martinberger.com – Deheime@Jurasüdfuss.SO.CH

Latest Posts

Oracle Release Update 19.9 – Lab Update Time (Grid Infrastructure Standalone & RDBMS)

Author: Martin Berger 26. October 2020

The Oracle Release update 19.9 for Linux is available since a few days. Time to upgrade my lab environment at home which consists of the following components:

Oracle Grid Infrastructure Standalone 19.8.0 with ASM Normal Redundancy – +ASM
Oracle 19.8.0 RDBMS as Repository for Oracle Enterprise Manager – EMREPO

The running 19.8 Environment

Output from Trivadis base environment tool TVD-Basenv(TM).

oracle@mohnweg:/u01/app/19.0.0/grid/OPatch/ [em13cr4] u

TYPE (Cluster|DG) : SID/PROCESS       STATUS      HOME      [2020-10-25 19:47:47]
---------------------------------------------------------------------------------
Dummy em13cr3      : em13cr4           n/a         /u01/app/oracle/product/em13cr4
Dummy emagent      : emagent           n/a         /u01/app/oracle/product/agent13c/agent_13.4.0.0.0
Dummy emagent      : emagent_a         n/a         /u01/app/oracle/product/agent13c/agent_inst
Dummy grinf        : grinf19           n/a         /u01/app/19.0.0/grid
Dummy rdbms_ee     : rdbms19           n/a         /u01/app/oracle/product/19.0.0/dbhome_1

ASM-instance       : +ASM              up          /u01/app/19.0.0/grid
DB-instance (N|N)  : EMREPO            open        /u01/app/oracle/product/19.0.0/dbhome_1

Listener           : LISTENER          up          /u01/app/19.0.0/grid

Ohs 12c            :                   up          /u01/app/oracle/product/em13cr4/ohs
Agent              : emagent_a         up          /u01/app/oracle/product/agent13c/agent_inst

WLS admin          : EMGC_ADMINSERVER  up          /u01/app/oracle/product/em13cr4/wlserver
WLS mgmt           : EMGC_OMS1         up          /u01/app/oracle/product/em13cr4/wlserver
WLS node           : 1                 up          /u01/app/oracle/product/gc_inst/user_projects/domains/GCDomain/nodemanager

Oracle Restart
Process            : ocssd             up          /u01/app/19.0.0/grid
Process            : ohasd             up          /u01/app/19.0.0/grid

oracle@mohnweg:/u01/app/19.0.0/grid/OPatch/ [em13cr4] u

TYPE (Cluster|DG) : SID/PROCESS STATUS HOME [2020-10-25 19:47:47]

---------------------------------------------------------------------------------

Dummy em13cr3 : em13cr4 n/a /u01/app/oracle/product/em13cr4

Dummy emagent : emagent n/a /u01/app/oracle/product/agent13c/agent_13.4.0.0.0

Dummy emagent : emagent_a n/a /u01/app/oracle/product/agent13c/agent_inst

Dummy grinf : grinf19 n/a /u01/app/19.0.0/grid

Dummy rdbms_ee : rdbms19 n/a /u01/app/oracle/product/19.0.0/dbhome_1

ASM-instance : +ASM up /u01/app/19.0.0/grid

DB-instance (N|N) : EMREPO open /u01/app/oracle/product/19.0.0/dbhome_1

Listener : LISTENER up /u01/app/19.0.0/grid

Ohs 12c : up /u01/app/oracle/product/em13cr4/ohs

Agent : emagent_a up /u01/app/oracle/product/agent13c/agent_inst

WLS admin : EMGC_ADMINSERVER up /u01/app/oracle/product/em13cr4/wlserver

WLS mgmt : EMGC_OMS1 up /u01/app/oracle/product/em13cr4/wlserver

WLS node : 1 up /u01/app/oracle/product/gc_inst/user_projects/domains/GCDomain/nodemanager

Oracle Restart

Process : ocssd up /u01/app/19.0.0/grid

Process : ohasd up /u01/app/19.0.0/grid

Patch Download, Transfer and Extract

I have downloaded the Combo which contains the RU for Grid Infrastructure and Oracle Java Virtual Machine.

COMBO OF OJVM RU COMPONENT 19.9.0.0.201020 + GI RU 19.9.0.0.201020(Patch 31720429)
- OJVM RELEASE UPDATE 19.9.0.0.0(Patch 31668882)
- GI RELEASE UPDATE 19.9.0.0.0(Patch 31750108)

The local stage directory with the extracted files:

oracle@mohnweg:/u01/app/oracle/stage/31720429/ [rdbms19] ll
total 32
drwxrwxrwx. 4 oracle oinstall    80 Oct 25 19:51 .
drwxr-xr-x. 3 oracle oinstall    63 Oct 25 19:51 ..
drwxr-xr-x. 4 oracle oinstall    67 Oct 25 19:51 31668882
drwxr-x---. 5 oracle oinstall    56 Oct 25 19:51 31750108
-rw-rw-r--. 1 oracle oinstall  4891 Oct 20 11:24 PatchSearch.xml
-rw-r--r--. 1 oracle oinstall 22562 Oct 20 17:55 README.html

oracle@mohnweg:/u01/app/oracle/stage/31720429/ [rdbms19] ll

total 32

drwxrwxrwx. 4 oracle oinstall 80 Oct 25 19:51 .

drwxr-xr-x. 3 oracle oinstall 63 Oct 25 19:51 ..

drwxr-xr-x. 4 oracle oinstall 67 Oct 25 19:51 31668882

drwxr-x---. 5 oracle oinstall 56 Oct 25 19:51 31750108

-rw-rw-r--. 1 oracle oinstall 4891 Oct 20 11:24 PatchSearch.xml

-rw-r--r--. 1 oracle oinstall 22562 Oct 20 17:55 README.html

OPatch

OPatch in Grid Infrastructure home directory has to be version 12.2.0.1.19 or later.

oracle@mohnweg:/u01/app/19.0.0/grid/OPatch/ [+ASM] ./opatch version
OPatch Version: 12.2.0.1.21

OPatch succeeded.

oracle@mohnweg:/u01/app/19.0.0/grid/OPatch/ [+ASM] ./opatch version

OPatch Version: 12.2.0.1.21

OPatch succeeded.

Version Verification

+ASM – Grid Infrastructure Standalone

oracle@mohnweg:~/ [+ASM] asmcmd -V
asmcmd version 19.8.0.0.0

ASMCMD> showversion
ASM version         : 19.8.0.0.0

oracle@mohnweg:~/ [+ASM] asmcmd -V

asmcmd version 19.8.0.0.0

ASMCMD> showversion

ASM version : 19.8.0.0.0

EMREPO – RDBMS

oracle@mohnweg:~/ [EMREPO] sqlplus / as sysdba

SQL*Plus: Release 19.0.0.0.0 - Production on Sun Oct 25 19:44:39 2020
Version 19.8.0.0.0

Copyright (c) 1982, 2020, Oracle.  All rights reserved.

