Our spotlight this week is one of my favorite videos (and one of my favorite features of Oracle Linux), Ksplice. If you're not familiar with Ksplice, it's really astounding – it allows you to update the Linux kernel while it is running and without needing to restart. It's just amazing technology, and it comes with your Oracle Linux support subscription.
In the video below, Oracle's Tim Hill described a few different scenarios of how Ksplice can be used (click the image to hop over to the Oracle Linux YouTube channel and play the video):
By now, you've probably heard about the release of Oracle Linux 6.5. One really cool thing about this release is that Unbreakable Enterprise Kernel Release 3 is installed by default, meaning you get to use all the great features of UEK R3 without needing to do a separate installation. And are there a lot of great features in UEK R3! So, our spotlight this week is on the release notes for the latest version of Oracle's Unbreakable Enteprise Kernel.
You'll learn about Control Groups, Linux Containers, DTrace, additional crypto options, improved diagnostics, the updated btrfs, better memory management, more networking options, improvements for performance, security, storage, and much more.
This week, I want to highlight a really wonderful resource, the Oracle Linux Wiki on wikis.oracle.com. You can find a lot of in-depth technical information there and it’s probably worthy of a bookmark to check in on occasionally.
One of my favorite types of content on the wiki is the do it yourself hands on labs. We do these at in person events like Oracle OpenWorld and also online for our Virutal SysAdmin Days, and those are great because you can get real-time assistance if you have any questions. But, if you’re eager to learn more about Oracle Linux and don’t want to wait for one of those events, you can step through these labs in your own time. All of the information you need is on the wiki.
Our spotlight this week is on a really cool technical tip on the Oracle Technology Network from Yuli Vasiliev called "How to Launch Linux Utilities from Oracle Database". From Yuli's introduction:
"By wrapping a Linux utility in a script and using an external database table's preprocessor directive, you can launch the utility from within Oracle Database and have the utility's output be inserted into the external table. This allows you to do things such as query operating system data and then join it with data in Oracle Database."
The Oracle Enterprise Manager Agent Preinstall RPM installs the required
software packages and prepares the operating system for Oracle
Enterprise Manager Agent deployment. It has recently been made available for both x86_64 and i386 platforms from the ol6_addons repository on the public-yum server and the Unbreakable Linux Network.
The Oracle Management Agent (Management Agent) is one of the core components of Enterprise Manager Cloud Control that is deployed on each monitored host. It is responsible for managing and maintaining the hosts and its targets and communicating that information to the middle-tier Oracle Management Service. The Management Agent also allows you to monitor non-Oracle components (such as third-party databases) through management plug-ins and connectors.
Once the Oracle Enterprise Manager agent is deployed on an operating system, the operating system and applications running on that host can be monitored and manged using the Oracle Enterprise Manager 12c console.
The Oracle Enterprise Manager Agent Preinstall package installs the required software packages and sets system parameters necessary to deploy and run the Oracle Enterprise Manager Agent on Oracle Linux 6. In particular, it performs the following tasks to enable the agent deployment:
Installs the required packages like sudo or openssh (via RPM package dependencies which will be resolved by the yum package manager)
Creates and configures the oracle user and group accounts
Modifies the user hard and soft file limits set in /etc/security/limits.d/
Installs sudo configuration templates
This RPM may be installed on an existing physical or virtual Oracle Linux 6 system, or may be included in an Oracle VM Template or Oracle Virtual Assembly. Note that the actual agent installation requires 2 GB of free space and 512 MB swap space, and therefore the system image should be configured to meet these requirements.
A. Installing on physical or virtual Linux machine
Subscribe the system to the Oracle Linux 6 Addons channel in ULN (ol6_addons on public-yum).
Install the RPM via yum: # yum install oracle-em-agent-12cR1-preinstall
Check that there is at least 2 GB free disk space in the agent install location (e.g. by using "df -h") and at least 512 MB of swap space (e.g. by running "swapon -s")
B. Including the RPM in the system.img disk image inside of an Oracle Virtual Assembly
Place System.img and vm.cfg in the same folder
As the root user, run the following command: # modifyjeos -f System.img -a <addrpm.lst> -m <rpm_directory_for_the_os> (where addrpm.lst contains the list of additional RPMs to install)
Check if the root partition has a minimum of 2 GB of free disk space. If not, use the following command to increase the free space: # modifyjeos -f System.img -T <total new amount of disk space in MB>
Check if there is a minimum of 512 MB of swap space. If not, use the following command to increase the swap space; # modifyjeos -f System.img -S <total new amount of swap space in MB>
An Oracle Enterprise Manager installation can be configured such that the Enterprise Manager agent is pushed on the Guest VMs automatically when the Oracle Virtual Assembly is deployed.
To configure the Oracle Management Server (OMS) for automatic agent push, update the following properties in the
The Oracle mainline Linux kernel team lead by James Morris works as part of the Linux
kernel community to develop new features and maintain existing code. It is globally distributed and includes leading core kernel developers and industry veterans.
