Friday Dec 28, 2012

Friday Tips #8

For our final tip of 2012, we have another video from John Pither, Principal Sales Consultant, Oracle Desktop Virtualization. Watch below to learn how to create desktop providers in Oracle Virtual Desktop Infrastructure:

Remember, you can submit questions for our Friday tips on Twitter using the #askoraclevirtualization hashtag. We'll see you next week!

-Chris 

Friday Dec 21, 2012

Friday Tips #7, Part 2

Our desktop tip today is in the form of a video done by John Pither, Principal Sales Consultant, Oracle Desktop Virtualization. It covers how desktop pools work and how to create them in Oracle Virtual Desktop Infrastructure:

Friday Tips #7, Part 1

Welcome to Friday Tips #7, part 1. This tip is focused on server virtualization and part 2 will be focused on desktop.

Last week, we shared a tip on how to update the Oracle VM Servers, which begged the question of how to update the OVM Manager itself:


Question:
How do I update OVM Manager?

Answer by Justin Kutticherry, Systems Account Manager, Oracle: 
Here are the steps to update the OVM Manager itself:

  • Login to myoraclesupport site
  • Click on the ‘Patches & Updates’ tab
  • Click on ‘Product or Family’ on the Search Tab, select Oracle VM and then Oracle VM 3.0 (like below) and hit Search:

  • Look through the list and select the appropriate patch - click on the link to the left to download the ISO (will save as a zip)

  • Then mount the ISO and run the updater (“ovmm-update” is the ISO in the example below)

Ideally, you would update the OVM Manager first and then the servers. Make sure to backup prior to updating as there is currently no revert function.

Friday Dec 14, 2012

Friday Tips #6, Part 2

Here is a question about updating Oracle VM:


Question:
How can I perform Oracle VM 3 server updates from Oracle VM Manager?

Answer by Gregory King, Principal Best Practices Consultant, Oracle VM Product Management:
Server Update Manager is a built-in feature of the Oracle VM Manager. Basically, Server Update Manager automatically configures YUM updates on all the Oracle VM Servers, pointing each to our Unbreakable Linux Network (ULN) update channel for Oracle VM. The servers periodically check with our Oracle YUM repository and notify the Oracle VM Manager that an update is available for each server. Actual server updates must be triggered by the Oracle VM administrator – they are not executed automatically.

At this point, you can use the Oracle VM Manager to put a server into maintenance mode which live migrates all the running Oracle VM Guests to other Oracle VM Servers in the server pool. Once all the Oracle VM Guests have been migrated, the Oracle VM administrator can trigger the update on the server. The entire process is documented in the Installation and Upgrade Guide of Oracle VM Documentation so I won’t spend time detailing the steps.

However, configuring the Server Update Manager is exceedingly simple. Simply navigate to the Tools and Resources tab in the Oracle VM Manager, select the link for Server Update Manager and ensure the following values are added to the text boxes as shown in the illustration below:

  • YUM Base URL: http://public-yum.oracle.com/repo/OracleVM/OVM3/latest/x86_64
  • YUM GPG Key: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle

Every server in the pool will be automatically configured for YUM updates once you choose the Apply button.


Many thanks to Greg and Rick for providing the answers to this week's questions. If you want to ask us something, hit up Twitter and use hashtag #AskOracleVirtualization. See you next week!

-Chris 

Friday Tips #6, Part 1

We have a two parter this week, with this post focusing on desktop virtualization and the next one on server virtualization.


Question:
Why would I use the Oracle Secure Global Desktop Secure Gateway?

