Wednesday Aug 01, 2012

Just because I’m paranoid doesn’t mean…

KeyholeWhile I’m a passionate computer user–recognized within my family and circle of friends as a reigning (or at least old) geek–I spend at least as much time warning people to be careful as I do showing them the cool things they can do with their computers. I’m shocked at the widespread complacency over computer and network security and privacy: we should all be afraid. Very afraid. I only need remind you of recent security breaches with LinkedIn and Dropbox!

I have been in the business of publishing systems best practices for over a decade: security has been a keystone topic all those years. The good news is that high levels of security can be achieved: you just have to be smart about it. With a few exceptions, security isn’t something we actually sell, because it is dominated by relatively unglamorous concepts, processes, and practices, not extra hardware and software.

Because of this, security experts often find themselves trying to teach really fundamental (and after-the-fact, obvious) concepts. For example, in building a secure environment, you want to make sure your platform fulfills four important points:

  • It must be able to prevent or minimize the damage caused from both accidental and malicious actions. This is referred to as survivability.
  • It provides a layered set of defenses exist so that secure operations continue even after a vulnerability or the failure of a single security control. This is referred to as defense in depth.
  • It provides only those services that are absolutely necessary to the function or user. This is referred to as least privilege.
  • It is critical to be able to detect and report a breach. This is referred to as accountability.

We just posted an important article, written by three security experts I have worked with for a long time: Best Practices for Securely Deploying the SPARC SuperCluster T4–4. In building a solution that will survive a world of sophisticated cyber-criminals, it is more important than ever to pick the correct hardware and software platform. This article gives you a crash course in the things to consider, and explanation of the special features of the SPARC SuperCluster T4–4 that will make your job of creating a secure environment easier, and (most importantly) how to go about putting things together.

This is a big and important topic. Once you have digested this “Reader’s Digest” article, I’m confident that you’ll want to look at the references listed at the end. Now is the time to get smart about security.

–Kemer

Friday Jul 27, 2012

What To Give Your Favorite Sysadmin on Sysadmin Day

Source

Happy Sysadmin Day.

As the site says ...

This is the day that all fellow System Administrators across the globe will be showered with expensive sports cars and large piles of cash in appreciation of their diligent work ..."

We understand that times are tight, so we don't expect you to buy your favorite sysadmin a Ferrari. That can wait till next year. But it wouldn't hurt to rent them one. Just for the weekend. To remind them what a weekend feels like.

- Rick

Website Newsletter Facebook Twitter

Wednesday Jul 25, 2012

OTN Sysadmin Day in Denver, Colorado

Source

Can you find the sysadmin in the picture?

You might be able to on Thursday, August 23rd. OTN is hosting its next Sysadmin Day in Denver, Colorado, and we can never keep track of our sysadmins. In a place as purty as Colorado, it will be even harder.

Note: The date on the link above is incorrect. The correct date is Thursday, August 23rd.

Our previous OTN Sysadmin Day in Santa Clara had almost 100 attendees. The one in Denver will have similar presentations, but we're adding some content on virtualization. Which we hope to expand into a third track in the future. As usual, Pavel Anni opens our OTN Sysadmin Days with a talk about Oracle's dual OS strategy. He explains why Oracle offers two operating systems, and summarizes the main features of each one. Then we split off into two different groups to get our hands on each OS.

One group gets their hands on the ZFS filesystem, virtualization capabilities, and security controls of Oracle Solaris.

The other group gets their hands on the package management tools, services, and runs levels of Oracle Linux, plus its volume management tools and the Btrfs filesystem.

