Wednesday Mar 26, 2014

More Tips for Remote Access with Oracle Linux

In a previous blog, Oracle Linux Tips and Tricks, I covered alternative ways to use SSH. In this article, I will cover some additional tips and tricks for using SSH for remote access, as well as some other ways to connect remotely to a server.

SSH's primary use is for remote access to hosts. SSH is not only able to provide us a terminal interface to a server, it's also able to provide us a transport for a graphical interface. In order to utilize this functionality, we must have an X server running on our local workstation. On a Linux workstation with a graphical environment, this functionality is built in. On other systems, such as a Windows machine or a Mac, this functionality is not built in. Both XQuartz on the Mac and MobaXTerm are X servers for these platforms. There are also a number of other open source and paid products available for both platforms.

Once you have an acceptable X server installed on your local workstation, you can connect with SSH using the following ssh command. The -X enables X11 forwarding for the connection. Keep in mind that the X11 forwarding is based on the user who originally connected. Logging in with one user and then using sudo often will not work, depending on the permissions and ownership needed to complete a task.

[user@laptop ~]$ ssh -X 10.0.0.12

Once you authenticate, you drop directly to a standard prompt. If you look closely, though, and examine the environment variables in your terminal, you will find an additional environment variable that has the IP address of your workstation. You can examine your environment variables using the env command.

DISPLAY=localhost:10.0

Now you can launch an application that has a graphical interface, and the interface will be displayed on your local workstation. The following example will launch gedit. The ampersand symbol is useful for forking the process in the background so we can retain the use of our terminal.

[user@remotehost ~]$ gedit &

Using X11 connections over SSH can be quite useful for using application installers that are graphical, such as the Oracle Universal Installer for Oracle Database.

The screen application is a great compliment to SSH and is quite useful for sharing an SSH session with another user. Because of the way screen preserves sessions for the user, it is also great for high-latency network connections that have frequent disconnects and for maintaining sessions that time out due to security policies. With a regular SSH connection, if you are disconnected, any processes that were running are not preserved. Unlike SSH, the screen application keeps the session alive so it can be connected to again later.

One of the simplest things you can do with screen is share a session. You can launch screen on the terminal you wish to share by issuing the screen command. Once you do this, a new shell is running inside of screen. Another user can log in to the same machine and use the command screen -x to be immediately connected to your shell. They see everything you type. Even if you disconnect from the machine on either terminal, the shell will continue to run. This can be quite useful for sharing a terminal for a demonstration in a remote office or for running a terminal-based console that is shared between many users.

To see all of the active screen sessions, you can use screen -list, which will show active and detached sessions. To connect to a detached session, you can use screen -r and the pid.session name listed in the screen -list output. In the following example, there are five screen sessions running. One of them is detached.

[user@server ~]$ screen -list
There are screens on:
        24565.pts-1.server     (Attached)
        24581.pts-2.server     (Attached)
        24597.pts-3.server     (Attached)
        24549.pts-0.server     (Attached)
        24613.pts-4.server     (Detached)
5 Sockets in /var/run/screen/S-user.

The command screen -x can be used to connect to a currently attached session. In the following example, a connection to session 24565 is made:

[user@server ~]$ screen -x 24565

If you need access to a full graphical desktop environment remotely, there are a number of packages that can accomplish this. The package tigervnc-server is useful for connections to a remote machine providing a full Linux desktop experience. To set up and install the package, perform the following steps.

First, run the following command to install the package:

[root@server ~]# yum install tigervnc-server

Once the package is installed, you need to edit the file /etc/sysconfig/vncservers. The VNCSERVERS line establishes the user accounts that you want to enable the VNC server for and their display number. In the example below, the user bob is configured for display 2 and the user sue is configured for display 3. The VNCSERVERARGS[#] section allows you to specify options for each display. In this example, we are specifying a 1280 x 1024 resolution for display 2 and a 1024 x 768 resolution for display 3:

VNCSERVERS="2:bob 3:sue"
VNCSERVERARGS[2]="-geometry 1280x1024 "
VNCSERVERARGS[3]="-geometry 1024x768"

Once the /etc/sysconfig/vncservers file has been edited, you need to set passwords for each user account. This is accomplished with the vncpasswd command. In the following example, the user bob sets a password using the vncpasswd command.

[bob@server ~]$ vncpasswd
Password:
Verify:

Once the package is installed, the configuration file is edited, and passwords are set, you are ready to turn on the vncserver service. The following two commands start the service and set the service to start automatically at the next boot:

chkconfig vncserver on
service vncserver start

Once configured and running, you can connect to your Linux system using a standard VNC client. When connecting, be sure to specify the display and password credentials that are needed in order to connect.

Another incredibly useful tool for remote access to a server is freerdp application, which allows you to connect to a Linux-based server using the ubiquitous Microsoft RDP protocol. This application will need to be installed on the server that you wish to connect to. To install the application, you can use the following command.

[root@server ~]# yum install freerdp

Once the application is installed, you can start the service and, if desired, configure the service to start at boot time.

[root@server ~]# service freerdp start
[root@server ~]# chkconfig freerdp on

At this point, the server is able to accept standard Microsoft RDP connections. On your local Windows machine, you can use the command mstsc or, if you are using a Mac, you can use the Microsoft Remote Desktop application or a third-party tool that supports the Microsoft RDP protocol. Just as with VNC, access to an entire remote Linux desktop environment is provided.

Comments?

I hope these tips and tricks have been useful and that you will take advantage of some of them in the course of your day. We will be publishing more of these tips-and-tricks articles in the future. Feel free to leave a comment for further topics that you would like to see in this series.

See Also

Oracle Linux blog

About the Author

Robert Chase is a member of the Oracle Linux product management team. He has been involved with Linux and open source software since 1996. He has worked with systems as small as embedded devices and with large supercomputer-class hardware.

About the Photograph

Photograph taken by Rick Ramsey in Durango in the Fall of 2012

Follow OTN Garage on:
Blog | Facebook | Twitter | YouTube

If You Have to Ask, You Wouldn't Understand

Although being subjected to that kind of attitude is unpleasant, subjecting someone else to it is loads of fun. Just ask someone who rides a Harley why they ride a Harley, and watch how much they enjoy unloading that sentiment on your head, you member of the unwashed, you.

I feel the same way about Oracle Solaris. Don't talk to me about how much Windows or some other OS is capable of doing. I don't care. Your OS is a metric cruiser. Go away.

That feeling of vast superiority is even more pronounced when I'm talking about Oracle Solaris Studio. Which should have been renamed Oracle Solaris and Oracle Linux Studio, if you are insightful enough to ask me, because any Linux developer who is working on anything remotely interesting should be using Oracle Solaris Studio as their IDE. I freakin love it. I've had the pleasure of interviewing Don Kretch, the head of the Solaris Studio engineering team, many times. And I've enjoyed myself every single time. If you think you're worthy, you are welcome to try to understand our conversation (jump to "Interviews with Don Kretch," below).

If my rhetoric has convinced you, as it would convince anyone of vastly superior intelligence, you'll want to pretend that you already knew how good Oracle Solaris (and Linux) Studio is, and berate me for even suggesting you didn't. Good for you. You're catching on. But you'll still be faced with a dearth of actual knowledge about this IDE for the Vastly Intelligent.

Not to worry. There's a way for you to learn what you need to learn without anyone else finding out so you can pretend to have known all along.

Oracle Solaris (and Linux) Studio 12.4 Beta Program

The Beta Program for Oracle Solaris Studio 12.4 begins today. Download the software, try out its new features, and join in the discussions. These resources will help:

Landing Page, including links to Beta Program Forums
Download Center, where you can download a free copy

Interviews with Don Kretch

About the Photograph

Photograph of 2002 Harley Davidson Softail Deuce taken by Rick Ramsey in Massachusetts, USA.

- Rick

Follow me on:
Blog | Facebook | Twitter | YouTube

Friday Jan 31, 2014

Simplifying the Installation of Oracle Database on Oracle Linux - Reprint








Most of my workdays start by shapechanging me into a seven-headed Hydra, and each Hydra promptly makes a beeline for multi-tasking hell. So, when I get a chance to simplify something, anything, I jump on it.

Ginny has done that for OTN at last twice. Below are two of her exercises in simplifying our lives. We published these articles before, but we recently had to rebuild one of them because somebody (I'm not going to say who) deleted it. To avoid annoying one of your Hydras, and instead send you off to a peaceful weekend, here they are again.









How I Simplified Oracle Database Installation on Oracle Linux 5

by Ginny Henningsen

Before installing Oracle Database 10g or 11g on a system, you need to preconfigure the operating environment since the database requires certain software packages, package versions, and tweaks to kernel parameters. Ginny discovered that Oracle Linux provides a remarkably easy way to address these installation prerequisites. Find out how.

