" width="400" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgklMy9wL8pLRcOVuMmyML4cys5y0INBqZZ2l5QNwws6M_3XiHzgYkqFVXWpCvojxoFqd9WfnjJdyp4XNjCFumUvyMfEzO64KYqCcqQYTml0pDsVjQxvjrMXXq3LwWOTRj9ejcTIXr1kNw/s1600/ovm2-3-53.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgklMy9wL8pLRcOVuMmyML4cys5y0INBqZZ2l5QNwws6M_3XiHzgYkqFVXWpCvojxoFqd9WfnjJdyp4XNjCFumUvyMfEzO64KYqCcqQYTml0pDsVjQxvjrMXXq3LwWOTRj9ejcTIXr1kNw/s1600/ovm2-3-53.png" height="263" width="400" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEip18OvaylsBM1s9oHSp4BwI7cjSghHqWeIYiGm-jqXv58Fdt5Dv8vU_pzZWOQq0YwCEnN3L6BYPtMVjI9Ipt_mDZEKdZzVSBX8eNMNPvVuo1SFKM0BagCiRadlL1wMcAPDNd0NSEVX8ro/s1600/ovm2-3-54.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEip18OvaylsBM1s9oHSp4BwI7cjSghHqWeIYiGm-jqXv58Fdt5Dv8vU_pzZWOQq0YwCEnN3L6BYPtMVjI9Ipt_mDZEKdZzVSBX8eNMNPvVuo1SFKM0BagCiRadlL1wMcAPDNd0NSEVX8ro/s1600/ovm2-3-54.png" height="265" width="400" /></a></div>
<br />
Create a new VM based on this template.<br />
<br />
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYmfmGSaahS0sL8T93Iq8WWbX6KjbEZAhs1_K2VntADZKqP07F3WnyOpr9bC8V1rJty8s5CFm0WIceBv7z-UJF3FRXbDc3G98aE1kgoEUaFlBcSUBK-XKqTzX0wJbuKNB3XQH-u_oBsoM/s1600/ovm2-3-6.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYmfmGSaahS0sL8T93Iq8WWbX6KjbEZAhs1_K2VntADZKqP07F3WnyOpr9bC8V1rJty8s5CFm0WIceBv7z-UJF3FRXbDc3G98aE1kgoEUaFlBcSUBK-XKqTzX0wJbuKNB3XQH-u_oBsoM/s1600/ovm2-3-6.png" height="220" width="400" /></a></div>
<br />
<br />
After creation has completed, change properties of the new VM as needed.<br />
Note the MAC address(es) of the interface(s).<br />
This might be needed later on during configuration of OS Guest.<br />
<br />
Start the VM using Oracle VM Manager.<br />
<br />
Open the console and logon as root.<br />
<br />
It might be that you don’t see your network interface (eth0), only your Local Loopback address.<br />
<br />
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhQcE7xMAdqXRPv7YdadO1XvELMB1mZYrK-Qr3X2P8whls60TJjYGNFTYA_JTNeMJPn6F2m-H-r8vA1LG1fWZUhjmSCYoN2lfNx0el_YmXPPHLnDi_WBkiwUDmkU8TOAp40uWGlp5YssiE/s1600/ovm2-3-7.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhQcE7xMAdqXRPv7YdadO1XvELMB1mZYrK-Qr3X2P8whls60TJjYGNFTYA_JTNeMJPn6F2m-H-r8vA1LG1fWZUhjmSCYoN2lfNx0el_YmXPPHLnDi_WBkiwUDmkU8TOAp40uWGlp5YssiE/s1600/ovm2-3-7.png" height="268" width="400" /></a></div>
<br />
<br />
Most of the times you will find the old mac addess is still in ifcfg-eth0 (and -eth1,eth…. if used)<br />
Also there may be a reference to it in /etc/udev/rules.d/60-net.rules or /etc/udev/rules.d/70-persistent-net.rules (depending on OS version)<br />
<br />
Put the correct mac address in the ifcfg-eth0 files.<br />
<pre class="brush:bash">vi /etc/sysconfig/networking/devices/ifcfg-eth0</pre>
<br />
remove the udev file<br />
<pre class="brush:bash">rm -f /etc/udev/rules.d/60-net.rules</pre>
or<br />
<pre class="brush:bash">rm -f /etc/udev/rules.d/70-persistent-net.rules</pre>
<br />
Reboot<br />
<br />
When the VM come back online, you should have the correct network interfaces back.<br />
<br />
Finally.<br />
<br />
Check /etc/sysctl.conf for ‘old’ Xen settings.<br />
For example: xen.independent_wallclock<br />
Adjust or remove them as needed.<br />
<br />
<h4>
Cleanup</h4>
<br />
<ul>
<li>Remove the VM from your old OVM 2.x server.</li>
</ul>
<br />
Or at least remove it from auto-startup.<br />
<br />
<ul>
<li>Remove the template from your Storage Repository.</li>
</ul>
<br />
It takes up space and you risk someone re-using the template. This might cause ip conflicts, etc…<br />
<br />
<br />
Enjoy migrations …Jaaphttp://www.blogger.com/profile/13814974223890398431noreply@blogger.com2tag:blogger.com,1999:blog-4319366329708683557.post-15665144416626872352013-07-16T22:55:00.000+02:002014-12-29T11:43:06.842+01:00Oracle 12c Revealed DemonstrationLast night my employer <a href="http://www.amis.nl/" target="_blank">AMIS Services B.V.</a> organized the seminar "Oracle Database 12c revealed". During this evening AMIS Oracle professionals offered the first opportunity to see the innovations in Oracle Database 12c in action in the Netherlands!<br />
AMIS specialists took part in a year of beta testing. This was demonstrated, showing what's new and how we will use Oracle databases the next few years!<br />
<br />
In one of the parallel session I demonstrated a few features of the new Oracle database 12c Multitenant option.<br />
<br />
The full presentation was put on Slideshare.<br />
<a href="http://www.slideshare.net/AMIS_Services/oracle-12c-revealeddemonstration" target="_blank">Oracle 12c Revealed Demonstration</a>Jaaphttp://www.blogger.com/profile/13814974223890398431noreply@blogger.com0