Both groups learn by doing, using the hands-on labs similar to those on OTN's Hands-On Labs page. Why attend an event in person when you could simply work the labs on your own? Two reasons:

  1. Since you are away from the obligations of the data center, you get to focus on working the labs without interruption.
  2. You get help from Oracle experts and other sysadmins who are working on the same labs as you.
The event is free. Here's the agenda:

Time Session
8:00 am System Shakedown
9:00 am Oracle's Dual OS Strategy
 

Oracle Solaris Track

Oracle Linux Track

10:00 am HOL: Oracle Solaris ZFS HOL: Package Management and Configuration
11:30 am HOL: Virtualization HOL: Storage Management
1:00 pm Lunch / Surfing OTN
2:00 pm HOL: Oracle Solaris Security HOL: Btrfs filesystem
3:00 pm Presentation: Oracle Enterprise Manager Ops Center 11g
3:30 pm Presentation: Oracle VM Manager
4:00 pm Discussion: What are the most pressing issues for sysadmins today?
5:00 pm Get lost in the mountains.

- Rick

Website Newsletter Facebook Twitter

Tuesday Jun 19, 2012

Viewing at Impossible Angles

Multibus driverThe picture of the little screwdriver with the Allen wrench head to the right is bound to invoke a little nostalgia for those readers who were Sun customers in the late 80s. This tool was a very popular give-away: it was essential for installing and removing Multibus (you youngsters will have to look that up on Wikipedia…) cards in our systems. Back then our mid-sized systems were gargantuan: it was routine for us to schlep around a 200 lb. desk side box and 90 lb. monitor to demo a piece of software your smart phone will run better today.

We were very close to the hardware, and the first thing a new field sales systems engineer had to learn was how put together a system. If you were lucky, a grizzled service engineer might run you through the process once, then threaten your health and existence should you ever screw it up so that he had to fix it.

Nowadays we make it much easier to learn the ins and outs of our hardware with simulations–3D animations–that take you through the process of putting together or replacing pieces of a system. Most recently, we have posted three sophisticated PDFs that take advantage of Acrobat 9 features to provide a really intelligent approach to documenting hardware installation and repair:

Download one of these documents and take a close look at it. You can view the hardware from any angle, including impossible ones. Each document has a number of procedures, that break down into steps. Click on a procedure, then a step and you will see it animated in the drawing.

Of course hardware design has generally eliminated the need for things like our old giveaway tools: components snap and lock in. Often you can replace redundant units while the system is hot, but for heaven’s sake, you’ll want to verify that you can do that before you try it!

Meanwhile, we can all look forward to a growing portfolio of these intelligent documents. We would love to hear what you think about them.

–Kemer

Tuesday Feb 28, 2012

Santa Clara On April 10 - Next OTN Sysadmin Day

Before the part of Oracle that was then Sun Microsystems moved in, the facility used to be known as the Agnews Insane Asylum. Some of us who worked for Sun at the time thought the image was hilarious. Some thought it was insensitive. Some believed it was a statement about the rise of the corporate state and the demise of benign government. That was the Santa Clara campus back then, a diverse, magical workplace full of people who held strong opinions about everything, yet managed to have a great time together.

Another topic that incites strong opinions among good friends is Oracle Solaris vs Oracle Linux. Which one is better? Which one should I use? Which one should I learn how to use? At our OTN Sysadmin Days, we let you decide. Pavel Anni always opens our OTN Sysadmin Days with a talk about Oracle's dual OS strategy. He explains why Oracle offers two operating systems, and summarizes the main features of each one. Then we split off into two different groups to get our hands on each OS.

One group gets their hands on the ZFS filesystem, virtualization capabilities, and security controls of Oracle Solaris.

The other group gets their hands on the package management tools, services, and runs levels of Oracle Linux, plus its volume management tools and the Btrfs filesystem.

The truly adventurous sysadmins jump between groups. Both groups learn by doing, using the hands-on labs similar to those on OTN's Hands-On Labs page. Why attend an event in person when you could simply work the labs on your own? Two reasons:

  1. Since you are away from the obligations of the data center, you get to focus on working the labs without interruption.
  2. You get help from Oracle experts and other sysadmins who are working on the same labs as you.

