Wednesday Apr 03, 2013

Miss MoneyPenny and the Oracle Solaris 11 Provisioning Assistant


In the following video, Bart Smaalders, from the Oracle Solaris core engineering team, explains why they decided not to provide a direct upgrade path from Oracle Solaris 10 to Oracle Solaris 11, and the best way for a data center to perform an indirect upgrade.

VIDEO INTERVIEW: Why Engineering Did Not Provide a Direct Upgrade Path to Oracle Solaris 11

Miss MoneyPenny to the Rescue

If you saw Skyfall, you probably noticed two things. First, that the latest Miss Moneypenny is a lot more interesting than past Miss Moneypennies. Second, that she's always there when 007 needs her.

Just like Oracle Solaris 10.

Note: The following information is no longer valid. Instead, please install a standalone Oracle Solaris 11 client, configure an Automated Installer (AI) server and and Image Packaging System repository on it. See support note 1559827.2

This information is no longer valid. The provisioning assistant is no longer available for download.

Oracle Solaris 10 has just released a nifty tool called Oracle Solaris 11 Provisioning Assistant. It lets you run the automated installer from Oracle Solaris 11 on a Solaris 10 system. That means you can set up an IPS (Image Packaging System) repository on your Solaris 10 system, and use it to provision one or more Solaris 11 systems.

In fact, if you have already set up a JumpStart server on your Solaris 10 system, you can use it to provision the Solaris 11 systems. Kristina Tripp and Isaac Rozenfeld have written an article that explains how:

TECH ARTICLE: How to Use an Existing Oracle Solaris 10 JumpStart Server to Provision Oracle Solaris 11 11/11

The Provisioning Assistant only provisions Solaris 11 11/11 systems. It does not provision Solaris 11.1, and there are no plans to extend its functionality to provision future releases of Oracle Solaris 11. Once you have set up your Solaris 11 system, use its automated installer to provision systems with the Solaris 11.1 or future releases. For more info, see the Upgrading to Oracle Solaris 11.1 documentation.

- Rick

Follow me on:
Blog | Facebook | Twitter | YouTube | The Great Peruvian Novel

Monday Apr 01, 2013

Oracle To Acquire Ducati


"To handle all that speed and power, today's high-performance motorcycles need traction control, active suspension, ABS, and a multitude of electronic systems that gather an enormous amount of data. Oracle Database is uniquely positioned to process that data at the speeds today's riders require to remain competitive. And, with the Oracle Cloud, that data and those services are available from even the most remote racing circuits on the planet."

Several well placed sources inside both companies confirmed high-level discussions and high speed laps around the streets of Bologna between Oracle and Ducati executives over the last few weeks.

"Oracle is obsessed with speed. Just look at what they did with the SPARC systems last week. And Ducati? Need we say more?"

Industry pundits agree that there is a natural symbiosis between the two corporate cultures. But that's not the only reason for an acquisition of Ducati by Oracle.

"The high tech industry is highly competitive and Oracle is always looking for ways to reduce costs. By joining forces with Ducati, the combined companies can realize a significant discount on red paint."

"Imagine the parties!" a member of the Oracle Technology Network said in response to the speculation. "Oracle Open World! World Ducati Week. Both in San Francisco. It blows my mind."

"We will not turn San Francisco into another MotoGP circuit," the mayor of San Francisco assured concerned citizens while behind him executives of both companies discussed the merits of different routes around, over, and through Nob Hill.

"Lombard Street on a Desmosedici? I'm coming back!"
- Valentino Rossi

As you can imagine, at the OTN Garage, we're thrilled by the possibilities, and we'll be following this story closely.

"Oracle does not comment on potential acquisitions. This is probably some dumb April Fools prank."
- Oracle spokesperson

- Rick

Follow me on:
Blog | Facebook | Twitter | YouTube | The Great Peruvian Novel

Thursday Mar 28, 2013

Is Tape Storage Still Harder to Manage Than Disk Storage?