Connected to:
Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production
Version 19.8.0.0.0

SQL> select PATCH_ID,PATCH_TYPE,SOURCE_VERSION,TARGET_VERSION,STATUS from dba_registry_sqlpatch;

  PATCH_ID PATCH_TYPE SOURCE_VERSION  TARGET_VERSION  STATUS
---------- ---------- --------------- --------------- -------------------------
  31219897 INTERIM    19.1.0.0.0      19.1.0.0.0      SUCCESS
  31281355 RU         19.1.0.0.0      19.8.0.0.0      SUCCESS

oracle@mohnweg:~/ [EMREPO] sqlplus / as sysdba

SQL*Plus: Release 19.0.0.0.0 - Production on Sun Oct 25 19:44:39 2020

Version 19.8.0.0.0

Connected to:

Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production

Version 19.8.0.0.0

SQL> select PATCH_ID,PATCH_TYPE,SOURCE_VERSION,TARGET_VERSION,STATUS from dba_registry_sqlpatch;

PATCH_ID PATCH_TYPE SOURCE_VERSION TARGET_VERSION STATUS

---------- ---------- --------------- --------------- -------------------------

31219897 INTERIM 19.1.0.0.0 19.1.0.0.0 SUCCESS

31281355 RU 19.1.0.0.0 19.8.0.0.0 SUCCESS

CheckConflictAgainstOHWithDetail

+ASM – Grid Infrastructure Standalone

$ORACLE_HOME/OPatch/opatch prereq CheckConflictAgainstOHWithDetail -phBaseDir /u01/app/oracle/stage/31720429/31750108/31771877
$ORACLE_HOME/OPatch/opatch prereq CheckConflictAgainstOHWithDetail -phBaseDir /u01/app/oracle/stage/31720429/31750108/31772784
$ORACLE_HOME/OPatch/opatch prereq CheckConflictAgainstOHWithDetail -phBaseDir /u01/app/oracle/stage/31720429/31750108/31773437
$ORACLE_HOME/OPatch/opatch prereq CheckConflictAgainstOHWithDetail -phBaseDir /u01/app/oracle/stage/31720429/31750108
$ORACLE_HOME/OPatch/opatch prereq CheckConflictAgainstOHWithDetail -phBaseDir /u01/app/oracle/stage/31720429/31750108/31780966

$ORACLE_HOME/OPatch/opatch prereq CheckConflictAgainstOHWithDetail -phBaseDir /u01/app/oracle/stage/31720429/31750108/31771877

$ORACLE_HOME/OPatch/opatch prereq CheckConflictAgainstOHWithDetail -phBaseDir /u01/app/oracle/stage/31720429/31750108/31772784

$ORACLE_HOME/OPatch/opatch prereq CheckConflictAgainstOHWithDetail -phBaseDir /u01/app/oracle/stage/31720429/31750108/31773437

$ORACLE_HOME/OPatch/opatch prereq CheckConflictAgainstOHWithDetail -phBaseDir /u01/app/oracle/stage/31720429/31750108

$ORACLE_HOME/OPatch/opatch prereq CheckConflictAgainstOHWithDetail -phBaseDir /u01/app/oracle/stage/31720429/31750108/31780966

EMREPO – RDBMS

$ORACLE_HOME/OPatch/opatch prereq CheckConflictAgainstOHWithDetail -phBaseDir /u01/app/oracle/stage/31720429/31750108/31771877
$ORACLE_HOME/OPatch/opatch prereq CheckConflictAgainstOHWithDetail -phBaseDir /u01/app/oracle/stage/31720429/31750108/31772784

1 2	$ORACLE_HOME/OPatch/opatch prereq CheckConflictAgainstOHWithDetail -phBaseDir /u01/app/oracle/stage/31720429/31750108/31771877 $ORACLE_HOME/OPatch/opatch prereq CheckConflictAgainstOHWithDetail -phBaseDir /u01/app/oracle/stage/31720429/31750108/31772784

Take care, this line here produces an error:

oracle@mohnweg:~/ [+ASM] $ORACLE_HOME/OPatch/opatch prereq CheckConflictAgainstOHWithDetail -phBaseDir /u01/app/oracle/stage/31720429/31750108
Oracle Interim Patch Installer version 12.2.0.1.21
Copyright (c) 2020, Oracle Corporation.  All rights reserved.

PREREQ session

Oracle Home       : /u01/app/19.0.0/grid
Central Inventory : /u01/app/oraInventory
   from           : /u01/app/19.0.0/grid/oraInst.loc
OPatch version    : 12.2.0.1.21
OUI version       : 12.2.0.7.0
Log file location : /u01/app/19.0.0/grid/cfgtoollogs/opatch/opatch2020-10-25_20-00-57PM_1.log

This command doesn't support System Patch.

OPatch failed with error code 21

oracle@mohnweg:~/ [+ASM] $ORACLE_HOME/OPatch/opatch prereq CheckConflictAgainstOHWithDetail -phBaseDir /u01/app/oracle/stage/31720429/31750108

Oracle Interim Patch Installer version 12.2.0.1.21

PREREQ session

Oracle Home : /u01/app/19.0.0/grid

Central Inventory : /u01/app/oraInventory

from : /u01/app/19.0.0/grid/oraInst.loc

OPatch version : 12.2.0.1.21

OUI version : 12.2.0.7.0

Log file location : /u01/app/19.0.0/grid/cfgtoollogs/opatch/opatch2020-10-25_20-00-57PM_1.log

This command doesn't support System Patch.

OPatch failed with error code 21

According My Oracle Support Note opatch CheckSystemSpace Command For Grid Infrastructure RU Fails With: “This command doesn’t support System Patch” (Doc ID 2634165.1), this error can be ignored and the line removed in future patch apply actions.

CheckSystemSpace

To check for space, we create there two files which contain the patch directories. The checks have to be successful.

+ASM – Grid Infrastructure Standalone

$ cat /tmp/patch_list_gihome.txt

/u01/app/oracle/stage/31720429/31750108/31771877
/u01/app/oracle/stage/31720429/31750108/31772784
/u01/app/oracle/stage/31720429/31750108/31773437
/u01/app/oracle/stage/31720429/31750108/31780966

$ cat /tmp/patch_list_gihome.txt

/u01/app/oracle/stage/31720429/31750108/31771877

/u01/app/oracle/stage/31720429/31750108/31772784

/u01/app/oracle/stage/31720429/31750108/31773437

/u01/app/oracle/stage/31720429/31750108/31780966

$ORACLE_HOME/OPatch/opatch prereq CheckSystemSpace -phBaseFile /tmp/patch_list_gihome.txt

1	$ORACLE_HOME/OPatch/opatch prereq CheckSystemSpace -phBaseFile /tmp/patch_list_gihome.txt

EMREPO – RDBMS

$ cat /tmp/patch_list_dbhome.txt
/u01/app/oracle/stage/31720429/31750108/31771877
/u01/app/oracle/stage/31720429/31750108/31772784

$ cat /tmp/patch_list_dbhome.txt

/u01/app/oracle/stage/31720429/31750108/31771877

/u01/app/oracle/stage/31720429/31750108/31772784

$ORACLE_HOME/OPatch/opatch prereq CheckSystemSpace -phBaseFile /tmp/patch_list_dbhome.txt

1	$ORACLE_HOME/OPatch/opatch prereq CheckSystemSpace -phBaseFile /tmp/patch_list_dbhome.txt

Release Update Apply

As first action I stop the OEM. The I run opatchauto as user root. Grid Infrastructure and RBDMS components are stopped, started and patch automatically one by one. Here is the full output of the patch apply where you can see the executed steps. In my lab environment, it took about 20 minutes.

[root@mohnweg ~]# /u01/app/19.0.0/grid/OPatch/opatchauto apply /u01/app/oracle/stage/31720429/31750108

OPatchauto session is initiated at Sun Oct 25 20:21:31 2020

System initialization log file is /u01/app/19.0.0/grid/cfgtoollogs/opatchautodb/systemconfig2020-10-25_08-21-34PM.log.

