Simon's Tech Tips at Oracle

Well, now that my VMWare Server 2 environment is no more and I purchased 5 1TB disks for my RAID 5 array, Avi Miller had the excellent idea of using OpenFiler to manage access to the array. However I had some difficulty in finding the right information to set this up, but the helpful people on the internal mailing list and pulling together some pieces from other forums, IRC and such I was able to get this working. I must admit, I didn't take a very efficient route but it worked for me and well... thats all that matters.

I should also give credit to Belgarath who was immense help in the #openfiler IRC channel on freenode.net. His understanding of both Xen and OpenFiler got me over quite a few bumps.

Before I go into my method of getting the environment working. I initially tried creating the image by building a .img from scratch, partitioning it, extracting the OpenFiler Xen tar into it and then copying in the boot files. I had problems doing this, most likely due to my lack of Linux knowledge. My second attempt was to build a base Oracle Enterprise Linux install, mount the .img via loopback devices, then extract the OpenFiler Xen tar onto that. This however partially worked, I had a log of errors like the following;

/sbin/MAKEDEV: /lib/tls/libc.so.6: version 'GLIBC_2.4' not found (required by /lib/libselinux.so.1)

The image did start, but I ran out of patience trying to understand the issue with these libraries, OpenFiler ships with 2.3.1 and obviously there were files from the underlying Enterprise Linux install that had 2.4 requirements. In the end I went down the following path, like I say, not quite best practice, but it actually had some nice advantages.

Building an OpenFiler VMWare image

So I figured I would first build a VMWare image on my Windows workstation using VMWare Workstation. This let me very quickly get an instance of OpenFiler running and sort out networking, have a play with it before deciding to deploy to OVM. It was relatively simple;

• Download the OpenFiler ISO installer image.
• Create a new VMWare image with an 8GB SCSI single virtual file hard disk, 512MB RAM, single CPU and bridged network interface.
• Boot the VMWare guest and install OpenFiler

Using VMWare I could now easily create a snapshot of the initial install and play with some of the settings without worry.

Convert to Oracle VM (Xen) image

Once I was happy with the setup, I cloned it to give me a simple set of files with no snapshots to transfer over to the OVM server. I copied the directory over into my /OVS/running_pool/ and using the Oracle VM Manager interface I was then able to import the image and convert to a Xen compatible image. The steps to doing the import are;

Copy the VMWare image files into /OVS/running_pool/openfiler Log into the Oracle VM Manager website and switch to the Resources tab. Select the Virtual Machine Images sub tab and hit the Import button. Choose Select from Server Pool (Discover and register), this will look in the running_pool for images not already registered with the manager. On the next page select the pool the OVM server is a member of and should then be able to choose the VMWare image you've just copied over. For operating system choose other, enter a console password and click next where you can import the image. The imported image then next needs to be approved, select the image and hit approve. At this point Oracle VM server will convert this image from VMWare to a Xen based one plus a config file. Once converted, don't start the guest, we need to switch this to a paravirtualised guest first.

Modify image for running the Xen kernel

So after the conversion you'll notice that the vm.cfg file that has been created in the same dir the VMWare images are is setup to run the OpenFiler guest in HVM mode. However OpenFiler have already compiled a kernel that supports paravirtualization (PVM). We need to mount the .img file so we can go in, add the files for this Xen PVM kernel and configure the OS to boot using this kernel.

• First create a loopback device for the image. Note you may well get a different number for loop0.
  
[root@ovm-big OPF_OpenFiler]# losetup -fv system.img
Loop device is /dev/loop0
  
• Now expose the partitions on this device.
  [root@ovm-big openfiler]# kpartx -av /dev/loop0
add map loop0p1 : 0 208782 linear /dev/loop0 63
add map loop0p2 : 0 14474565 linear /dev/loop0 208845
add map loop0p3 : 0 2088450 linear /dev/loop0 14683410

  
• Now we need to mount these partitions so we can copy over the data from the Xen tar. You will need to now extract a copy of the openfiler-2.3-x86.tar.gz to the filesystem so we can get access to the files we need. Once you done this, mount the partitions like so.
  [root@ovm-big openfiler]# mkdir /mnt/of
[root@ovm-big openfiler]# mount /dev/mapper/loop0p2 /mnt/of
[root@ovm-big openfiler]# mount /dev/mapper/loop0p1 /mnt/of/boot

  
• Now copy into the /mnt/of/boot folder the files for the Xen kernel from the extracted tar directory. I did a tar zxvf openfiler-2.3-x86.tar.gz -C /install/openfiler-2.3-x86.
  cp /install/openfiler-2.3-x86/boot/*.domU* /mnt/of/boot
cp -Rv /install/openfiler-2.3-x86/lib/modules/2.6.21.7-3.20.smp.pae.gcc3.4.x86.i686.xen.domU /mnt/of/lib/modules

  
• Finally we need to add an entry into the grub bootloader config.
  vi /mnt/of/boot/grub/grub.conf
  And add the folllowing lines to the end of the file. title OpenFiler NSA Xen (2.6.21.7-3.20.smp.pae.gcc3.4.x86.i686.xen.domU)
   root (hd0,0)
   kernel /vmlinuz-2.6.21.7-3.20.smp.pae.gcc3.4.x86.i686.xen.domU ro root=LABEL=/ quiet
   initrd /initrd-2.6.21.7-3.20.smp.pae.gcc3.4.x86.i686.xen.domU.img

  Also change the line default=0 to default=1 so that it boots automatically into the Xen kernel. Save out the file and now we need to unmount this image so we can start it up.
  
  
• Run the following to unmount all the pieces of the image.
  [root@ovm-big /]# umount /mnt/of/boot
[root@ovm-big /]# umount /mnt/of
[root@ovm-big /]# kpartx -d /dev/loop0
[root@ovm-big /]# losetup -d /dev/loop0

  

Prepare space for use via OpenFiler

Now that we have OpenFiler working, we need to setup some space to expose to the VM. I have my3 terrabyte array and two single 500gb disks which will be used. First create valid partitions on all three;

Disk /dev/sdb: 500.1 GB, 500107862016 bytes
255 heads, 63 sectors/track, 60801 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

Device Boot Start End Blocks Id System
/dev/sdb1 1 60801 488384001 8e Linux LVM

Disk /dev/sdc: 500.1 GB, 500107862016 bytes
255 heads, 63 sectors/track, 60801 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

Device Boot Start End Blocks Id System
/dev/sdc1 1 60801 488384001 8e Linux LVM

WARNING: GPT (GUID Partition Table) detected on '/dev/sdd'! The util fdisk doesn't support GPT. Use GNU Parted.