-guest post by Brian Zents-

Historically, there has been a perception that tape is more difficult to manage than disk, but why is that? Fundamentally there are differences between disk and tape. Tape is a removable storage medium and disk is always powered on and spinning. With a removable storage one piece of tape media has the opportunity to interact with many tape drives, so when there is an error, customers historically wondered whether the drive or the media was at fault. With a disk system there is no removable media, if there is an error you know exactly which disk platter was at risk and you know what corrective action to take.

However, times have changed. With the release of Oracle’s StorageTek Tape Analytics (STA) you are no longer left wondering if the drive or the media is at risk, because this system does the analysis for you, leaving you with proactive recommendations and resulting corrective actions … just like disk.

For those unfamiliar with STA, it’s an intelligent monitoring application for Oracle tape libraries. Part of the purpose of STA is to allow users to make informed decisions about future tape storage investments based on current realities, but it also is used to monitor the health of your tape library environment. Its functionality can be utilized regardless of the drive and media types within the library, or whether the libraries are in an open system or mainframe environment.

STA utilizes a browser-based user interface that can display a variety of screens. To start understanding errors and whether there is a correlation between drive and media errors, you would click on the Drives screen to understand the health of drives in a library. Screens in STA display both tables and graphs that can be sorted or filtered.

In this screen ...

... it is clear that one specific drive has many more errors relative to the system average.

Next, you would click on the Media screen:

The Media screen helps you quickly identify problematic media. But how do you know if there’s a relationship between the two different types of errors? STA tracks library exchanges, which is convenient because each exchange involves just one drive and one piece of media. So, as shown below, you can easily filter the screen results to just focus in on exchanges involving the problematic drive.

You can sort the corresponding table based on whether the exchange was successful or not. You can then review the errors to see if there is a relationship between the problematic media and drive. You may also want to review the drive’s exchanges to see if media that’s having issues has any similarities to other media that’s having problems. For example, a purchased pack of media could all be having similar problems.

What if there doesn’t appear to be a relationship between media and drive errors? Part of the ingenuity of STA is that just about everything is linked, so root causes are easy to find. First, you can look at an individual drive to see its recent behavior, as show on this screen:

From the table you can see that this particular drive was healthy until recently. The drive indicated it needed a cleaning, and somebody performed that cleaning. However, just a few exchanges later, it started reporting errors. In this case, it’s clear that the drive has an issue that goes beyond the relationship with a specific piece of media and should be taken offline. On the other hand, if the issue appears to be related to the media itself, you should identify a method to transfer the data off of the media, and replace the media.

- Brian Zents

Follow OTN Garage on:
Blog | Facebook | Twitter | YouTube

Wednesday Mar 27, 2013

Why Become a Solaris Sysadmin?

On the one hand Oracle is telling you that Solaris is the key component of the Oracle stack, that we've been investing heavily in it, and that it provides the best platform for managing the stack. Watch these videos:

On the other hand, we are telling your boss to buy our engineered systems because they'll not only reduce the complexity of managing the data center, but they'll need fewer sysadmins to run them.

So, which is it?

Video Interview: Why Become a Solaris Sysadmin?

I asked Larry Wake, Solaris old-timer. Tell me what you think of his answer.

Video Interview: Why Become A Solaris Sysadmin?.

A year or two ago, Justin asked Marshall Choy a similar question. Watch that video here:

Video Interview: Impact of Engineered Systems on the Sysadmin

- Rick

Follow me on:
Blog | Facebook | Twitter | YouTube | The Great Peruvian Novel

Thursday Mar 21, 2013

How to Protect Your Oracle Solaris Zone Cluster


We just published an article by Subarna Ganguly that describes how to build a secure zone cluster. In other words, a zone cluster with trusted extensions. If you want to go straight to the article, scroll down to the bottom of this blog. If you're new to zones, clustering, or trusted extensions, I'll try to explain what's interesting about this article.