Session log file is /u01/app/19.0.0/grid/cfgtoollogs/opatchauto/opatchauto2020-10-25_08-21-39PM.log
The id for this session is TERC

Executing OPatch prereq operations to verify patch applicability on home /u01/app/oracle/product/19.0.0/dbhome_1
Patch applicability verified successfully on home /u01/app/oracle/product/19.0.0/dbhome_1

Verifying SQL patch applicability on home /u01/app/oracle/product/19.0.0/dbhome_1
SQL patch applicability verified successfully on home /u01/app/oracle/product/19.0.0/dbhome_1

Executing OPatch prereq operations to verify patch applicability on home /u01/app/19.0.0/grid
Patch applicability verified successfully on home /u01/app/19.0.0/grid

Preparing to bring down database service on home /u01/app/oracle/product/19.0.0/dbhome_1
Successfully prepared home /u01/app/oracle/product/19.0.0/dbhome_1 to bring down database service

Bringing down database service on home /u01/app/oracle/product/19.0.0/dbhome_1
Following database has been stopped and will be restarted later during the session: emrepo
Database service successfully brought down on home /u01/app/oracle/product/19.0.0/dbhome_1

Bringing down CRS service on home /u01/app/19.0.0/grid
Prepatch operation log file location: /u01/app/oracle/crsdata/mohnweg/crsconfig/hapatch_2020-10-25_08-24-02PM.log
CRS service brought down successfully on home /u01/app/19.0.0/grid

Start applying binary patch on home /u01/app/oracle/product/19.0.0/dbhome_1
Binary patch applied successfully on home /u01/app/oracle/product/19.0.0/dbhome_1

Start applying binary patch on home /u01/app/19.0.0/grid

Binary patch applied successfully on home /u01/app/19.0.0/grid

Starting CRS service on home /u01/app/19.0.0/grid
Postpatch operation log file location: /u01/app/oracle/crsdata/mohnweg/crsconfig/hapatch_2020-10-25_08-37-45PM.log
CRS service started successfully on home /u01/app/19.0.0/grid

Starting database service on home /u01/app/oracle/product/19.0.0/dbhome_1
Database service successfully started on home /u01/app/oracle/product/19.0.0/dbhome_1

Preparing home /u01/app/oracle/product/19.0.0/dbhome_1 after database service restarted
No step execution required.........

Trying to apply SQL patch on home /u01/app/oracle/product/19.0.0/dbhome_1
SQL patch applied successfully on home /u01/app/oracle/product/19.0.0/dbhome_1

OPatchAuto successful.

--------------------------------Summary--------------------------------

Patching is completed successfully. Please find the summary as follows:

Host:mohnweg
SIDB Home:/u01/app/oracle/product/19.0.0/dbhome_1
Version:19.0.0.0.0
Summary:

==Following patches were SKIPPED:

Patch: /u01/app/oracle/stage/31720429/31750108/31773437
Reason: This patch is not applicable to this specified target type - "oracle_database"

Patch: /u01/app/oracle/stage/31720429/31750108/31780966
Reason: This patch is not applicable to this specified target type - "oracle_database"


==Following patches were SUCCESSFULLY applied:

Patch: /u01/app/oracle/stage/31720429/31750108/31771877
Log: /u01/app/oracle/product/19.0.0/dbhome_1/cfgtoollogs/opatchauto/core/opatch/opatch2020-10-25_20-24-30PM_1.log

Patch: /u01/app/oracle/stage/31720429/31750108/31772784
Log: /u01/app/oracle/product/19.0.0/dbhome_1/cfgtoollogs/opatchauto/core/opatch/opatch2020-10-25_20-24-30PM_1.log


Host:mohnweg
SIHA Home:/u01/app/19.0.0/grid
Version:19.0.0.0.0
Summary:

==Following patches were SUCCESSFULLY applied:

Patch: /u01/app/oracle/stage/31720429/31750108/31771877
Log: /u01/app/19.0.0/grid/cfgtoollogs/opatchauto/core/opatch/opatch2020-10-25_20-29-10PM_1.log

Patch: /u01/app/oracle/stage/31720429/31750108/31772784
Log: /u01/app/19.0.0/grid/cfgtoollogs/opatchauto/core/opatch/opatch2020-10-25_20-29-10PM_1.log

Patch: /u01/app/oracle/stage/31720429/31750108/31773437
Log: /u01/app/19.0.0/grid/cfgtoollogs/opatchauto/core/opatch/opatch2020-10-25_20-29-10PM_1.log

Patch: /u01/app/oracle/stage/31720429/31750108/31780966
Log: /u01/app/19.0.0/grid/cfgtoollogs/opatchauto/core/opatch/opatch2020-10-25_20-29-10PM_1.log

OPatchauto session completed at Sun Oct 25 20:41:38 2020
Time taken to complete the session 20 minutes, 7 seconds
[root@mohnweg ~]#

100

[root@mohnweg ~]# /u01/app/19.0.0/grid/OPatch/opatchauto apply /u01/app/oracle/stage/31720429/31750108

OPatchauto session is initiated at Sun Oct 25 20:21:31 2020

System initialization log file is /u01/app/19.0.0/grid/cfgtoollogs/opatchautodb/systemconfig2020-10-25_08-21-34PM.log.

Session log file is /u01/app/19.0.0/grid/cfgtoollogs/opatchauto/opatchauto2020-10-25_08-21-39PM.log

The id for this session is TERC

Executing OPatch prereq operations to verify patch applicability on home /u01/app/oracle/product/19.0.0/dbhome_1

Patch applicability verified successfully on home /u01/app/oracle/product/19.0.0/dbhome_1

Verifying SQL patch applicability on home /u01/app/oracle/product/19.0.0/dbhome_1

SQL patch applicability verified successfully on home /u01/app/oracle/product/19.0.0/dbhome_1

Executing OPatch prereq operations to verify patch applicability on home /u01/app/19.0.0/grid

Patch applicability verified successfully on home /u01/app/19.0.0/grid

Preparing to bring down database service on home /u01/app/oracle/product/19.0.0/dbhome_1

Successfully prepared home /u01/app/oracle/product/19.0.0/dbhome_1 to bring down database service

Bringing down database service on home /u01/app/oracle/product/19.0.0/dbhome_1

Following database has been stopped and will be restarted later during the session: emrepo

Database service successfully brought down on home /u01/app/oracle/product/19.0.0/dbhome_1

Bringing down CRS service on home /u01/app/19.0.0/grid

Prepatch operation log file location: /u01/app/oracle/crsdata/mohnweg/crsconfig/hapatch_2020-10-25_08-24-02PM.log

CRS service brought down successfully on home /u01/app/19.0.0/grid

Start applying binary patch on home /u01/app/oracle/product/19.0.0/dbhome_1

Binary patch applied successfully on home /u01/app/oracle/product/19.0.0/dbhome_1

Start applying binary patch on home /u01/app/19.0.0/grid

Binary patch applied successfully on home /u01/app/19.0.0/grid

Starting CRS service on home /u01/app/19.0.0/grid

Postpatch operation log file location: /u01/app/oracle/crsdata/mohnweg/crsconfig/hapatch_2020-10-25_08-37-45PM.log

CRS service started successfully on home /u01/app/19.0.0/grid

Starting database service on home /u01/app/oracle/product/19.0.0/dbhome_1

Database service successfully started on home /u01/app/oracle/product/19.0.0/dbhome_1

Preparing home /u01/app/oracle/product/19.0.0/dbhome_1 after database service restarted

No step execution required.........

Trying to apply SQL patch on home /u01/app/oracle/product/19.0.0/dbhome_1

SQL patch applied successfully on home /u01/app/oracle/product/19.0.0/dbhome_1

OPatchAuto successful.

