X

Step Up to Modern Cloud Development

Recent Posts

Database

Podcast: Do Bloody Anything: The Changing Role of the DBA

In August of 2018 we did a program entitled Developer Evolution: What’s Rocking Roles in IT. That program focused primarily on the forces that are reshaping the role of the software developer. In this program we shift the focus to the DBA -- the Database Administrator -- and the evolve-or-perish choices that face those in that role. Bringing their insight to the discussion is an international panel of experts who represent years of DBA experience, and some of the forces that are transforming that role. The Panelists In alphabetical order Maria Colgan Master Product Manager, Oracle Database San Francisco, California  “Security, especially as people move more towards cloud-based models, is something DBAs should get a deeper knowledge in.”   Julian Dontcheff Managing Director/Master Technology Architect, Accenture Helsinki, Finland   "Now that Autonomous Database is here, I see several database administrators being scared that somehow all their routine tasks will be replaced and they will have very little to do. As if doing the routine stuff is the biggest joy in their lives."   Tim Hall DBA, Developer, Author, and Trainer Birmingham, United Kingdom  “I never want to do something twice if I can help it. I want to find a way of automating it. If the database will do that for me, that’s awesome.”   Lucas Jellema CTO/Consulting IT Architect, AMIS Rotterdam,Netherlands  “By taking heed of what architects are coming up with, and how applications and application landscapes are organized and how the data plays a part in that, I think DBAs can prepare themselves and play a part in putting it all together in a meaninful way.”   Brendan Tierney Principal Consultant, Oralytics Dublin, Ireland "Look beyond what you're doing in your cubicles with your blinkers on. See what's going on across all IT departments. What are the business needs? How is data being used? Where can you contribute to that to deliver better business value?"   Gerald Venzl Master Product Manager, Oracle Cloud, Database, and Server Technologies San Francisco, California   "When you talk to anybody outside the administrative roles -- DBA or Unix Admin -- they will tell you that those people are essentially the folks that always say no. That's not very productive."   Additional Resources Podcast: Developer Evolution: What's rockin’ roles in IT? Vibrant and Growing: The Current State of API Management Lifecycle Management and DevOps for Oracle Databases - The Cloud Way

In August of 2018 we did a program entitled Developer Evolution: What’s Rocking Roles in IT. That program focused primarily on the forces that are reshaping the role of the software developer. In this...

ACEs at Riga DevDays - May 29-31

If you find yourself wandering the Baltic states late in May, why not make your way to Riga, Latvia and drop in on the Riga Dev Days? Held May 29-31 at the Cinema Kino Citadele in Riga, the 3-day DevDays event features 40 speakers, including these members of the Oracle ACE Program. Christian Antognini Senior Principal Consultant and Partner, Trivadis AG Monte Carasso, Switzerland   How Well Do Relational Database Engines Support JSON? Martin Bach Principal Consultant, Accenture Enkitec Group Germany   Container Orchestration for Oracle DBAs Heli Helskyaho CEO, Miracle Finland Oy Finland   Machine Learning Explained with Examples Oren Nakdimon Database Expert, Moovit Acre, Israel   Oracle SQL Pattern Matching Made Easy Franck Pachot Data Engineer, CERN Lausanne, Switzerland   Microservices: Get Rid of Your DBA and Send the DB into Burnout Kamil Stawiarski Owner/Partner, ORA-600 Warsaw, Poland   Performance Tricks Learned From Low Level Developers That Can Be Used in Practically Any Language Øyvind Isene Consultant, Sysco AS Oslo, Norway   5 Things Developers Do That Drive Me Crazy Piet De Visser Independent Oracle Database Consultant The Hague, Netherlands   We are Serverless – Software and Databases Still Functioning Related Resouorces About the Oracle ACE Program Oracle ACE Program: A High-Five for New Members and Category Climbers Oracle ACE Sessions at the Great Lakes Oracle Conference (GLOC) Oracle ACEs at APEX Connect 2019, May 7-9 in Bonn

If you find yourself wandering the Baltic states late in May, why not make your way to Riga, Latvia and drop in on the Riga Dev Days? Held May 29-31 at the Cinema Kino Citadele in Riga, the...

Cloud

Get Started with Autonomous Database and SQLcl in No Time Using Cloud Developer Image