Disk /dev/sdd: 2999.9 GB, 2999967547392 bytes
255 heads, 63 sectors/track, 364725 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

Device Boot Start End Blocks Id System
/dev/sdd1 1 267350 2147483647+ ee EFI GPT

Note that for the 3TB array you must used parted using a GPT partition table and not fdisk due to limitations with the msdos partition type. Now create a physical and then a logical volume on each partition. Below you can see the output of me doing this with one of the 500GB drives.

[root@ovm-big ~]# pvcreate /dev/sdb1
Physical volume "/dev/sdb1" successfully created
[root@ovm-big ~]# vgcreate -s 16M Data0 /dev/sdb1
Volume group "Data0" successfully created
[root@ovm-big 103_contentserver]# vgchange -a z
1 logical volume(s) in volume group "Data0" now active

Configure space in OpenFiler

The final step is to configure the volumes in OpenFiler. First make sure the guest is not running, we need to edit the vm.cfg to expose these new volumes to the OpenFiler guest.

• In your shell change to the directory where the OpenFiler guest lives, cd /OVS/running_pool/openfiler/
• vi vm.cfg and edit the disk setting so it looks something like.
  disk = ['file:/OVS/running_pool/openfiler/OpenFiler.img,hda,w',
'phy:/dev/sdd1,sdb1,w',
'phy:/dev/sdb1,sdb2,w',
'phy:/dev/sdc1,sdb3,w',]

• Save the file.

Now unfortunately even though we have converted the HVM guest to PVM, Oracle VM Manager doesn't realise this. So to startup the image we have to use the command line.

[root@ovm-big /]# cd /OVS/running_pool/openfiler/
[root@ovm-big openfiler]# xm create vm.cfg
Using config file "./vm.cfg".
Started domain openfiler


OpenFiler should now be running! First I checked this by VNC'ing to the console of the guest. This let me watch OpenFiler boot. Once it was up I could login as root, with no password (unless you changed this during the VM build). I changed the root pass which enabled me to then SSH in remotely and check everything was ok. Finally it was time to load up the web based UI. This is accessed via https://filer.host.name:446 and the default username and password is openfiler and password. From here I could continue configuring the volumes, add shares etc. Once I have my OID and OVD install up and running, that will serve as the LDAP server behind this system for authentication...

A customer wanted to know how to expose functionality from Oracle's Secure Enterprise Search in WebLogic Portal. A simple solution would be to simply iFrame up the standard SES search page but it is nice to be able to have a more integrated solution using custom code. Turning down the web services road I built some simple JSP pages to demonstrate functionality from SES. However my initial attempt was to try and create valid Java stubs using Axis/Axis2 libraries. The WSDL exposed from SES wasn't easily consumed in Workshop for WebLogic (basically Eclipse with a LOT of Oracle WebLogic and Portal plugins). SES has a hosted page with all the service descriptions and there is a pre-built jar referenced from this page. Always the way isn't it? You spend hours trying the difficult route for a simple solution to be right under your nose.

So the challenge was to get a JSP page running in WebLogic server, exposed via WebLogic Portal communicating with Oracle's Secure Enterprise Search. Once I had actually got the right way to do it sorted, the process was pretty simple. First a few useful URLs;

This is the end point for all web service requests and also exposes some nice test pages and links to the client jar.

http://ses.server.com:7777/search/query/OracleSearch


From here you can get access to the WSDL by clicking on the Service Description link, e.g.

http://ses.server.com:7777/search/query/OracleSearch?WSDL


Preparing your project with the right libraries

I started with a blank Dynamic Web Project in Workshop. I needed to collect the right jar files for me to be able to communicate to the SES server. The following files are found on the SES server, the main set of jars are located in;


%ORACLE_HOME$\ses1\oc4j\webservices\lib
-rw-rw-r-- 1 oracle oinstall 38015 Oct 21 2008 commons-logging.jar
-rw-rw-r-- 1 oracle oinstall 4033 Oct 21 2008 futils.jar
-rw-rw-r-- 1 oracle oinstall 30154 Oct 21 2008 jaxr-api.jar
-rw-rw-r-- 1 oracle oinstall 28655 Oct 21 2008 jaxrpc-api.jar
-rw-rw-r-- 1 oracle oinstall 28288 Oct 21 2008 JMXSoapAdapterShared.jar
-rw-rw-r-- 1 oracle oinstall 8521 Oct 21 2008 jws-api.jar
-rw-rw-r-- 1 oracle oinstall 166913 Oct 21 2008 mdds.jar
-rw-rw-r-- 1 oracle oinstall 837178 Oct 21 2008 orajaxr.jar
-rw-rw-r-- 1 oracle oinstall 240434 Oct 21 2008 orasaaj.jar
-rw-rw-r-- 1 oracle oinstall 314362 Oct 21 2008 orawsdl.jar
-rw-rw-r-- 1 oracle oinstall 53448 Oct 21 2008 orawsmetadata.jar
-rw-rw-r-- 1 oracle oinstall 187083 Oct 21 2008 orawsrm.jar
-rw-rw-r-- 1 oracle oinstall 19255 Oct 21 2008 relaxngDatatype.jar
-rw-rw-r-- 1 oracle oinstall 16691 Oct 21 2008 saaj-api.jar
-rw-rw-r-- 1 oracle oinstall 345421 Oct 21 2008 soap.jar
-rw-rw-r-- 1 oracle oinstall 174290 Oct 21 2008 testpage.jar
-rw-rw-r-- 1 oracle oinstall 66659 Oct 21 2008 WebServicesAssembler.jar
-rw-rw-r-- 1 oracle oinstall 797326 Oct 21 2008 wsa.jar
-rw-rw-r-- 1 oracle oinstall 2337820 Oct 21 2008 wsclient.jar
-rw-rw-r-- 1 oracle oinstall 594 Oct 21 2008 wsdl2ejb.jar
-rw-rw-r-- 1 oracle oinstall 143102 Oct 21 2008 wsdl.jar
-rw-rw-r-- 1 oracle oinstall 404222 Oct 21 2008 wsif.jar
-rw-rw-r-- 1 oracle oinstall 2233 Oct 21 2008 wsil-ias.ear
-rw-rw-r-- 1 oracle oinstall 2053 Oct 21 2008 wsil-ias_jsso.ear
-rw-rw-r-- 1 oracle oinstall 2618 Oct 21 2008 wsil-install.xml
-rw-rw-r-- 1 oracle oinstall 1414 Oct 21 2008 wsil-standalone.ear
-rw-rw-r-- 1 oracle oinstall 4662 Oct 21 2008 ws-jaxrpc-shlib-patch.xml
-rw-rw-r-- 1 oracle oinstall 7870 Oct 21 2008 wsm-handler.jar
-rw-rw-r-- 1 oracle oinstall 310377 Oct 21 2008 wssecurity.jar
-rw-rw-r-- 1 oracle oinstall 866934 Oct 21 2008 wsserver.jar
-rw-rw-r-- 1 oracle oinstall 242055 Oct 21 2008 xsdlib.jar

There is one more file I need for the project, http_client.jar located in;

/oracle/ses1/oc4j/j2ee/home/lib
-rw-rw-r-- 1 oracle oinstall 336666 Oct 21 2008 http_client.jar

I was working purely in a project that was for SES and so I was able to copy all the above jars into my WebContent\WEB-INF\lib folder. You might need to hand pick specifically some of the Oracle libs if you have some of these libraries already.