--------------------------------Summary--------------------------------

Patching is completed successfully. Please find the summary as follows:

Host:mohnweg

SIDB Home:/u01/app/oracle/product/19.0.0/dbhome_1

Version:19.0.0.0.0

Summary:

==Following patches were SKIPPED:

Patch: /u01/app/oracle/stage/31720429/31750108/31773437

Reason: This patch is not applicable to this specified target type - "oracle_database"

Patch: /u01/app/oracle/stage/31720429/31750108/31780966

Reason: This patch is not applicable to this specified target type - "oracle_database"

==Following patches were SUCCESSFULLY applied:

Patch: /u01/app/oracle/stage/31720429/31750108/31771877

Log: /u01/app/oracle/product/19.0.0/dbhome_1/cfgtoollogs/opatchauto/core/opatch/opatch2020-10-25_20-24-30PM_1.log

Patch: /u01/app/oracle/stage/31720429/31750108/31772784

Log: /u01/app/oracle/product/19.0.0/dbhome_1/cfgtoollogs/opatchauto/core/opatch/opatch2020-10-25_20-24-30PM_1.log

Host:mohnweg

SIHA Home:/u01/app/19.0.0/grid

Version:19.0.0.0.0

Summary:

==Following patches were SUCCESSFULLY applied:

Patch: /u01/app/oracle/stage/31720429/31750108/31771877

Log: /u01/app/19.0.0/grid/cfgtoollogs/opatchauto/core/opatch/opatch2020-10-25_20-29-10PM_1.log

Patch: /u01/app/oracle/stage/31720429/31750108/31772784

Log: /u01/app/19.0.0/grid/cfgtoollogs/opatchauto/core/opatch/opatch2020-10-25_20-29-10PM_1.log

Patch: /u01/app/oracle/stage/31720429/31750108/31773437

Log: /u01/app/19.0.0/grid/cfgtoollogs/opatchauto/core/opatch/opatch2020-10-25_20-29-10PM_1.log

Patch: /u01/app/oracle/stage/31720429/31750108/31780966

Log: /u01/app/19.0.0/grid/cfgtoollogs/opatchauto/core/opatch/opatch2020-10-25_20-29-10PM_1.log

OPatchauto session completed at Sun Oct 25 20:41:38 2020

Time taken to complete the session 20 minutes, 7 seconds

[root@mohnweg ~]#

Version Verification

+ASM – Grid Infrastructure Standalone

oracle@mohnweg:~/ [+ASM] asmcmd -V
asmcmd version 19.9.0.0.0

ASMCMD> showversion
ASM version         : 19.9.0.0.0

oracle@mohnweg:~/ [+ASM] asmcmd -V

asmcmd version 19.9.0.0.0

ASMCMD> showversion

ASM version : 19.9.0.0.0

EMREPO – RDBMS

oracle@mohnweg:~/ [EMREPO] sqlplus / as sysdba

SQL*Plus: Release 19.0.0.0.0 - Production on Sun Oct 25 19:44:39 2020
Version 19.8.0.0.0

Copyright (c) 1982, 2020, Oracle.  All rights reserved.

Connected to:
Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production
Version 19.8.0.0.0

SQL> select PATCH_ID,PATCH_TYPE,SOURCE_VERSION,TARGET_VERSION,STATUS from dba_registry_sqlpatch;

  PATCH_ID PATCH_TYPE SOURCE_VERSION  TARGET_VERSION  STATUS
---------- ---------- --------------- --------------- -------------------------
  31219897 INTERIM    19.1.0.0.0      19.1.0.0.0      SUCCESS
  31281355 RU         19.1.0.0.0      19.8.0.0.0      SUCCESS
  31771877 RU         19.8.0.0.0      19.9.0.0.0      SUCCESS

oracle@mohnweg:~/ [EMREPO] sqlplus / as sysdba

SQL*Plus: Release 19.0.0.0.0 - Production on Sun Oct 25 19:44:39 2020

Version 19.8.0.0.0

Connected to:

Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production

Version 19.8.0.0.0

SQL> select PATCH_ID,PATCH_TYPE,SOURCE_VERSION,TARGET_VERSION,STATUS from dba_registry_sqlpatch;

PATCH_ID PATCH_TYPE SOURCE_VERSION TARGET_VERSION STATUS

---------- ---------- --------------- --------------- -------------------------

31219897 INTERIM 19.1.0.0.0 19.1.0.0.0 SUCCESS

31281355 RU 19.1.0.0.0 19.8.0.0.0 SUCCESS

31771877 RU 19.8.0.0.0 19.9.0.0.0 SUCCESS

As you can see, the components were updated successfully. Time to start Oracle Enterprise Manager 13c Release 4 Update.

OJVM Apply

At the end, the OJVM patch has to applied. Set ORACLE_SID and ORACLE_HOME according the RDBMS environment.

Stop the RDBMS with srvctl

oracle@mohnweg:~/ [EMREPO] srvctl stop database -db emrepo

1	oracle@mohnweg:~/ [EMREPO] srvctl stop database -db emrepo

Change to OJVM Patch Directory

oracle@mohnweg:~/ [EMREPO] cd /u01/app/oracle/stage/31720429/31668882/

1	oracle@mohnweg:~/ [EMREPO] cd /u01/app/oracle/stage/31720429/31668882/

Apply the OJVM Patch

oracle@mohnweg:/u01/app/oracle/stage/31720429/31668882/ [EMREPO] $ORACLE_HOME/OPatch/opatch apply
Oracle Interim Patch Installer version 12.2.0.1.21
Copyright (c) 2020, Oracle Corporation.  All rights reserved.


Oracle Home       : /u01/app/oracle/product/19.0.0/dbhome_1
Central Inventory : /u01/app/oraInventory
   from           : /u01/app/oracle/product/19.0.0/dbhome_1/oraInst.loc
OPatch version    : 12.2.0.1.21
OUI version       : 12.2.0.7.0
Log file location : /u01/app/oracle/product/19.0.0/dbhome_1/cfgtoollogs/opatch/opatch2020-10-26_12-48-13PM_1.log

Verifying environment and performing prerequisite checks...
OPatch continues with these patches:   31668882

Do you want to proceed? [y|n]
y
User Responded with: Y
All checks passed.

Please shutdown Oracle instances running out of this ORACLE_HOME on the local system.
(Oracle Home = '/u01/app/oracle/product/19.0.0/dbhome_1')


Is the local system ready for patching? [y|n]
y
User Responded with: Y
Backing up files...
Applying interim patch '31668882' to OH '/u01/app/oracle/product/19.0.0/dbhome_1'

Patching component oracle.javavm.server, 19.0.0.0.0...

Patching component oracle.javavm.client, 19.0.0.0.0...

Patching component oracle.javavm.server.core, 19.0.0.0.0...

Patching component oracle.rdbms.dbscripts, 19.0.0.0.0...

Patching component oracle.rdbms, 19.0.0.0.0...
Patch 31668882 successfully applied.
Sub-set patch [31219897] has become inactive due to the application of a super-set patch [31668882].
Please refer to Doc ID 2161861.1 for any possible further required actions.
Log file location: /u01/app/oracle/product/19.0.0/dbhome_1/cfgtoollogs/opatch/opatch2020-10-26_12-48-13PM_1.log

OPatch succeeded.

oracle@mohnweg:/u01/app/oracle/stage/31720429/31668882/ [EMREPO] $ORACLE_HOME/OPatch/opatch apply

Oracle Interim Patch Installer version 12.2.0.1.21

Oracle Home : /u01/app/oracle/product/19.0.0/dbhome_1

Central Inventory : /u01/app/oraInventory

from : /u01/app/oracle/product/19.0.0/dbhome_1/oraInst.loc

OPatch version : 12.2.0.1.21

OUI version : 12.2.0.7.0

Log file location : /u01/app/oracle/product/19.0.0/dbhome_1/cfgtoollogs/opatch/opatch2020-10-26_12-48-13PM_1.log

Verifying environment and performing prerequisite checks...

