Thursday Apr 07, 2016

What are JMX Credentials and What is Ops Center Doing With Them?

When you discover a Solaris Cluster, you're asked to provide ssh credentials and JMX credentials. You already know the ssh credentials but what about those JMX credentials? They're for the agent on the cluster's global node. The agent uses JMX so they're called JMX credentials. Think of them as agent credentials.

The only thing these credentials are doing is allowing the agent on the global node to respond to the Enterprise Controller. Without the JMX creds, you can discover and manage the cluster server itself, but nothing else. If you look in the log file, you'll see a message like "JMXMP provider exception Connection refused." With the JMX creds, Ops Center authenticates the agent, connects to the agent, and acquires all the agent's information about the global node.

JMX credentials can be anything convenient for you, like cluster1 and cluster2, and simple passwords. For all global nodes to use the same credentials, create one set in the discovery profile and run the discovery job. However, if for some reason, you need to use a unique set of credentials for each global node, create each set of credentials in a credential profile and then run a discovery job for each global node. You'll use the same discovery profile but change the credential profile for each job. You can still keep it simple, like cluster1node1 and cluster1node2.

For more information, take a look at the Oracle Solaris Cluster section of the Configuration Reference.

Thursday Mar 31, 2016

Using Ops Center ASR For Unsupported Hardware

I saw a question recently about the limits of the Auto Service Request (ASR) feature in Ops Center:

"I have some hardware, including some switches, that are listed as supported in the ASR documentation but not in the Ops Center documentation. Can I still use Ops Center's ASR for them?"

In Ops Center, ASRs are generated through asset monitoring, so if a piece of hardware isn't supported in Ops Center, Ops Center can't generate ASRs for it. The Certified Systems Matrix talks a bit about how assets need to be listed as supported for both products for ASR through Ops Center to work for them.

The ASR documentation also has more information about what it supports. For products outside of Ops Center's umbrella, you'll need to use a separate ASR manager.

Thursday Mar 24, 2016

Searching in the Ops Center library

So, I've seen a few questions about the search function in the Ops Center doc library. This is a bit embarrassing, since the search function is supposed to answer questions instead of creating them. But, I figured I'd go over how the search works and how to tweak its settings.

Basically, the default setting for the search is based on where you are. If you do a search from the main page of,  it will cover literally every product library:

If you do a search from the Ops Center library, it will default to only searching the Ops Center library:

You can click Select in the categories on the left to see the current search options (and change them if need be):

If you're trying to find something within a specific book, then you can open up the book and then use the search box on the left:

Those are the basics of the search function in Ops Center.

Thursday Mar 17, 2016

Managing Guest Affinity and Disaffinity

When a guest is migrated to a new system, there are some cases where you want it to be placed with a specific guest, or want it not to be placed with a specific guest. Perhaps you have multiple guests that make up the parts of a three-tiered application, and you want to keep them together. Or perhaps you have two guests that are different nodes of an HA cluster, and putting them together would defeat the purpose.

Starting in Ops Center 12.3.1, you can use affinity tags to establish preferences for where guests go. You do this by selecting the guest, clicking Edit Tags, and using these tags:

  • affinityTags — This tag identifies the guest for other guests' affinities and disaffinities.

  • affinities — Which other guests the current guest should be placed with.

  • disaffinities — Which other guests the current guest should not be placed with.

For example, let's say that you have three groups of guests - A, B, and C - and you want to keep each group together. Here are the tags that you could assign to the guests in Group A:


  • affinityTags — Group A

  • affinities — Group A

  • disaffinities — Group B, Group C

There's more information about affinities and disaffinities in the Virtualization Reference document.

Thursday Feb 11, 2016

Viewing Assets in Maintenance Mode

In Ops Center, you can place assets into maintenance mode to temporarily stop alerts from being generated on them. This is useful if you're doing maintenance on some systems, hence the name; but particularly in a large environment you can lose track of what assets are in maintenance mode.

There are a couple of ways to tell. For a single asset, if you've selected it, the Actions panel will have a 'remove from maintenance mode' option if it's already in maintenance mode.

If you want to see all of the assets in maintenance mode, you can create a group that will automatically include them. Create a group with a single group rule like this:

This new group will then include all of your assets in maintenance mode.

Thursday Feb 04, 2016

Upgrade Issues

Now that some folks are upgrading to version 12.3.1, we've seen a couple of upgrade issues. There are a couple of issues that I've seen questions about which I can give you a solution for:

"When I try to upgrade to 12.3.1 on an S11 system, I get an error saying 'The configured Oracle Solaris 11 publisher, <publisher>, does not support the version of Oracle Solaris 11 that is installed on this system.' What do I do?"

The Oracle Solaris 11 publisher for your environment needs to include the full version of S11 that you're using. You can solve this problem by updating your repository.

"How much disk space do I need to have free for an upgrade?"

This will depend on your environment to some extent, but 100 GB is a good guideline.

Thursday Dec 17, 2015

Changing the Remote Database Location

One of the benefits of using a customer-managed database with Ops Center is greater control over the database - you decide how it should be backed up, what system you want it on, and so on. This gives you the ability to move the database to a new system as well. But that raises a question - how do you get Ops Center to use the new DB location?

This is a process that you complete from the command line. There are a few big steps:

  1. Shut down the Enterprise Controller.
  2. Point the EC to the new DB location.
  3. Export the data from the old DB.
  4. Import the data on the new DB.
  5. Start the EC again.

Here's a link to the document that explains these steps in detail.

Thursday Dec 10, 2015

Users and Groups Created by Ops Center

I saw a question recently about the users and groups that are created on the EC and PC operating systems as part of an Ops Center install. Back in 11g, we had a section in the docs that showed these users and groups, but it's missing in 12c.