How I Simplified Oracle Database 11g and 12c Installation on Oracle Linux 6

by Ginny Henningsen

Similar to the article above, but updated for Database 12c and Oracle Linux 6. Ginny simplifies the installation of Oracle Database 11g by automatically pre-configuring Oracle Linux with the required software packages and correct kernel parameters.

Photograph of Fat Boy on Sakajawea Road in Idaho taken by Rick Ramsey

- Rick

Follow me on:
Blog | Facebook | Twitter | YouTube | The Great Peruvian Novel

Thursday Jan 23, 2014

Hands-On Lab Setup Instructions Now Available for Next Virtual Sysadmin Day

As you may already know, OTN's next Virtual Sysadmin Day is on January 28 from 9:00 am to 1:00 pm PT. This sysadmin day is going to be very cool because its hands-on labs focus on solving real-world problems with Oracle technologies.

You'll definitely want to do the prep work before the day of the event. The prep work consists of configuring your laptop and uploading the images. Don't be that guy. The one who, the day of, asks where the instructions are. Him. Don't be him.

Pre-Event Checklist

The checklist provides:

  • Virtual Conference hardware requirements
  • Virtual Conference software requirements
  • Setup instructions for Oracle Solaris labs
  • Setup instructions for Oracle Linux labs
  • Setup instructions for Oracle VM labs

If You Must Tweet

If you can't keep your hands off your danged phone while working on the labs, at least use this hashtag:

#OTNVSAD

Questions for Ed

Oracle ACE extraordinaire Ed Whalen and I will be hanging out at the Sysadmin Lounge during the last 30-45 minutes of the event. Ed knows his stuff, so if you have any questions about Linux, such as how to optimize it for the database or other applications, ask Ed. If you have questions about Harleys or Ducatis, ask me.

See you next week.

photograph of Harleys in Wisconsin by Rick Ramsey

- Rick

Follow me on:
Blog | Facebook | Twitter | YouTube | The Great Peruvian Novel

Tuesday Jan 07, 2014

Tips for Using Linux Huge Pages

Ed Whalen is the Chief Technologist at Performance Tuning Corp. He knows an awful lot about making databases run faster, including the use of Linux Huge Pages. Here are two of his very helpful resources.

Tech Article: How to Configure x86 Memory Performance for Large Databases

by Ed Whalen, Oracle ACE

Performance issues in large databases are not easy to detect using normal analysis methods such as AWR reports and OS tools such as sar, top, and iostat. And yet, if you configure your memory appropriately in x86 environments, your database can run significantly faster. This article describes you can use Linux Huge Pages to do just that.

Ed covers x86 virtual memory architecture, Linux memory management, and enabling Linux Huge Pages. See the article here.

Video Interview: What Are Linux Huge Pages?

with Ed Whalen, Oracle ACE

Ed Whalen, Oracle ACE, explains Linux huge pages, the huge performance increase they provide, and how sysadmins and DBA's need to work together to use them properly. Taped at Oracle Open World 2013.

photograph of cliff face in Perry Park, Colorado, copyright Rick Ramsey

- Rick

Follow me on:
Blog | Facebook | Twitter | YouTube | The Great Peruvian Novel

Thursday Jan 02, 2014

About our Latest Lab: How to Migrate to Oracle Linux and Oracle VM





Step by Step Instructions for Migrating to Oracle Linux and Oracle VM

Red Hat Linux and VMWare are fine technologies. A great pairing. However, if you have business reasons for migrating to Oracle Linux and Oracle VM, such as having earlier access to the latest Linux innovations or taking advantage of more integrated virtualization, take a look at our latest lab. It provides the best step by step instructions we could come up with for carrying out that migration. You can also try it just to hone your migration skills. You never know when the boss is going to ask you whether you can handle a migration.





Here's a peek at the major tasks:

  1. Start the two servers (Oracle VM Server and Oracle VM Manager).
  2. Connect to Oracle VM Manager and become familiar with the product.
  3. Verify that the Oracle VM environment started correctly.
  4. Import an assembly that has Oracle Database on top and was exported from VMware.
  5. Create an Oracle VM Template based on the VMware assembly.
  6. Edit the Oracle VM Template that was created.
  7. Create a guest based on the Oracle VM Template that was created.
  8. Verify and then start the Oracle VM guest that was created.
  9. Manually modify the guest configuration and remove VMware tools.
  10. Switch from the Red Hat kernel to Oracle's Unbreakable Enterprise Kernel for free.
  11. Transform the guest into a usable Oracle VM Template ("gold image").

You can run the lab anytime you like on your laptop, or you can attend OTN's next Virtual SA Day, and run it with the help of a proctor. There will be several hundred sysadmins running the same lab at the same time, so you can discuss it with others via chat, and get help from our proctors. Details here.

photograph of a brewery in Ouray, Colorado, by Rick Ramsey

- Rick

Follow me on:
Blog | Facebook | Twitter | YouTube | The Great Peruvian Novel

Thursday Dec 19, 2013

Next Virtual Sysadmin Day Is On Jan 28

OTN's next virtual sysadmin day is on January 28. It's four hours long, from 9:00 am - 1:00 pm PT. (Time converter here.) This time we have a whole new set of hands-on labs for Oracle Solaris, Oracle Linux, and Oracle VM. Proctored, of course, which means you can ask questions. The labs in our previous virtual sysadmin day focused on the basics. These focus on using these technologies in real-world scenarios. Click on the Agenda tab in the registration page to see the labs.

The event is free, but you do need to register. And there's a little homework involved. Nothing too complicated. We just expect you to have VirtualBox installed and the proper images already imported before we begin class. Click on the the Instructions tab for more info.

Register here.

Picture is of Mosquito Pass, in Colorado, taken from Mosquito Gulch. You need a 4x4 with good ground clearance to get up and over the top, and the rocks on the road will slice up your tires unless they're good and thick. A great place to catch your breath after you finish the hands-on labs.

- Rick

Follow me on:
Blog | Facebook | Twitter | YouTube | The Great Peruvian Novel

Tuesday Nov 19, 2013

Extending Your Use of DTrace on Oracle Linux





We just published a new article about using DTrace on Oracle Linux (see below). If you're not already familiar with DTrace on Oracle Linux, you might want to start with these two blogs.



Blog: Trying Out DTrace

by Wim Coekaerts

In October of 2011 Wim Coekaerts described the steps required to use the preview of DTrace on Oracle Linux, and provided a simple example of how to use it.



Blog: How to Get Started Using DTrace on Oracle Linux

by Rick Ramsey

In January of 2013 I described some of the resources that had recently become available to help you start using DTrace on Oracle Linux. They included a video interview with Brendan Gregg, a way to find out which DTrace probes are available on Oracle Linux, a technical article, a book, and more.

New Article: How to Set Up DTrace to Detect PHP Scripting Problems on Oracle Linux

by Christopher Jones

Christopher Jones has just published an OTN tech article that explains how to set up DTrace to detect PHP scripting problems on Oracle Linux. He shows you how to download and install the right version of Oracle Linux, how to install PHP and the OIC18 extensions for Oracle Database, how to verify which PHP probes you have, and how to begin using them.

photograph of Colorado sunset by Beth Ramsey

-Rick

Follow me on:
Blog | Facebook | Twitter | Personal Twitter | YouTube | The Great Peruvian Novel

Monday Sep 23, 2013

Live Video Interviews on OTN Central at Oracle OpenWorld 2013

Good thing I drove to Oracle OpenWorld this year instead of riding the moto like I have on some previous OOW's. We had an inch of slush on Donner pass, and if we hadn't skeedaddled outta there when we did, we might have wound up like the ATV in my driveway in Colorado.

This year Oracle wants its customers to talk about their experiences with Oracle technologies, so OTN has lined up three live interviews. If you're at Oracle OpenWorld, you can watch them on the big screens. If you're not at the event, you can still watch them live from our home page at www.oracle.com. If you want to watch them later, look for a future blog in which I'll post the location of the recorded interviews.

Monday, 12:00 noon PT - John Dome, Systems Engineering Lead, Progressive Insurance

John will describe the business opportunity that lead Progressive Insurance to switch from Red Hat Linux to Oracle Linux, he'll explain why he recommended they switch, the results they got, and how it has changed the way Progressive's DBA's and SA's work together. We'll try to get as techie as we can in the time we have.

Tuesday, 11:50 am PT - Gautham Sampath, Chief Information Technologist, Pinellas County Government

Gautham (pronounced like Batman's Gotham) recently led an effort to refresh the Pinellas County hardware systems. He'll explain what they were looking for, why they chose Oracle Exalytics, how they became convinced it was the right decision, and how it changed the way they managed their data center.