I've been to all our OTN Sysadmin Days so far. The sysadmins and IT managers who attended told me that it was time very well spent. However, our attendance has been low. Not sure whether we haven't gotten the word out to enough people, or whether it's just difficult for sysadmins to get away. In any case, if we don't improve attendance, we'll have to cancel OTN Sysadmin Days.

So if you're interested, register now. Santa Clara on April 10 may be your last chance. The event is free. Here's the agenda:

Time Session
8:00 am System Shakedown
9:00 am Oracle's Dual OS Strategy
 

Oracle Solaris Track

Oracle Linux Track

10:00 am HOL: Oracle Solaris ZFS HOL: Package Management and Configuration
11:30 am HOL: Virtualization HOL: Storage Management
1:00 pm Lunch / Surfing OTN
2:00 pm HOL: Oracle Solaris Security HOL: Btrfs filesystem
3:00 pm Presentation: Oracle Enterprise Manager Ops Center 11g
3:30 pm Presentation: Setting Up and In-House Development Environment with Oracle Solaris Studio
4:00 pm Discussion: What are the most pressing issues for sysadmins today?
5:00 pm We all go home

- Rick Ramsey

Website

Newsletter

Facebook

Twitter

Tuesday Jan 03, 2012

Next OTN Sysadmin Day is on January 18

Our next OTN Sysadmin Day will be held on January 18 in Salt Lake City, Utah. As usual, we will have two tracks of hands-on-labs:

Time Session
8:00 am System Shakedown
9:00 am Oracle's Dual OS Strategy / Overview of OTN
 

Oracle Solaris Track

Oracle Linux Track

10:00 am HOL: ZFS HOL: managing packages, configuring services
11:30 am HOL: Exploring OS, network, and storage virtualization HOL on Storage Part I: managing storage and file systems
1:00 pm Lunch Break
2:00 pm HOL: Managing software with IPS HOL on Storage Part II: Device Mapper, BTRFS
3:00 pm Presentation: Oracle Enterprise Manager Ops Center 11g
4:00 pm Discussion: What are the most pressing issues for sysadmins today?
5:00 pm We all go home

Participants of previous OTN Sysadmin Days found the hands-on labs particularly valuable. You get to learn by doing. And what you get to do is install, configure, and manage the technologies of Oracle Solaris 11 and Oracle Linux in the same way as you would in the real world.

OTN Sysadmin Day in Salt Lake City is free, but you must register. Please stay for the feedback session at the end. They tend to be pretty spirited, and you might win a neat prize. Address:

Salt Lake City Marriott City Center
220 South State Street
Salt Lake City, UT 84111

If you'd like to see some pictures from the Sacramento event, go to the "OTN Sysadmin Day Sacramento" photo folder on the OTN Garage on Facebook.

To find out what there is to do is Salt Lake City and Utah, click on the ski page above. It will take you to National Geographic's Guide to Utah.

- Rick
Website
Newsletter
Facebook
Twitter

Friday Dec 23, 2011

Santa in the OTN Garage

You are welcome to peruse content the OTN Systems Community posted for sysadmins and developers over the past year, like Santa is doing:

Here's wishing that your moto start on the first kick, your engine oil run clear, your bolts not vibrate off before you reach home, your fuel not gum up your carburetor, and your face remain merrily in the wind.

Merry Christmas, or whatever you celebrate during the Holiday Season.

- Rick

Website
Newsletter
Facebook
Twitter

Friday Dec 16, 2011

Two Sysadmin Articles Make OTN's Top 20

In the OTN blog, Justin reports that two sysadmin-related articles made OTN's top 20 list for 2011:

Number 2
Taking Your First Steps with Oracle Solaris 11
- by Brian Leonard and Glenn Brunette

Number 11
How I Simplified the Installation of Oracle Database on Oracle Linux
- by Ginny Henningsen

Boo-yah!