So, here are the users and groups that OC creates when it's installed:

  • Enterprise Controller Users: svctag, allstart, uce-sds, xvm, webservd
  • Enterprise Controller Groups: jet, uce-sds, webservd
  • Proxy Controller Users: svctag, allstart, uce-sds
  • Proxy Controller Groups: jet, uce-sds

The UIDs for the svctag and xvm users are set by Solaris (to 95 and 60, respectively) but the rest of the UIDs are not expected to be any specific value.

Also, if you're planning an installation, remember that you should use the OCDoctor utility to check the prerequisites first. There are a lot of prereqs that used to be manual checks, that we just made the OCDoctor do automatically.

Thursday Dec 03, 2015

Images for OS Provisioning

This week I saw a couple of questions about the sources that you can use for OS Provisioning in Ops Center.

"Is there any way that I can automate the importing of FLAR files for OSP, with a script or something like that?"

Yes. If you've set up a default software library through the UI, you can use the Ops Center CLI's osimage mode to perform imports. Take a look here for more information.

"Is Unified Archive (UAR) supported through Ops Center?"

Not yet. However, we know that it's a desirable feature for a lot of users, and we're working on it.

Thursday Nov 19, 2015

Oracle VM Server for SPARC Support

I saw a couple of related questions about Oracle VM Server for SPARC 3.3 support recently:

Are T7 servers with Oracle VM Server for SPARC 3.3 supported in Ops Center?

Yep. You can take a look at the Certified Systems Matrix to see the full list of supported systems.

What if I want to downgrade systems to Oracle VM Server for SPARC 3.2?

That's not something we've tested or certified.

Are live migration and automatic recovery supported for OVMSS 3.3?

Yes, the full feature set for OVMSS is supported for version 3.3. One issue worth mentioning, though, is that the option for setting the maximum bandwidth for a guest doesn't work properly in 3.3; we're working on that issue.

Thursday Nov 12, 2015

Updating an Oracle Solaris 8 system

Last week, we talked a bit about how to update branded zones. I saw a question this week about upgrading Oracle Solaris 8 systems, and branded zones figure into the answer here too.

"I've got some legacy applications running on some Oracle Solaris 8 systems. I'd like to get them running on S11 if possible. What can I do to upgrade these systems?"

Solaris 8 is old enough that there isn't an upgrade path all the way to Oracle Solaris 11. If you have legacy applications running on Solaris 8, and you want to move to a newer OS, you have a couple of options.

If you can move your applications onto S11, then you can use Ops Center to provision new S11 systems and then get the applications running on the new system.

However, some applications might not work on S11. In that case, you could create a Flash Archive of the existing S8 system, and use that FLAR to make an S8 branded zone on an S10 system. It's not S11, but it's not too shabby.

Thursday Nov 05, 2015

Branded Zones Questions

Branded Zones are handy if you want to run Oracle Solaris 10 zones on top of an S11 platform. However, they do work a bit differently from other zones in Ops Center. I've received a couple of questions about branded zones that I thought I'd try to clear up:

"I have a Control Domain with an Oracle Solaris 10 branded zone on it. Can I upgrade the control domain without Ops Center getting confused by the branded zone?"

Yes. When you upgrade a control domain or OS with a branded zone on it, the branded zone is skipped by design.

"Okay, so how do I upgrade the branded zone itself?"

Patching on a branded zone is similar to patching a global zone. If the branded zone doesn't have an agent, you can switch to agent management using the Switch Management Access option, then patch the branded zone normally.

Thursday Oct 15, 2015

Checking the Health of an Ops Center System

I saw a general question about keeping Ops Center running:

"I want to do a regular diagnostic to make sure that my Enterprise Controller and Proxy Controller systems are healthy. What tools can I use to do that?"

There are a few tools that you can use for this purpose.

First, there's the UI. The Administration section in the UI shows the status of all Proxy Controllers, and the current status of the Enterprise Controller services.

Outside of the UI, there are a number of tools bundled with the OCDoctor script that you can use. The OCDoctor and its toolbox are in the /var/opt/sun/xvm/OCDoctor/ folder on the Enterprise Controller and Proxy Controllers. Here are some of the options and tools you can use:

  • --update  - You should run this first, to make sure that you've got the latest version of the OCDoctor.
  • --troubleshoot  - This option will provide troubleshooting information for some known issues. You can also add the --fix option to apply fixes for some of these issues.
  • --check-connectivity  - This option will check for connectivity issues.
  • toolbox/ -b  - This script checks for issues with your libraries.

These options should help you stay aware of how Ops Center is doing.

Thursday Oct 08, 2015

Agent versus Agentless Management

I've seen a couple of questions recently about the differences between Agent managed and Agentless assets, so I thought I'd explain the differences and the relative merits.

You can manage operating systems and virtualization technologies in one of two ways - by installing an Ops Center Agent on them, or by providing Ops Center with credentials that it can use to reach the asset. The agent is tailored to the system - there are separate types of Agents for Zones and LDoms.

If you don't want to have anything else installed on a system, agentless management can provide management and monitoring capabilities. However, there are some features that aren't available for assets that are managed agentlessly. There's a table in the OS Management chapter that explains what features are and are not available with agentless assets.

Thursday Oct 01, 2015

Changing an Asset's Name

I got a question about an incorrect asset name:

"I discovered a server, but when I discovered it, it was named according to its IP address because of a DNS issue. The incorrect name in the UI angers me. How do I fix it?"

This is relatively simple. In the navigation section, select the All Assets node at the root of the asset tree, then select the Managed Assets tab. Select the incorrectly named asset, and click the pencil icon to edit its properties (including name). Click finish to save the changes.


This blog discusses issues encountered in Ops Center and highlights the ways in which the documentation can help you


« May 2016