The last jar we need is the OracleSearch.jar client itself. You access this from the service descriptions page described above, the URL would be;

http://ses.server.com:7777/search/query/OracleSearch?proxy_jar


Simple SES search using web services

Now that we have all the libraries in the project, we can write a little bit of code to do a search. I ripped some code from the SES documentation and then made appropriate JSP changes.

The main piece of code of interest is;

//
// Create the Oracle SES Web Services client proxy
//
OracleSearchServiceProxy proxy = new OracleSearchServiceProxy();
proxy._setSoapURL("http://ses.server.com:7777/search/query/OracleSearch");

//
// Get the search result by calling OracleSearchService.doOracleSearch()
//
OracleSearchResult result = proxy.doOracleSearch(searchTerm,
new Integer(1),
new Integer(10),
Boolean.TRUE,
Boolean.TRUE,
null,
"en",
"en",
Boolean.TRUE,
null,
null,
null);
//
// Get the estimated hit count by calling OracleSearchResult.getEstimatedHitCount()
//
estimatedHitCount = result.getEstimatedHitCount();

// Get the search results
resElemArray = result.getResultElements();


Currently I have my dual core, 8GB RAM, 3TB RAID 5 array, server running Windows Server 2003 Enterprise and VMWare Server 2 with a Windows 2003 guest. I'm in the process of converting this to Oracle VM and I need to migrate the guest server to running in my existing OVM server pool.

Pre migration tasks

Stopping VMWare tools

There is a good whitepaper on converting physical and VMWare images which mentions that if you have the VMWare tools installed on the guest, disable that service and then completely remove the tools post migration.

Enabling IDE drivers

Reading advice on migrating VMWare images to Xen (Oracle VM uses Xen) I found that my VMWare Server image used a SCSI virtual disk and not IDE. Therefore I needed to install the IDE drivers for Xen use. So I followed the instructions to import the registry data and extract/copy the files in this Microsoft support kb314082. I rebooted the machine just to ensure this change didn't affect the running of the server before I moved it.

Installing PV drivers

In the past I tried running guest servers as pure HVM and found the performance a bit painful. Therefore I want my VMWare image to use Paravirtualisation where possible. Oracle VM provides a set of drivers, "Paravirtualized Drivers for Windows Guests (XP/2003/2008/Vista) 1.0.8 - 32bit/64bit" on edelivery. When installing these drivers answer yes to all the questions about the drivers being uncertified. After these are installed, again I rebooted the machine to verify everything still worked as expected.

Converting VMWare virtual disk from multiple 2GB files to one and preparing for OVM import

This is where it got a little tricky. VMWare server had created my virtual disk as a bunch of 2GB files and I need to create one single image before I convert to the Xen format. Also VMWare Server 2 had often had problems when I tried to do a snapshot, so I had a lot of messy files in the VM directory. To the right is the list of the files and they needed a good cleanup, this is what I did to create a much simpler set of files. Powered down the server running in VMWare Server 2 and copied the files shown right to my local Windows workstation. I had VMWare Workstation 6 installed which allowed me to power up the server. I switched the networking to host only mode so that it didn't clash with the other server which I had powered back up. Once booted I logged in and stopped some services (SQL Server, a monitoring tool and such), moved files around so that my machine only required one virtual hard disk. I had two disks associated with this image after moving around some files I detached the second data disk from the image so that only one remained.

• Powered down the server and ran the following command to create one single large virtual disk. Note that you need to do this on an NTFS partition due to a 2GB file limit in FAT32.
  
  D:\VM\ControlVM>vmware-vdiskmanager -r "Windows Server 2003 Hard Disk-000001-cl1.vmdk" -t 0 win2k3.vmdk
Creating disk 'win2k3.vmdk'
Convert: 100% done.
Virtual disk conversion successful.

  
• Edited the VM image to use this new single disk as you can see below.

At this point I once again fired up the server to double check everything was running as expected.

Migrating server to Oracle VM

Importing the image to the OVM server

Nearly there! Next task is to copy the files over to the OVM server and import them. This process will convert the VMWare image to a Xen based file and create a config file so you can boot the machine in Oracle VM. Note that you must have at least twice as much space as the size of the importing VM free on the /OVS/ partition. Because OVM is going to create a new .img file based on the VMWare files, therefore roughly doubling space. Once again you should refer to the good whitepaper from Oracle which contains information on migrating physical and virtual machines to OVM.

• Create a directory in /OVS/running_pool/ on the OVM server and copy the VMWare files into it.
  
• Login to Oracle VM Manager and switch to the Resources tab and select Virtual Machine Images from the sub tab.
  
• Hit the import button and choose Select from Server Pool (Discover and register)
  
• You should now be able to choose your server pool and this will allow you to select the VM template. Note the name will be the same as the directory you created.
  
• You can then continue to import the new image, this is going to take a while !
  
• Finally you should be able to switch to the Virtual Machines tab and see that the VM is now listed. Select Power On and fingers crossed the image will start and power up.
  

Installing drivers for the new Xen hardware

Hoping that your image boots, mine did first time, you should be able to login either via VNC provided by OVM or direct to the server using RDP. Because the paravirtual driver software has been installed, Windows will now be able to actually install and load the drivers for the devices that OVM has made available to Windows. You will start seeing a set of dialogs like the ones below. The following list of devices were detected and installed.

• Xen PCI Device Driver
• Xen Stub Device Driver
• Xen Block Device Driver
• Xen Enum Device Driver

One final reboot then after these devices have all installed and I was up and running! Now I have finally moved all the dependancies from my VMWare Server 2 environment and it is time to rebuild that server as another OVM server...

Useful references for migrating from VMWare to Xen based virtual machines.
http://www.virtualbox.org/wiki/Migrate_Windows
http://ian.blenke.com/vmware/vmdk/xen/hvm/qemu

I'm nearly ready to rebuild my final Windows based VMWare environment to Oracle VM. I have just one virtual machine now running in VMWare that I need to migrate over to OVM and it's a Windows 2003 server. Before I do any of this I was advised to upgrade to the latest versions of OVM, 2.1.5.

Upgrading the Oracle VM Manager

First download the Oracle VM Manager ISO from edelivery and copy it somewhere onto the file system where your Oracle VM Manager is running. I actually extracted the ISO to a folder, but you could just as easily mount it.

mount -o ro,loop OracleVM-Manager-2.1.5.iso /mnt/

Then logging in as root, switch to the directory you just extracted and run ./runInstaller.sh. It asks you if you want to install, uninstall or upgrade. I selected upgrade...