The good work of Brian, Glenn, and Ginny makes those of us in the Systems Community of OTN particularly proud because the number of OTN readers who are system admins and developers is dwarfed by the number who are Java developers. Even making the top 20 is notable. To Brian, Glenn, and Ginny, a heartfelt:

- Rick

Website
Newsletter
Facebook
Twitter

Wednesday Sep 14, 2011

OTN Sysadmin Day - Seattle

OTN Sysadmin Day held in Sacramento on Sep 8 was the first time we presented two tracks of hands-on labs:

Time Session
8:00 am System Shakedown
9:00 am Oracle's Dual OS Strategy / Overview of OTN
 

Oracle Solaris Track

Oracle Linux Track

10:00 am HOL: ZFS HOL: managing packages, configuring services
11:30 am HOL: Exploring OS, network, and storage virtualization HOL on Storage Part I: managing storage and file systems
1:00 pm Lunch Break
2:00 pm HOL: Managing software with IPS HOL on Storage Part II: Device Mapper, BTRFS
3:00 pm Presentation: Oracle Enterprise Manager Ops Center 11g
4:00 pm Discussion: What are the most pressing issues for sysadmins today?
5:00 pm We all go home

Participants found the hands-on labs particularly valuable. You get to learn by doing. And what you get to do is install, configure, and manage the technologies of Oracle Solaris 11 and Oracle Linux in the same way as you would in the real world.

Next Sysadmin Day

We are doing another one in Seattle, on September 22nd. From 8:00 am to 5:00 pm. It's free, but you must register. Please stay for the feedback session at the end. They tend to be pretty spirited, and you might win a neat prize. I'll tell you more if you make it to Seattle.

Our next Sysadmin Day won't happen till January 18 (Salt Lake City), so do what you can to make it to Seattle. It's being held at the Seattle Westin Hotel, 1900 5th Avenue.

If you'd like to see some pictures from the Sacramento event, go to the "OTN Sysadmin Day Sacramento" photo folder on the OTN Garage on Facebook.

- Rick
Website
Newsletter
Facebook
Twitter

Wednesday Sep 07, 2011

Oracle OpenWorld for 50 Bucks - Really?

If you're an OTN Member, you can get a Discover Pass to Oracle OpenWorld for $50.00. The Discover Pass won't let you into the technical sessions and hands-on labs, but it will let you into the keynote and executive sessions, the user group meetings, the exhibition halls and Demo Grounds and, of course, the OTN Lounge. And that's not all. Find out how it compares to full registration here:

Discover Pass vs Full Registration

Be sure to use this priority code: DOTN11.

Here's how:

  • First, become an OTN member:
    1. Go to the OTN Membership Page
    2. Select the "join today!" link (underlined, in the middle of a paragraph)
    3. Go to "My Community Memberships"
    4. Select "Oracle Technology Network"
    5. Identify yourself as a "sysadmin."
  • Register for Oracle Open World and use priority code DOTN11

By the way, that's my nephew Anthony on the right. Coolest kid ever.

- Rick
Website
Newsletter
Facebook
Twitter

Thursday Aug 25, 2011

Next OTN Sysadmin Day is in Sacramento

Bottom Line: next OTN Sysadmin Day is September 8 in Sacramento.
Free, but registration is required.

One of the most subtle yet powerful skills I learned from The Missus is how to tell the difference between what was better and what I preferred.

Motorcycle magazines, for instance, spend an awful lot of time telling us why one motorcycle is better than another. They do this by employing their best interpretation of objective criteria: acceleration, braking, cornering, carrying capacity, conveniences, ergonomics, and sometimes even the personal riding experience of the reviewer.

There's nothing wrong with that. Very useful stuff. And fascinating to read. Except that it gets me all confused. Or confuzzled, as my daughter calls it. The objective criteria makes me think one bike is better than the other. But when I buy it, why am I less than fulfilled?

Because features and capabilities don't often match personal preference.

Although we don't usually put personal preference at the top of the list when choosing an operating system, we shouldn't ignore it. Personal preference is not just whim. It takes into account the job we're trying to accomplish, the way we have to handle it, and the tools we prefer to use. In fact, ignoring our personal preference has an impact on productivity: if we hate "our ride," we're not going to get very good at using it, are we?