Vanilla Solaris

In the beginning there was root and user. Root could do anything anywhere, user could do very little. We improved that with the notion of roles. Access rights (permissions) were assigned to roles instead of users. And individual users were assigned to one or more roles. Access Control Lists (ACL) improved this even more.

Oracle Solaris has about 80 different roles. You can see the privileges each one has by looking at the /etc/user_attr.d directory

Trusted Extensions

Trusted extensions add "sensitivity" labels. These labels are similar to a security clearance in the military: confidential, secret, top secret, etc. With trusted extensions, you first label users, data, processes, peripherals, and pretty much everything that a user or process can access. Then you give uses and processes their own label. A user or process can only access something that has a label with the same or greater access.

"Trusted extensions ... is not something that can be just 'turned on' like a firewall. Trusted extensions fits into a framework where there's a formal security policy, possibly an LDAP server where users and their clearances are defined, as well as network access points that are labeled."
- Book: Oracle Solaris 11 System Administration, Chapter 18

Solaris Zones

Zones are virtual instances of the Solaris environment launched and controlled from the base OS environment, known as the non-global zone.

"Oracle Solaris Zones let you isolate one application from others on the same OS, allowing users to log in and do what they want from inside one zone without affecting anything outside that zone. In addition, Oracle Solaris Zones are secure from external attacks and internal malicious programs. Each Oracle Solaris Zone contains a complete resource-controlled environment that allows you to allocate resources such as CPU, memory, networking, and storage."
- OTN Article: How to Get Started Creating Zones in Oracle Solaris 11

Solaris Cluster

Oracle Solaris Cluster lets you deploy the Oracle Solaris operating system across different servers. If the server in your Barbados data center gets washed away by a hurricane that hates you and dropped off in West Africa, the other servers pick up the load, and the operating system continues to operate without interruption.

"Oracle Solaris Cluster delivers the high availability and disaster recovery capabilities of Oracle Solaris 11 and extends, with version 4.1, its built-in support for the Oracle software and hardware stack, to protect business critical application deployments in virtualized and traditional environments."
- White Paper: Oracle Solaris and Oracle Solaris Cluster

Zone Clusters

A zone cluster is a cluster created from Solaris zones that are physically located on different servers. That's similar to a regular cluster, but it uses zones instead of entire OS instances.

"Such large amounts of idle processing capacity present an almost irresistible opportunity for better system utilization. Organizations seek ways to reclaim this unused capacity, and thus are moving to host multiple applications on a single cluster. However, concerns about interactions between applications, especially in the areas of security and resource management, make people wary. Virtualization technologies address these security concerns and provide safe ways to host multiple applications in different clusters on a single hardware configuration.
- White Paper: How to Deploy Virtual Clusters and Why

Trusted Zone Clusters and Saburna's How To Article

Oracle Solaris Trusted Zone clusters became available in Oracle Solaris Cluster 4.1. They are zone clusters with the security capabilities (mandatory access control or MAC) provided by Trusted Extensions. The zones in the cluster are labeled in the same way that other objects are labeled, so that only other objects with the same (or higher) sensitivity label can access them. Saburna Ganguli walks you through the steps required to set one up:

OTN Article: How to Build a Trusted Zone Cluster with Oracle Solaris Cluster 4.1

More Cluster Resources

Note: Get big discounts on Safari Books online by subscribing to the OTN Systems Community Newsletter

- Rick

Follow me on:
Blog | Facebook | Twitter | YouTube | The Great Peruvian Novel

Monday Mar 04, 2013

What It Takes to Deploy and Manage a Private Cloud


That's what your private cloud will look like if you do it wrong. And there are so many things that can go wrong.

Oracle offers several ways to set up your own private cloud. Richard Friedman describes what's involved in not only deploying it with Oracle VM, but managing it.