OPatch continues with these patches: 31668882

Do you want to proceed? [y|n]

User Responded with: Y

All checks passed.

Please shutdown Oracle instances running out of this ORACLE_HOME on the local system.

(Oracle Home = '/u01/app/oracle/product/19.0.0/dbhome_1')

Is the local system ready for patching? [y|n]

User Responded with: Y

Backing up files...

Applying interim patch '31668882' to OH '/u01/app/oracle/product/19.0.0/dbhome_1'

Patching component oracle.javavm.server, 19.0.0.0.0...

Patching component oracle.javavm.client, 19.0.0.0.0...

Patching component oracle.javavm.server.core, 19.0.0.0.0...

Patching component oracle.rdbms.dbscripts, 19.0.0.0.0...

Patching component oracle.rdbms, 19.0.0.0.0...

Patch 31668882 successfully applied.

Sub-set patch [31219897] has become inactive due to the application of a super-set patch [31668882].

Please refer to Doc ID 2161861.1 for any possible further required actions.

Log file location: /u01/app/oracle/product/19.0.0/dbhome_1/cfgtoollogs/opatch/opatch2020-10-26_12-48-13PM_1.log

OPatch succeeded.

Startup Upgrade – Container Database and Pluggable Database – in SQL*Plus

oracle@mohnweg:~/ [EMREPO] sqlplus / as sysdba

SQL*Plus: Release 19.0.0.0.0 - Production on Mon Oct 26 12:51:48 2020
Version 19.9.0.0.0

Copyright (c) 1982, 2020, Oracle.  All rights reserved.

Connected to an idle instance.

SQL> startup upgrade
ORACLE instance started.

Total System Global Area 5049940880 bytes
Fixed Size                  9145232 bytes
Variable Size            2248146944 bytes
Database Buffers         2785017856 bytes
Redo Buffers                7630848 bytes
Database mounted.
Database opened.
SQL> alter pluggable database all open upgrade;

Pluggable database altered.

oracle@mohnweg:~/ [EMREPO] sqlplus / as sysdba

SQL*Plus: Release 19.0.0.0.0 - Production on Mon Oct 26 12:51:48 2020

Version 19.9.0.0.0

Connected to an idle instance.

SQL> startup upgrade

ORACLE instance started.

Total System Global Area 5049940880 bytes

Fixed Size 9145232 bytes

Variable Size 2248146944 bytes

Database Buffers 2785017856 bytes

Redo Buffers 7630848 bytes

Database mounted.

Database opened.

SQL> alter pluggable database all open upgrade;

Pluggable database altered.

Run datapatch

oracle@mohnweg:~/ [EMREPO] $ORACLE_HOME/OPatch/datapatch -verbose
SQL Patching tool version 19.9.0.0.0 Production on Mon Oct 26 12:53:30 2020
Copyright (c) 2012, 2020, Oracle.  All rights reserved.

Log file for this invocation: /u01/app/oracle/cfgtoollogs/sqlpatch/sqlpatch_2268_2020_10_26_12_53_30/sqlpatch_invocation.log

Connecting to database...OK
Gathering database info...done

Note:  Datapatch will only apply or rollback SQL fixes for PDBs
       that are in an open state, no patches will be applied to closed PDBs.
       Please refer to Note: Datapatch: Database 12c Post Patch SQL Automation
       (Doc ID 1585822.1)

Bootstrapping registry and package to current versions...done
Determining current state...done

Current state of interim SQL patches:
Interim patch 31219897 (OJVM RELEASE UPDATE: 19.8.0.0.200714 (31219897)):
  Binary registry: Not installed
  PDB CDB$ROOT: Applied successfully on 13-SEP-20 12.47.47.620859 PM
  PDB PDB$SEED: Applied successfully on 13-SEP-20 12.47.50.075046 PM
  PDB PDBEMREPO01: Applied successfully on 13-SEP-20 12.47.50.075046 PM
Interim patch 31668882 (OJVM RELEASE UPDATE: 19.9.0.0.201020 (31668882)):
  Binary registry: Installed
  PDB CDB$ROOT: Not installed
  PDB PDB$SEED: Not installed
  PDB PDBEMREPO01: Not installed

Current state of release update SQL patches:
  Binary registry:
    19.9.0.0.0 Release_Update 200930183249: Installed
  PDB CDB$ROOT:
    Applied 19.9.0.0.0 Release_Update 200930183249 successfully on 25-OCT-20 08.41.35.152797 PM
  PDB PDB$SEED:
    Applied 19.9.0.0.0 Release_Update 200930183249 successfully on 25-OCT-20 08.41.35.369001 PM
  PDB PDBEMREPO01:
    Applied 19.9.0.0.0 Release_Update 200930183249 successfully on 25-OCT-20 08.41.35.578682 PM

Adding patches to installation queue and performing prereq checks...done
Installation queue:
  For the following PDBs: CDB$ROOT PDB$SEED PDBEMREPO01
    The following interim patches will be rolled back:
      31219897 (OJVM RELEASE UPDATE: 19.8.0.0.200714 (31219897))
    No release update patches need to be installed
    The following interim patches will be applied:
      31668882 (OJVM RELEASE UPDATE: 19.9.0.0.201020 (31668882))

Installing patches...
Patch installation complete.  Total patches installed: 6

Validating logfiles...done
Patch 31219897 rollback (pdb CDB$ROOT): SUCCESS
  logfile: /u01/app/oracle/cfgtoollogs/sqlpatch/31219897/23619699/31219897_rollback_EMREPO_CDBROOT_2020Oct26_12_54_11.log (no errors)
Patch 31668882 apply (pdb CDB$ROOT): SUCCESS
  logfile: /u01/app/oracle/cfgtoollogs/sqlpatch/31668882/23790068/31668882_apply_EMREPO_CDBROOT_2020Oct26_12_54_11.log (no errors)
Patch 31219897 rollback (pdb PDB$SEED): SUCCESS
  logfile: /u01/app/oracle/cfgtoollogs/sqlpatch/31219897/23619699/31219897_rollback_EMREPO_PDBSEED_2020Oct26_12_54_13.log (no errors)
Patch 31668882 apply (pdb PDB$SEED): SUCCESS
  logfile: /u01/app/oracle/cfgtoollogs/sqlpatch/31668882/23790068/31668882_apply_EMREPO_PDBSEED_2020Oct26_12_54_13.log (no errors)
Patch 31219897 rollback (pdb PDBEMREPO01): SUCCESS
  logfile: /u01/app/oracle/cfgtoollogs/sqlpatch/31219897/23619699/31219897_rollback_EMREPO_PDBEMREPO01_2020Oct26_12_54_13.log (no errors)
Patch 31668882 apply (pdb PDBEMREPO01): SUCCESS
  logfile: /u01/app/oracle/cfgtoollogs/sqlpatch/31668882/23790068/31668882_apply_EMREPO_PDBEMREPO01_2020Oct26_12_54_13.log (no errors)
SQL Patching tool complete on Mon Oct 26 12:54:16 2020

oracle@mohnweg:~/ [EMREPO] $ORACLE_HOME/OPatch/datapatch -verbose

SQL Patching tool version 19.9.0.0.0 Production on Mon Oct 26 12:53:30 2020

Log file for this invocation: /u01/app/oracle/cfgtoollogs/sqlpatch/sqlpatch_2268_2020_10_26_12_53_30/sqlpatch_invocation.log

Connecting to database...OK

Gathering database info...done

Note: Datapatch will only apply or rollback SQL fixes for PDBs

that are in an open state, no patches will be applied to closed PDBs.