In this blog post, I describe how to use a free trial for Oracle Cloud and the recently released, Oracle Linux-based Cloud Developer Image to provision an Autonomous Transaction Processing Database and connect to it via SQLcl, all in a matter of minutes. Think of the Cloud Developer Image as a Swiss army knife for Cloud developers. It has a ton of tools pre-installed, including: Languages and Oracle Database Connectors Java Platform Standard Edition (Java SE) 8 Python 3.6 and cx_Oracle 7 Node.js 10 and node-oracledb Go 1.12 Oracle Instant Client 18.5 Oracle Cloud Infrastructure Client Tools Oracle Cloud Infrastructure CLI Python, Java, Go and Ruby Oracle Cloud Infrastructure SDKs Terraform and Oracle Cloud Infrastructure Terraform Provider Oracle Cloud Infrastructure Utilities Other Oracle Container Runtime for Docker Extra Packages for Enterprise Linux (EPEL) via Yum GUI Desktop with access via VNC Server Here are the steps to provision a fresh Autonomous Transaction Processing Database ad connect to it via SQLcl. Steps Launch the Cloud Developer Image from the Console Log to the instance running the Cloud Developer Image via ssh Set up OCI cli Create Autonomous Transaction Processing Database using CLI Download Wallet using CLI Install and configure SQLcl Connect to the database 1. Launch Cloud Developer Image Log in to the Console. If you don't already have an ssh key pair, make sure you generate those firstby following the documentation. Launch the image by choosing Marketplace under Solutions, Platforms and Edge via the hamburger menu and clicking on Oracle Cloud Developer Image. Click Launch Instance. Review the terms and conditions, click Launch Instance again. Paste in your ssh public key and click Create. Once the image is running, make a note of the IP address. 2. Set up the OCI client tools Connect to your newly launched image from your local computer via ssh: ssh -i <path to your ssh keys> opc@<IP address> Once logged in, run oci setup config and follow the directions, providing the necessary OCIDs as described in the documentation on Required Keys and OCIDs. $ oci setup config Remember to upload your API key by following the instructions in the same documentation. If you accepted all the defaults during the oci client setup, the public key to upload is the output of this: $ cat /home/opc/.oci/oci_api_key_public.pem 3. Create Autonomous Transaction Processing Database using the OCI CLI A few of the next commands require the compartment-id as input so it's helpful to have a shorthand ready. Get its value and store it in an environment variable by calling the metadata service via oci-metadata $ export C=`oci-metadata -g compartmentid --value-only` Next, create the Autonomous Database. Be sure to provide your own admin password. $ oci db autonomous-database create --compartment-id $C --db-name myadb --cpu-core-count 1 --data-storage-size-in-tbs 1 --admin-password "<YOUR PASSWORD>" You should see output similar to: { "data": { "compartment-id": "ocid1.tenancy.oc1..aaaaaalskdjflsdkjflsdjflsdkflsjdflksjjfqntfkzizeeikohha4oa", "connection-strings": null, "cpu-core-count": 1, "data-storage-size-in-tbs": 1, "db-name": "myadb", "db-version": null, "db-workload": "OLTP", "defined-tags": {}, "display-name": "autonomousdatabase20190511024732", "freeform-tags": {}, "id": "ocid1.autonomousdatabase.oc1.iad.abuwcljrgx2kosiudoisdufoidsufoidsufodsfkdkdd3zprxjzsouzq", "license-model": "BRING_YOUR_OWN_LICENSE", "lifecycle-details": null, "lifecycle-state": "PROVISIONING", "service-console-url": null, "time-created": "2019-05-11T02:47:32.745000+00:00", "used-data-storage-size-in-tbs": null }, "etag": "a133c7fa" } Export the Database ID in an environment variable as that will come in handy later. export DB_ID=`oci db autonomous-database list --compartment-id $C | jq -r '.data[] | select( ."db-name" == "myadb" ).id'` Wait for the Database to be in AVAILABLE state. You can check the database state with the following command. Initially, this command will return PROVISIONING oci db autonomous-database get --autonomous-database-id $DB_ID | jq -r '.data["lifecycle-state"]' AVAILABLE For me, it took about 6 minutes from for the database to be available after executing the create command. Download Wallet using CLI $ oci db autonomous-database generate-wallet --autonomous-database-id $DB_ID --password <YOUR PASSWORD> --file wallet.zip Set TNS_ADMIN and extract wallet.zip $ export TNS_ADMIN="`cat /etc/ld.so.conf.d/oracle-instantclient.conf`/network/admin" $ sudo -E unzip ~/wallet.zip -d $TNS_ADMIN Install and configure SQLcl Install SQLcl by temporarily enabling the ol7_ociyum_config repo. Then, run the sqlcl.sh that was installed in /etc/profile.d to add the sql command to your PATH. $ sudo yum install -y --enablerepo=ol7_ociyum_config sqlcl $ source /etc/profile.d/sqlcl.sh Start SQLcl in /nolog mode and point it to the wallet.zip you downloaded earlier using the set cloudconfig command. $ sql /nolog SQLcl: Release 19.1 Production on Fri May 10 00:24:29 2019 Copyright (c) 1982, 2019, Oracle. All rights reserved. SQL> set cloudconfig /home/opc/wallet.zip Operation is successfully completed. Operation is successfully completed. Using temp directory:/tmp/oracle_cloud_config2842421108875448254 Connect to the database Connect to your Autonomous database with the admin. For the service name, use one of the entries in $TNS_ADMIN/tnsnames.ora. Each ADB is created with a high, medium and low service. SQL> connect admin/<YOUR PASSWORD>@myadb_high Connected. SQL> select sysdate from dual; SYSDATE --------- 11-MAY-19 SQL> Conclusion The Oracle Linux-based Cloud Developer Image comes with wealth of developer tools pre-installed, reducing the time it takes to get started with Oracle Cloud and Autonomoud Database. In this blog post, I showed how you can provision an Autonomous Database and get connected to it in a matter of minutes. The fact that the Cloud Developer Image already has the important bits pre-installed, including OCI client tools an Oracle Instant Client, makes completing this task a breeze.

In this blog post, I describe how to use a free trial for Oracle Cloud and the recently released, Oracle Linux-based Cloud Developer Image to provision an Autonomous Transaction Processing Database...

ACEs in Action

Articles by Oracle ACEs - April 2019

Who you gonna ask? While the phrase "wildly famous" may not apply to the Oracle ACE program members listed here, each has their own following, and each has earned a reputation for sharing experience and expertise. And let's face it, if you have a question about Oracle APEX, or about Autonomous Transaction Processing, are you going to ask one of the Kardashians? I don't think so. Better you should ask one of these people, or read one of their freshly-written articles. Alex Nuijten Director/Senior Oracle Developer, allAPEX Oosterhout, Netherlands   De EECS is dood, Lang Leve de EECS Alex Zaballa Infrastructure Senior Principal, Accenture Brasil São Paulo Area, Brazil   Utilizando o Oracle Autonomous Transaction Processing Paul Guerin Database Service Delivery Leader, Hewlett-Packard Philippines   Gain on the roundabout, but lose on the swings You take the high road, and I’ll take the unload Umair Mansoob Senior Database Architect, Sirius Computer Solutions Skokie, Illinois   Use Cases for Virtualizing Your Exadata Database Machine Borys Neselovskyi Solution Architect, OPITZ Consulting Dortmund, Germany   Datenbank in der Wolke – Teil 1: Abrechnungsmodelle in der Oracle Cloud Emad Al-Mousa Senior IT Consultant, Saudi Aramco Dhahran, Saudi Arabia   Guide to Modify Pluggable CDB Name, PDB Name, and DBID in Oracle 18c Multitenant Architecture Mathias Magnusson CEO, Evil Ape Stockholm, Sweden   The APEX Tour — Or the Power of a Good Mojito Related Resources Latest Blog Posts from Oracle ACEs: April 14-20, 2019 Latest Blog Posts from Oracle ACEs: April 7-13, 2019 Latest Blog Posts from Oracle ACEs: March 31 - April 6, 2019

Who you gonna ask? While the phrase "wildly famous" may not apply to the Oracle ACE program members listed here, each has their own following, and each has earned a reputation for sharing experience...

ACEs in Action

Oracle ACE Sessions at the Great Lakes Oracle Conference (GLOC)