Article: What It Takes to Deploy and Manage a Private Cloud

Here are three excerpts:

"A few days ago I had dinner with my friend Dave. He’s a systems administrator for his company’s private cloud. Until recently, his company had relied on a mashup of customized applications, scripts, and handwritten procedures for doing everything from allocating storage to users to provisioning virtualized servers, updating and patching operating systems, and deploying applications over the network. He had been complaining for months about the difficulties of trying to satisfy requests from users and clients quickly and how these custom environments were becoming more and more unreliable and difficult to maintain...

"Organizations typically follow a layered approach to implementing a cloud. The proper layering is important not only from an architecture perspective, but also from an organizational perspective. As Dave mentioned, he has specialized storage administrators for managing storage; sysadmins for managing servers and the operating system infrastructure; and database, middleware, and application administrators for higher layers of the stack. "The cloud is like an orchestra," he said; all these performers play in unison, while being still accountable for their respective components...

"Dave also pointed out that to make his new private cloud fully operational, he needed self-service, elasticity, and chargeback capabilities, and the ability to integrate with third-party components, such as a help desk implementation. Moreover, to offer platform as a service (PaaS) capabilities, the infrastructure management has to be done within the context of platform components, such as the database and middleware. This is where Oracle Enterprise Manager fits in. It can work seamlessly with Oracle VM Manager to provide a fully automated, self-service, capacity-on-demand environment."

Don't do it wrong. Read Richard's article.

- Rick

Follow me on:
Blog | Facebook | Twitter | YouTube | The Great Peruvian Novel

Tuesday Feb 26, 2013

Performance Tuning an Exalogic System


I tend to get annoyed at my engineering pals for designing performance into automobiles such as the Chevy Corvette, instead of letting the driver feel the satisfaction of increasing performance by improving his or her technique. Many sysadmins feel the same about their craft. But as the story of Paul Bunyan demonstrates, we must adapt or die.

In a previous post I discussed how Exalogic changes the way you handle provisioning. In this post, I'll focus on the way Exalogic changes the way you handle performance tuning. First, the optimizations that are already done for you, then the optimizations you can still perform yourself.

Performance Optimizations Designed Into Exalogic

Because Oracle engineering knows the exact details of the environment in which each component is operating, Oracle has configured Exalogic components to use the internal network, memory, and storage for optimum performance, availability and security. It employs two types of optimizations:

Generic Optimizations (Exabus)

These optimizations will benefit any software running on the Exalogic machine, whether Oracle or 3rd party, in physical or virtual environments. The collection of Exalogic–specific optimizations are referred to as Exabus. The purpose of Exabus is primarily to integrate Infiniband networking seamlessly into all the hardware, software, and firmware distributed throughout the system. Examples include:

  • Changes to the firmware and drivers in the network switches that increase performance by skipping protocol stack conversions
  • Use of Exalogic solid state disk caching to increase the speed and capacity of local (shared) data read and write operations, such as JMS queues and run time metadata.
  • Built in high availability at network and storage levels
  • Native Infiniband integration with any other engineered systems, such as additional Exalogic machines, ZFS storage appliances, or Exadata Database machines.
  • The ability to define Infiniband partitions, which ensure application isolation and security.

Optimizations to Run-Time Components

Oracle has engineered optimizations for Exalogic directly into Oracle WebLogic Server (WLS), Coherence, and Tuxedo. They benefit any application running on those software components, but they can only be activated on the Exalogic platform. They address performance limitations that only become apparent when the software is running on Exalogic's high-density computing nodes and very fast Infiniband switches. Examples include:

  • WebLogic Server session replication uses the SDP layer of IB networking to maximize performance of large scale data operations. This avoids some of the typical TCP/IP network processing overhead.
  • Cluster communication has been redesigned in Coherence to further minimize network latency when processing data sets across caches. Its elastic data feature increases performance by minimizing network and memory use in both RAM and garbage collection processing.
  • Tuxedo has been similarly enhanced to make increasing use of SDP and RDMA protocols in order to optimize the performance of inter–process communications within and between compute nodes.