Please refer to Note: Datapatch: Database 12c Post Patch SQL Automation

(Doc ID 1585822.1)

Bootstrapping registry and package to current versions...done

Determining current state...done

Current state of interim SQL patches:

Interim patch 31219897 (OJVM RELEASE UPDATE: 19.8.0.0.200714 (31219897)):

Binary registry: Not installed

PDB CDB$ROOT: Applied successfully on 13-SEP-20 12.47.47.620859 PM

PDB PDB$SEED: Applied successfully on 13-SEP-20 12.47.50.075046 PM

PDB PDBEMREPO01: Applied successfully on 13-SEP-20 12.47.50.075046 PM

Interim patch 31668882 (OJVM RELEASE UPDATE: 19.9.0.0.201020 (31668882)):

Binary registry: Installed

PDB CDB$ROOT: Not installed

PDB PDB$SEED: Not installed

PDB PDBEMREPO01: Not installed

Current state of release update SQL patches:

Binary registry:

19.9.0.0.0 Release_Update 200930183249: Installed

PDB CDB$ROOT:

Applied 19.9.0.0.0 Release_Update 200930183249 successfully on 25-OCT-20 08.41.35.152797 PM

PDB PDB$SEED:

Applied 19.9.0.0.0 Release_Update 200930183249 successfully on 25-OCT-20 08.41.35.369001 PM

PDB PDBEMREPO01:

Applied 19.9.0.0.0 Release_Update 200930183249 successfully on 25-OCT-20 08.41.35.578682 PM

Adding patches to installation queue and performing prereq checks...done

Installation queue:

For the following PDBs: CDB$ROOT PDB$SEED PDBEMREPO01

The following interim patches will be rolled back:

31219897 (OJVM RELEASE UPDATE: 19.8.0.0.200714 (31219897))

No release update patches need to be installed

The following interim patches will be applied:

31668882 (OJVM RELEASE UPDATE: 19.9.0.0.201020 (31668882))

Installing patches...

Patch installation complete. Total patches installed: 6

Validating logfiles...done

Patch 31219897 rollback (pdb CDB$ROOT): SUCCESS

logfile: /u01/app/oracle/cfgtoollogs/sqlpatch/31219897/23619699/31219897_rollback_EMREPO_CDBROOT_2020Oct26_12_54_11.log (no errors)

Patch 31668882 apply (pdb CDB$ROOT): SUCCESS

logfile: /u01/app/oracle/cfgtoollogs/sqlpatch/31668882/23790068/31668882_apply_EMREPO_CDBROOT_2020Oct26_12_54_11.log (no errors)

Patch 31219897 rollback (pdb PDB$SEED): SUCCESS

logfile: /u01/app/oracle/cfgtoollogs/sqlpatch/31219897/23619699/31219897_rollback_EMREPO_PDBSEED_2020Oct26_12_54_13.log (no errors)

Patch 31668882 apply (pdb PDB$SEED): SUCCESS

logfile: /u01/app/oracle/cfgtoollogs/sqlpatch/31668882/23790068/31668882_apply_EMREPO_PDBSEED_2020Oct26_12_54_13.log (no errors)

Patch 31219897 rollback (pdb PDBEMREPO01): SUCCESS

logfile: /u01/app/oracle/cfgtoollogs/sqlpatch/31219897/23619699/31219897_rollback_EMREPO_PDBEMREPO01_2020Oct26_12_54_13.log (no errors)

Patch 31668882 apply (pdb PDBEMREPO01): SUCCESS

logfile: /u01/app/oracle/cfgtoollogs/sqlpatch/31668882/23790068/31668882_apply_EMREPO_PDBEMREPO01_2020Oct26_12_54_13.log (no errors)

SQL Patching tool complete on Mon Oct 26 12:54:16 2020

Shutdown Database in SQL*Plus

SQL> shutdown immediate

1	SQL> shutdown immediate

Start the RDBMS with srvctl

oracle@mohnweg:~/ [EMREPO] srvctl start database -db emrepo

1	oracle@mohnweg:~/ [EMREPO] srvctl start database -db emrepo

Version Verification

EMREPO – RDBMS

oracle@mohnweg:~/ [EMREPO] sqlplus / as sysdba

SQL*Plus: Release 19.0.0.0.0 - Production on Sun Oct 25 19:44:39 2020
Version 19.8.0.0.0

Copyright (c) 1982, 2020, Oracle.  All rights reserved.

Connected to:
Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production
Version 19.8.0.0.0

SQL> select PATCH_ID,PATCH_TYPE,SOURCE_VERSION,TARGET_VERSION,STATUS,ACTION from dba_registry_sqlpatch;

  PATCH_ID PATCH_TYPE SOURCE_VERSION  TARGET_VERSION  STATUS                    ACTION
---------- ---------- --------------- --------------- ------------------------- ---------------
  31219897 INTERIM    19.1.0.0.0      19.1.0.0.0      SUCCESS                   APPLY
  31281355 RU         19.1.0.0.0      19.8.0.0.0      SUCCESS                   APPLY
  31771877 RU         19.8.0.0.0      19.9.0.0.0      SUCCESS                   APPLY
  31219897 INTERIM    19.9.0.0.0      19.9.0.0.0      SUCCESS                   ROLLBACK
  31668882 INTERIM    19.9.0.0.0      19.9.0.0.0      SUCCESS                   APPLY

oracle@mohnweg:~/ [EMREPO] sqlplus / as sysdba

SQL*Plus: Release 19.0.0.0.0 - Production on Sun Oct 25 19:44:39 2020

Version 19.8.0.0.0

Connected to:

Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production

Version 19.8.0.0.0

SQL> select PATCH_ID,PATCH_TYPE,SOURCE_VERSION,TARGET_VERSION,STATUS,ACTION from dba_registry_sqlpatch;

PATCH_ID PATCH_TYPE SOURCE_VERSION TARGET_VERSION STATUS ACTION

---------- ---------- --------------- --------------- ------------------------- ---------------

31219897 INTERIM 19.1.0.0.0 19.1.0.0.0 SUCCESS APPLY

31281355 RU 19.1.0.0.0 19.8.0.0.0 SUCCESS APPLY

31771877 RU 19.8.0.0.0 19.9.0.0.0 SUCCESS APPLY

31219897 INTERIM 19.9.0.0.0 19.9.0.0.0 SUCCESS ROLLBACK

31668882 INTERIM 19.9.0.0.0 19.9.0.0.0 SUCCESS APPLY

Summary

There were no issues. Ok, it’s just a GI Standalone environment. But this was really a pleasure.

19c, Oracle ACE, Oracle Linux, Oracle RDBMS, Oracle Tools, Release Update, TrivadisContent

The Grafana Plugins for Oracle Cloud Infrastructure Monitoring are back!

Author: Martin Berger 7. October 2020

In September 2019 I wrote a blog post how to monitor an Oracle Cloud Infrastructure Autonomous database with Grafana plugin oci-datasource. But some weeks after publication, the plugin was not available on the Grafana page anymore. And only Oracle and Grafana had a clue why.

Now everything will be fine now. Since the 6th of October, there are two new Grafana plugins available for download. They both don’t require a Grafana enterprise account.

The first one is a successor of the former oci-datasource plugin, the second allows to get logs from OCI resources like Compute or Storage. As an infrastructure guy, let’s install the Oracle Cloud Infrastructure Metrics on an local Oracle Enterprise Linux 8 installation!

Install and configure the OCI CLI

Link: https://docs.cloud.oracle.com/en-us/iaas/Content/API/SDKDocs/cliinstall.htm

OS User oci and Installer

As OS user root, create a new user mentioned oci, change to new created user oci.

# groupadd oci
# useradd oci -g oci
# su - oci

# groupadd oci

# useradd oci -g oci

# su - oci

Run the installer script.