On May 15-16, 2019 the Northeast Ohio Oracle Users Group will present the Great Lakes Oracle Conference in the historic Cleveland Public Hall, just about a ten minute walk from the Rock and Roll Hall of Fame and Museum, seen in the photo above. The following members of the Oracle ACE Program will present sessions at GLOC. So if you're in the neighborhood, come on down. For more information: Great Lakes Oracle Conference   Gary Crisci Principal Architect, General Electric Norwalk, Connecticut   PBCS 101 Master Your Master Data with Oracle DVD Jim Czuprynski Senior Enterprise Data Engineer, Viscosity North America Bartlett, Illinois   Conquer Big Data with Oracle 18c, In-Memory External Tables & Analytic Functions Vote Early, Vote Often: From Napkin to Canvassing Application in a Single Weekend Gustavo Gonzalez Chief Technology Officer, IT Convergence Argentina   Revitalize Your Visualizations with Oracle Autonomous Analytics Cloud Learn How to Unlock Your EBS Data for Free Running in Days! Janice Griffin Senior Sales Engineer, Quest Software Longmont, Colorado   Oracle 12c, 18c, Now 19c! Oh My! What Are the Changes? Cary Millsap Vice President, User Experience Services and Solutions, Cintra Software and Services Dallas, Texas   Pre-conference Workshop: How to Write Better Technical Reports Innovative Specifications for Better Performance Logging & Monitoring Scott Spendolini Vice President, Viscosity North America Austin, Texas   Pre-conference Workshop: APEX Developer Day At Your Service: APEX & Web Services APEX Security Checklist Mike Gangler Senior Database Specialist / Database Architect, Secure-24 Southfield, Michigan   We Don’t Need No Stinkin’ Audit Logs: Using Kafka to Analyze Audit Logs Karen Cannell President/Consultant, TH Technology Rockport, Massachusetts   APEX Interactive Grid & API Essentials: The Stuff You’ll Really Use Voyage to Visual Builder Cloud Service: First Impressions from an APEX Gal Michael Messina Senior Managing Consultant, Rolta-AdvizeX Owensburg, Indiana   The Oracle Database Security Assessment Tool: Know Your Security Risks Anuj Mohan Technical Account Manager, Data Intensity, LLC Covington, Kentucky   DBA 101: Multitenant for Beginners Anton Nielsen Vice President, Insum Solutions Boston, Massachusetts   Two Very Social Applications Jorge Rimblas Senior APEX Consultant, Insum Minneapolis, Minnesota   Pre-conference Workshop: APEX Developer Day Yes, You Can Do That with APEX! Report Templates: The Definitive Guide Maze Runner: The Cure for APEX Confusion Michel Schildmeijer Lead Software Architect for Justis, SSC-I DJI Gouda, Netherlands   Application Workloads to the Oracle Cloud with Kubernetes   Related Content Oracle ACEs at APEX Connect 2019, May 7-9 in Bonn Presentation Persuasion: Calls for Proposals for Upcoming Events

On May 15-16, 2019 the Northeast Ohio Oracle Users Group will present the Great Lakes Oracle Conference in the historic Cleveland Public Hall, just about a ten minute walk from the Rock and Roll Hall...

ACEs in Action

Presentation Persuasion: Calls for Proposals for Upcoming Events

Sure you've got solid technical chops, and you share your knowledge through your blog, articles, and videos. But if you want to walk it like you talk it you have to get yourself in front of a live audience and keep them awake for about an hour. If you do it right, who knows? You might just spend the time after your session signing autographs and posing for selfies to calm your new fans. The first step in accomplishing all that is to respond to calls for proposals for conferences, meet-ups, and other live events like these: AUSOUG Webinar Series 2019 Ongoing series of webinars hosted by the Australian Oracle User Group. No CFP deadline posted.   NCOAUG Training Day 2019 CFP Deadline: May 17, 2019 North Central Oracle Applications User Group Location: Oakbrook Terrace, Ill Event: August 1, 2017   MakeIT Conference CFP Deadline: May 17, 2019 Organized by the Slovenian Oracle User Group (SIOUG). Event: October 14-15, 2019   HrOUG 2019 CFP Deadline: May 27, 2019 Organized by the Croatian Oracle Users Group Event: October 15-18, 2019   DOAG 2019 Conference and Exhibition CFP Deadline: June 3, 2019 Organized by the Deutsche Oracle Anwendergruppe (German Oracle Users Group)> Location: Nürnberg, Germany Event: November 19-20, 2019 Good luck! Related Content ACE Program Members Deliver Sessions at Collaborate 2019 in San Antonio Upcoming ACE-Organized Meet-Ups, April-May 2019 Pizza, Beer, and Dev Expertise at Your Local Meet-up

Sure you've got solid technical chops, and you share your knowledge through your blog, articles, and videos. But if you want to walk it like you talk it you have to get yourself in front of a live...

Automating DevSecOps for Java Apps with Oracle Developer Cloud

Looking to improve your application's security? Automating vulnerability reporting helps you prevent attacks that leverage known security problems in code that you use. In this blog we'll show you how to achieve this with Oracle's Developer Cloud. Most developers rely on third party libraries when developing applications. This helps them reduce the overall development timelines by providing working code for specific needs. But are you sure that the libraries you are using are secure? Are you keeping up to date with the latest reports about security vulnerabilities that were found in those libraries? What about apps that you developed a while back and are still running but might be using older versions of libraries that don't contain the latest security fixes? DevSecOps aims to integrate security aspects into the DevOps cycle, ideally automating security checks as part of the dev to release lifecycle. The latest release of Oracle Developer Cloud Service - Oracle's cloud based DevOps and Agile team platform - includes a new capability to integrate security check into your DevOps pipelines. Relying on the public National Vulnerability Database, the new dependency vulnerability analyzer scans the libraries used in your application against the database of known issues, and flags any security risks your app might have based on this data. The current version of DevCS support this for any Maven based Java project. Leveraging the pom files as a source of truth for the list of libraries used in your code. When running the check, you can specify your level of tolerance to issues - for example defining that you are ok with low risk issues, but not with medium to high risk vulnerabilities. When a check finds issues you can fail the build pipeline, send notifications, and in addition add an issue into the issue tracking system provided for free with Developer Cloud. Check out this demo video to see the process in action. Having these type of vulnerability scans applied to your platform can save you from situation where hackers leverage publicly known issues and out of date libraries usage to break into your systems. These checks can be part of your regular build cycle, and can also be scheduled to run on a regular basis on systems that have already been deployed - to verify that we keep them up to date with the latest security checks.  

Looking to improve your application's security? Automating vulnerability reporting helps you prevent attacks that leverage known security problems in code that you use. In this blog we'll show you how...