Wednesday, 11:00 am PT - Brian Bream, CTO, Collier IT

Brian Bream, Chief Technology Officer of Collier IT, will describe the biggest changes data centers must deal with today, and how Collier IT recommends they face them. When we're done, he'll confess how he deals with his personal addiction to SPARC systems and the Oracle Solaris operating system.

Plus recorded videos

We're also going to have a snowsquallfull of recorded interviews, which we'll begin posting during the evenings, since going to all-night parties is getting harder and harder to recover from. Look for them on OTN Garage YouTube Channel.

- Rick

Follow me on:
Blog | Facebook | Twitter | YouTube | The Great Peruvian Novel

Monday Sep 09, 2013

Latest Linux-Related Content on OTN

photograph copyright 2013 by Rick Ramsey

How to Launch Linux Utilities from Inside Oracle Database

by Yuli Vasiliev

By wrapping a Linux utility in a script and using an external database table's preprocessor directive, you can launch the utility from within Oracle Database and have the utility's output be inserted into the external table. This allows you to do things such as query operating system data and then join it with data in Oracle Database.

How to Use Hardware Fault Management in Oracle Linux

by Robert Chase

Robert Chase is a really good writer. If he was writing about teaching iguanas how to quilt I'd still read it. Fortunately, in this article he's writing about hardware fault management tools in Oracle Linux. What they are, how they work, what you can do with them, and examples with instructions. Give it a read.

How to Get Started Using DTrace on Oracle Linux

by Richard Friedman

DTrace is a powerful tool, and it can do some amazing things. But it's not that difficult to get started doing simple things. You can build up from there. In this article, Richard Friedman gives you a high-level overview of DTrace and its major components:providers, modules, functions, and probes. He explains how you can use either one-liner commands on the command line, or write more complex instructions in scripts, using the D language. He provides simple examples for each. It's a great way to get your feet wet.

Blog: Overview of Linux Containers

by Lenz Grimmer

Linux Containers isolate individual services, applications, or even a complete Linux operating system from other services running on the same host. They use a completely different approach than "classicial" virtualization technologies like KVM or Xen. Lenz Grimmer explains.

Blog: Practical Examples of Working With Oracle Linux Containers

by Lenz Grimmer

In his previous post about Linux Containers, Lenz Grimmer explained what they are and how they work. In this post, he provides a few practical examples to get you started working with them.

Video Interview: On Wim's Mind in August

by Lenz Grimmer

We ran a little long, but once Wim started talking about the history of SNMP and how he's been using it of late to do cool things with KSplice and Oracle VM, we geeked out. Couldn't stop. Wim is not your average Senior VP of Engineering. Definitely a hands-on guy who enjoys figuring out new ways to use technology

Video Interview: On Wim's Mind in June

by Lenz Grimmer

On Wim's Mind in June 2013 - Wim's team is currently working on DTrace userspace probes. They let developers add probes to an application before releasing it. Sysadmins can enable these probes to diagnose problems with the application, not just the kernel. Trying this out on MySQL, first. If you know how to do this on Solaris, already, you'll be able to apply that knowledge to Oracle Linux. Also on Wim's mind is the Playground channel on the Public Yum repository, which lets you play with the latest Linux builds, ahead of official Linux releases, without worrying about having your system configured properly.

- Rick

Follow me on:
Blog | Facebook | Twitter | YouTube | The Great Peruvian Novel

Monday Aug 05, 2013

Linux Container (LXC) — Part 2: Working With Containers

Containers by Phil Parker, on Flickr
"Containers" by Phil Parker (CC BY 2.0).

Part 1 of this article series provided an overview about the Linux container technology. This second part intends to give you an impression on how to work with containers, by showing a few practical examples. These can be easily followed and reproduced on an up to date Oracle Linux 6 system. For the first steps, it is recommended to install Oracl Linux inside a virtual environment like Oracle VM VirtualBox. Oracle provides a pre-installed and pre-configured Oracle Linux 6 Virtualbox image for free download from the Oracle Technology Network (OTN).

The administration of Linux containers is performed on the command line; so far, there is no integration or support for this technology in applications like Oracle VM Manager or Oracle Enterprise Manager. However, Oracle has developed several enhancements which are included in the lxc package that's part of Oracle Linux 6.4; these changes were also contributed to the upstream LXC project and are now part of the official LXC releases. The support of Linux containers is also included in the libvirt project, which provides a graphical user interface for the management of virtual machines or containers using virt-manager (and other utilities). Libvirt is also included in Oracle Linux.

The creation of Oracle Linux containers can be accomplished on the command line in a few steps, using the LXC utilities. At first, a dedicated directory should be created to host the container file systems. The default location is /container. Creating this directory on top of a Btrfs file system provides a few additional interesting possibilities, e.g. the option to "freeze" a container file system at a certain point in time, or the fast creation (cloning) of additional containers based on a template. Cloning containers using Btrfs snapshots takes place at an instant, without requiring any additional disk space except for the differences to the original template. The creation and management of Btrfs file systems is explained in detail in the chapter "The Btrfs File System" of the "Oracle Linux Administrator's Solutions Guide for Release 6".

The following example creates a Btrfs file system on the second hard disk drive and mounts it to the directory /container:

# mkfs.btrfs /dev/sdb

WARNING! - Btrfs v0.20-rc1 IS EXPERIMENTAL
WARNING! - see http://btrfs.wiki.kernel.org before using

fs created label (null) on /dev/sdb
nodesize 4096 leafsize 4096 sectorsize 4096 size 4.00GB
Btrfs v0.20-rc1

# mdkir -v /container
mkdir: created directory `/container'
# mount -v /dev/sdb /container
mount: you didn't specify a filesystem type for /dev/sdb
I will try type btrfs
/dev/sdb on /container type btrfs (rw)

Now you can create a container of the latest version of Oracle Linux 6 named "ol6cont1" and using the default options by entering the following command. The option "-t" determines the general type of the Linux distribution to be installed (the so-called "template"), e.g. "oracle", "ubuntu" or "fedora". Depending on the template, you can pass template-specific options after the double dashes ("--"). In the case of the Oracle Linux template, you can choose the distribution's version by providing values like "5.8", "6.3" or "6.latest". Further information about the available configuration options can be found in chapter "About the lxc-oracle Template Script" of the Oracle Linux 6 Administrator's Solutions Guide.

# lxc-create -n ol6cont1 -t oracle -- --release=6.latest
/usr/share/lxc/templates/lxc-oracle is /usr/share/lxc/templates/lxc-oracle
Note: Usually the template option is called with a configuration
file option too, mostly to configure the network.
For more information look at lxc.conf (5)

Host is OracleServer 6.4
Create configuration file /container/ol6cont1/config
Downloading release 6.latest for x86_64
Loaded plugins: refresh-packagekit, security
ol6_latest | 1.4 kB 00:00
ol6_latest/primary | 31 MB 01:23
ol6_latest 21879/21879
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package chkconfig.x86_64 0:1.3.49.3-2.el6 will be installed
--> Processing Dependency: libc.so.6(GLIBC_2.4)(64bit) for package: chkconfig-1.3.49.3-2.el6.x86_64
--> Processing Dependency: libc.so.6(GLIBC_2.3.4)(64bit) for package: chkconfig-1.3.49.3-2.el6.x86_64
[...]
--> Processing Dependency: pygpgme for package: yum-3.2.29-40.0.1.el6.noarch
--> Processing Dependency: python-iniparse for package: yum-3.2.29-40.0.1.el6.noarch
--> Processing Dependency: rpm-python for package: yum-3.2.29-40.0.1.el6.noarch
--> Running transaction check
---> Package audit-libs.x86_64 0:2.2-2.el6 will be installed
---> Package bash.x86_64 0:4.1.2-15.el6_4 will be installed
---> Package checkpolicy.x86_64 0:2.0.22-1.el6 will be installed
---> Package coreutils.x86_64 0:8.4-19.0.1.el6_4.2 will be installed
--> Processing Dependency: coreutils-libs = 8.4-19.0.1.el6_4.2 for package: coreutils-8.4-19.0.1.el6_4.2.x86_64
[...]
---> Package pinentry.x86_64 0:0.7.6-6.el6 will be installed
--> Running transaction check
---> Package groff.x86_64 0:1.18.1.4-21.el6 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
chkconfig x86_64 1.3.49.3-2.el6 ol6_latest 158 k
dhclient x86_64 12:4.1.1-34.P1.0.1.el6 ol6_latest 316 k
initscripts x86_64 9.03.38-1.0.1.el6_4.1 ol6_latest 937 k
[...]
rootfiles noarch 8.1-6.1.el6 ol6_latest 6.3 k
rsyslog x86_64 5.8.10-6.el6 ol6_latest 648 k
vim-minimal x86_64 2:7.2.411-1.8.el6 ol6_latest 363 k
yum noarch 3.2.29-40.0.1.el6 ol6_latest 995 k
Installing for dependencies:
MAKEDEV x86_64 3.24-6.el6 ol6_latest 88 k
audit-libs x86_64 2.2-2.el6 ol6_latest 60 k
basesystem noarch 10.0-4.0.1.el6 ol6_latest 4.3 k
[...]
yum-metadata-parser x86_64 1.1.2-16.el6 ol6_latest 26 k
zlib x86_64 1.2.3-29.el6 ol6_latest 72 k