OTN's second Sysadmin Day (read about the first) will begin with an overview of Oracle's dual OS strategy. Then we'll split off into two tracks, one with hands-on labs for Oracle Linux, one for Oracle Solaris.

Time Session
8:00 am System Shakedown
9:00 am Oracle's Dual OS Strategy
 

Oracle Solaris Track

Oracle Linux Track

9:30 am Overview of Oracle Solaris Overview of Oracle Linux
10:00 am HOL: ZFS HOL: managing packages, configuring services
11:30 am HOL: Exploring OS, network, and storage virtualization HOL on Storage Part I: managing storage and file systems
1:00 pm Lunch Break
2:00 pm HOL: Managing software with IPS HOL on Storage Part II: Device Mapper, BTRFS
3:00 pm Presentation: Oracle Enterprise Manager Ops Center 11g
4:00 pm Discussion: What are the most pressing issues for sysadmins today?
5:00 pm We all go home

Consider it an Oracle Demo Day, if you will. It's free, but you must register to attend.

As for me, after spending a couple of years riding the canyons on a 2005 Ducati 800SS, a 2003 Ducati ST4 with a 4-valve 996 engine, Ohlins shocks, and Marchesini wheels, a 2005 BMW K1200S, and the bikes of a few friends, I went back to a 2006 Harley Davidson Fat Boy. Even though the other bikes performed much better, I prefer the Fat Boy. And my wicked smaht Missus.

- Rick
Website
Newsletter
Facebook
Twitter

Wednesday Aug 10, 2011

Join OTN Or ...

...The Lemur Gets It!


Turns out Oracle wants more sysadmins (Linux, Solaris, systems, storage, or network) to become official, bonafide, full-blown OTN members. I explained that sysadmins aren't really the "joining" type, but I lost. Oracle wants more sysadmins to join OTN. Period.

So I've been wondering how I could convince the more reluctant among you to become official, bonafide, full-blown OTN members. After all you, your bookie, and your bookie's mother-in-law can read our technical articles, view our OTN videos (may take time to load), and visit just about every part of the OTN Systems website without signing up for anything.

But there is a bunch of very cool stuff you can't do unless you're a member. This month I'll tell you about one.


Download Software For Free

You can't download our software for free unless you're an OTN member.

I know Oracle's license terms are not the same as Sun's were, but you still get to download and horse around with world-class software for free. If you're anywhere within a decade of your mid-life crisis, you'll clearly remember when you had to actually pay a lot of money for good software. All we ask is that you be honest about when you deploy our software. That's only fair.

For all the details, read the OTN developer license.

You can read about other benefits of membership here.

So, if you really want that lemur to have a future, sign up here, check the "Oracle Technology Network" box under "My Community Memberships," and identify yourself as a sysadmin.

And while you're at it, sign up for our newsletter. It'll highlight the best content we've published over the previous month, in case you weren't paying attention.

- Rick
Website
Newsletter
Facebook
Twitter

Wednesday Jul 13, 2011

Suicide by C++ And How to Avoid It

photo courtesy of To Be A Pilgrim blog.

You may have seen The Onion's story about some recent ground-breaking research ...

New Study Shows People With Panic Disorders Respond Poorly To Being Locked In Underwater Elevators

If you get the same reaction every time you realize your C++ code is hopelessly tangled up with your C++ libraries, you may find some relief in this series by Darryl Gove and Stephen Clamage.