Economics and Innovations of Serverless

The term serverless has been one of the biggest mindset changes since the term cloud, and learning how to “think serverless” should be part of every developers cloud-native journey. This is why one of Oracle’s 10 Predictions for Developers in 2019 is “The Economics of Serverless Drives Innovation on Multiple Fronts”. Let’s unpack what we mean by economics and innovation while covering a few common misconceptions. The Economics Cost is only part of the story I often hear “cost reduction” as a key driver of serverless architectures. Everyone wants to save money and be a hero for their organization. Why pay for a full time server when you can pay per function millisecond? The ultimate panacea of utility computing — pay for exactly what you need and no more. This is only part of the story. Economics is a broad term for the production, distribution, and consumption of things. Serverless is about producing software. And software is about using computers as leverage to produce non-linear value. Facebook (really MySpace) leveraged software to change the way the world connected. Uber leveraged software to transform the transportation industry. Netflix leveraged software to change the way the world consumed movies. Software is transforming every major company in every major industry, and for most, is now at the heart of how they deliver value to end users. So why the fuss about serverless? Serverless is About Driving Non-Linear Value Because serverless is ultimately about driving non-linear business value which can fundamentally change the economics of your business. I’ve talked about this many times , but Ben nails it — “serverless is a ladder. You’re climbing to some nirvana where you get to deliver pure business value with no overhead.” Pundits point out that “focus on business value” has been said many times over the years, and they’re right. But every software architecture cycle learns from past cycles and incorporates new ways to achieve this goal of greater focus, which is why serverless is such an important cycle to watch. It effectively incorporates the promise (and best) of cloud with the promise (and learnings) of SOA . Ultimately the winning businesses reduce overhead while increasing value to their customers by empowering their developers. That’s why the economics are too compelling to ignore. Not because your CRON job server goes from $30 to $0.30/month (although a nice use case), but because creating a culture of innovation and focus on driving business value is a formula for success. So we can’t ignore the economics. Let’s move to the innovations. The Innovations The tech industry is in constant motion. Apps, infrastructure, and the delivery process drive each other forward together in a ping-pong fashion. Here are a few of the key areas to watch that are contributing to forward movement in the innovation cycle, as illustrated in the “Digital Trialectic”: Depth of Services The web is fundamentally changing how we deliver services. We’re moving towards an “everything-as-a-service” world where important bits of functionality can be consumed by simply calling an API. Programming is changing, and this is driven largely by the depth of available services to solve problems that once plagued developers working hours. Twilio now removes the need for SMS, voice, and now email (acquired Sendgrid) code and infrastructure. Google’s Cloud Vision API removes the need for complex object and facial detection code and infrastructure. AWS’s Ground Station removes the need for satellite communications code and infrastructure (finally?), and Oracle’s Autonomous Database replaces your existing Oracle Database code and infrastructure. Pizzas, weather, maps, automobile data, cats – you have an endless list of things accessible across simple API calls. Open Source As always, serverless innovation is happening in the world of open source as well, many of which end up as part of the list of services above. The Fn Project is fully open source code my team is working on which will allow anyone to run their own serverless infrastructure on any cloud, starting with Functions-as-a-service and moving towards things like workflow as well. Come say hi in our Slack. But you can get to serverless faster with the managed Fn service, Oracle Functions. And there are other great industry efforts as well including Knative by Google, OpenFaas by Alex Ellis, and OpenWhisk by IBM. All of these projects focus mostly on the compute aspect of a serverless architecture. There are many projects that aim to make other areas easier such as storage, networking, security, etc, and all will eventually have their own managed service counterparts to complete the picture. The options are a bit bewildering, which is where standards can help. Standards With a paradox of choice emerging in serverless, standards aim to ease the pain in providing common interfaces across projects, vendors, and services. The most active forum driving these standards is the Serverless Working Group, a subgroup of the Cloud Native Compute Foundation. Like cats and dogs living together, representatives from almost every major vendor and many notable startups and end users have been discussing how to “harmonize” the quickly-moving serverless space. CloudEvents has been the first major output from the group, and it’s a great one to watch. Join the group during the weekly meetings, or face-to-face at any of the upcoming KubeCon’s. Expect workflow, function signatures, and other important aspects of serverless to come next. My hope is that the group can move quickly enough to keep up with the quickly-moving space and have a material impact on the future of serverless architectures, further increasing the focus on business value for developers at companies of all sizes. A Final Word We’re all guilty of skipping to the end in long posts. So here’s the net net: serverless is the next cycle of software architecture, its roots and learnings coming from best-of SOA and cloud. Its aim is to change the way in which software is produced by allowing developers to focus on business value, which in turn drives non-linear business value. The industry is moving quickly with innovation happening through the proliferation of services, open source, and ultimately standards to help harmonize this all together. Like anything, the best way to get started is to just start. Pick your favorite cloud, and start using functions. You can either install Fn manually or sign up for early access to Oracle Functions. If you don’t have an Oracle Cloud account, take a free trial today.

The term serverless has been one of the biggest mindset changes since the term cloud, and learning how to “think serverless” should be part of every developers cloud-native journey. This is why one of...

ACEs in Action

Oracle ACEs at APEX Connect 2019, May 7-9 in Bonn

APEX Connect 2019, the annual conference organized by DOAG (the German Oracle Applications User Group) will be held May 7-9, 2019 in Bonn, Germany. The event features a wide selection of sessions and events, covering APEX, PL and PL/SQL, and JavaScript.  Among the session speakers are the following members of the Oracle ACE Program: Niels de Bruijn Business Unit Manager APEX, MT AG Cologne, Germany   May 7: Opening Session May 8: Wir brauchen euch! Die DOAG Community stellt sich vor   Dimitri Gielis Director, APEX R&D Flanders, Belgium   May 7: Virtual Reality (VR) and Augmented Reality (AR) with APEX May 8: Sponsored Session APEX R&D: All about APEX Office Print (AOP)   Roel Hartman Director/Senior APEX Developer, APEX Consulting Apeldoorn, Netherlands   May 8: APEX Bad Practices   Heli Helskyaho CEO, Miracle Finland Oy Finland   May 7: Visualizing In-Database Machine Learning with APEX May 8: Beginner Session: Data Modelling for Beginners   Peter Raganitsch CEO, FOEX GmbH Austria   May 8: APEX Debugging 101 May 8: Sponsored Session FOEX: Extending APEX - Single Page Applications, Master-Detail, Drag & Drop   John Edward Scott Founder, APEX Evangelists West Yorkshire, United Kingdom   May 9: Oracle XE18c for APEX Developers   Kamil Stawiarski Owner/Partner, ORA-600 Warsaw, Poland   May 7: Why do we learn a low level approach? The history of an APEX upgrade that went terribly wrong   Martin Widlake Database Architect and Performance Specialist, ORA600 Essex, United Kingdom   May 7: Keynote PL/SQL: A Career Built On Top Of PL/SQL - 25 years of Coding, Sharing, and Learning   Alan Arentsen Senior Oracle Developer, Arentsen Database Consultancy Breda, Netherlands   May 7: JET another presentation, why oh why?   Tobias Arnhold Freelance APEX Developer, Tobias Arnhold IT Consulting Germany   May 7: APEX hui! Agil hui! Es gibt trotzdem Probleme zu überwinden! May 8: Wir brauchen euch! Die DOAG Community stellt sich vor   Dietmar Aust Owner, OPAL UG Cologne, Germany   May 8: Oracle ORDS - New Features You Need to Know About   Kai Donato Senior Consultant for Oracle APEX Development, MT AG Cologne, Germany   May 8: Klick, Klick, Test - Automatisierte Tests für APEX   Daniel Hochleitner Freelance Oracle APEX Developer and Consultant Regensburg, Germany   May 8: Know your Browser Dev Tools!   Oliver Lemm Business Unit Manager, MT AG Cologne, Germany   May 7: Microservices mit APEX   Richard Martens Co-Owner, SMART4Solutions B.V. Tilburg, Netherlands   May 8: Knock yourself out with APEX and knockout.js   Robert Marz Principal Technical Architect, its-people GmbH Frankfurt, Germany   May 7: RESTful Services in der Datenbank mit ORDS erstellen   Matt Mulvaney Senior Development Consultant, Explorer UK LTD Leeds, United Kingdom   May 9: What you need to know about APEX validations   Christian Rokitta Managing Partner, iAdvise Breda, Netherlands   May 9: Keep Me Moving   Philipp Salvisberg Senior Principal Consultant, Trivadis AG Zürich, Switzerland   May 8: MLE – Java, JavaScript, Python or PL/SQL in the Database?   Sven-Uwe Weller Syntegris Information Solutions GmbH Germany   May 8: Die kleine Apex Kochshow - viel Geschmack mit wenig Aufwand   Carolin Hagemann Hagemann IT Consulting Hamburg, Germany   May 7: Git Basics May 8: Wir brauchen euch! Die DOAG Community stellt sich vor   Moritz Klein Senior APEX Consultant, MT AG Frankfurt, Germany   May 7: Holy Grid Additional Resources Oracle ACE Program: A High-Five for New Members and Category Climbers Latest Blog Posts from Oracle ACEs: March 31 - April 6, 2019 Latest Blog Posts from Oracle ACEs: April 7-13

