Gavin's Blog

While I was over on Sergio's blog looking at the oracle-validated-rpm from a comment by Avi on my last blog entry, I saw another post that I think needs more publicity :-)

New Oracle Public Yum Server

If you're like me and have a bunch of machines that you muck around on and don't want to clutter up your ULN Systems page with servers you don't care about keeping up-to-date on security/bug fixes, why not take advantage of Oracle's newly released (OK, march 2009 but still...) public yum server.

Fantastically easy. Just go here to get started.

My Oracle Beehive test server I've just done the cheat sheet on was OEL 5.1, purely because I didn't have a DVD of the latest 5.3 OEL (I know, I'm slack...) But, now, thanks to this public-yum server and the simplest of commands:

# yum upgrade

I'm now running Oracle Enterprise Linux 5.3 (Carthage).

(FYI, for those following the cheat sheet from the other post, I had to rerun the SELinux text relocation mod after the upgrade.)



Gavin

A few people have mentioned creating a cheat sheet for the Beehive 1.5.1 installation, so I thought I'd help out.
(I've created the following so you can just cut and paste each section if you want...)


Installing Database and Beehive on a Single Oracle Enterprise Linux 5.1 32bit machine.


After having installed the base operating system and setting up storage and networking...

#1 Ensure the following rpms have been installed:
cd /mnt/stage/OEL51x32staged/Server
rpm -Uvh gcc-4.1.1-52.el5.i386.rpm gcc-c++-4.1.1-52.el5.i386.rpm setarch-2.0-1.1.i386.rpm ksh-20060214-1.4.i386.rpm sysstat-7.0.0-3.el5.i386.rpm gdbm-1.8.0-26.2.1.i386.rpm libstdc++-4.1.1-52.el5.i386.rpm libstdc++-devel-4.1.1-52.el5.i386.rpm compat-libstdc++-296-2.96-138.i386.rpm compat-db-4.2.52-5.1.i386.rpm control-center-2.16.0-14.el5.i386.rpm glibc-common-2.5-12.i386.rpm binutils-2.17.50.0.6-2.el5.i386.rpm make-3.81-1.1.i386.rpm

#2 Create the Oracle user and Group:
groupadd -g 500 dba
groupadd -g 501 oinstall
useradd -g 500 -G 501 -u 500 oracle

#3 Add security limits for Oracle:
echo "
oracle soft nproc 2047
oracle hard nproc 16384
oracle soft nofile 1024
oracle hard nofile 65536
" >> /etc/security/limits.conf

#4 Add in the session limits library file to PAM's login file:
echo "
session required /lib/security/pam_limits.so
" >> /etc/pam.d/login

#5 Add kernel parameters:
echo "
kernel.sem = 250        32000   100      128
net.ipv4.ip_local_port_range = 1024    65000
net.core.rmem_default = 4194304
net.core.rmem_max = 4194304
net.core.wmem_default = 262144
net.core.wmem_max = 262144
" >> /etc/sysctl.conf

#6 Turn a few things off:
chkconfig sendmail off
chkconfig cups off

#7 Fix a few other things:
ln -s /usr/lib/libgdbm.so /usr/lib/libdb.so.2

#8 Install Oracle RDBMS 11g (11.1.0.6):
xhost +
su - oracle
/mnt/stage/Database1106staged/database/runInstaller
Inventory         : /opt/oracle/oraInventory
Oracle Home     : /opt/oracle/product/11.1.0/db_1