Backup the database before upgrade is highly recommended, to backup the database now, choose 'N' and run:
/opt/ovs-manager-2.1/bin/backup.sh

A wise idea, so...

[root@portal opt]# cd /opt/ovs-manager-2.1/bin
[root@portal bin]# ./backup.sh
Welcome to Oracle VM Manager

Please enter the choice: [1|2]
1. Back up Oracle VM Manager
2. Restore Oracle VM Manager
1

Back up data now ...
Please enter the password for database account 'OVS':
Please enter the path and filename for the dump file (eg /tmp/ovs.dmp):/oracle/backup/ovs.dmp
Please enter the path and filename for the log file (eg /tmp/ovs.log):/oracle/backup/ovs.log
...

This ran and gave me a backup of the manager. I went back and ran the ./runInstaller script and selected upgrade. It asked me if I want to upgrade from 2.1.2 to 2.1.5 which I did and after entering in passwords for both OVS and oc4jadmin it went through the upgrade process. I had the manager running at the time and it didn't seem to mind doing the upgrade with everything running. The upgrade went smoothly and ended with;

Upgrade Oracle VM Manager successfully.
Please check the log /var/log/ovm-manager/upgrade_2.1.2_2.1.5.log for more information.

To access the Oracle VM Manager 2.1.5 home page go to:
http://127.0.0.1:8888/OVS

To access the Oracle VM Manager web services WSDL page go to:
http://127.0.0.1:8888/OVSWS/LifecycleService.wsdl
http://127.0.0.1:8888/OVSWS/ResourceService.wsdl
http://127.0.0.1:8888/OVSWS/PluginService.wsdl
http://127.0.0.1:8888/OVSWS/ServerPoolService.wsdl
http://127.0.0.1:8888/OVSWS/VirtualMachineService.wsdl
http://127.0.0.1:8888/OVSWS/AdminService.wsdl

To access the Oracle VM Manager help page go to:
http://127.0.0.1:8888/help/help


Upgrading the OVM Server

Burning a copy of the OVM 2.1.5 ISO from edelivery I booted up my server from the CD. Pressing enter at the start I was able to choose my existing 2.1.2 install and it failed to continue due to an inability to mount a partition. I had been attaching drives to this machine whilst copying off data from the array I was soon to rebuild, I had entries in my /etc/fstab that were no longer valid. So I had to reboot into the 2.1.2 install, remove the incorrect entries from the fstab and then boot back through the install process.

Finally after once again choosing my 2.1.2 install to upgrade, I was asked if I wanted to update the boot loader config. I selected "Update boot loader configuration" and left "Skip boot loader updating" unchecked. The installer continued with the upgrade and everything worked pretty darn smoothly. Box rebooted and I was able to start one of my VM's without issue.

I had a customer POC this week and needed to make sure my SES skills were up to scratch. Some of the requirements for this POC required that we used the very latest version of SES (10.1.8.4) and therefore I thought I would write up my experience installing this on OEL5.

Preparing Oracle Enterprise Linux 5 update 3

I first downloaded the installer for SES 10.1.8.2 from the Oracle website. I also needed to get the patch sets to take SES from .2 to .3 and then .4. The documentation for 10.1.8.4 says you can go from .2 to .4 direct but I had advice which said a safer route was to go via the .3 patch first. The following are patch numbers you need to download from metalink. Note you obviously need a valid Oracle metalink account to download the following.

• 6848445
• 7514463

As per the SES instructions, I created my oracle user and the required groups, oinstall, dba and oracle. Now the documentation currently for SES doesn't mention that release 5 of Oracle Enterprise Linux is certified, but even though it isn't officially supported one of the product managers did say he had installed it without issues. That was good enough for me and I took the package requirements from RedHat Enterprise Linux 4 as part of my pre installation tasks.

• glibc-2.3.4-2.9
  
• make-3.80
  
• binutils-2.15.92.0.2
  
• openmotif-2.2.3-9.RHEL4.1
  
• compat-db-4.1.25-9
  
• setarch-1.6-1
  

Make sure you also setup the right kernel parameters and shell limits. For reference I made the following changes to my system.

• Added the following lines to /etc/sysctl.conf.
  # Added for SES
kernel.sem = 250 32000 100 128
fs.file-max = 65536
net.ipv4.ip_local_port_range = 1024 65000
kernel.shmmni = 4096

• Added the following lines to /etc/security/limits.conf.
  * soft nproc 16384
* hard nproc 16384
* soft nofile 1024
* hard nofile 65536

• Added the following to /etc/pam.d/login.
  session required /lib/security/pam_limits.so
• Added the following to /etc/profile.
  if [ $USER = "oracle" ]; then
   if [ $SHELL = "/bin/ksh" ]; then
      ulimit -p 16384
      ulimit -n 65536
   else
      ulimit -u 16384 -n 65536
   fi
fi


I rebooted after these changes, logged into a VNC session as the Oracle user and was set to do the installation.

Installing SES 10.1.8.2

Logging into an X Windows session via VNC (yes, yes Avi, I will be installing NoMachine NX soon) I started the installer, ./runInstaller.

Go through the first few dialogs.

And then you will be asked to run this script as root.

Then you'll find that it fails on some packages.

Checking for compat-gcc-7.3-2.96.128; found Not found. Failed <<<<
Checking for compat-gcc-c++-7.3-2.96.128; found Not found. Failed <<<<
Checking for compat-libstdc++-7.3-2.96.128; found Not found. Failed <<<<
Checking for compat-libstdc++-devel-7.3-2.96.128; found Not found. Failed <<<<

Yet I do have versions installed that will suffice.

[oracle@ses Desktop]$ rpm -qa compat\*
compat-gcc-34-3.4.6-4
compat-libgcc-296-2.96-138
compat-libstdc++-33-3.2.3-61
compat-db-4.2.52-5.1
compat-libstdc++-296-2.96-138
compat-gcc-34-c++-3.4.6-4

So continue and accept the question that some of the checks have failed. The installer will then copying some files, then configure the embedded database and finally setup SES.

The installation ends with the dialog giving you both URLs for the search page and the admin pages, they will be something like.

http://ses:7777/search/query/search
http://ses:7777/search/admin

After a few minutes, all the services are installed and started and I was able to login to the admin pages, add a crawler to my gallery website and then search for some content. Before I attempt the upgrade I want to ensure that the system is working as expected. I rebooted the machine and after logging in as the oracle user, I ran the command from the %ORACLE_HOME%\bin directory.

[oracle@ses bin]$ ./searchctl startall

Again logging into both the query page and the admin pages confirms everything is working as expected.