Transaction Summary
================================================================================
Install 135 Package(s)

Total download size: 79 M
Installed size: 294 M
Downloading Packages:
(1/135): MAKEDEV-3.24-6.el6.x86_64.rpm | 88 kB 00:00
(2/135): audit-libs-2.2-2.el6.x86_64.rpm | 60 kB 00:00
(3/135): basesystem-10.0-4.0.1.el6.noarch.rpm | 4.3 kB 00:00
(4/135): bash-4.1.2-15.el6_4.x86_64.rpm | 904 kB 00:02
(5/135): binutils-2.20.51.0.2-5.36.el6.x86_64.rpm | 2.8 MB 00:07
[...]
(131/135): vim-minimal-7.2.411-1.8.el6.x86_64.rpm | 363 kB 00:01
(132/135): xz-libs-4.999.9-0.3.beta.20091007git.el6.x86_ | 89 kB 00:00
(133/135): yum-3.2.29-40.0.1.el6.noarch.rpm | 995 kB 00:03
(134/135): yum-metadata-parser-1.1.2-16.el6.x86_64.rpm | 26 kB 00:00
(135/135): zlib-1.2.3-29.el6.x86_64.rpm | 72 kB 00:00
--------------------------------------------------------------------------------
Total 271 kB/s | 79 MB 04:59
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : libgcc-4.4.7-3.el6.x86_64 1/135
Installing : setup-2.8.14-20.el6.noarch 2/135
Installing : filesystem-2.4.30-3.el6.x86_64 3/135
Installing : basesystem-10.0-4.0.1.el6.noarch 4/135
Installing : ca-certificates-2010.63-3.el6_1.5.noarch 5/135
[...]
Installing : rsyslog-5.8.10-6.el6.x86_64 131/135
Installing : yum-3.2.29-40.0.1.el6.noarch 132/135
Installing : passwd-0.77-4.el6_2.2.x86_64 133/135
Installing : 2:vim-minimal-7.2.411-1.8.el6.x86_64 134/135
Installing : rootfiles-8.1-6.1.el6.noarch 135/135
Verifying : gamin-0.1.10-9.el6.x86_64 1/135
Verifying : procps-3.2.8-25.el6.x86_64 2/135
Verifying : 12:dhclient-4.1.1-34.P1.0.1.el6.x86_64 3/135
Verifying : 2:ethtool-3.5-1.el6.x86_64 4/135
Verifying : ncurses-base-5.7-3.20090208.el6.x86_64 5/135
[...]
Verifying : ca-certificates-2010.63-3.el6_1.5.noarch 130/135
Verifying : libssh2-1.4.2-1.el6.x86_64 131/135
Verifying : cpio-2.10-11.el6_3.x86_64 132/135
Verifying : mingetty-1.08-5.el6.x86_64 133/135
Verifying : libcurl-7.19.7-37.el6_4.x86_64 134/135
Verifying : 1:findutils-4.4.2-6.el6.x86_64 135/135

Installed:
chkconfig.x86_64 0:1.3.49.3-2.el6
dhclient.x86_64 12:4.1.1-34.P1.0.1.el6
initscripts.x86_64 0:9.03.38-1.0.1.el6_4.1
openssh-server.x86_64 0:5.3p1-84.1.el6
[...]
Dependency Installed:
MAKEDEV.x86_64 0:3.24-6.el6
audit-libs.x86_64 0:2.2-2.el6
basesystem.noarch 0:10.0-4.0.1.el6
bash.x86_64 0:4.1.2-15.el6_4
binutils.x86_64 0:2.20.51.0.2-5.36.el6
[...]
upstart.x86_64 0:0.6.5-12.el6_4.1
ustr.x86_64 0:1.0.4-9.1.el6
util-linux-ng.x86_64 0:2.17.2-12.9.el6_4.3
xz-libs.x86_64 0:4.999.9-0.3.beta.20091007git.el6
yum-metadata-parser.x86_64 0:1.1.2-16.el6
zlib.x86_64 0:1.2.3-29.el6

Complete!
Rebuilding rpm database
Configuring container for Oracle Linux 6.4
Added container user:oracle password:oracle
Added container user:root password:root
Container : /container/ol6cont1/rootfs
Config : /container/ol6cont1/config
Network : eth0 () on virbr0
'oracle' template installed
'ol6cont1' created

To prepare a miminal installation of the latest version of Oracle Linux 6 (about 400 MB), the installation script performs a download of the required RPM packages from Oracle's "public-yum" service. The directory structure of the installed container can be found at /container/ol6cont1/rootfs, it can be browsed and evaluated like any other regular directory structure. The script also creates two user accounts "root" and "oracle" and configures a virtual network device, which obtains an IP address via DHCP from the DHCP server provided by the libvirt framework. The container's configuration file created by lxc-create is located at /container/ol6cont1/config and can be adapted and modified using a regular text editor. Before making any changes, it's recommended to create a snapshot of the container first, which can be used to quickly spawn additional containers:

# lxc-clone -o ol6cont1 -n ol6cont2
Tweaking configuration
Copying rootfs...
Create a snapshot of '/container/ol6cont1/rootfs' in '/container/ol6cont2/rootfs'
Updating rootfs...
'ol6cont2' created
# lxc-ls -1
ol6cont1
ol6cont2

Start the container using the following command:

# lxc-start -n ol6cont1 -d -o /container/ol6cont1/ol6cont1.log
# lxc-info -n ol6cont1
state: RUNNING
pid: 311
# lxc-info -n ol6cont2
state: STOPPED
pid: -1

The container has now been started in the background. Eventual log messages will be redirected to the file ol6cont.log. As you can tell from the output of lxc-info, only the container ol6cont1 has been started, while the clone ol6cont2 remains in stopped state until you boot it up using lxc-start.

Now you can log into the container instance's console using the following command. The container's system configuration can now be modified using the usual tools (e.g. yum or rpm to install additional software).

# lxc-console -n ol6cont1

Oracle Linux Server release 6.4
Kernel 2.6.39-400.109.4.el6uek.x86_64 on an x86_64

ol6cont1 login: root
Password:
[root@ol6cont1 ~]# ps x
PID TTY STAT TIME COMMAND
1 ? Ss 0:00 /sbin/init
184 ? Ss 0:00 /sbin/dhclient -H ol6cont1 -1 -q -lf /var/lib/dhclien
207 ? Sl 0:00 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5
249 ? Ss 0:00 /usr/sbin/sshd
256 lxc/console Ss+ 0:00 /sbin/mingetty /dev/console
260 ? Ss 0:00 login -- root
262 lxc/tty2 Ss+ 0:00 /sbin/mingetty /dev/tty2
264 lxc/tty3 Ss+ 0:00 /sbin/mingetty /dev/tty3
266 lxc/tty4 Ss+ 0:00 /sbin/mingetty /dev/tty4
267 lxc/tty1 Ss 0:00 -bash
278 lxc/tty1 R+ 0:00 ps x
[root@ol6cont1 ~]# logout
Oracle Linux Server release 6.4
Kernel 2.6.39-400.109.4.el6uek.x86_64 on an x86_64

ol6cont1 login: CTRL-A Q

The key combination CTRL-A, Q terminates the console session. Alternatively, you can also log in to the container using SSH from the host system. All containers have their own IP address and are connected to a virtual bridge device virbr0 by default, which is also reachable from the host system. This way, you can easily set up simple client/server architectures within a host system.

A running container can easily be suspended using the command lxc-freeze at any time. All running processes will be halted and won't consume CPU ressources anymore, until you release them using lxc-unfreeze again. Since Linux containers are based on the Linux Control Groups (Cgroups) framework, it is also possible to precisely limit the resources available to a container.

A container can be shut down using various ways: either by calling lxc-stop from the host, or from within the container using the usual commands like shutdown -h or poweroff. Containers that are no longer needed can be discarded using the lxc-destroy command.