$ bash -c "$(curl -L https://raw.githubusercontent.com/oracle/oci-cli/master/scripts/install/install.sh)"

1	$ bash -c "$(curl -L https://raw.githubusercontent.com/oracle/oci-cli/master/scripts/install/install.sh)"

In this demo case, I use the default settings and the tab completion. After some seconds, all packages are installed and the OCI CLI is ready to configure.

-- Installation successful.
-- Run the CLI with /home/oci/bin/oci --help

1 2	-- Installation successful. -- Run the CLI with /home/oci/bin/oci --help

Configure the OCI CLI

If you have already a created SSH key pair from a former OCI action, then you can use it here. Otherwise this setup process creates a new private and public key for you. Take care, the public key has to be in the PEM format!

Required values to finish the setup:

config location	/home/oci/.oci/config
user OCID	OCI > Identity > Users > [YOUR_USER] > OCID
tenancy OCID	OCI > Administration > Tenancy Details > [YOUR_TENANCY] > OCID
region	choose your region, e.g. eu-zurich-1
generate a new API signing RSA key pair	Y -> only if you don’t have already an existing key pair
key directory	/home/oci/.oci
key name	oci_api_key_07102020

Run the setup.

$ /home/oci/bin/oci setup config

1	$ /home/oci/bin/oci setup config

OCI Console API Key

The content of the created public key has to be added in OCI Console as API key – just copy and paste it. OCI Console >> Identity >> Users >> User Details >> API Keys >> Add Public Key.

How to: https://docs.cloud.oracle.com/Content/API/Concepts/apisigningkey.htm#How2

OCI CLI Configuration Test

Verify the configuration by execute a CLI command. Example to list images based on Oracle Linux.

$ export var_compartment_id= [YOUR_COMPARTMENT_OCID]
$ oci compute image list --compartment-id $var_compartment_id --query "data[?\"operating-system\"=='Oracle Linux']".{"name:\"display-name\",os:\"operating-system\""} --output table

+----------------------------------------+--------------+
| name | os |
+----------------------------------------+--------------+
| Oracle-Linux-8.2-2020.09.23-0          | Oracle Linux |
| Oracle-Linux-8.2-2020.08.27-0          | Oracle Linux |
| Oracle-Linux-8.2-2020.07.28-0          | Oracle Linux |
| Oracle-Linux-7.8-Gen2-GPU-2020.09.23-0 | Oracle Linux |
| Oracle-Linux-7.8-Gen2-GPU-2020.08.27-0 | Oracle Linux |
| Oracle-Linux-7.8-Gen2-GPU-2020.07.28-0 | Oracle Linux |
| Oracle-Linux-7.8-2020.09.23-0          | Oracle Linux |
| Oracle-Linux-7.8-2020.08.26-0          | Oracle Linux |
| Oracle-Linux-7.8-2020.07.28-0          | Oracle Linux |
| Oracle-Linux-7.8-2020.05.26-0          | Oracle Linux |
| Oracle-Linux-6.10-2020.09.22-0         | Oracle Linux |
| Oracle-Linux-6.10-2020.09.03-0         | Oracle Linux |
| Oracle-Linux-6.10-2020.07.28-0         | Oracle Linux |
+----------------------------------------+--------------+

$ export var_compartment_id= [YOUR_COMPARTMENT_OCID]

$ oci compute image list --compartment-id $var_compartment_id --query "data[?\"operating-system\"=='Oracle Linux']".{"name:\"display-name\",os:\"operating-system\""} --output table

+----------------------------------------+--------------+

| name | os |

+----------------------------------------+--------------+

| Oracle-Linux-8.2-2020.09.23-0 | Oracle Linux |

| Oracle-Linux-8.2-2020.08.27-0 | Oracle Linux |

| Oracle-Linux-8.2-2020.07.28-0 | Oracle Linux |

| Oracle-Linux-7.8-Gen2-GPU-2020.09.23-0 | Oracle Linux |

| Oracle-Linux-7.8-Gen2-GPU-2020.08.27-0 | Oracle Linux |

| Oracle-Linux-7.8-Gen2-GPU-2020.07.28-0 | Oracle Linux |

| Oracle-Linux-7.8-2020.09.23-0 | Oracle Linux |

| Oracle-Linux-7.8-2020.08.26-0 | Oracle Linux |

| Oracle-Linux-7.8-2020.07.28-0 | Oracle Linux |

| Oracle-Linux-7.8-2020.05.26-0 | Oracle Linux |

| Oracle-Linux-6.10-2020.09.22-0 | Oracle Linux |

| Oracle-Linux-6.10-2020.09.03-0 | Oracle Linux |

| Oracle-Linux-6.10-2020.07.28-0 | Oracle Linux |

+----------------------------------------+--------------+

OCI Console Group Policy

If your user is not part of the Administrator group, a new group and a group policy is needed which has the permissions to read tenant metrics. OCI Console >> Identity >> Groups >> Create Group.

Create the policy in the root compartment of your tenant. OCI Console >> Identity >> Policy>> Create Policy.

Install and configure Grafana and the Oracle Cloud Infrastructure Metrics Data Source Plugin

Grafana

Link: https://docs.cloud.oracle.com/en-us/iaas/Content/API/SDKDocs/grafana.htm

# wget https://dl.grafana.com/oss/release/grafana-7.2.0-1.x86_64.rpm
# yum install grafana-7.2.0-1.x86_64.rpm

1 2	# wget https://dl.grafana.com/oss/release/grafana-7.2.0-1.x86_64.rpm # yum install grafana-7.2.0-1.x86_64.rpm

Start and enable the service.

# systemctl daemon-reload
# systemctl enable grafana-server.service
# systemctl start grafana-server.service

# systemctl daemon-reload

# systemctl enable grafana-server.service

# systemctl start grafana-server.service

Don’t forget to open the firewall port 3000 for the Grafana UI.

# firewall-cmd --permanent --zone=public --add-port=3000/tcp
# firewall-cmd --reload

1 2	# firewall-cmd --permanent --zone=public --add-port=3000/tcp # firewall-cmd --reload

Oracle Cloud Infrastructure Metrics Data Source Plugin

List the available OCI Grafana plugins.

# grafana-cli plugins list-remote | grep oci
id: oci-logs-datasource version: 1.1.0
id: oci-metrics-datasource version: 2.0.0

# grafana-cli plugins list-remote | grep oci

id: oci-logs-datasource version: 1.1.0

id: oci-metrics-datasource version: 2.0.0

Install the metric plugin.

# grafana-cli plugins install oci-metrics-datasource
installing oci-metrics-datasource @ 2.0.0
from: https://grafana.com/api/plugins/oci-metrics-datasource/versions/2.0.0/download
into: /var/lib/grafana/plugins

✔ Installed oci-metrics-datasource successfully

Restart grafana after installing plugins . <service grafana-server restart>

# grafana-cli plugins install oci-metrics-datasource

installing oci-metrics-datasource @ 2.0.0

from: https://grafana.com/api/plugins/oci-metrics-datasource/versions/2.0.0/download

into: /var/lib/grafana/plugins

✔ Installed oci-metrics-datasource successfully

Restart grafana after installing plugins . <service grafana-server restart>

Restart Grafana Server.

# service grafana-server restart
Restarting grafana-server (via systemctl): [ OK ]

1 2	# service grafana-server restart Restarting grafana-server (via systemctl): [ OK ]

Grafana Data Source Configuration

RSA Key Configuration

Grafana needs the configuration file and the RSA Key from the user oci. One solution: as user root, copy the files and set the ownership to OS user grafana.