Upgrade to patch 10.1.8.3

Now that I have a valid SES installation, I need to move to the .3 version. First thing the readme asks is to login to sqlplus. What it doesn't explain is that the environment for the oracle user hasn't been setup and you'll need to do this yourself. I added the following to my /home/oracle/.bash_profile so that I could login to sqlplus easily. Note that my ORACLE_HOME and the ORACLE_SID is visible when the above startall command was run, like so.

... processed key-value: action=startall
... processed key-value: oh=/oracle/ses1
... processed key-value: db_sid=ses

So the following lines were added to my .bash_profile.
# SES profile data
ORACLE_BASE=/oracle
ORACLE_HOME=$ORACLE_BASE/ses1
ORACLE_SID=ses
ORACLE_HOSTNAME=ses.mylocal.network
PATH=$ORACLE_HOME/bin:$PATH

export PATH
export ORACLE_BASE ORACLE_HOME ORACLE_SID ORACLE_HOSTNAME

I was then able to login to sqlplus and run the following.
SQL> show parameter job_queue_processes

NAME TYPE VALUE
------------------------------------ ----------- ------------------------------
job_queue_processes integer 10
SQL> alter system set job_queue_processes=0;

System altered.

Then I could run the installer, runInstaller from the 10.1.8.3 patch install directory. The following dialog is displayed.

Make sure you set the right destination otherwise the installer will report there are no patches that apply! If you setup the environment variables above you should be able to select the sid ses from the name drop down.

After entering in the password and hitting next will give you a list of patches it will apply and clicking on Finish will start the process.

Once all the steps have succeeded, it's time to reverse the SQL we ran at the start.

SQL> alter system set job_queue_processes=10;

System altered.

SQL> show parameter job_queue_processes

NAME TYPE VALUE
------------------------------------ ----------- ------------------------------
job_queue_processes integer 10

I also logged into the search query and admin pages just to check everything is working as expected.

Upgrade to patch 10.1.8.4

The final step! This is exactly the same as the .3 upgrade. Login to sqlplus, change the job_queue_processes to 0, run the installer (remember to ensure the destination parameters are correct) and then after set the processes back to the original value.

My main reason for doing this upgrade was to get some very nice new functionality regarding the customisation of the SES web pages. In 10.1.8.4 they have implemented the use of FreeMarker templates. Once i've got the hang of making such customisations i'll post up another article.

Another aspect of my home network is that I want to leverage as much of the Oracle security technologies as I can. Obviously IRM was one of the first services installed and now protects all my important documents. I also want to use the Oracle Identity Management Suite (IDM) to centralize the administration of all my user accounts, roles and such. With all the services I have configured (IRM, UCM, ODC, 11gDB, Active Directory, PPTP), I sure do have a lot of accounts and passwords and roles to manage, even though there are only a handful of users!

I'm waiting for the 11g release of OID and whilst I wait I want to get my systems prepared so I can be ready to slot OID behind everything that requires authorization. One of these first steps is to configure a radius server for the PPTP server on my firewall which I use to connect securely back to the network on my iPhone. I can configure my PPTP server to use radius for authentication, which in turn can use an LDAP repository, which will be OID.

Installing FreeRADIUS on Oracle Enterprise Linux 5

There is a very popular and well tested radius server in the open source community called FreeRADIUS. The Oracle Enterprise Linux 5 DVD has a version of FreeRADIUS but it's old, version 1.x (freeradius-1.1.3-1.4.el5.i386.rpm). It seems that currently RedHat (upon which Oracle Enterprise Linux is based) do not ship FreeRADIUS 2 for the following reason;

As of the time of this writing the version of FreeRADIUS in RHEL 5 is a rather old 1.1.3 version. RHEL has strict rules concerning package upgrades. In particular it is not permitted to upgrade a package with a newer version if they are not configuration compatible. FreeRADIUS 1.x and 2.x are NOT configuration compatible. It is also not permitted to remove a package from RHEL, customers may be running the 1.x version. Thus the version of FreeRADIUS in RHEL must stay at the 1.x level and must continue to use the package name "freeradius". However, many users want to install a current FreeRADIUS version on their RHEL5 system. The migration path to accomplish this is to introduce a new package called "freeradius2" into the RHEL5 update stream. It is anticipated this will occur in the RHEL 5.5 update. However to accommodate users wishing to install a current version on RHEL5 immediately a download site has been set up with pre-built FreeRADIUS 2.x packages on a tech preview basis. This will allow users to easily install a current version and to provide feedback on the tech preview in advance of the freeradius2 package becoming available in the RHEL5 update stream.

It is important to note: The freeradius2 RPM's are not part of an official release therefore Red Hat customers with support contracts may not receive support on this version. These tech preview RPM's will be removed from the download site once freeradius2 enters the update stream, at that time the method to obtain the freeradius2 RPM's will be to utilize the normal software installation tools.

The download site to get the RPM for version 2 is;
http://people.redhat.com/jdennis/freeradius-rhel-centos/i386/. I downloaded the following files that I will need for my install.

freeradius2-2.1.6-2.el5.i386.rpm
freeradius2-devel-2.1.6-2.el5.i386.rpm
freeradius2-libs-2.1.6-2.el5.i386.rpm
freeradius2-utils-2.1.6-2.el5.i386.rpm

Logged in as root I started to install the packages. First up is the libraries;

[root@localhost install]# rpm -ivh freeradius2-libs-2.1.6-2.el5.i386.rpm
Preparing... ########################################### [100%]
1:freeradius2-libs ########################################### [100%]

Next I attempted to install freeradius2-2.1.6-2.el5.i386.rpm but it failed with a dependency.

[root@localhost install]# rpm -ivh freeradius2-2.1.6-2.el5.i386.rpm
error: Failed dependencies:
libltdl.so.3 is needed by freeradius2-2.1.6-2.el5.i386

A quick search on rpmfind.net details this library is part of libtool-libs. Looking on the DVD under the Server folder shows the following RPM's and querying the RPM install library I can see that I only have libtool installed, so I go ahead and install libtool-1.5.22-6.1.i386.rpm

[root@localhost install]# cd /mnt/cdrom/Server/
[root@localhost Server]# ls libtool*
libtool-1.5.22-6.1.i386.rpm
libtool-ltdl-devel-1.5.22-6.1.i386.rpm
libtool-ltdl-1.5.22-6.1.i386.rpm
[root@localhost Server]# rpm -qa libtool\*
libtool-1.5.22-6.1
[root@localhost Server]# rpm -ivh libtool-ltdl-1.5.22-6.1.i386.rpm
warning: libtool-ltdl-1.5.22-6.1.i386.rpm: Header V3 DSA signature: NOKEY, key ID 1e5e0159
Preparing... ########################################### [100%]
1:libtool-ltdl ########################################### [100%]

With this installed I can now go back and install the FreeRADIUS package.

[root@localhost install]# rpm -ivh freeradius2-2.1.6-2.el5.i386.rpm
Preparing... ########################################### [100%]
1:freeradius2 ########################################### [100%]

Awesome!