If you'd like to learn more about this topic, there is a dedicated chapter about Linux containers in the Oracle Linux Administrator's Solutions Guide. It covers the creation, configuration and starting/stopping as well as monitoring of containers in detail. It also explains how to prepare the container storage on a Btrfs file system and how existing containers can be quickly cloned.

More links about the topic of Linux containers:

Wednesday Jul 31, 2013

Using Ksplice for diagnostic purposes

laptop and stethoscope by jfcherry, on Flickr
laptop and stethoscope by jfcherry (CC BY-SA 2.0)

We've been emphasizing the benefits of using Oracle Linux with Ksplice rebootless updates several times already. The ability to minimize downtime when applying rebootless patches to the Linux Kernel is a feature unique to Oracle Linux, and a growing number of customers realize the benefits of this technology.

Since we acquired Ksplice two years ago, we've continued to improve and further integrate this functionality in Oracle Linux. For example, we implemented the the Ksplice offline client (which I mentioned in this YouTube whiteboard session some time ago), the Ksplice Inspector, or the RedPatch utility.

But did you know that we use Ksplice for diagnostic purposes, too? As part of our Oracle Linux Premier Support offering, we can make use Ksplice to enable additional debugging functionality on your production system, if we need to track down an issue in your environment. Instead of asking you to reboot into a custom Linux kernel that contains additional debugging code, we now simply create a custom Ksplice patch that helps us to gather the required information, while your system keeps running. Once we've obtained the necessary details, you can simply remove the debug patch with Ksplice at runtime again, without any interruption. The additional debugging information helps our support team to determine the root cause of your issue. In case it turns out to be a genuine bug in the Linux kernel, we will then develop and provide a bug fix for this particular problem in the form of a new Ksplice patch, which you can apply while the system keeps humming along. Bug analyzed and fixed, no reboot was required!

To learn more about his feature and the other advantages of Ksplice, take a look at Wim's recent blog post "The Ksplice differentiator".

Wednesday Jun 26, 2013

Linux-Containers — Part 1: Overview

Containers by Phil Parker, on Flickr
"Containers" by Phil Parker (CC BY 2.0).

Linux Containers (LXC) provide a means to isolate individual services or applications as well as of a complete Linux operating system from other services running on the same host. To accomplish this, each container gets its own directory structure, network devices, IP addresses and process table. The processes running in other containers or the host system are not visible from inside a container. Additionally, Linux Containers allow for fine granular control of resources like RAM, CPU or disk I/O.

Generally speaking, Linux Containers use a completely different approach than "classicial" virtualization technologies like KVM or Xen (on which Oracle VM Server for x86 is based on). An application running inside a container will be executed directly on the operating system kernel of the host system, shielded from all other running processes in a sandbox-like environment. This allows a very direct and fair distribution of CPU and I/O-resources. Linux containers can offer the best possible performance and several possibilities for managing and sharing the resources available.

Similar to Containers (or Zones) on Oracle Solaris or FreeBSD jails, the same kernel version runs on the host as well as in the containers; it is not possible to run different Linux kernel versions or other operating systems like Microsoft Windows or Oracle Solaris for x86 inside a container. However, it is possible to run different Linux distribution versions (e.g. Fedora Linux in a container on top of an Oracle Linux host), provided it supports the version of the Linux kernel that runs on the host. This approach has one caveat, though - if any of the containers causes a kernel crash, it will bring down all other containers (and the host system) as well.

For example, Oracle's Unbreakable Enterprise Kernel Release 2 (2.6.39) is supported for both Oracle Linux 5 and 6. This makes it possible to run Oracle Linux 5 and 6 container instances on top of an Oracle Linux 6 system. Since Linux Containers are fully implemented on the OS level (the Linux kernel), they can be easily combined with other virtualization technologies. It's certainly possible to set up Linux containers within a virtualized Linux instance that runs inside Oracle VM Server for Oracle VM Virtualbox.

Some use cases for Linux Containers include:

  • Consolidation of multiple separate Linux systems on one server: instances of Linux systems that are not performance-critical or only see sporadic use (e.g. a fax or print server or intranet services) do not necessarily need a dedicated server for their operations. These can easily be consolidated to run inside containers on a single server, to preserve energy and rack space.
  • Running multiple instances of an application in parallel, e.g. for different users or customers. Each user receives his "own" application instance, with a defined level of service/performance. This prevents that one user's application could hog the entire system and ensures, that each user only has access to his own data set. It also helps to save main memory — if multiple instances of a same process are running, the Linux kernel can share memory pages that are identical and unchanged across all application instances. This also applies to shared libraries that applications may use, they are generally held in memory once and mapped to multiple processes.
  • Quickly creating sandbox environments for development and testing purposes: containers that have been created and configured once can be archived as templates and can be duplicated (cloned) instantly on demand. After finishing the activity, the clone can safely be discarded. This allows to provide repeatable software builds and test environments, because the system will always be reset to its initial state for each run. Linux Containers also boot significantly faster than "classic" virtual machines, which can save a lot of time when running frequent build or test runs on applications.
  • Safe execution of an individual application: if an application running inside a container has been compromised because of a security vulnerability, the host system and other containers remain unaffected. The potential damage can be minimized, analyzed and resolved directly from the host system.

Note: Linux Containers on Oracle Linux 6 with the Unbreakable Enterprise Kernel Release 2 (2.6.39) are still marked as Technology Preview - their use is only recommended for testing and evaluation purposes.

The Open-Source project "Linux Containers" (LXC) is driving the development of the technology behind this, which is based on the "Control Groups" (CGroups) and "Name Spaces" functionality of the Linux kernel. Oracle is actively involved in the Linux Containers development and contributes patches to the upstream LXC code base.

Control Groups provide means to manage and monitor the allocation of resources for individual processes or process groups. Among other things, you can restrict the maximum amount of memory, CPU cycles as well as the disk and network throughput (in MB/s or IOP/s) that are available for an application.

Name Spaces help to isolate process groups from each other, e.g. the visibility of other running processes or the exclusive access to a network device. It's also possible to restrict a process group's access and visibility of the entire file system hierarchy (similar to a classic "chroot" environment).

CGroups and Name Spaces provide the foundation on which Linux containers are based on, but they can actually be used independently as well.

A more detailed description of how Linux Containers can be created and managed on Oracle Linux will be explained in the second part of this article.

Additional links related to Linux Containers:

- Lenz Grimmer

Follow me on:
Personal Blog | Facebook | Twitter | Linux Blog |

Thursday Jun 20, 2013

Hands-On Labs + Proctors = Genius

If Albert Einstein (image removed from blog) had attended OTN's virtual sysadmin days, he wouldn't have gotten so old figuring out his Theory of Relativity. Thanks to the relentless advance of technology, you can outsmart Einstein from the comfort of your own office. See below.

OTN Virtual Sysadmin Day - July 2013

It's free - register here

We held our first ever virtual sysadmin day for North America on January 15 of this year. Almost 600 sysadmins attended and over 80% of them remained online for the duration of the event. Which means they found it a good use of their time. If you missed that one, we're doing another one in July. Oddly enough, we chose the same date and time: the 15th at 9:00 am PT. Which is at exact same spot of the Earth's rotation, but on the other side of the sun and closer to our upcoming collision with Adromeda.

That galactic fender-bender aside, we have updated some of the hands-on labs about Oracle Solaris and Oracle Linux that we presented at our in-person sysadmin days, and we added three new labs about Oracle VM:

  • Deploying Infrastructure as a Service
  • How to Virtualize and Deploy Oracle Applications Using Oracle VM Templates
  • Creating an x86 Enterprise Cloud Infrastructure

Details here.

The event is free, but you do need to register. And there's a little homework involved. Nothing too complicated. We just expect you to have VirtualBox installed and the proper images already imported before we begin class. You'll see the instructions after you register.

When was that again?

Monday, July 15 at 9:00 am Pacific Time. (Time converter here.)

Register here

- Rick

Follow me on:
Blog | Facebook | Twitter | YouTube | The Great Peruvian Novel

Wednesday Apr 17, 2013

How the Oracle Linux Update Channels are Structured

Beer Taps by Jamie C2009, on Flickr
"Beer Taps" by Jamie C2009 (CC BY 2.0).

Oracle Linux distribution releases are identified by a major version like "Oracle Linux 6" or "Oracle Linux 5", followed by an update release number, e.g. "Oracle Linux 6 Update 3" or "Oracle Linux 6.3" in short. Every Oracle Linux distribution release is freely available as ISO installation images from the Oracle Software Delivery Cloud (formerly known as E-Delivery), as well as individual RPM packages, broken up by update releases. These are published via "channels" (or "yum repositories") from the Unbreakable Linux Network (ULN) and our public yum repository

Security patches and critical bug fixes (errata) for individual packages that are being released in between update releases are published immediately via the corresponding _latest yum repositories and ULN channels at the same time. If you want to ensure that your system is always up to date and fully patched, make sure to have it subscribed to the _latest channel (e.g. ol6_latest). And you don't even need to purchase a support subscription for that, if you use the public yum repositories!