#9a Download some patches (11.1.0.7++):
# This first one is 11.1.0.7 which is 1.5GB!!!
wget --ftp-user ${metalinkusername} --ftp-password=${metalinkpassword} ftp://updates.oracle.com/6890831/p6890831_111070_Linux-x86.zip 
wget --ftp-user ${metalinkusername} --ftp-password=${metalinkpassword} ftp://updates.oracle.com/6782437/p6782437_111070_Linux-x86.zip
wget --ftp-user ${metalinkusername} --ftp-password=${metalinkpassword} ftp://updates.oracle.com/7273988/p7273988_111070_Linux-x86.zip
wget --ftp-user ${metalinkusername} --ftp-password=${metalinkpassword} ftp://updates.oracle.com/6750049/p6750049_111070_Linux-x86.zip
wget --ftp-user ${metalinkusername} --ftp-password=${metalinkpassword} ftp://updates.oracle.com/6083201/p6083201_111070_Linux-x86.zip
wget --ftp-user ${metalinkusername} --ftp-password=${metalinkpassword} ftp://updates.oracle.com/6977167/p6977167_111070_Linux-x86.zip
wget --ftp-user ${metalinkusername} --ftp-password=${metalinkpassword} ftp://updates.oracle.com/7694979/p7694979_111070_Linux-x86.zip
wget --ftp-user ${metalinkusername} --ftp-password=${metalinkpassword} ftp://updates.oracle.com/7378322/p7378322_111070_Linux-x86.zip
wget --ftp-user ${metalinkusername} --ftp-password=${metalinkpassword} ftp://updates.oracle.com/8221425/p8221425_111070_Linux-x86.zip
wget --ftp-user ${metalinkusername} --ftp-password=${metalinkpassword} ftp://updates.oracle.com/7643188/p7643188_111070_Linux-x86.zip
wget --ftp-user ${metalinkusername} --ftp-password=${metalinkpassword} ftp://updates.oracle.com/7258928/p7258928_111070_Linux-x86.zip
wget --ftp-user ${metalinkusername} --ftp-password=${metalinkpassword} ftp://updates.oracle.com/7156912/p7156912_111070_Linux-x86.zip
wget --ftp-user ${metalinkusername} --ftp-password=${metalinkpassword} ftp://updates.oracle.com/8214576/p8214576_111070_Linux-x86.zip

#Note: Obviously the above command shows your username/password into Metalink, don't use this if you're on a shared machine or if you think people will look at your shell history, it'd be better to use the .wget hidden file. See here for how to do that.


#9b Apply database patches (11.1.0.7++):
Apply 11.1.0.7

Apply the rest of the patches, none of these patches require anything other than - $ cd ${patch_no} ; opatch apply -silent
But you should do the checking yourself.


#10 If you have SELinux running, allow text relocation:
 if [ "`sestatus |grep mode`" == "Current mode:                   enforcing" ]
then
chcon -t textrel_shlib_t /opt/oracle/product/11.1.0/db_1/lib/libclntsh.so.11.1
chcon -t textrel_shlib_t /opt/oracle/product/11.1.0/db_1/lib/libnnz11.so
chcon -t textrel_shlib_t /opt/oracle/product/11.1.0/db_1/lib/libsqlplus.so
chcon -t textrel_shlib_t /opt/oracle/product/11.1.0/db_1/lib/libnque11.so
fi

#10 Create and start default listener:

$ echo "
LISTENER =
  (DESCRIPTION_LIST =
    (DESCRIPTION =
      (ADDRESS = (PROTOCOL = TCP)(HOST = `hostname`)(PORT = 1521))
      (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC1521))
    )
  )
" > $ORACLE_HOME/network/admin/listener.ora
$ echo "
PBH =
  (DESCRIPTION =
    (ADDRESS = (PROTOCOL = TCP)(HOST = `hostname`)(PORT = 1521))
    (CONNECT_DATA =
      (SERVER = DEDICATED)
      (SERVICE_NAME = ${ORACLE_SID}`hostname |awk -F`hostname -a` ' { print $NF } '`)
    )
  )
" > $ORACLE_HOME/network/admin/tnsnames.ora

lsnrctl start

 
#11 Create the database
#
su - oracle
#ORACLE_SID=PBH.bh151dm.com  -  ( Production BeeHive - couldn't think of anything better...)

/opt/oracle/product/11.1.0/db_1/bin/dbca -silent -createDatabase -templateName General_Purpose.dbc -gdbName PBH.bh151dm.com -sysPassword syspass -systemPassword systpass -characterSet AL32UTF8 -storageType FS -automaticMemoryManagement -initParams java_pool_size=52428800,undo_retention=3600

#tip: If you go through DBCA GUI, ensure the NLS Lang is AL32UTF8 (Unicode) - the error that gets produced if you get this wrong does not help, something about {0}...