Configuring FreeRADIUS 2 on Oracle Enterprise Linux

Now that we have all the packages installed we can do some simple configuration. A directory has been created in /etc/raddb which contains all the config files. The most important initially is the radiusd.conf. I found that most of this config file was good for my initial tests. What parameter I did change however was it to log the authentication requests so that I could verify my PPTP server talking to the server. I changed this section and saved radiusd.conf.


# Log authentication requests to the log file.
#
# allowed values: {no, yes}
#
auth = yes

We also want an initial test user while we get the server up and running, edit the file /etc/raddb/users and add the following line at the very bottom.

testuser Cleartext-password := "welcome1"

Now its time to start the server for the first time, to check that everything is working and ensure the initial certificates get created simply run the server from the command line;

radiusd -X

This will then create keys and such, just sit back for a while and wait. Once its up it should start listening on all addresses like so;

Listening on authentication address * port 1812
Listening on accounting address * port 1813
Listening on command file /var/run/radiusd/radiusd.sock
Listening on proxy address * port 1814
Ready to process requests.


Testing the FreeRADIUS server

So at this point we have a vanilla radius server which is authenticating against the local users file. Nothing complicated and in my environment I was able to then configure my firewall's VPN to use this server. I needed to add a line to the clients.conf with a shared secret for the firewall to communicate. There is a nice little utility which allows you to do all sorts of client testing and it runs on both Linux and Windows. You can download it from IEA Software and it runs a small HTTP server locally. Install, run the service, add a server and then radlogin using your test user. Here is the output from my radius server (which is still currently running as radiusd -X in a console) from a test request. Note how it tries different modules to find the user before matching the file. When I switch the back end to OID it will be using LDAP.


rad_recv: Access-Request packet from host 127.0.0.1 port 16120, id=1, length=100
User-Name = "testuser"
Acct-Session-Id = "1244745822G1viy"
NAS-IP-Address = 127.0.0.1
NAS-Identifier = "Localhost"
NAS-Port = 0
Calling-Station-Id = "1115551212"
User-Password = "welcome1"
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "testuser", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
++[unix] returns notfound
[files] users: Matched entry testuser at line 204
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns updated
Found Auth-Type = PAP
+- entering group PAP {...}
[pap] login attempt with password "welcome1"
[pap] Using clear text password "welcome1"
[pap] User authenticated successfully
++[pap] returns ok
Login OK: [testuser] (from client localhost port 0 cli 1115551212)
+- entering group post-auth {...}
++[exec] returns noop
Sending Access-Accept of id 1 to 127.0.0.1 port 16120
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 0 ID 1 with timestamp +1755


Making sure the radius server starts on boot

The last thing to setup was to ensure the service started after a reboot. The RPM installer nicely setup the correct init.d files. chkconfig --list | grep radius shows that for all runlevels the service is off. Ideally you want this running when the system comes up, therefore use chkconfig --level to change the status of the service for the same levels that have the network running. You can also start the service using service radiusd start. The output of my machine is below for reference.


[root@localhost init.d]# chkconfig --list | grep radius
radiusd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
[root@localhost init.d]# chkconfig --level 2345 radiusd on
[root@localhost init.d]# chkconfig --list | grep radius
radiusd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[root@localhost init.d]# service radiusd start
Starting RADIUS server: [ OK ]


And thats it! A very basic configuration of the radius server and as soon as I get OID installed/configured i'll come back to this and set it up so that it uses my central repository for authentication.

Part of my home network is an Oracle Enterprise Linux installation which hosts my WebLogic Portal environment. The development IDE of choice for the portal is Oracle Workshop for WebLogic which is essentially the Eclipse IDE with a bunch of Oracle addins. In building my portal I wanted to be able to get the code from various computers such as my desktop and laptop at home, but I also travel a lot with my work laptop and I want to be able to access code i've written at home whilst on the move. Open VPN provides the secure access to these resources, I just need a simple source control system to store the code in.

In the past CVS has been the solid choice, although I had some experience in Microsoft's visual source safe, but that simply wasn't going to get a look in here. Subversion has been growing in popularity and it was an obvious decision.

Installing and configuring subversion in Oracle Enterprise Linux

Oracle Enterprise Linux release 5 update 3 ships with a version of subversion, subversion-1.4.2-4.0.1.el5.i386.rpm but the latest release at time of writing this article is 1.6.x. So I obviously wanted to use the latest and the subversion website points to CollabNet for the RedHat binaries. You will need to register a free account to get a copy of the latest RPM. Again at time of writing the latest is CollabNetSubversion-server-1.6.2-1.i386.rpm. The server also has a dependency on the client and I downloaded the extras RPM as well for good measure. So I was now ready to install the latest version.

First I needed to uninstall the 1.4.x version already installed. The CollabNet version doesn't over write the already installed package and I wanted a clean system.

rpm -e subversion-1.4.2-4.0.1.el5

Then time to install the CollabNet version as per the readme.

[root@localhost oracle]# ll
total 18180
-rw-r--r-- 1 root root 11645262 Jun 10 11:30 CollabNetSubversion-client-1.6.2-1.i386.rpm
-rw-r--r-- 1 root root 1907553 Jun 10 11:30 CollabNetSubversion-extras-1.6.2-1.i386.rpm
-rw-r--r-- 1 root root 5011804 Jun 10 11:17 CollabNetSubversion-server-1.6.2-1.i386.rpm
[root@localhost oracle]# rpm -i CollabNetSubversion-client-1.6.2-1.i386.rpm
warning: CollabNetSubversion-client-1.6.2-1.i386.rpm: Header V3 DSA signature: NOKEY, key ID 35bcca43
[root@localhost oracle]# rpm -i CollabNetSubversion-server-1.6.2-1.i386.rpm
warning: CollabNetSubversion-server-1.6.2-1.i386.rpm: Header V3 DSA signature: NOKEY, key ID 35bcca43
[root@localhost oracle]# rpm -i CollabNetSubversion-extras-1.6.2-1.i386.rpm
warning: CollabNetSubversion-extras-1.6.2-1.i386.rpm: Header V3 DSA signature: NOKEY, key ID 35bcca43

It installs into the location /opt and therefore you need to add the subversion path to your PATH variable. To do this add the following line to the file /etc/profile and reboot.

PATH=/opt/CollabNet_Subversion/bin:$PATH

Once the server returns run the configure script for subversion, you should just be able to run the command Configure-CollabNet-Subversion from anywhere now that the path is in the profile. You can then walk through the configuration of the server. I decided not to use Apache because I wanted a relatively simple setup. I might change this later on. For testing I created a new repository called "TestCode" and a user, simon. At the end of the configure script it restarted the subversion server and then I would be able to access the URL via;

svn://servername/TestCode


Installing the subversion client for Workshop for Weblogic

Now that the server is up and running, I want to enable my development environment to use it. I have installed on my workstation the 10g release of Workshop for Weblogic. You have two choices for this environment, Subclipse and Subversive. I decided on Subclipse for no other reason than it was listed first :)

Before we do anything with Workshop, I actually ran into a bug which limits the ability to install Subclipse via the "Software Updates" mechanism directly in the IDE. There is a workaround for this problem detailed below.