APEX Connect 2019, the annual conference organized by DOAG (the German Oracle Applications User Group) will be held May 7-9, 2019 in Bonn, Germany. The event features a wide selection of sessions and...

DevOps

Git Branch Protection in Oracle Developer Cloud

In the April release of Oracle Developer Cloud, we introduced a feature you can use to protect a specific branch of a Git repository hosted by Oracle Developer Cloud. This blog should help you understand the options we introduced. What does the branch protection do? Git Branch Protection feature enforces that the collaborators on the Git repository cannot commit changes to a branch by bypassing the set development process. Who has access to branch protection? The only one allowed to configure branch protection for a Git repository is the user with the Project Owner role for the project in which the Git repository was created. Where can we find the branch protection option? To access this feature, select the Project Administration tab on the left navigation bar and then select the Branches tile in Developer Cloud.  This feature is accessible to a Project Owner, not to a Project Member.   Branch Protection Settings – Getting Started To get started with setting branch protections, select the Git repository and the branch in the Branches tab. The dropdown lists all the repositories in the project and all the branches created for the selected repository.  In the following screenshot, I selected the NodeJSMicroService.git repository and the master branch.   Branch Protection – Options There are four options for branch protection: Open Requires Review Private Frozen By default, every branch of every Git repository is Open.   Branch Protection Options – Details Open By default, any branch of a given Git repository has a branch protection type of Open. This means there are no restrictions on the branch. You can still impose two rules without imposing code merge rules by selecting one or both of the following checkboxes: Do not allow forced pushes: Select this option to ensure that, if there are any merge conflicts, no code can be pushed to the branch using the force push provision in Git. Do not allow renaming or deleting the branch: Select this option to ensure that nobody can rename or delete the branch. The branch cannot be deleted manually or as part of the merge request. You can save the configuration by clicking the Save button or discard it by clicking the Discard button.   Requires Review If the Project Owner opts for this branch protection option, the code will be reviewed and approved by the configured reviewer for any push or code merge to take place. This is very useful when it is used with the master branch, to avoid any direct push or code merge to it without prior review. You can configure the reviewer(s) who are part of the project and set the criteria for approval. The Criteria for approval dropdown lets you configure whether an approval is required from all the configured reviewers, just one reviewer, or any two of them. In addition to the review criteria, there are few other checkboxes that can help provide you with more comprehensive coverage as part of this protection option. Requires Successful Build:  Select this checkbox to ensure that the review branch to be merged with the selected branch had a successful last build. Reapproval needed when the branch is updated: Select this checkbox to ensure that, if a change is pushed to a branch after some reviewers have approved the merge request, the merge will only happen after the reviewers reapprove the merge request. Changes pushed to the target branch must match review content: Select this checkbox to ensure that the reviewed code and the merged code are one and the same. You can save the configuration by clicking the Save button or discard it by clicking the Discard button. Private This branch protection option ensures that only user(s) who have been configured or designated as branch owners will be able to push the code to the branch directly. All other users will have to create a merge request to push their code to this branch. This option makes sense when the user(s) have branched the code to work on a fix or enhancement and you want to restrict the ability to push code to this branch to a defined set of people. Note: A Project Owner may not be a branch owner. You can also impose two additional rules by selecting one or both of the following checkboxes: Do not allow forced pushes: Select this checkbox to ensure that, if there are any merge conflicts, no code can be pushed to the branch using the force push provision in Git. Do not allow renaming or deleting the branch: Select this checkbox to ensure that nobody can rename the branch or delete it manually or as part of the merge request. You can save the configuration by clicking the Save button or discard it by clicking the Discard button.   Frozen: This probably an easy but crucial branch protection option. As the name suggests, it freezes the branch and prevents any further changes. This option comes in handy during code freeze for the release or master branch. Once a branch has been marked as Frozen, it can only be undone by the Project Owner. You can save the configuration by clicking the Save button or discard it by clicking the Discard button. Branch protection can help streamline the Release Management for the project and help enforce best practices in your development process. To learn more about this and other new features in Oracle Developer Cloud,  take a look at the What's New in Oracle Developer Cloud Service document and the links it provides to our product documentation. If you have any questions, you can reach us on the Developer Cloud slack channel or in the online forum. Happy Coding!

In the April release of Oracle Developer Cloud, we introduced a feature you can use to protect a specific branch of a Git repository hosted by Oracle Developer Cloud. This blog should help you...