After that's finished and up and running...

#12 Change a few init.ora parameters
# if you didn't use the above silent dbca command, you might not have seen the init.ora parameters I've added... here they are.

sqlplus / as sysdba <<_EOF
alter system set java_pool_size=52428800 scope=both;
alter system set undo_retention=3600 scope=both;
exit;
_EOF

#13 Verify Database Vault is disabled...

If running sqlplus returns

Connected to:
Oracle Database 11g Enterprise Edition Release 11.1.0.7.0 - Production
With the Partitioning, Oracle Label Security, OLAP, Data Mining,
Oracle Database Vault and Real Application Testing options

Then turn it off via

cd $ORACLE_HOME/rdbms/lib ; make -f ins_rdbms.mk dv_off lbac_off ; relink oracle


#14 You're now ready to install Oracle Beehive 1.5.1

/mnt/stage/Beehive151staged/runInstaller



Let me know if I've missed something, or you want me to add some different platforms.



Gavin

Now that Beehive 1.5.1 has been released, us techie type people are busy downloading, finding a fresh database to install it against and a spare mid tier with 1922MB memory to install on, but what can everyone else do while they wait...

How about spending some time to look at what we get in the 1.5.1 release. Taken from the New Features Section in the Oracle Beehive 1.5.1 Documentation on OTN.

• Oracle Beehive Extensions for Explorer - Now you're able to directly access workspaces and workspace content through Microsoft® Windows® Explorer, and now with the conferencing component, you can fire up a conference call based on the document you're looking at... like this:
  

• Oracle Beehive Workspaces Client - This is the bit I want to play with more later, but just a quick blurb... actually, let's take it straight from the documentation:

• Oracle Beehive Extensions for Outlook Enhancements - Further improvements to the OBEO, document management, serverside rules, profile migration, etc.
  

• Oracle Beehive Zimbra Enhancements - Zimbra 5.0.9 Web client is released with Beehive 1.5.1, which supports the latest browsers for Firefox, Safari and IE. Tasks have also been added, and there is now support for shared folders and workspace folders.

• Enhancements for Mobile Device Support - Pocket Outlook on Microsoft Windows Mobile enhancements.

• Oracle Beehive Conferencing Enhancements - Recording conferences and document sharing.

• Other Features and Enhancements - A bunch of other features and enhancements to find...including the new logo.
  

OK, now's a good time to get back into the blogging.... Beehive 1.5.1 has been released on OTN.

Once again, here's the links:

Oracle Beehive Server Release 1 (1.5.1.0.0)

 Linux x86 (1,996,540,518 bytes) (cksum 3135990176)
Windows (32-bit) (1,914,833,669 bytes)
Solaris (SPARC 64-bit) (2,010,241,524 bytes) (cksum 1021980974)


Oracle Beekeeper Release 1 (1.5.1.0.0)

 Linux x86 (404,469,592 bytes) (cksum 2270341014)
 Windows (32-bit) (364,670,858 bytes)
 Solaris (SPARC 64-bit) (436,101,854 bytes) (cksum 1328235917)


I've just downloaded it, and firing up my OracleVM machine to get going.

If there's anything you'd like to see, let me know. I'm interested in the Workspaces aspect of the install personally. I've been involved with the beta versions so it'd be nice to see the final release of it.

Actually we could go through where the use of Workspaces could be used within a company. I know a few people have been wondering about Oracle's plethora of products in this space, and how ANOTHER portal/wiki product fits in.

By the way, you may notice that while you can download Beehive 1.5.1 from OTN, it's not on eDelivery yet... And the extra observant of you may have also noticed that OTN's references to documentation for Beehive still links to 1.4.3...

Be patient, I hear from a littler birdy that the documentation and release through eDelivery is imminent.. ie next 48 hours or so... (don't worry, I'll edit the numbers to line up later * )


Check back soon. I promise I'll post again in the next few days... once again, don't quote me :-)




Gavin


* read this as : I've been told this but don't quote me....

Edit: Beehive 1.5.1 is now available on eDelivery, and all documentation uploaded to OTN.