Comment out the com.* import lines in your %BEA_HOME%\wlportal_10.3\eclipse\features\com.bea.wlp_10.3.0\feature.xml, like this:

<requires>
<import plugin="org.eclipse.core.runtime" version="3.3" match="compatible"/>
<import plugin="org.eclipse.ui" version="3.3" match="compatible"/>
<!--
<import feature="com.m7.nitrox" version="1.0.20" match="compatible"/>
<import feature="com.bea.workshop.cmdline.feature" version="1.0.30" match="compatible"/>
<import feature="com.bea.workshop.common.feature" version="1.1.40" match="compatible"/>
<import feature="com.bea.workshop.upgrade81.feature" version="1.0.30" match="compatible"/>
<import feature="com.bea.workshop.web.feature" version="1.0.20" match="compatible"/>
<import feature="com.bea.workshop.wls.feature" version="1.1.30" match="compatible"/>
<import feature="com.bea.workshop.xmlbeans.feature" version="1.0.30" match="compatible"/>
-->
</requires>

Then restart Workshop

Once you've done this follow these instructions to download and install the subversion client.
Start Workshop for WebLogic and go to "Help > Software Updates > Find and Install..." then select Search for new features to install. Click on New Remote Site and enter;

• Name = subclipse 1.6
  
• URL = http://subclipse.tigris.org/update_1.6.x
  

Once added, ensure that this site is the only one checked in the sites to include in the search and hit Finish. You will be presented with a tree to choose the components, I selected the following;


Agree to the licenses



Accept the optional component;



Finally hit finish to install everything. Note these are not signed packages so you'll need to agree also to install the unsigned components. At the end you'll be asked to restart Workshop.

Checkout test project from subversion in Workshop for WebLogic

Ok, nearly there. Now its time to checkout that test repository I created during the server setup. In Workshop go to "File > New > Other" and in the resulting dialog find the SVN section and choose Checkout Projects from SVN.



Select Create a new repository location. It now asks for the URL to the server, remember this is in the format SVN://servername/respository my example is shown below. The client will attempt to connect after which you can select the URL to get to the Check Out As dialog.



The check out dialog now asks what you want to do with the project. If you want you can create a new project using the Workshop's wizard. However I just wanted to add a vanilla project so selected Check out as a project in the workspace, like below and hit Finish. It also warns me that i'm checking out the entire root which is fine for this test.



You will now have an empty project folder in Workshop. You can take a look at all the version control options now by right clicking on the project and selecting the Team menu. Here you have access to all the branching, merging etc features.
For further information on subversion and use there is a great book online. As part of my IDM deployment later this year I plan to also use subversion with SASL which is supported in Oracle Internet Directory (OID)

Ok, so this hasn't really anything to do with any Oracle technology, but it's part of my ongoing network configuration and I couldn't find a real simple guide to do this. I have a D-Link DIR 655 wireless router which used to connect to the Comcast cable modem and handle all the traffic into and out of my local network. However i've since deployed pfSense and untangle leaving the DIR to only handle my wireless requirements.

So my requirement now was to have the DIR 655 only handle the wireless network and allow clients to connect to the LAN network, basically it becomes just an access point. This is simple to do and i've taken a few screen shots for clarity. There may be differences depending on your firmware, but the theory is the same and could also apply to other similar wireless routers.

Oh and one more thing, ALL network numbers and mac addresses on the screen shots have been changed for obvious reasons.

First make sure you understand how to connect to the admin interface of the DIR when making changes. I've never bothered to connect via the USB port, instead I do everything via the web interface. This means that I have enabled remote administration so that I can access the router on either the LAN or WAN interface. For the total newb, I should explain the difference between the two interfaces.
• WAN (Wide Area Network) refers to the network beyond your home system. Typically this is the Internet and you connect to it via the WAN port on the router that connects to your internet provider. This takes the form of an Ethernet connection.
• LAN (Local Area Network) refers to your network of desktops and laptops that are local to you, i.e. the ones in my house. On the DIR 655 there are 4 LAN ports, again they are Ethernet connections.
So the following is a screen shot of making sure that you can connect to the router via the WAN interface in case you need to.
• Next setup the WAN interface to a static address that doesn't really get used because we are not going to be connecting it to anything.
  1. Login to the router web interface as admin and click on SETUP
  2. Select "INTERNET" from the menu on the left
  3. Select "Manual Internet Connection Setup"
  4. Choose "Static IP" for "My Internet Connection is..."
  5. Enter in some non used network information like the screen shot below. I'm not sure if it matters if these values conflict with any numbers on your local network because nothing will be connected to the port anyway, but I play safe and have use a network that doesn't exist on my LAN.
  
• Next setup the LAN information. I use the DHCP server on my pfSense device to configure the addressing for my clients and I only want the DIR to handle connecting wireless clients to my local subnet.
  1. Login to the router web interface as admin and click on SETUP
  2. Select "NETWORK SETTINGS" from the menu on the left
  3. Deselect the "Enable DHCP Server" check box
  4. Now enter in the network values for your LAN. You will need to specify a "Router IP address" and this is what you will use to connect and administrate the router. There is a good chance this is already setup correctly. It is good practice to give this interface a number very high on the subnet. Again have a look at the screen shot below for what i've got setup.
  
• Finally the most important piece, take an Ethernet cable from the LAN switch/hub (I hope people don't still use hubs!) and stick it into any one of the 4 LAN ports on the router. By doing this you have now made the wireless network and extension of your LAN network. Any broadcast packets will also reach onto the wireless network. So now any wireless client is going to get a DHCP address from my pfSense device and I can communicate using protocols such as Bonjour.

  Tags:

  • d-link
  • router
  • wireless

Well this was an hour well spent during lunch today! As part of my database install which will eventually be used to migrate all my Oracle UCM content that is currently file system hosted into the database, I wanted to use Automatic Storate Management (ASM). This will let me mirror the database across two disks. I don't have the spare cash right now for the RAID array I would like, so this is a neat option in the interim. However it took some hunting to get the right information and drivers loaded, so here are the steps I eventually took to get Oracle ASM working for my 11g database.

Before starting the database installation you need to mark your disks as ASM. My environment is using a pretty vanilla installation of Oracle Enterprise Linux release 5 update 3.

1. Ensure you have the disks configured correctly in Linux, I have /dev/sdc and /dev/sdd which are two 200GB IDE disks exposed to my OS from the Oracle VM Server that this guest is running on.
   