DevOps

DevSecOps and Other New Feature in Developer Cloud - April Update

Over the weekend we rolled out an update to Oracle Developer Cloud - your DevOps and Agile platform in the Oracle Cloud. A key new capability we added is security checks for your Java apps as part of our DevOps pipelines. Read below to learn more about this and other features available for you. DevSecOps - Automate Code Security Checks Keeping up to date with the latest information about security risks in your code can be a challenge, but not doing this can put your company and your customers at risk. We all heard stories about hackers leveraging well known security britches that companies forgot to patch. As your application grows this becomes even more challenging as you struggle to keep track of the set of public libraries you are using. With the new version of Oracle Developer Cloud we add DevSecOps functionality that scans your code against a database of known security vulnerabilities and alerts you if your code is using libraries with known security issues. In our first release we scan Java code for projects that leverage Maven as their build framework. You can setup automatic jobs to review your code, report the results, and stop the roll out of vulenrable apps. You can also automatically add a task to the issue tracking system in DevCS to help the team keep an eye on fixing the issue. The build job will give you a detailed report with links to more information about every vulnerability we identify in your code. YAML Based Build and Pipeline Definition Following the "Infrastructure as Code" approach Developer Cloud now allows you to define build jobs and pipelines using YAML files. These files can be stored in the Git repositories in DevCS, and versioned like the rest of your code. DevCS scans your git repositories for these files (specific directory), and creates or updates jobs and pipelines automatically when those are changed (in the master branch). This provides a compliment approach for defining your CI/CD in parallel to the visual approach using the DevCS interface. Enhanced Git Branch Protection You now have more capabilities to restrict what changes can be done to specific code branches. New branch types include branches that require review, are private, or frozen. For example, a branch that is marked as "requires review" limits the ability to push changes by requiring code review by other team members, successful build job, and other combinations of conditions. Deployment Build Step Up until this release deployment was a separate part from our build pipelines. In the new release we are introducing a new step type in your build jobs that can do deployment to Oracle Cloud services. This allows you to add these deployment-jobs to pipelines in an easier way. In addition we connected our deployment step with the environment feature in DevCS. This way you define the connections to your cloud services only once, and then you are able to reuse them in various jobs. To learn more about these and other new features have a look at the "What's New" document and the links it provide for our product documentation. If you have further questions, reach us on the Developer Cloud slack channel or the online forum.

Over the weekend we rolled out an update to Oracle Developer Cloud - your DevOps and Agile platform in the Oracle Cloud. A key new capability we added is security checks for your Java apps as part of...

Containers, Microservices, APIs

Mark Your Calendars: Big Data Startup Molecula Goes Cloud Native

In this webcast, Matt Jaffee from Molecula will share his experience getting their Pilosa environment set up with Oracle Cloud Infrastructure. In addition, the Oracle Cloud product team will provide details around four recently announced Cloud Native Services: Resource Manager for Terraform-based automation, Streaming, Monitoring and Notifications. Learn why you should use these services and how you can get started. Sign up/View on Demand: Webcast link  Time: April 23, 2019 10:00 a.m. - 11:00 a.m. PT Speaker Details: Matt Jaffee is a Lead Engineer/Developer Evangelist/Sales Engineer/DevOps Engineer and Chief Devourer of Breakfast Tacos (a highly contested title) at Molecula. He came to software development by way of an undergraduate degree in Astrophysics and a Master's in Computer Science. He's worked on networking, desktop apps, GPUs, data pipelines, and web apps, but feels most at home optimizing Pilosa – the open source indexing powerhouse at the heart of Molecula. Akshai Parthasarathy is originally from India and spent his teenage years in Trinidad and Tobago before coming to study in the US. He worked at large and small companies prior to his current role as a Product Marketer at Oracle Cloud.  He likes being at the intersection of technology and marketing.  Mark de Visser moved from The Netherlands to the Bay Area in the nineties and has worked in technical, product management and marketing roles since then. One of the early enthusiasts for open source, he played a key role introducing Enterprise Linux at Red Hat, and has been involved with developer and data center technologies ever since. He is now a product manager at Oracle Cloud Infrastructure, focused on the portfolio of cloud native technologies.    

In this webcast, Matt Jaffee from Molecula will share his experience getting their Pilosa environment set up with Oracle Cloud Infrastructure. In addition, the Oracle Cloud product team will provide...

Cloud

Introduction to PWA (Progressive Web Apps) Development with Oracle Visual Builder

Progressive Web Apps (or PWA for short) combine the advantages of on-device mobile app experience with the distribution simplicity offered by regular web applications. The latest version of Oracle Visual Builder offers a very easy way to create and distribute your PWAs in a visual cloud development environment. PWA apps can work offline, leverage device features such as access to the camera, photo gallery, and location information. The app is downloaded to the device, represented as an icon on the device list of apps, and when it is invoked you don't see a browser wrapper (no address bar and browser navigation buttons). As such the user experience of working with such application is very close to applications that you get from the app store. A key difference between PWA and on-device mobile apps is the distribution mechanism. To first "install" the application the user will navigate to a URL using their browser, this will pop-up an option for them to "add the application to home screen". Once they do this the app is now part of their "apps list" on the device. When a new version of the app is published, the end user doesn't need to go to the app store to download it. The application will automatically update on the device the next time you'll open it. Pulling the new UI from the server and caching it for future use. One more point to mention is that PWA can also install on your laptop, for example as a chrome app. This means that unlike the on-device mobile apps in VB that are limited to just iOS or Android devices, PWA apps are able to also run on windows, macs and other OSs. As you'll see in the demo video below, developing a PWA app is no different then developing regular mobile apps in Visual Builder, there is a configuration tab that allows you to turn on the PWA packaging for any mobile app. Once you do this, when you stage the app, you'll get a URL (and a QR code) that customers can access to invoke/install the app. Check out this demo A couple of notes about the app in the demo While we enabled unauthenticated access to the app, you can of course limit application access to specific users The data caching shown in the demo is the result of the REST service specifying a caching mechanism in the header. For more complete caching control and capabilities VB PWA apps can leverage the Oracle JET offline toolkit. The take a picture action also works when running on your laptop, it will open the local file selection dialog.      

Progressive Web Apps (or PWA for short) combine the advantages of on-device mobile app experience with the distribution simplicity offered by regular web applications. The latest version of...