For those people out there that haven't heard, if you want to run Oracle software, but don't have the IT infrastructure or personnel to make it viable. OnDemand is there for you.

They've just added another product to their ever expanding range of Software-as-a-Service products.

You guessed it. Beehive.

Just looking at the March 09 Information InDepth Newsletter, I've found something a little interesting for those holding the cheque book.

"By offering Oracle Beehive as software as a service, organizations can pay one predictable price, just $15 per user per month for the software, support, hosting, and software management."

So, let's say you have 500 users...

$15 * 500 people * 12 months = $90,000* (we'll assume US Dollars)

Have I done the sums right? Surely not... For less than the salary of a good DBA, you get a fully secured, dedicated, supported, hosted enterprise wide collaborative environment...Nice.

Attend a live webinar Oracle Beehive, Unified Collaboration, Built for the Enterprise, March 19, 10:00 a.m. PDT/1:00 p.m. EDT.

* I don't know the T&C's to this and/or if there's anything like minimum user count etc etc. If you want further details, contact OnDemand, let me know if you need an introduction.

I was just having a chuckle at Bex Huff's post about "Why Do So Many Developers Love Baffingly Complex Code?". I'm a DBA by trade so find it funny when developers get into lively debate trying to justify themselves.

I've seen my fair share of complex code, some needs to be, and some really doesn't need to be. And when you see it, you wonder why the heck it was done like that...

Here's my suggestion:

"The complexity of a developers code is directly correlated to their feeling of job security; the less secure the job, the more complex the code, and vice versa."

As 'no one else can figure it out', the developer is still required to maintain their overly complex code, therefore ensuring future employment...

Is that too harsh. :-)

Wow. I'm lagging behind aren't I...

During the Christmas break, the sneaky people over at Oracle Beehive Product Development released the latest versions of Beehive Server and Beekeeper.

Oracle Beehive Server Release 1 (1.4.3.0.0)

 for Linux x86 (1,360,708,561 bytes) (cksum 3962428080)
for Windows (32-bit) (1,323,732,541 bytes)
for Solaris (SPARC 64-bit) (1,408,796,040 bytes) (cksum 588471323 )


Oracle Beekeeper Release 1 (1.4.3.0.0)

for Linux x86 (391,856,405 bytes) (cksum 1539779105)
for Windows (32-bit) (351,848,164 bytes)
for Solaris (SPARC 64-bit) (423,555,779 bytes) (cksum 1546135533)


Get downloading people. Upgrade class starts soon... :-)

Sorry I didn't post earlier, it's amazing how much things pile up when you spend a few weeks away from work. I made the mistake of checking my mail 1/2 way through my holidays, 300+ emails waiting for me, not to mention all the blogs to read...

Anyway, I'm back on track. Should be blogging soon about stuff. I've been working with Oracle VM lately, a fantastic product. I might post an entry about how I turned 4 ordinary PC's into a fun little highly available test system for eBusiness Suite and Single Sign-On.

Just a quick entry this time, not because I don't have anything to say, just because I reckon installing Beekeeper 1.4.1 will be so easy...

Here we go. Extract the installer, run it, plug in the Oracle Home, database location and credentials, hit GO.

I was going to get some screenshots for you, but by the time I jumped to my other screen to open "Grab" (my Mac screenshot program) to jump back and get a screen shot, it was too late...

All I got was this.

The installer had finished, and was now 1/2 way through the config.

So now as I write this and try to remember how to upload images, it's probably already finished config...let me check.

hmm. ok. One slight issue.. the config screen has fallen in a heap. OK. So not quite... the "Oracle Beekeeper Framework Deployment" failed, lets retry (I always retry straight away just incase it's a glitch), nup, failed.

I'm sure that's not what it's meant to do. Time for some investimigating...

Looking at the output in the configwizard shows you to the error log $OC4J_HOME/log/oc4j/diagnostics.log which I would interpret as $ORACLE_HOME/j2ee/home/log,etc,etc.

Oh, easy one.

oracle.ocs.management.config.OcsConfigException: java.io.FileNotFoundException: $ORACLE_HOME/beehive/conf/beehiveconfig.xml (Too many open files)

what's my files limit?