Update releases of a major distribution version are primarily "checkpoints", an accumulation of all patches that have been published since the last update release has been made available. They help to reduce lengthy patch/update procedures that would have to be performed if you would always have to start a new installation from the very first release of a new major version. Update releases within a major version are binary compatible. An application that was installed and tested on Oracle Linux 6.1 will still run on Oracle Linux 6.4.

In addition to the _latest channel, ULN also provides so-called _patch channels, one per update release (e.g. ol6_u4_x86_64_patch for Oracle Linux 6.4 on x86_64). These _patch channels contain all RPM updates that have been published after a new update release (e.g. 6.4) has been released. They are kept up to date with each new update package that is made available. So they allow you to keep a certain update level of the distribution up to date without risking rolling forward to a new update release version automatically (which is what happens when your system is subscribed to the _latest repository).

However, one thing to keep in mind is that these channels actually stop receiving updates once a new update release (e.g. 6.4) has been made available. At this point you need to "go with the flow" and plan your update to the next update release (and its associated _patch channel), if you don't want to risk running an un-patched system.

I'd like to give you an alternative explanation of this channel structure, using software development and source code version control as an analogy. In revision control terms, you could consider the _latest channel the "trunk" of the distribution, a stream of packages that is always up to date and also rolls forward the distribution's update version in regular intervals. The _base channels could be considered "tags" or "snapshots" of the _latest package stream. They represent the state of a major distribution version (e.g. Oracle Linux 6) at a certain point in time, identified by a minor version number (e.g. 6.3). They are being packaged and released in the form of an ISO image as well. The _patch channels could be considered "branches" that are branched off a certain tag and are being kept up to date with the "trunk" until a new update release has been tagged.

I hope this explanation helps understanding the various channels and their purposes!

- Lenz Grimmer

Follow me on:
Personal Blog | Facebook | Twitter | Linux Blog |

Tuesday Apr 16, 2013

Evaluating Oracle Solaris and Oracle Linux From Your Laptop

Evaluating Oracle Linux From Inside VirtualBox

After importing your Oracle Linux virtual image, you can use the yum install command to download additional packages into your Linux environment. Yuli explains how.

But what's really cool about evaluating an OS from inside VirtualBox is that you can assign each virtual image a unique IP address, and have it communicate with the outside world as if it were its own physical machine on the network. Yuli describes how to do this, and also how to install guest additions to, for instance, share files between the guest and host systems.

Evaluating Oracle Solaris 11 From Inside VirtualBox

In this article Yuli shows you how to create and manage user accounts with either the GUI or the CLI, how to set up networking, and how to use the Service Management Facility (SMF) to, for instance, control SSH connections to the outside world.

Both article cover the basics to get you started, but also very valuable are the links that Yuli provides to help you move further along in your evaluation.

- Rick

Follow me on:
Blog | Facebook | Twitter | YouTube | The Great Peruvian Novel

Monday Apr 15, 2013

Eight Cylinders of Virtualization

source made freely available by desktop machine

I've been on the lookout for a quick techie overview of Oracle's virtualization offerings. Detlef Drewanz, Matthias Pfützner, and Elke Freymann had strung together a series of articles doing just that. Lenz Grimmer jumped in with some context on Linux, and the result was this 8-part series for OTN.

1 - The Role of Oracle VM Server for SPARC in a Virtualization Strategy

by Matthias Pfützner

Overview of hardware and software virtualization basics, including a breakdown of different types and styles of virtualization, and where Oracle VM Server for SPARC fits into a virtualization strategy.

2- The Role of Oracle VM Server for x86 in a Virtualization Strategy

by Matthias Pfützner

Oracle VM Server for x86 is an Oracle technology that existed before Oracle acquired Sun. It is a virtualization product based on the Xen hypervisor and like its SPARC counterpart, Oracle VM Server for SPARC, it is a thin Type 1 hypervisor that performs hardware virtualization and uses paravirtualization.

3 - The Role of Oracle Solaris Zones and Linux Containers in a Virtualization Strategy

by Detlef Drewanz and Lenz Grimmer

Oracle Solaris zones are referred to as lightweight virtualization because they impose no overhead on the virtualization layer and the applications running in the non-global zones. As a result, they are a perfect choice for high performance applications. Instead of retrofitting efficiency onto full isolation, Linux Containers started out with an efficient mechanism and added isolation, resulting in a system virtualization mechanism as scalable and portable as chroot.

4 - Resource Management As an Enabling Technology for Virtualization

by Detlef Drewanz

When you have one person in one phone booth, life is simple. But when you fit 25 college students into one phone booth, you have resource management challenges. Not to mention security risks. Same goes for virtualization. Detlef explains how resource management can help.

5 - Network Virtualization and Network Resource Management

by Detlef Drewanz

Using hypervisor-based virtualization and Oracle Solaris Zones with network virtualization plus network resource management enables a whole range of network-based architectures. This article describes what's involved in using network resource management in conjunction with hypervisors, containers, and zones in an internal virtual network.

6 - Oracle VM VirtualBox: Personal Desktop Virtualization

by Detlef Drewanz

Oracle VM VirtualBox consists of a base software package that is available for each supported host OS; guest additions that add support for shared folders, seamless window integration, and 3D; and extension packs.

7 - The Role of Oracle Virtual Desktop Infrastructure in a Virtualization Strategy

by Matthias Pfützner

This technology is no longer available.

Virtual desktop infrastructure (VDI) is the practice of hosting a desktop operating system within a virtual machine (VM) running on a hosted, centralized or remote server. Matthias Pfützner explains.

8 - Oracle Enterprise Manager Ops Center as a Management Tool for Virtualization

by Elke Freymann

Oracle Enterprise Manager Ops Center offers complete infrastructure management with a focus on Oracle hardware (servers, switches, storage appliances) and Oracle operating systems, plus non-Oracle Linux variants that are supported on Oracle servers. Although Oracle VM VirtualBox and Oracle VDI include management capabilities, Ops Center has the best overall toolset for central virtualization management.

- Rick

Follow me on:
Blog | Facebook | Twitter | YouTube | The Great Peruvian Novel

Friday Apr 05, 2013

Migrating to Oracle Linux: How to Identify Applications To Move

source

One of the first things you need to make when migrating from SUSE Linux to Oracle Linux is an inventory of your applications. A package management tool such as Yet Another Setup Tool (YAST) is a big help here. So is the rpm command. Here are some ways to use it.

To List All The Installed Packages

Use the -qa option.

# rpm –qa
filesystem-11.1.3.5.3
sles-release-DVD-11.2.1.234
...

To Save the Output in a File

You can move that file to any location and, anytime later,search through the package list saved there to look for a package of interest:

# rpm –qa > rpmlist.txt

To Sort the Packages

To see the installed packages sorted by install time, use --last. The packages installed most recently will appear at the top of the list, followed by the standard packages installed during the original installation:

# rpm –qa --last
VirtualBox-4.2-4.2.6_82870_sles11-0-1
...

To Find Out If A Particular Component Is Installed

To find out whether a particular component is installed and what version it is, use the name option. For example:

# rpm –qa python
python-2.6.0-8.12.2

To Find Out What Dependencies a Package Has

Use the -qR option:

# rpm –qR python-2.6.0-8.12.2
python-base = 2.6.0
rpmlib(VersionedDependencies) <= 3.0.3-1
...

The Linux Migration Guide

You can find out more about migration steps with either rpm or YaST, including the benefits of migrating to Oracle Linux, by downloading the white paper from here:

Download the Oracle Linux Migration Guide

- Rick

Follow me on:
Blog | Facebook | Twitter | YouTube | The Great Peruvian Novel

Friday Feb 22, 2013

How to Configure the Linux Kernel's Out of Memory Killer

source

Operating systems sometimes behave like airlines. Since the airlines know that a certain percentage of the passengers won't show up for their flight, they overbook the flights. As anyone who has been to an airport in the last 10 years knows, they usually get it wrong and have to bribe some of us to get on the next flight. If the next flight is the next morning, we get to stay in a nice hotel and have a great meal, courtesy of the airline.

That's going to be my lodging strategy if I'm ever homeless.