Tuning You Can Perform on Exalogic

Benchmarks and other tests show that applications that run well on Oracle middleware will run better on Exalogic. The degree to which they run better will be affected by how well optimised they are to take advantage of the Exalogic system, as well how well the Exalogic components are set up to balance resources.

However, if your workloads or configurations change, you may need to tune your Exalogic. Here are some general notes, extracted from the Exalogic: Administration Tasks and Tools white paper.

Tuning the Middleware

At the middleware and application level most of the standard options and techniques are available to you. WebLogic Server, JRockit, Coherence and iAS, etc. operate as they do on traditional platforms.

As for the rest of the Exalogic platform, Oracle's recommendation is: leave it alone.

Tuning The Platform

Exalogic manages itself, so you don't need adjust it unless you are sure that something needs changing. This is a major change in approach, since you are used to spending considerable time tweaking your systems to accommodate the needs of different groups. Knowing exactly when and how much (or how little) to tune an Exalogic system is a big topic, but here are some general guidelines.

  • Because Exalogic has such a high density of compute resources across such a fast network, small configuration changes can have a large impact.
  • Try out your changes in a test environment, first. Make sure its resources, configurations, and workload match those of your production system as closely as possible. Oracle Application Replay is a good tool for assessing the impact of configuration and infrastructure changes on the performance of your applications. Give it a try.
  • Focus on reducing response times for users and applications. If response time is not a problem, you probably don't have an issue to resolve, regardless of internal alerts and indicators you may be noticing.
  • Capture the right performance baselines ahead of time so you can compare the results of your tuning to them.

Tuning the Infrastructure

Storage, Infiniband, and OS are set up during initial configuration, so further tuning is not usually needed. If you need to review the kernel settings, network bonding, and MTU values, or perhaps the NFS settings, use Enterprise Manager. Finding the optimum changes tends to be an iterative process that varies with application workload.

Tuning the Middleware Runtime Environment

Ensure that Exalogic optimizations for WLS Suite are switched on (see MOS note 1373571.1), since they affect replication channels, packet sizes, and the use of the SDP protocol in the Infiniband networks.

Oracle Traffic Director is currently a unique feature of Exalogic, so is not available on other platforms. You can alter traffic routing rules for each application at any time. As workloads change and grow this is likely to be a key tuning task.

Tuning the Applications

At present you can tune business applications just as you would on traditional platforms. One possible side effect of running your business applications on Exalogic is that its enhanced performance may unmask poorly tuned applications or poorly written customizations.

For More Information

For more information, read the Exalogic: Administration Tasks and Tools white paper.

- Rick

Follow me on:
Blog | Facebook | Twitter | YouTube | The Great Peruvian Novel

Friday Feb 22, 2013

How to Configure the Linux Kernel's Out of Memory Killer


Operating systems sometimes behave like airlines. Since the airlines know that a certain percentage of the passengers won't show up for their flight, they overbook the flights. As anyone who has been to an airport in the last 10 years knows, they usually get it wrong and have to bribe some of us to get on the next flight. If the next flight is the next morning, we get to stay in a nice hotel and have a great meal, courtesy of the airline.

That's going to be my lodging strategy if I'm ever homeless.

Linux kernel does something similar. It allocates memory to its processes ahead of time. Since it knows that most of the processes won't use all the memory allocated to them, it over-commits. In other words, it allocates a sum total of memory that is more than it actually has. Once in a while too many processes claim the memory that the kernel promised them at the same time. When that happens, the Linux kernel resorts to an option that the airlines wish they had: it kills off processes one at a time. In fact, it actually has a name for this function: the out-of-memory killer.

Robert Chase explains.