[orabee@radium ~]$ ulimit -n
1024

Yep, that'd do. Especially since this is the same user/server as my main Beehive install.

Quick jaunt into /etc/security/limits.conf as root and we're back on track. Obviously I can't continue the installer with the current limits. So time to cancel and start again.

Just a few tips before jumping back into it...

• If you're on a VNC connection, make sure you've got the correct limits before restarting the installer so you don't hit the error again,
• and don't forget, OPMN was started with the old limits, so that needs to go down and come up with the correct limits.

Processes in Instance: Beekeeper
---------------------------------+--------------------+---------+---------
ias-component | process-type | pid | status
---------------------------------+--------------------+---------+---------
BEEHIVECONTROL | BEEHIVECONTROL | 2556 | Alive

[orabee@radium bin]$ ./opmnctl stopall
opmnctl: stopping opmn and all managed processes...
[orabee@radium bin]$ ulimit -n
10000 --- muuuchh better. :-)
[orabee@radium bin]$ ./opmnctl startall
opmnctl: starting opmn and all managed processes...
[orabee@radium bin]$ ./opmnctl status

Processes in Instance: Beekeeper
---------------------------------+--------------------+---------+---------
ias-component | process-type | pid | status
---------------------------------+--------------------+---------+---------
BEEHIVECONTROL | BEEHIVECONTROL | 3269 | Alive

OK. So where to from here? Here's an assumption for ya.... When I installed Beekeeper, it didn't give me the option to just install and do the config later, (I mean why would it - you've obviously got Beehive running already to want to install BK).. but we've just canceled the configuration wizard, which means it's installed and only 1/2 configured.

So, let's see if $ORACLE_HOME/beehive/oobwiz/configWizard is there.. (that's the same spot the Beehive configuration wizard is.)

Isn't that handy, it's there, so i fired it up, it asked for the schema password and then continued from where it failed. Nice one.

And we're done.

Time to have a look around.

Interesting that I can't log into Beekeeper as my flast1 user, but I can with Beeadmin. I know, I haven't done Configuring Oracle Beekeeper for LDAP-Based Authentication yet. One of the post installation steps of Beekeeper. But it's interesting that the two admin tools use different authentication methods.

Login as Beeadmin (I remember the password :-) .

I'll leave it there for now, slightly longer than originally though.

Oracle Beehive 1.4.1 has been released for Windows (32-bit) and Solaris (SPARC 64-bit). Keeping up with it, is Beekeeper 1.4.1, which has also been released for the two platforms. Download from OTN or eDelivery.

Oracle Beehive Server Release 1 (1.4.1.0.0)

• Download for Linux x86 (1,347,603,286 bytes) (cksum 2044562054)
• Download for Windows (32-bit) (1,310,988,839 bytes)
• Download for Solaris (SPARC 64-bit) (1,395,744,737 bytes) (cksum 249453655 )

Oracle Beekeeper Release 1 (1.4.1.0.0)

• Download for Linux x86 (391,197,087 bytes) (cksum 2194524481)
• Download for Windows (32-bit) (351,663,926 bytes)
• Download for Solaris (SPARC 64-bit) (422,951,416 bytes) (cksum 2201227006)

It would be interesting to hear what other platforms people are hoping to see... post a comment below.

Happy installing. Let me know how you go.

Gavin

OK. So if you didn't see my entry on my little mishap with beeadmin, you might not know what I mean when I say:

We're back on track people!

OID is back as the Authentication Store type...

[orabee@radium ~]$ beectl modify_property --component _AuthenticationService --name AuthStoreType --value ldap

Which means beeadmin is no longer available. So (going in the opposite direction of what Richard and I talked about in the last entry...) I'll just give flast1 the same privileges as beeadmin and carry on...

Which was harder that I expected. Not having Beekeeper installed I couldn't just follow ML Note 738077.1, I thought, "no probs, I'll just do the same thing from the beectl command line and that'll be that."

I started my investigations at the "Managing and Provisioning Oracle Beehive Users" chapter of the Beehive 1.3 Administrator's Guide. Good a place as any.