Linux kernel does something similar. It allocates memory to its processes ahead of time. Since it knows that most of the processes won't use all the memory allocated to them, it over-commits. In other words, it allocates a sum total of memory that is more than it actually has. Once in a while too many processes claim the memory that the kernel promised them at the same time. When that happens, the Linux kernel resorts to an option that the airlines wish they had: it kills off processes one at a time. In fact, it actually has a name for this function: the out-of-memory killer.

Robert Chase explains.

How to Configure the Out of Memory Killer

Robert Chase describes how to examine your syslog and how to use the vmstat command for clues about which processes were killed, and why. He then shows you how to configure the OOM killer to behave the way you prefer. For instance, you can make certain processes less likely to be killed than others. Or more. Or you can instruct the kernel to reboot instead of killing processes.

More Oracle Linux Resources

- Rick

Follow me on:
Blog | Facebook | Twitter | YouTube

(psst! and don't forget to follow the Great Peruvian Novel!)

Thursday Feb 21, 2013

Can You Figure Out Which Teenager Took the Cash?

source

Dads like me are familiar with a phenomenon known as Silent Dollar Disappearance. This tends to occur when there is a confluence of money in your wallet and teenage children in your home. You never actually see it happen, but if you are paying attention, you might detect that it has happened. As when, for instance, you try to pay for beer and brats at the grocer. It becomes difficult to know for sure whether it was the teenagers. What if you already spent the money on something else? That's what my teenage daughters always said. Or perhaps you had a wallet malfunction, and it flew out. So difficult to pin-point the actual cause.

Linux, like any OS, is vulnerable to a similar phenomenon. It's called silent data corruption. It can be caused by faulty components, such as memory modules or storage systems. It can also be caused by -God forbid- administrative error. As with Silent Dollar Disappearance, it's difficult to detect when data corruption is actually happening. Or what the exact cause was. But, as with Dads and teenagers, you eventually figure out that it has happened.

It may be impossible to identify the culprit after the data has been corrupted, but it's not impossible to stop the culprit ahead of time. Oracle partnered with EMC and Emulex to do just that. And they were kind enough to explain how the did it and how you can benefit. In this article:

Preventing Silent Data Corruption in Oracle Linux

An excerpt ...

"Data integrity protection is not new. ECC and CRC are available on most, if not all, servers, storage arrays, and Fibre Channel host bus adapters (HBAs). But these checks protect the data only temporarily within a single component. They do not ensure that the data you intended to write does not become corrupt as it travels down the data path from the application running in the server to the HBA, the switch, the storage array, and then the physical disk drive. When data corruption occurs, most applications are unaware that the data that was stored on the disk is not the data that was intended to be stored.

"Over the last several years, EMC, Emulex, and Oracle have worked together to drive and implement the Protection Information additions to the T10 SBC standard, which enables the validation of data as it moves through the data path to ensure that silent data corruption does not occur."

Interesting stuff. Give it a read.

- Rick

Follow us on:
Blog | Facebook | Twitter | YouTube

(psst! and don't forget to follow the Great Peruvian Novel!)

Wednesday Jan 09, 2013

How to Treat an NFS File As a Block Storage Device

source

Wim actually beat me in blogging about this feature while I was on vacation, but I'd like to add a little more background about dm-nfs, which I gathered from our kernel developers:

What is dm-nfs?

The dm-nfs kernel module provides a device-mapper target that allows you to treat an NFS file as a block device. It provides loopback-style emulation of a block device using a regular file as backing storage. The backing file resides on a remote system and is accessed via the NFS protocol.

The general idea is to have a more-efficient-than-loop access to files on NFS. The device mapper module directly converts requests to the dm device into NFS RPC calls.

dm-nfs is used transparently by Oracle VM's Dom0 when mounting NFS-backed virtual disks. It essentially allows for asynchronous and direct I/O to an NFS-backed block device, which is a lot faster than normal NFS for virtual disks. The Xen block hotplug script has been modified on OVM to look for files which are on NFS filesystems. If the file is on NFS, OVM uses dm-nfs automatically, otherwise it falls back to using the regular (but slower) loop mount method.

The original dm-nfs module was written by Chuck Lever. It has been supported and used by Oracle VM since version 2.2 and is also included in the Unbreakable Enterprise Kernel for Oracle Linux.

Why this feature matters

This feature creates virtual disk devices (LUNs) where the data is stored in an NFS file instead of on local storage. Managed networked storage has many benefits over keeping virtual devices on a disk local to the physical host.

A sample use case is the fast migration of guest VMs for load balancing or if a physical host requires maintenance. This functionality is also possible using iSCSI LUNs, but the advantage of dm-nfs is that you can manage new virtual drives on a local host system, rather than requiring a storage administrator to initialize new LUNs on the storage subsystem. Host administrators can handle their own virtual disk provisioning.

For durability and performance, dm-nfs uses asynchronous and direct I/O so all I/O operations are performed efficiently and coherently. Guest disk data is not double cached on the underlying host. If the underlying host crashes, there's a lower probability of data corruption. If the guest is frozen, a clean backup can be taken of the virtual disk, as you can be certain that its data has been fully written out.

How to use it

You use dm-nfs by first loading the kernel module, then using dmsetup to create a device mapper device on your file. The syntax is very similar to the dm-linear module.

The following sample code demonstrates how to use dmsetup to create a mapped device (/dev/mapper/$dm_nfsdev) for the file $filename that is accessible on a mounted NFS file system:

nblks=`stat -c '%s' $filename`
echo -n "0 $nblks nfs $filename 0" | dmsetup create $dm_nfsdev

Now you can mount /dev/mapper/$dm_nfsdev like any other filesystem image.

- Lenz Grimmer (Oracle Linux Blog)

Website Newsletter Facebook Twitter

Wednesday Aug 15, 2012

It's Better with Btrfs

source

Two recently published articles to help you become proficient with the Btrfs file system in Oracle Linux:

How I Got Started with the Btrfs File System in Oracle Linux

By Margaret Bierman

Scalability and volume management. Write methodology and access. Tunables. Margaret describes these capabilities of the Btrfs file system, plus how it deals with redundant configurations, checksums, fault isolation and much more. She also walks you through the steps to create and set up a Btrfs file system so you can become familiar with it.

How I Use the Advanced Features of the Btrfs File System

By Margaret Bierman

How to create and mount a Btrfs file system. How to copy and delete files. How to create and manage a redundant file system configuration. How to check the integrity of the file system and its remaining capacity. How to take snapshots. How to clone. And more. In this article Margaret explores the more advanced features of the Btrfs file system.

Let us know what you think, and what you'd like to see Margaret write about in the future.

- Rick

Website Newsletter Facebook Twitter

Tuesday Jul 17, 2012

How to Protect Your Oracle Linux System from the Higgs Boson

Now that the Higgs Boson particle has been gently coaxed out of hiding, you know what's gonna happen, don't you? Your boss is gonna walk into your office and demand a plan for protecting your Oracle Linux system against it.

You could act like a smart aleck sysadmin and inform him or her that it took a team of scientists 10 years and 500 trillion collisions to get conclusive evidence of its existence, and let's not even talk about how difficult it was for God to create the elusive thing, but that would violate the first law of corporate survival:

Never, ever make your boss look stupid

Instead, jump out of your chair and say "OMG! I hadn't though of that!" Then read our latest article and use what you learn to write up a plan that will make your boss look real good to his or her boss. (Just make sure your name appears nowhere.)

Tips for Hardening an Oracle Linux Server

Lenz Grimmer and James Morris provide guidelines for:

  • Minimizing the software footprint
  • Minimizing active services
  • Locking down network services
  • Disabling or tightening use of SSH
  • Configuring mounts, file permissions, and ownerships
  • Managing Users and Authentication
  • Other Security Features and Tools
  • Cryptography
I hope you enjoy reading the article as much as I did. And good luck with your career.