How to Configure the Out of Memory Killer

Robert Chase describes how to examine your syslog and how to use the vmstat command for clues about which processes were killed, and why. He then shows you how to configure the OOM killer to behave the way you prefer. For instance, you can make certain processes less likely to be killed than others. Or more. Or you can instruct the kernel to reboot instead of killing processes.

More Oracle Linux Resources

- Rick

Follow me on:
Blog | Facebook | Twitter | YouTube

(psst! and don't forget to follow the Great Peruvian Novel!)

Thursday Feb 21, 2013

Can You Figure Out Which Teenager Took the Cash?


Dads like me are familiar with a phenomenon known as Silent Dollar Disappearance. This tends to occur when there is a confluence of money in your wallet and teenage children in your home. You never actually see it happen, but if you are paying attention, you might detect that it has happened. As when, for instance, you try to pay for beer and brats at the grocer. It becomes difficult to know for sure whether it was the teenagers. What if you already spent the money on something else? That's what my teenage daughters always said. Or perhaps you had a wallet malfunction, and it flew out. So difficult to pin-point the actual cause.

Linux, like any OS, is vulnerable to a similar phenomenon. It's called silent data corruption. It can be caused by faulty components, such as memory modules or storage systems. It can also be caused by -God forbid- administrative error. As with Silent Dollar Disappearance, it's difficult to detect when data corruption is actually happening. Or what the exact cause was. But, as with Dads and teenagers, you eventually figure out that it has happened.

It may be impossible to identify the culprit after the data has been corrupted, but it's not impossible to stop the culprit ahead of time. Oracle partnered with EMC and Emulex to do just that. And they were kind enough to explain how the did it and how you can benefit. In this article:

Preventing Silent Data Corruption in Oracle Linux

An excerpt ...

"Data integrity protection is not new. ECC and CRC are available on most, if not all, servers, storage arrays, and Fibre Channel host bus adapters (HBAs). But these checks protect the data only temporarily within a single component. They do not ensure that the data you intended to write does not become corrupt as it travels down the data path from the application running in the server to the HBA, the switch, the storage array, and then the physical disk drive. When data corruption occurs, most applications are unaware that the data that was stored on the disk is not the data that was intended to be stored.

"Over the last several years, EMC, Emulex, and Oracle have worked together to drive and implement the Protection Information additions to the T10 SBC standard, which enables the validation of data as it moves through the data path to ensure that silent data corruption does not occur."

Interesting stuff. Give it a read.

- Rick

Follow us on:
Blog | Facebook | Twitter | YouTube

(psst! and don't forget to follow the Great Peruvian Novel!)

Tuesday Feb 19, 2013

Provisioning Oracle Exalogic: What's Involved


In this interview from 2012, Marshall Choy explains to dear old Justin how Oracle's engineered systems and optimized solutions will impact the job of a sysadmin.

I was just reading a recently published Oracle White Paper that goes into a little more detail...

"While the core middleware or applications administration role is largely the same as for non-Exalogic environments, significantly less work is required to manage storage, OS, and networks. In addition, some administration tasks are simplified."

That sounded interesting, so I kept reading. Here is an excerpt of what it says about provisioning.

Provisioning New Environments

Provisioning is done so frequently in some organizations that it's almost a continuous effort. Exalogic was designed as a multi-tenant environment in which many applications and user communities can operate in secure isolation, but all running on a shared compute infrastructure. As a result, provisioning environments for development, testing or other projects is simply a case of re-configuring these existing shared resources. And it takes hours rather than weeks.