Cloud

New Features in Oracle Visual Builder - PWA, Components Catalog, and Much More

The new version of Oracle Visual Builder released this month features several key features for developers looking to build mobile applications including support for Progressive Web Apps (PWA) development, pluggable Cordova Plug-ins, and improved device integration capabilities. This release also includes the initial release of our component exchange integration. Here is a quick rundown of the key new features released this month. PWA Packaging Progressive Web Apps (PWA) aim to merge the benefits of on-device mobile applications with the ease of distribution that web applications provide. When you create a PWA you get the benefits of on-device mobile apps such as:  native platform look and feel, icon for app invocation on the phone, device integration, and the ability to work offline. But the application doesn't need to be distributed through the app store, and when there is an update to the application, users don't need to download a new version. Instead, you provide a URL to the app and users who access the URL are given an option to add the app to their "homepage". When an update to the application is deployed, the new version will automatically download to the users phone the next time they access the app. Creating a PWA app in Visual Builder is easy, just pick up any mobile app that you created and switch the PWA enable switch on the setting tab, fill out some setup data and you are done. Now when you build your app we create the PWA packaging for you.   Custom Cordova Plug-in For on-device mobile applications Visual Builder uses a hybrid approach leveraging Apache Cordova to allow you to leverage device features. Visual Builder comes with built-in support for leveraging features such as the device's camera and location, but in some cases you might want to leverage other device capabilities.  The new pluggable Cordova plugin support will let you do just that. You can add Cordova plugins to your app and leverage them from our code. Find this under the application setting tab in the "Custom Plugins" section. (P.S. This updated functionality was actually in our February release). Take Photo Action Take photo is one of the built-in device interactions that Visual Builder offers. In the new version this action has been extended from just on-device mobile app support to work also in PWA apps as well as regular web apps. In mobile and PWA apps you'll have access to device camera and to photos in the device gallery. In web apps you'll be able to select images from your client hard-drive and upload them to the app. New Mobile App Template We added support for a new app template for your mobile apps. This one implements a collapsible left side navigation panel that allows you to navigate between flows easily without constantly occupying space on the screen. Application Optimization for Runtime A new feature in Visual Builder supports optimization of the application for runtime. Using a grunt based build job - that you can invoke as part of a Developer Cloud Service build pipeline, or on your own machine - you can optimize your application and publish it in one step. This enables you to further support a complete CI/CD flow with the combination of Visual Builder and DevCS. Oracle's Components Exchange With this release we are also releasing the first iteration of Oracle's Component Exchange - a place where we'll be publishing reusable components that you can easily add to your applications. These components are based on the Oracle JET Web Components architecture and can be further customized in your application. The exchange will also include new templates for applications. This is just the first step in our approach to helping you create and use reusable components in Visual Builder, expect more components to show up frequently, and future version are planned to also allow you to publish your own component exchange. That's Not All There are many other enhancements and additions to visual builder in this release. Read about them in the "What's New" document. Keep an eye on our blog for more detailed blog entries that will show you how to use each one of the new features. If you have any further questions, let us know on our community forum.

The new version of Oracle Visual Builder released this month features several key features for developers looking to build mobile applications including support for Progressive Web Apps (PWA)...

Cloud

Enterprise applications meet cloud native

Speaking with Enterprise customers, many are adopting a cloud-native strategy for new, in-house development projects. This approach of short development cycles, iterative functional delivery and automated CI/CD tooling is allowing them to deliver innovation for users and customers quicker than ever before. One of Oracle’s top 10 predictions for developers in 2019 is that legacy, enterprise applications jump to cloud-native development approaches. The need to move to cloud-native is seated in the fact that, at heart, all companies are software companies. Those that can use software to their advantage, to speed, automate their business and make it easier for their customers to interact with them, win.  This is the nature of business today, and the reason that start-ups, such as Uber, can disrupt whole existing industries. Cloud native technologies like Kubernetes, Docker containers, micro-services and functions provide the basis to scale, secure and enable these new solutions.  However, enterprises typically have a complex stack of applications and infrastructure; this usually means monolithic custom or ISV applications that are anything but cloud-native. These new cloud-native solutions need to be able to interact with these legacy systems but are running in the cloud rather an on-premises and need delivery cycles of days rather than months. Enterprises need to address this technical debt in order to realise the full benefits of a cloud-native approach. Re-writing these monoliths is not practical in the short-term due to resource and time needed. So, what are the options to modernise enterprise applications? Move the Monolith Moving these applications to the cloud can realise the cloud economics of elasticity and pay for what you use. This thinks of infrastructure as code rather than physical compute, network and storage. Using tools such as Terraform – https://www.terraform.io – to create and delete infrastructure resources and Packer – https://www.packer.io – to manage machine images, means we can create environment when needed and tear down when not. Although this does not immediately address modernisation of the application itself, it does start to automate the infrastructure and begin to integrate them into cloud native development and delivery. https://blogs.oracle.com/developers/build-oracle-cloud-infrastructure-custom-images-with-packer-on-oracle-developer-cloud Containerise and Orchestrate  A cloud native strategy is largely based on running applications in Docker containers to give the flexibility of deployment on premises and across different cloud providers. A common approach is to containerise existing applications and run them on premises before moving to the cloud.  Many enterprise applications, both in-house developed and ISV supplied, are Weblogic based and enterprises are looking to do the same with these. Weblogic now runs in docker containers, so the same approach can be taken – https://hub.docker.com/_/oracle-weblogic-server-12c.    As initial, and suitable workloads (workloads that have less on-prem intergration points, or are good candidates from a compliance standpoint) become containerised and moved to the cloud, the management and orchestration of containers into solutions begins to become an issue. Container management or orchestration platforms such as Kubernetes, Docker Swarm etc are being adopted. Kubernetes is emerging as the platform of choice for enterprises to manage containers in the cloud. Oracle has developed a Weblogic Kubernetes operator that allows Kubernetes to understand and manage Weblogic domains, clustering, etc. https://github.com/oracle/weblogic-kubernetes-operator Integrating with version control like Git Hub, secure docker repositories and using CI/CD tooling to deploy to Kubernetes, really brings these enterprise applications to the core of a cloud native strategy. It also means existing Weblogic and Java skills in the organisation continue to be relevant in the cloud.  Breaking It Down To fully benefit from running these applications in the could, the functionality needs to be integrated with the new cloud native services and also to become more agile. An evolving pattern is to take an agile approach, taking a series of iterations to refactoring the enterprise application. A first step is to separate the UI from the functional code and create API’s to access the business functionality. This will allow new cloud native applications access to the required functionality and facilitate the shorter delivery cycles enterprises are demanding. Over time, these services can be rebuilt and deployed as cloud services, eventually migrate away from the legacy application. Helidon is a collection of java libraries for writing microservices that helps to re-use existing java skills to re-developing the code behind the services.  As more and more services are deployed management, versioning and monitoring become increasingly important. Using a tool like a service mesh is evolving as the way to do this. A service mesh is a dedicated infrastructure layer for handling service-to-service communication. It’s responsible for the reliable delivery of requests through the complex topology of services that comprise a modern, cloud native application. Istio is evolving as an enterprise choice and can easily be installed on Kubernetes.  In Conclusion More and more enterprises are adopting a cloud native approach for new development projects. They are also struggling with the technical debt of large monolithic enterprise applications when trying to modernise them. However, there are a number of strategies and technologies that be used to help migrate and modernise these legacy applications in the cloud. With the right approach existing skills can be maintained and evolved into a container based, cloud native environment.  

Speaking with Enterprise customers, many are adopting a cloud-native strategy for new, in-house development projects. This approach of short development cycles, iterative functional delivery and...