- Rick

Website Newsletter Facebook Twitter

Friday Mar 23, 2012

How to subscribe to the free Oracle Linux errata yum repositories

Now that updates and errata for Oracle Linux are available for free (both as in beer and freedom), here's a quick HOWTO on how to subscribe your Oracle Linux system to the newly added yum repositories on our public yum server, assuming that you just installed Oracle Linux from scratch, e.g. by using the installation media (ISO images) available from the Oracle Software Delivery Cloud

You need to download the appropriate yum repository configuration file from the public yum server and install it in the yum repository directory. For Oracle Linux 6, the process would look as follows: as the root user, run the following command:

[root@oraclelinux62 ~]# wget http://public-yum.oracle.com/public-yum-ol6.repo \
-P /etc/yum.repos.d/
--2012-03-23 00:18:25--  http://public-yum.oracle.com/public-yum-ol6.repo
Resolving public-yum.oracle.com... 141.146.44.34
Connecting to public-yum.oracle.com|141.146.44.34|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1461 (1.4K) [text/plain]
Saving to: “/etc/yum.repos.d/public-yum-ol6.repo”

100%[=================================================>] 1,461       --.-K/s   in 0s      

2012-03-23 00:18:26 (37.1 MB/s) - “/etc/yum.repos.d/public-yum-ol6.repo” saved [1461/1461]
For Oracle Linux 5, the file name would be public-yum-ol5.repo in the URL above instead. The "_latest" repositories that contain the errata packages are already enabled by default — you can simply pull in all available updates by running "yum update" next:
[root@oraclelinux62 ~]# yum update
Loaded plugins: refresh-packagekit, security
ol6_latest                                                    | 1.1 kB     00:00     
ol6_latest/primary                                            |  15 MB     00:42     
ol6_latest                                                               14643/14643
Setting up Update Process
Resolving Dependencies
--> Running transaction check
---> Package at.x86_64 0:3.1.10-43.el6 will be updated
---> Package at.x86_64 0:3.1.10-43.el6_2.1 will be an update
---> Package autofs.x86_64 1:5.0.5-39.el6 will be updated
---> Package autofs.x86_64 1:5.0.5-39.el6_2.1 will be an update
---> Package bind-libs.x86_64 32:9.7.3-8.P3.el6 will be updated
---> Package bind-libs.x86_64 32:9.7.3-8.P3.el6_2.2 will be an update
---> Package bind-utils.x86_64 32:9.7.3-8.P3.el6 will be updated
---> Package bind-utils.x86_64 32:9.7.3-8.P3.el6_2.2 will be an update
---> Package cvs.x86_64 0:1.11.23-11.el6_0.1 will be updated
---> Package cvs.x86_64 0:1.11.23-11.el6_2.1 will be an update

[...]

---> Package yum.noarch 0:3.2.29-22.0.1.el6 will be updated
---> Package yum.noarch 0:3.2.29-22.0.2.el6_2.2 will be an update
---> Package yum-plugin-security.noarch 0:1.1.30-10.el6 will be updated
---> Package yum-plugin-security.noarch 0:1.1.30-10.0.1.el6 will be an update
---> Package yum-utils.noarch 0:1.1.30-10.el6 will be updated
---> Package yum-utils.noarch 0:1.1.30-10.0.1.el6 will be an update
--> Finished Dependency Resolution

Dependencies Resolved

=====================================================================================
 Package                     Arch    Version                       Repository   Size
=====================================================================================
Installing:
 kernel                      x86_64  2.6.32-220.7.1.el6            ol6_latest   24 M
 kernel-uek                  x86_64  2.6.32-300.11.1.el6uek        ol6_latest   21 M
 kernel-uek-devel            x86_64  2.6.32-300.11.1.el6uek        ol6_latest  6.3 M
Updating:
 at                          x86_64  3.1.10-43.el6_2.1             ol6_latest   60 k
 autofs                      x86_64  1:5.0.5-39.el6_2.1            ol6_latest  470 k
 bind-libs                   x86_64  32:9.7.3-8.P3.el6_2.2         ol6_latest  839 k
 bind-utils                  x86_64  32:9.7.3-8.P3.el6_2.2         ol6_latest  178 k
 cvs                         x86_64  1.11.23-11.el6_2.1            ol6_latest  711 k

[...]

 xulrunner                   x86_64  10.0.3-1.0.1.el6_2            ol6_latest   12 M
 yelp                        x86_64  2.28.1-13.el6_2               ol6_latest  778 k
 yum                         noarch  3.2.29-22.0.2.el6_2.2         ol6_latest  987 k
 yum-plugin-security         noarch  1.1.30-10.0.1.el6             ol6_latest   36 k
 yum-utils                   noarch  1.1.30-10.0.1.el6             ol6_latest   94 k

Transaction Summary
=====================================================================================
Install       3 Package(s)
Upgrade      96 Package(s)

Total download size: 173 M
Is this ok [y/N]: y
Downloading Packages:
(1/99): at-3.1.10-43.el6_2.1.x86_64.rpm                       |  60 kB     00:00     
(2/99): autofs-5.0.5-39.el6_2.1.x86_64.rpm                    | 470 kB     00:01     
(3/99): bind-libs-9.7.3-8.P3.el6_2.2.x86_64.rpm               | 839 kB     00:02     
(4/99): bind-utils-9.7.3-8.P3.el6_2.2.x86_64.rpm              | 178 kB     00:00     

[...]

(96/99): yelp-2.28.1-13.el6_2.x86_64.rpm                      | 778 kB     00:02     
(97/99): yum-3.2.29-22.0.2.el6_2.2.noarch.rpm                 | 987 kB     00:03     
(98/99): yum-plugin-security-1.1.30-10.0.1.el6.noarch.rpm     |  36 kB     00:00     
(99/99): yum-utils-1.1.30-10.0.1.el6.noarch.rpm               |  94 kB     00:00     
-------------------------------------------------------------------------------------
Total                                                306 kB/s | 173 MB     09:38     
warning: rpmts_HdrFromFdno: Header V3 RSA/SHA256 Signature, key ID ec551f03: NOKEY
Retrieving key from http://public-yum.oracle.com/RPM-GPG-KEY-oracle-ol6
Importing GPG key 0xEC551F03:
 Userid: "Oracle OSS group (Open Source Software group) "
 From  : http://public-yum.oracle.com/RPM-GPG-KEY-oracle-ol6
Is this ok [y/N]: y
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Updating   : yum-3.2.29-22.0.2.el6_2.2.noarch                                1/195 
  Updating   : xorg-x11-server-common-1.10.4-6.el6_2.3.x86_64                  2/195 
  Updating   : kernel-uek-headers-2.6.32-300.11.1.el6uek.x86_64                3/195 
  Updating   : 12:dhcp-common-4.1.1-25.P1.el6_2.1.x86_64                       4/195 
  Updating   : tzdata-java-2011n-2.el6.noarch                                  5/195 
  Updating   : tzdata-2011n-2.el6.noarch                                       6/195 
  Updating   : glibc-common-2.12-1.47.el6_2.9.x86_64                           7/195 
  Updating   : glibc-2.12-1.47.el6_2.9.x86_64                                  8/195 

[...]

  Cleanup    : kernel-firmware-2.6.32-220.el6.noarch                         191/195 
  Cleanup    : kernel-uek-firmware-2.6.32-300.3.1.el6uek.noarch              192/195 
  Cleanup    : glibc-common-2.12-1.47.el6.x86_64                             193/195 
  Cleanup    : glibc-2.12-1.47.el6.x86_64                                    194/195 
  Cleanup    : tzdata-2011l-4.el6.noarch                                     195/195 

Installed:
  kernel.x86_64 0:2.6.32-220.7.1.el6                                                 
  kernel-uek.x86_64 0:2.6.32-300.11.1.el6uek                                         
  kernel-uek-devel.x86_64 0:2.6.32-300.11.1.el6uek                                   

Updated:
  at.x86_64 0:3.1.10-43.el6_2.1                                                      
  autofs.x86_64 1:5.0.5-39.el6_2.1                                                   
  bind-libs.x86_64 32:9.7.3-8.P3.el6_2.2                                             
  bind-utils.x86_64 32:9.7.3-8.P3.el6_2.2                                            
  cvs.x86_64 0:1.11.23-11.el6_2.1                                                    
  dhclient.x86_64 12:4.1.1-25.P1.el6_2.1                                             

[...]

  xorg-x11-server-common.x86_64 0:1.10.4-6.el6_2.3                                   
  xulrunner.x86_64 0:10.0.3-1.0.1.el6_2                                              
  yelp.x86_64 0:2.28.1-13.el6_2                                                      
  yum.noarch 0:3.2.29-22.0.2.el6_2.2                                                 
  yum-plugin-security.noarch 0:1.1.30-10.0.1.el6                                     
  yum-utils.noarch 0:1.1.30-10.0.1.el6                                               

Complete!

At this point, your system is fully up to date. As the kernel was updated as well, a reboot is the recommended next action.

If you want to install the latest release of the Unbreakable Enterprise Kernel Release 2 as well, you need to edit the .repo file and enable the respective yum repository (e.g. "ol6_UEK_latest" for Oracle Linux 6 and "ol5_UEK_latest" for Oracle Linux 5) manually, by setting enabled to "1". The next yum update run will download and install the second release of the Unbreakable Enterprise Kernel, which will be enabled after the next reboot.

-Lenz

Website

Newsletter

Facebook

Twitter

About

Contributors:
Rick Ramsey
Kemer Thomson
and members of the OTN community

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
12
13
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today
Blogs We Like