The typical steps involved are:

  1. Storage – using the ZFS BUI
    1. Create NFS v4 shares
    2. Define Access Control List
  2. Compute nodes – via standard OS commands
    1. Decide which nodes are to be used for this project. In the current Exalogic X3-2 machines each node has 16 processing cores and 256 GB RAM. For each node:
      1. Create the root OS user, if it does not already exist.
      2. Add a mount point entry for the shared storage to the /etc/fstab file and issue the mount command to enable access to it from the compute node.
  3. Network – using the Exalogic IB subnet manager
    1. Identify IP addresses for the compute nodes to be used. Add any new virtual IP addresses to be used to ensure middleware high availability.
    2. Define new virtual network interfaces (VNICs) to enable connections to Exalogic from the rest of the data Center.
    3. Associate the pre-set external facing IP addresses to the VNICs.
    4. Define Exalogic Infiniband partitions to create secure groups of compute nodes / processors.

No physical cabling is required as network configuration is defined at the software level. In the event of a major failure, however, you may need to re-image the OS on some or even all compute nodes as a faster alternative to restoring from backup.

This whole process should take no more than an hour, after which a new, fully functioning compute platform is available for the project. It does not require any other data Center resources.

Further details are available in the Exalogic Enterprise Deployment Guide

I'll keep reading it and sharing some nuggets here. See the entire paper.

- Rick

Follow us on:
Blog | Facebook | Twitter | YouTube

(psst! and don't forget to follow the Great Peruvian Novel!)

Monday Feb 18, 2013

Three Oracle VM Hands-On Labs On OTN


We put the hands-on labs from the virtualization track of the OTN Virtual Sysadmin Days on OTN.

Lab 1 - Deploying an IaaS Environment with Oracle VM

Planning and deployment of an infrastructure as a service (IaaS) environment with Oracle VM as the foundation. Storage capacity planning, LUN creation, network bandwidth planning, and best practices for designing and streamlining the environment so that it's easy to manage.

Lab 2 - How to Virtualize and Deploy Oracle Applications in Minutes with Oracle VM

How to deploy Oracle applications in minutes with Oracle VM Templates. Find out what Oracle VM Templates are and how they work. Deploy an actual Oracle VM Template for an Oracle application. Plan your deployment to streamline ongoing updates and upgrades.

Lab 3 - Deploying a Cloud Infrastructure with Oracle VM 3.x and the Sun ZFS Storage Appliance

This hands-on lab will demonstrate what Oracle’s enterprise cloud infrastructure for x86 can do, and how it works with Oracle VM 3.x. How to create VMs. How to migrate VMs. How to deploy Oracle applications quickly and easily with Oracle VM Templates. How to use the Storage Connect plug-in for the Sun ZFS Storage Appliance.

By the way, the picture of that ranch in Colorado was taken by my good friend
Mike Schmitz. See more of his photography here. Follow it on Facebook here.

- Rick

Follow us on:
Blog | Facebook | Twitter | YouTube

(psst! and don't forget to follow the Great Peruvian Novel!)

Friday Feb 15, 2013

Sysadmins Rejoice! OVM 3.2.1 Includes a Full-Featured CLI

Remember this famous scene from English History? The French accent of the castle guard was so thick I couldn't understand him, but I think that at one point he said "I spit on your graphical user interface." Proof that sysadmins were alive and well in the time of King Arthur.

CLI Documentation

Sysadmins will have cause to taunt English royalty a second time because the command line interface (CLI) of the recently released Oracle VM 3.2.1 has been expanded to include all the capabilities of the (ptui!) graphical user interface (GUI). That means scripts. Boo-yah! It supports public-key authentication, too. Find docs here.

Other Cool Stuff

Oracle VM Manager used to manage only your x86 virtual machines. Now it manages your SPARC systems, too. Create server pools, create virtual machines, and manage networking and storage in the same way, using the same tool. Details here.

You can use MySQL as your backend repository. Just use the Simple installation, which will locally install the default MySQL database that is packaged with the Oracle VM Manager installer. Details here.

You can install the osv-support-tools meta-package for easier integration with Oracle support tools. (sudo is now part of osv-support-tools.) Details here.

More Resources

- Rick

Follow us on:
Blog | Facebook | Twitter | YouTube

(psst! and don't forget to follow the Great Peruvian Novel!