  • Introduction to Libraries and Linking - How to make sure that your Oracle Solaris application links to the libraries it needs correctly and in the right order.
  • Part II - Resolving Symbols in Libraries - How to use the -z defs flag in your code to make sure the runtime linker links your application to the correct C++ libraries.
  • Part III - What Happens When An Application Starts - How investigate run-time application linking problems by using the LD_DEBUG environment variable.
  • Part IV - Avoiding Linking Problems - How to identify duplicate symbols and circular dependencies in your C++ code that would lead to linking problems between your application and its libraries.
  • Part V - Libraries in C++ - A detailed demonstration of how your C++ compiler can bind to a symbol from the incorrect library at compile time, and how to use the -g compiler flag to detect it.
  • Part VI - Resolving the Initialization Order Problem - Using link *order* to resolve C/C++ library dependencies is quick, but not optimal. Better to use either -instlib to keep the compiler from generating multiple templates, or use the -Bdirect linker flag to record dependencies at run time. This article explains how.
  • Part VII - Using Symbol Scoping to Avoid Linking Issues - By default, a symbol defined in a library is visible to other libraries and executables. You can limit a symbol's scope in a number of ways, including symbolic binding, hidden scope, and interposing. How to and examples described here.
  • Part VIII - Concluding Remarks and Summary of Best Practices - Building an application as a combination of executables and library calls has many advantages but potential problems with the links between the executable and its libraries. By using the techniques described in this series of articles, you can identify problems and make the risks manageable.

- Rick
System Admin and Developer Community of OTN
OTN Garage Blog
OTN Garage on Facebook
OTN Garage on Twitter

Friday Jul 01, 2011

Filtering Your Content

Watch it directly on YouTube

You can't always get what you want, but we do try to get you what you need. Use these OTN System Collections to see what's been published lately in your area of interest:

If you prefer to use your RSS feeder, try this page:

- Rick
System Admin and Developer Community of OTN
OTN Garage Blog
OTN Garage on Facebook
OTN Garage on Twitter

Wednesday Jun 15, 2011

Pimp my Ride - Installing Additional Packages on Oracle Linux

Lee Cannon: Wings Wheels 2010
"Wings Wheels 2010" by Lee Cannon (CC BY-SA 2.0).

Oracle Linux already ships with an impressive amount of software packages which can be downloaded from our public Yum server.

For example, adding the external package repository for Oracle Linux 6.1 is a trivial task:

  1. Download and copy the appropriate yum configuration file in place, by running the following command as root:
    # wget -O /etc/yum.repos.d/public-yum-ol6.repo \
      http://public-yum.oracle.com/public-yum-ol6.repo
  2. Now edit the file using your favorite text editor and enable the appropriate repository ([ol6_u1_base] in our case) by changing the value of the enabled variable from 0 to 1.
  3. Now you can run yum list all to get a full list of all available packages. You can install them by running yum install <packagename>
However, being a distribution with a focus on the enterprise and data center, the package selection is limited to this scope. If you are looking for additional packages, you would have to either compile them from source or download pre-built binaries from an external package repository.

Enter EPEL, the "Extra Packages for Enterprise Linux" repository. According to their extensive FAQ, EPEL "is a volunteer-based community effort from the Fedora project to create a repository of high-quality add-on packages that complement the Fedora-based Red Hat Enterprise Linux (RHEL) and its compatible spinoffs, such as CentOS and Scientific Linux.".

Oracle Linux is based on RHEL, too, and is 100% userland-compatible with it. Therefore any package available from EPEL will install and run just fine, giving you access to a large pool of additional software. However, please keep in mind that this software is not covered by any Oracle Linux Support agreement you may have!

You can add and enable the EPEL repository by performing the following steps (as the root user):

  1. Download and install the repository package which includes the appropriate repository information for your version of Oracle Linux:
    rpm -Uvh http://download.fedora.redhat.com/pub/epel/6/x86_64/epel-release-6-5.noarch.rpm
  2. The repository is automatically enabled, which you can verify by running yum repolist.
  3. To get a listing of all the additional packages you now have access to, run yum list available | grep epel | less.
  4. Now simply run yum install <packagename> to install any of the additional packages (over 4800 for Oracle Linux 6, last time I counted!).
Enjoy!

See more articles about Oracle Linux at the Oracle Linux Blog!

About

Contributors:
Logan Rosenstein
and members of the OTN community

Search

Archives
« August 2016
SunMonTueWedThuFriSat
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
   
       
Today
Blogs We Like