2. Install the ASM packages from the Enterprise Linux CD/DVD. The RPM's are in the "Server" directory in the root of the CD/DVD. I used a DVD so i'm not sure which CD the files are on, you'll need to hunt. The packages you need to first install are;
   • oracleasm-2.6.18-128.el5-2.0.5-1.el5.i686.rpm
     
   • oracleasm-support-2.1.2-1.el5.i386.rpm
     
   So to install both, simply run
   rpm -ivh oracleasm-support-2.1.2-1.el5.i386.rpm
   and
   rpm -ivh oracleasm-2.6.18-128.el5-2.0.5-1.el5.i686.rpm.
   
3. Now there are more RPM's you need to install, as detailed in this document. I downloaded the following from this location on the Oracle Technology Website. I navigated to the Red Hat Enterprise Linux 5 AS section.
   • oracleasm-support-2.1.3-1.el5.i386.rpm
   There was also a newer version of oracleasm-support on the site which I didn't download and install at this time. I didn't need to download the drivers for my kernel because the RPMs on my install media were the right ones. So I installed this oracleasmlib as root using rpm - i oracleasmlib-2.0.4-1.el5.x86_64.rpm
   
4. The next step was to configure ASM, you do this by running oracleasm configure. I got past a few of the first questions but it eventually failed and checking /var/log/messages I saw the error;
   
   Jun 5 12:35:55 database modprobe: FATAL: Module oracleasm not found.
   
   A quick bit of googling and it seems that the driver isn't being loaded and has not been installed correctly.
   
5. My final step of configuration to get this working was to use oracleasm to update the driver itself and this seemed to sort itself all out! I ran the command oracleasm update-driver and you can see the result below.
   
[root@database modules]# oracleasm update-driver
Kernel: 2.6.18-128.el5xen i686
Driver name: oracleasm-2.6.18-128.el5xen
Latest version: oracleasm-2.6.18-128.el5xen-2.0.5-1.el5.i686.rpm
Installing driver...
Preparing... ########################################### [100%]
1:oracleasm-2.6.18-128.el########################################### [100%]
Driver installed successfully

   
6. Now I could successfully run oracleasm configure. Again the output from this below;
   
[root@database modules]# /etc/init.d/oracleasm configure
Configuring the Oracle ASM library driver.

This will configure the on-boot properties of the Oracle ASM library
driver. The following questions will determine whether the driver is
loaded on boot and what permissions it will have. The current values
will be shown in brackets ('[]'). Hitting <ENTER> without typing an
answer will keep that current value. Ctrl-C will abort.

Default user to own the driver interface [oracle]:
Default group to own the driver interface [dba]:
Start Oracle ASM library driver on boot (y/n) [y]:
Scan for Oracle ASM disks on boot (y/n) [y]:
Writing Oracle ASM library driver configuration: done
Initializing the Oracle ASMLib driver: [ OK ]
Scanning the system for Oracle ASMLib disks: [ OK ]

   
7. I was then able to mark my disks for ASM use, except I had already mounted these disks as part of my testing from earlier.
   
[root@database modules]# oracleasm createdisk DATADISK1 /dev/sdc1
Unable to open device "/dev/sdc1": Device or resource busy

   Duh, I quickly removed the references in /etc/fstab and unmounted the drives. This time I could run my command;
   
[root@database modules]# oracleasm createdisk DATADISK1 /dev/sdc1
Writing disk header: done
Instantiating disk: done
[root@database modules]# oracleasm createdisk DATADISK2 /dev/sdd1
Writing disk header: done
Instantiating disk: done

   
8. Finally, before I start my 11g database installation, just check that ASM can see my new disks;
   
[root@database modules]# oracleasm scandisks
Reloading disk partitions: done
Cleaning any stale ASM disks...
Scanning system for ASM disks...
[root@database modules]# oracleasm listdisks
DATADISK1
DATADISK2

   

I was then able to go through the 11g installation and the two disks were available at the ASM configuration section! Here's a screen shot of the ASM manager;

So my plan is to have a reliable Oracle VM hosted 11g database. I have a test machine which has limited resources but its the starting point for my learning of how to configure this correctly. I now have my Oracle VM server running and installed Oracle Enterprise Linux release 5 update 3 and before I walk through my database installation I want to prepare the data disks. I have two 200GB IDE drives and I want to use ASM to store the database across these disks. In the future when I can I intend to migrate the entire system to a much more beefy host with more RAM and better disks. But the configuration shouldn't change a great deal.

So one challenge was how do I have my virtual machine have access to data drives in the most effective manner. There are several steps to getting this working correctly.

1. First make sure on the Oracle VM server the disks are correctly setup.
   • Ensure the drives are correctly configured in the physical machine and recognized in the BIOS/controller card. I'm using just IDE drives here which are seen in Linux as /dev/hdc and /dev/hdd
   • Setup valid partitions on these disks using fdisk. e.g.
     
     fdisk /dev/hdc
     Then hit p for a new partition, enter 1 for the first primary partition.
     Accept the defaults for start and end and then hit w to write this config to the partition table. This will create the partition /dev/hdc1. I did the same for /dev/hdd.
   • Create a filesystem on the partitions, do a mkfs -t ext3 /dev/hdc1 and obviously for hdd as well.
2. Now with valid disks configured on the host, we need to setup the config file for my virtual machine to expose these two new disk partitions to the guest. Make sure your guest machine is shutdown and then edit the vm.cfg. This is found in /OVS/running_pool/nameofyourvm. In my case this file is /OVS/running_pool/50_OELr5r3/vm.cfg. Edit this file (nano vm.cfg) and locate the line starting with "disk =". It will currently point to the .img file which is your guest OS main virtual disk. Something like
   
   disk = ['file:/OVS/running_pool/50_OELr5r3/System.img,xvda,w']
   
   You need to add two new sections to this line which point to the disks you've just setup... The new line looks like this;
   
   disk = ['file:/OVS/running_pool/50_OELr5r3/System.img,xvda,w',
   'phy:/dev/hdc,sdc,w',
   'phy:/dev/hdd,sdd,w',
   ]
   
   Notice each definition is seperated by a comma. Now save the file...
3. Start the virtual machine from Oracle VM Manager and once it's booted login via ssh. If you now do an fdisk -l you can see those partitions are now available for mounting! Here's my system;
   
   Disk /dev/hdc: 200.0 GB, 200049647616 bytes 255 heads, 63 sectors/track, 24321 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes

   Device Boot Start End Blocks Id System
   /dev/hdc1 1 24321 195358401 83 Linux

   Disk /dev/hdd: 200.0 GB, 200049647616 bytes
   255 heads, 63 sectors/track, 24321 cylinders
   Units = cylinders of 16065 * 512 = 8225280 bytes

   Device Boot Start End Blocks Id System
/dev/hdd1 1 24321 195358401 83 Linux