They now have their own blog, to share some insights about recent Linux developments with you. Quoting from James' introduction:
In this blog I'll be discussing new and interesting happenings with the team. There'll be some technical deep dives and contributed posts from team members. The primary audiences are technical Oracle Linux users and the wider Linux community.
There are partnerships where there's great impact for all the community. This is the case with Oracle and Linux Foundation. We are growing strong in our collaboration and support of each other and the community as its extension.
Oracle's Monica Kumar, Senior Director Product Marketing had a chance to sit down with Linux Foundation's Jim Zemlin to discuss about the foundation, challenges and partnership with Oracle. These podcasts will give you insights into our collaborative efforts and benefits you may gain from this unique partnership.
Oracle has been a long time member and supporter of The Linux Foundation. In the Part 1 of our podcast series, we sat down with Jim Zemlin, Executive Director of the Linux Foundation to hear his thoughts on Linux community in general and some of the challenges it faces.
In this second podcast, you will hear his thoughts on Oracle’s participation and contributions to Linux as well as understand his perspective on the goals of The Linux Foundation and where it is headed.
Oracle Linux provides two complimentary technologies for patching and updating the operating system.
yum for updating RPM packages. Applications and libraries are packaged and distributed in the form of RPM packages, which are collected in yum repositories. Updates are installed by downloading the packages from the yum repository and installing them locally using the RPM package manager.
It's probably worth repeating that Oracle also provides updates (errata) for free from our public-yum server - you can keep your system up to date and fully patched against security threats without the need of purchasing a support subscription. This makes Oracle Linux and ideal choice to install on both your development and production systems - it is up to you to individually choose which of these systems you want to have covered by a support subscription and at which level.
We also provide updates to the Linux operating system kernel in RPM format. However, these changes only take effect after the system has been rebooted, which can be quite disruptive in certain environments. Scheduling downtime for a reboot is never easy.
This is where Ksplice enters the picture. It is a technology that allows you to apply critical fixes to the Linux kernel at run time, without the need to reboot your system. This is a feature that is unique to Oracle Linux. The system connects to the Ksplice server to obtain the individual rebootless patches, split up by security issues (which are usually tracked by CVE numbers). You can install all of the patches in one go, or choose to install only selected patches, without any service interruption or downtime. Ksplice patches can also be removed at run-time, in case they show any any unwanted or unexpected side-effects.
Both yum and ksplice require downloading patches from a remote server, so the client system needs to be able to connect to a remote server. In many cases, connecting to an update server located on the public Internet directly is not an option, due to security policies.
In the case of yum, it's possible to create a local copy of a repository and simply point all clients to obtain their patches from there instead. There are several ways to create and manage such local repositories, and Oracle Enterprise Manager 12c Cloud Control and Ops Center both provide built-in functionality to support this. We also published a script on OTN that automates the task of downloading RPM packages from the Unbreakable Linux Network.
For Ksplice, it was already possible to set up a local server that would act as a caching proxy server for all available patches - the client systems would only have to connect to this server instead of contacting the remote Ksplice server over the Internet directly. However, this solution requires setting up a dedicated system just for this particular task, so many customers were not too happy about this solution.
The Ksplice team at Oracle now came up with an alternative solution - instead of providing the Ksplice patches as individual downloadable items, they are bundled inside an RPM package, one for each Linux kernel version we support. Any time a new ksplice patch is available, the respective RPM package will be refreshed. This way we can now deliver Ksplice patches via yum repositories, which is a well-established transport mechanism and can utilize already existing infrastructure. The process involves two steps: first you download the ksplice patch RPM using yum, then you run the local ksplice client, which has been modified to check for updates on the local file system instead of contacting the remote server. Even though you are using RPM to download the Ksplice patch bundle RPM, you still use the local ksplice client to apply the individual patches at run time.
This new Ksplice offline mode gives you the best of both worlds: being able to patch your Linux kernel at run-time without disrupting any services, while not requiring you to manage any additional infrastructure or services, or having to negotiate any exceptions to your firewall rules in order to allow your systems to contact the remote Ksplice server.
For more information about the Ksplice offline mode, please see Wim's blog post or check out the following video, which outlines the basic principles of how to apply updates to your Oracle Linux system:
It also includes a short video clip of the interview, in which Wim shares some more thoughts about Oracle Linux, Solaris and related technologies and how they are developed at Oracle. If you would like to learn more about our motivation and strategy around Linux and Solaris, this one is a must-read!
"The Solaris team is hiring more people, and I'm hiring more people,"
Coekaerts said. "We're making both better and we're not favoring one
over the other."
In the second part of this article series titled "How I Use the Advanced Capabilities of Btrfs", Margaret now explores some of the more advanced features of this file system like RAID, checksums or filesystem snapshots and clones.
If you want to learn more about this exciting new file system, these two articles provide a solid foundation of information to evaluate and get familiar with Btrfs. Go check them out!