I'm always on the look out for little gems of information, I found a good one:

[orabee@radium ~]$ beectl list_commands --category users

Gives you all the commands you could run to do with users. (in this case) ie

[orabee@radium ~]$ beectl list_commands --category users

----------------------------+---------------------------------------------------
Name | Description
----------------------------+---------------------------------------------------
add_external_contact | Creates an external contact in the given scope
add_group | Adds a group containing users
add_preference_property | Adds a new preference property to a preference set
add_preference_set | Adds a preference set to a preference profile.
add_user | Creates a user in the given scope
.
.
.
modify_group | Modifies group
modify_preference_set | Modifies the preference set by setting the extends
modify_user | Modifies a user present in an enterprise or organization

Pretty nifty I thought as I tested a few more categories.

Getting back on track, I skipped down to "Managing User Accounts"

Roles are an intrinsic part of Oracle Beehive access control.

Hmmm, sounds ominous..

It sent me across to Managing Oracle Beehive Access Control to continue investigating..

OK. I'm not going to go too far into it, coz it gets pretty hairy around the privileges and roles and role definitions and assigned roles and access control entities, did my head in... but to summarise...

I wanted to give my user flast1 the same privileges as beeadmin......right
I found out the role is called enterprise-system......right
I figured the way to see any details on this role is to look at the currently assigned roles coz it IS currently assigned to beeadmin.....

[orabee@radium seed]$ beectl list_assigned_roles

Lots of good information, look for the enterprise-system role, and whatever the ID which includes ....acar... in it

Which theoretically means I can assign that same role to flast1 by doing....

[orabee@radium seed]$ beectl modify_assigned_role --assigned_role 5C66:6F68:acar:AC85D09E2F5247D08F0E60DB12F57335000000000001 --add_accessor loginid=flast1

(You're obviously going to have a different role id...)

done.

DO YOU KNOW HOW LONG IT TOOK ME TO FIGURE THAT OUT!! And here I am giving it to you for free...

All because I want to hurry up and get the 1.4.1 installed, so I can install Beekeeper 1.4.1 and stop my brain hurting like that again...

Anyway. As my blog title says. Onward and Upgrade...

Upgrade Beehive 1.3.1 to Beehive 1.4.1

It was pretty straight forward really. Extract out the Beehive141 installer, run it.

It'll say "hey, I've found an old install, wanna upgrade it" (ok, not in those words exactly..)

You say "Yes, Yes I would thankyou".

It shows you the old ORACLE_HOME path, (just to show off,) you say "Yep, that's the one.)

It then wanders off for a few seconds, to come back and say "hey, shut it down for me, oh and by the way, I can't tell if your DMZ install is down, since it's on the other side of a firewall, so click here when you reckon it's down." (again, not quite the same words)

The summary tab, and then we're off and running.

BTW, I did end up jumping in Thunderbird and sending a few emails between my two users... so I've now got heaps of data to have upgraded... (all of 4 emails and a draft...)

OK, File updates done, now onto the config..

And there you go. Upgraded. Now to go test it.

Interesting that SMTP and IMAP aren't listening on the ports I specified earlier (25,143)...

Lets see why.. first port of call.. hasbind..

[orabee@radium bin]$ cd $ORACLE_HOME/beehive/bin
[orabee@radium bin]$ ls -l hasbind*
-rwx------ 1 orabee oinstall 32530 Oct 24 21:51 hasbind
-rws--s--x 1 root oinstall 32538 Aug 18 19:02 hasbind.orig

There you go, new binary without the root permissions. Let's change it and restart..

Yep, All looks good. All three of my emails are there too :-)

Oh, and by the way. Guess what I found after all this...

This, here it is if you're too lazy to click a link...

Note: If you configure Oracle Beehive with an external, LDAP-based user directory, unless there is a BEEadmin account in that external directory which is marked to synchronize with Oracle Beehive, the BEEadmin account will be deleted when you first synchronize. This is because all Oracle Beehive accounts must be mastered in the external directory.

So does that mean I can just create a beeadmin account in OID and viola. hmmm. I'll have to try that later...