Answer by Rick Butland, Principal Sales Consultant, Oracle Desktop Virtualization:
Well, for the benefit of those who might not be familiar with client connections in Oracle Secure Global Desktop (SGD), let me back up and briefly explain. An SGD client connects to an SGD server using two distinct protocols, which, by default, require two distinct TCP ports. The first is the HTTP protocol, used by the web browser to connect to the SGD webserver on TCP port 80, or if secure connections are enabled (SSL/TLS), then TCP port 443, commonly identified as the "HTTPS" port, that is, "SSL encrypted HTTP." The second protocol from the client to the server is the Adaptive Internet Protocol, or AIP, which is used for displaying applications, transferring drive mapping data, print jobs, and so on. By default, AIP uses the TCP port 3104, or port 5307 when SSL is enabled.

When SGD clients need to access SGD over a firewall, the ports that AIP requires are typically "closed"; and most administrators are reluctant, to put it mildly, to change their firewall configurations to allow AIP traffic on 3144/5307.  

To avoid this problem, SGD introduced "Firewall Forwarding", a technique where, in effect, both http and AIP traffic are "multiplexed" onto a single "well-known" TCP port, that is port 443, the https port.  This is also known as single-port firewall traversal.  This technique takes advantage of the fact that, as a "well-known service", port 443 is usually "open",   allowing (encrypted) traffic to pass. At the target SGD server, the two protocols are de-multiplexed and routed appropriately.

The Secure Gateway was developed in response to requirements from customers for SGD to support multi-stage DMZ's, and to avoid exposing SGD servers and the information they contain directly to connections from the Internet. The Secure Gateway acts as a reverse-proxy in the first-tier of the DMZ, accepting, authenticating, and terminating incoming client connections, and then re-encrypting the connections, and proxying them, routing them on to SGD servers, deeper in the network. The client no longer needs to know the name/IP address of the SGD servers in their network, they connect to the gateway, only. The gateway takes care of those internal network details.    

The Secure Gateway supports the same "single-port firewall" capability as does "Firewall Forwarding", but offers the additional advantage of load-balancing incoming client connections amongst SGD array members, which could be cumbersome without a forward-deployed secure gateway. Load-balancing weights and policies can be monitored and tuned using the "Balancer Manager" application, and Apache mod_proxy_balancer directives.  

Going forward, our architects recommend the use of the Secure Gateway over "Firewall Forwarding" for single-port firewall traversal, due to its architectural advantages, its greater flexibility and enhanced features. 

Finally, it should be noted that the Secure Gateway is not separately priced; any licensed SGD customer may use the Secure Gateway component at no additional cost.  

For more information, see the "Secure Gateway Administrator's Guide".

Friday Dec 07, 2012

Friday Tips #5

Happy Friday, everyone! Following up on yesterday's post about Oracle VM VirtualBox being selected as the best virtualization solution for 2012 by the readers of Linux Journal, our Friday tip is about that very cool piece of software:


Question:
How do I move a VM from one machine to another with Oracle VM VirtualBox?

Answer by Andy Hall, Product Management Director, Oracle Desktop Virtualization:
There are a number of ways to do this, with pros and cons for each. The most reliable approach is to Export and Import virtual machines:

  1. From the VirtualBox manager, simply use the File…Export appliance menu and follow the wizard's lead.
  2. Move the resulting file(s) to the destination machine; and
  3. Import the VM into VirtualBox.

This method will take longer and use more disk space than other methods because the configuration files and virtual hard drives are converted into an industry standard format (.ova or .ovf). But an advantage of this approach is that the creator of the virtual appliance can add a license which the importer will see and click-to-accept at import time. This is especially useful for ISVs looking to deliver pre-built, configured and tested appliances to their customers and prospects.


Thanks Andy!

Remember, if you have a question for us, use Twitter hashtag #AskOracleVirtualization. We'll see you next week!

-Chris 

About

Get the latest scoop on products, strategy, events, news, and more, from Oracle's virtualization experts

Twitter

Facebook

Search

Archives
« December 2012 »
SunMonTueWedThuFriSat
      
1
2
4
6
8
9
10
11
12
13
15
16
17
18
20
22
23
24
25
26
27
29
30
31
     
Today