Cloud

Kata Containers: An Important Cloud Native Development Trend

Introduction One of Oracle’s top 10 predictions for developers in 2019 was that a hybrid model that falls between virtual machines and containers will rise in popularity for deploying applications. Kata Containers are a relatively new technology that combine the speed of development and deployment of (Docker) containers with the isolation of virtual machines. In the Oracle Linux and virtualization team we have been investigating Kata Containers and have recently released Oracle Container Runtime for Kata on Oracle Linux yum server for anyone to experiment with. In this post, I describe what Kata containers are as well as some of the history behind this significant development in the cloud native landscape. For now, I will limit the discussion to Kata as containers in a container engine. Stay tuned for a future post on the topic of Kata Containers running in Kubernetes. History of Containerization in Linux The history of isolation, sharing of resources and virtualization in Linux and in computing in general is rich and deep. I will skip over much of this history to focus on some of the key landmarks on the way there. Two Linux kernel features are instrumental building blocks for the Docker Containers we’ve become so familiar with: namespaces and cgroups. Linux namespaces are a way to partition kernel resources such that two different processes have their own view of resources such as process IDs, file names or network devices. Namespaces determine what system resources you can see. Control Groups or cgroups are a kernel feature that enable processes to be grouped hierarchically such that their use of subsystem resources (memory, CPU, I/O, etc) can be monitored and limited. Cgroups determine what system resources your can use. One of the earliest containerization features available in Linux combine both namespaces and cgroups was Linux Containers (LXC). LXC offered a userspace interface to make the Linux kernel containment features easy to use and enabled the creation of system or application containers. Using LXC, you could run, for example, CentOS 6 and Oracle Linux 7, two completely different operating systems with different userspace libraries and versions on the same Linux kernel. Docker expanded on this idea of lightweight containers by adding packagaging, versioning and component reuse features. Docker Containers have become widely used because they appealed to developers. They shortened the build-test-deploy cycle because they made it easier to package and distribute an application or service as a self-contained unit, together with all the libraries needed to run it. Their popularity also stems from the fact that they appeal to developers and operators alike. Essentially, Docker Containers bridge the gap between dev and ops and shorten the cycle from development to deployment. Because containers —both LXC and Docker-based— share the same underlying kernel, it’s not inconceivable that an exploit able to escape a container could access kernel resources or even other containers. Especially in multi-tenant environments, this is something you want to avoid. Projects like Intel® Clear Containers Hyper runV took a different approach to parceling out system resources: their goal was to combine the strong isolation of VMs with the speed and density (the number of containers you can pack onto a server) of containers. Rather than relying on namespaces and cgroups, they used a hypervisor to run a container image. Intel® Clear Linux OS Containers and Hyper runV came together in Kata Containers, an open source project and community, which saw its first release in March of 2018. Kata Containers: Best of Both Worlds The fact that Kata Containers are lightweight VMs means that, unlike traditional Linux containers or Docker Containers, Kata Containers don’t share the same underlying Linux kernel. Kata Containers fit into the existing container ecosystem because developers and operators interact with them through a container runtime that adheres to the Open Container Initiative (OCI)specification. Creating, starting, stopping and deleting containers works just the way it does for Docker Containers. Image by OpenStack Foundation licensed under CC BY-ND 4.0 In summary, Kata Containers: Run their own lightweight OS and a dedicated kernel, offering memory, I/O and network isolation Can use hardware virtualization extensions (VT) for additional isolation Comply with the OCI (Open Container Initiative) specification as well as CRI (Container Runtime Interface) for Kubernetes Installing Oracle Container Runtime for Kata As I mentioned earlier, we’ve been researching Kata Containers here in the Oracle Linux team and as part of that effort we have released software for customers to expermiment with. The packages are available on Oracle Linux yum server and its mirrors in Oracle Cloud Infrastructure (OCI). Specifically, we’ve released a kata-runtime and related compontents, as well an optimized Oracle Linux guest kernel and guest image used to boot the virtual machine that will run a container. Oracle Container Runtime for Kata relies on QEMU and KVM as the hypervisor to launch VMs. To install Oracle Container Runtime for Kata on a bare metal compute instance on OCI: Install QEMU Qemu is available in the ol7_kvm_utils repo. Enable that repo and install qemu sudo yum-config-manager --enable ol7_kvm_utils sudo yum install qemu Install and Enable Docker Next, install and enable Docker. sudo yum install docker-engine sudo systemctl start docker sudo systemctl enable docker Install kata-runtime and Configure Docker to Use It First, configure yum for access to the Oracle Linux Cloud Native Environment - Developer Preview yum repository by installing the oracle-olcne-release-el7 RPM: sudo yum install oracle-olcne-release-el7 Now, install kata-runtime: sudo yum install kata-runtime To make the kata-runtime an available runtime in Docker, modify Docker settings in /etc/sysconfig/docker. Make sure SELinux is not enabled. The line that starts with OPTIONS should look like this: $ grep OPTIONS /etc/sysconfig/docker OPTIONS='-D --add-runtime kata-runtime=/usr/bin/kata-runtime' Next, restart Docker: sudo systemctl daemon-reload sudo systemctl restart docker Run a Container Using Oracle Container Runtime for Kata Now you can use the usual docker command to run a container with the --runtime option to indictate you want to use kata-runtime. For example: sudo docker run --rm --runtime=kata-runtime oraclelinux:7 uname -r Unable to find image 'oraclelinux:7' locally Trying to pull repository docker.io/library/oraclelinux ... 7: Pulling from docker.io/library/oraclelinux 73d3caa7e48d: Pull complete Digest: sha256:be6367907d913b4c9837aa76fe373fa4bc234da70e793c5eddb621f42cd0d4e1 Status: Downloaded newer image for oraclelinux:7 4.14.35-1909.1.2.el7.container To review what happened here. Docker, via the kata-runtime instructed KVM and QMEU to start a VM based on a special purpose kernel and minimized OS image. Inside the VM a container was created, which ran the uname -r command. You can see from the kernel version that a “special” kernel is running. Running a container this way, takes more time than a traditional container based on namespaces and cgroups, but if you consider the fact that a whole VM is launched, it’s quite impressive. Let’s compare: # time docker run --rm --runtime=kata-runtime oraclelinux:7 echo 'Hello, World!' Hello, World! real 0m2.480s user 0m0.048s sys 0m0.026s # time docker run --rm oraclelinux:7 echo 'Hello, World!' Hello, World! real 0m0.623s user 0m0.050s sys 0m0.023s That’s about 2.5 seconds to launch a Kata Container versus 0.6 seconds to launch a traditional container. Conclusion Kata Containers represent an important phenomenon in the evolution of cloud native technologies. They address both the need for security through virtual machine isolation as well as speed of development through seamless integration into the existing container ecosystem without compromising on computing density. In this blog post I’ve described some of the history that brought us Kata Containers as well as showed how you can experiment with them yourself with packages using Oracle Container Runtime for Kata.

Introduction One of Oracle’s top 10 predictions for developers in 2019 was that a hybrid model that falls between virtual machines and containers will rise in popularity for deploying applications. Kata...