Monday Feb 11, 2013

Oracle Solaris 10 Still Rocks


When it was launched back in 05, Oracle Solaris 10 rocked the IT world. I heard a rumor that Scott tried to launch it at a Rolling Stones concert, but apparently Mick Jagger didn't think operating systems were sexy.

Operating systems not sexy? Since when?

Well, Mick, when was the last time you released a new album? Oracle Solaris 10 released one last Friday, pal.

Oracle Solaris 10 1/13 Release

The new release is integrated with My Oracle Support. As a result, you can view the system configuration, asset inventory, and change history of your Solaris systems on the support portal, along with the results of the health checks that Oracle Support performs. (Kinda like letting a pregnant woman have access to continuous ultrasound via her cell phone, huh?)

This support will be available for Oracle Solaris 10 through 2018. After that, it will be supported through Oracle's Lifetime Support Policy.

There's plenty more:

Technical Resources

Wednesday Sep 05, 2012

Is 'Old-School' the Wrong Way to Describe Reliable Security?


The Hotel Toronto apparently knows how to secure its environment.

"Built directly into the bedrock in 1913, the vault features an incredible 4-foot thick steel door that weighs 40 tonnes, yet can nonetheless be moved with a single finger. During construction, the gargantuan door was hauled up Yonge Street from the harbour by a team of 18 horses. "

1913. Those were the days. Sysadmins had to be strong as bulls and willing to shovel horse maneur. At least nowadays you don't have to be that strong. And, if you happen to be trying to secure your Oracle Linux environment, you may be able to avoid the shoveling, as well. Provided you know the tricks of the trade contained in these two recently published articles.

Tips for Hardening an Oracle Linux Server

General strategies for hardening an Oracle Linux server. Oracle Linux comes "secure by default," but the actions you take when deploying the server can increase or decrease its security. How to minimize active services, lock down network services, and many other tips. By Ginny Henningsen, James Morris and Lenz Grimmer.

Tips for Securing an Oracle Linux Environment

System logging with logwatch and process accounting with psacct can help detect intrusion attempts and determine whether a system has been compromised. So can using the RPM package manager to verifying the integrity of installed software. These and other tools are described in this second article, which takes a wider perspective and gives you tips for securing your entire Oracle Linux environment. Also by the crack team of Ginny Henningsen, James Morris and Lenz Grimmer.

- Rick

Website Newsletter Facebook Twitter

Monday Aug 06, 2012

Basic and Advanced System Services Administration in Oracle Solaris 11

Does taming the behavior of your OS services manually make you feel less than your usual playful self? Lighten up. The Service Management Facility (SMF), introduced in Oracle Solaris 10 and extended in Oracle Solaris 11, provides the discipline those unruly services need. Here are two articles that will help get the most out of it.

Introducing the Basics of the Service Management Facility in Oracle Solaris 11

The SMF keeps track of the relationship between the services in your instance of Solaris. With this information, it can start services much more quickly at boot time, and it restart them automatically in the correct order if any of them fail. And that's only the beginning. In this article Glynn Foster explains what SMF does, and how to perform basic services administration with it, including how to use these four commands to get information about, and manage, your system services:

Command Description
svcadm Manage the state of service instances
svcs Provide information about services, including their status
svcprop Get information about service configuration properties
svccfg Import, export, and modify service configuration

Advanced Administration with the Service Management Facility in Oracle Solaris 11

In this article, Glynn Foster describes how to use some of the more advanced features of SMF, including service bundles, which you can use to deliver custom configuration across systems. And SMF profiles, which modify services to suit a particular installation. The introduction of layers in Oracle Solaris 11 provides better tracking of vendor-supplied customizations and administrative customizations for services and instances of services in four discrete layers, and site profiles, also described in this article, help you manage these layers more easily.

- Rick

Website Newsletter Facebook Twitter

Logan Rosenstein
and members of the OTN community


« October 2015
Blogs We Like