# cp -r /home/oci/.oci /usr/share/grafana
# chown -R grafana:grafana /usr/share/grafana/.oci

1 2	# cp -r /home/oci/.oci /usr/share/grafana # chown -R grafana:grafana /usr/share/grafana/.oci

Change the path to the key file in /usr/share/grafana/.oci/config.

from:

key_file=/home/oci/.oci/oci_api_key_07102020.pem

1	key_file=/home/oci/.oci/oci_api_key_07102020.pem

to:

key_file=/usr/share/grafana/.oci/oci_api_key_07102020.pem

1	key_file=/usr/share/grafana/.oci/oci_api_key_07102020.pem

Add a new Data Source

Login into the Grafana server by address <server-ip>:3000. The initial username and password is admin. It’s recommended to change the password at the first login. Add a new data source. Configuration >> Data Sources >> Add data source.

Filter by oracle and select the Oracle Cloud Infrastructure Metrics plugin.

Set Tenancy OCID, select your Default Region and set the Environment to local. Press Save & Test to verify the functionality.

Create a new Dashboard and add a new panel.

Now you can query the data, for example the VPN bandwidth for region eu-zurich1 in my personal compartment. Feel free to add new panels based on the available metrics.

Example

Summary

Great to have the Oracle Cloud Infrastructure Grafana plugins back. To get an idea, which metrics are all available, verify it in the OCI Console >> Monitoring >> Metrics Explorer. The free ADB is not available in the collected metrics. But this is a general issue.

This was a review of the first OCI plugin. In the next week I will take a deeper look into the Oracle Cloud Infrastructure Logging Data Source plugin.

Autonomous Database, Oracle ACE, Oracle Cloud, Oracle Cloud Infrastructure, Oracle Linux, TrivadisContent

Let’s IPSec VPN – How to connect your Unifi Security Gateway to Oracle Cloud Infrastructure

Author: Martin Berger 28. September 2020

When I connect from home to the Oracle Cloud Infrastructure normally I used a Bastion Host, an Open VPN compute instance or Public IPs. Some of the cool stuff like MV2OCI (which transfers data from on-premises to OCI) or integration of an ADB instance in my local running Oracle Enterprise Manager are referred to direct cloud connections. A SSH reverse tunnel works fine, but this cannot be a permanent solution for my lab environment.

At home I have an Unifi Security Gateway (USG) up an running at home. This gateway has the capability, to create site-to-site VPN connections. Good: The Oracle Cloud Infrastruicture VPN service is for free, and I don’t expect over 10 TB outbound traffic. Time to create a VPN setup from home to OCI. Take care about the USG, it needs a “direct” internet contact, this is why my FTTH modem is configured in bridge mode on port 4. Small hint: If your modem is not bridged, ask your internet provider. Here in Switzerland, almost all internet providers support this function.

Architecture

Click on the image for a larger view.

Prerequisites

Unifi Security Gateway Public IP – visible in the USG web interface or on webpage (search term: what’s my IP)
Oracle Cloud Infrastructure network setup according the setup guide
Knowledge about IPSec details which are used by OCI and as described in the setup guide: Key Exchange Version (IKEv1), Encryption (AES-256), Hash (SHA-1), DH Group (5)
VCN and local network ranges
The IPSec endpoint IP addresses and the secrets

Oracle Cloud Infrastructure IPSec Setup

My Oracle Cloud infrastructure network is configured 1:1 as described in the manual Setting Up VPN Connect: https://docs.cloud.oracle.com/en-en/iaas/Content/Network/Tasks/settingupIPsec.htm. Here in the IPSec connection you can see the endpoint IPs, the IPSec status is actually shown as down. The secrets are provided in the detail view.

Unifi Security Gateway Setup

Here you find the details of the USG site-to-site configuration: https://help.ui.com/hc/en-us/articles/360002668854#3. Create a new network in Settings – Networks.

Oracle Cloud Infrastructure Settings

VPN Type	Manual IPsec
Enabled	Checkbox activated
Route Distance	30
Peer IP	OCI VPN endpoint IP
Local WAN IP	Local public address of the USG
Pre-Shared Key	OCI IPsec tunnel secret
IPsec Profile	Customized
Key Exchange Version	IKEv1
Encryption	AES-256
Hash	SHA1
DG Group	5
PFS	Checkbox activated
Dynamic Routing	Checkbox activated

Network Configuration

Oracle Cloud Infrastructure IPSec Status Update

After about two minutes, the OCI tunnel status turns into green. The VPN tunnel is now ready to use.

Unifi Security Gateway Routing

To be sure that local connections to instances running in the Oracle Cloud Infrastructure private subnet are working properly, we need a routing entry in the USG. Create a new routing entry in Settings – Routing & Firewall.

Routing Settings

Enabled	Checkbox activated
Type	Bullet activated
Destination Network	CIDR of the OCI VCN network / subnet
Local WAN IP	Local public address of the USG
Static Route Type:	Interface
Interface	Select interface created above, in my case OCI – Tunnel 1

Connection Verification

For testing purposes, I have created a compute instance in the OCI private subnet with IP 172.16.0.2, no public access – works!

A quick Bandwith Test

I am using iperf for this small test between my Windows client and the OCI compute instance. It’s not for production, just for the feeling. 68.7 Mbits/sec 🙂

Troubleshooting in USG

The connection can be verified when logged in as administrator in the Unifi Security Gateway as user ubnt / admin. Link to the documentation: https://help.ui.com/hc/en-us/articles/360002668854-UniFi-UDM-USG-Verifying-and-Troubleshooting-IPsec-VPNs

Show the current VPN configuration

$ sudo swanctl --list-conns
peer-140.238.123.456-tunnel-vti:
local: 139.178.78.910
remote: 140.238.123.456
local pre-shared key authentication:
id: 139.178.78.910
remote pre-shared key authentication:
id: 140.238.123.456
peer-140.238.123.456-tunnel-vti: TUNNEL
local: 0.0.0.0/0
remote: 0.0.0.0/0
remote-access: IKEv1
local: 139.178.78.910
remote: %any
local pre-shared key authentication:
id: 139.178.78.910
remote pre-shared key authentication:
remote-access: TRANSPORT
local: dynamic[udp/l2f]

$ sudo swanctl --list-conns

peer-140.238.123.456-tunnel-vti:

local: 139.178.78.910

remote: 140.238.123.456

local pre-shared key authentication:

id: 139.178.78.910

remote pre-shared key authentication:

id: 140.238.123.456

peer-140.238.123.456-tunnel-vti: TUNNEL

local: 0.0.0.0/0

remote: 0.0.0.0/0

remote-access: IKEv1

local: 139.178.78.910

remote: %any

local pre-shared key authentication:

id: 139.178.78.910

remote pre-shared key authentication:

remote-access: TRANSPORT

local: dynamic[udp/l2f]

Follow the Logfile

$ sudo swanctl --log
08[NET] received packet: from 152.67.12.34[500] to 139.178.78.910[500] (92 bytes)
08[ENC] parsed INFORMATIONAL_V1 request 1450492415 [ HASH N(DPD) ]
08[ENC] generating INFORMATIONAL_V1 request 3141172786 [ HASH N(DPD_ACK) ]
08[NET] sending packet: from 139.178.78.910[500] to 152.67.12.34[500] (92 bytes)
14[NET] received packet: from 152.67.12.34[500] to 139.178.78.910[500] (92 bytes)
14[ENC] parsed INFORMATIONAL_V1 request 2294336399 [ HASH N(DPD) ]
14[ENC] generating INFORMATIONAL_V1 request 1226471776 [ HASH N(DPD_ACK) ]
14[NET] sending packet: from 139.178.78.910[500] to 152.67.12.34[500] (92 bytes)

$ sudo swanctl --log

08[NET] received packet: from 152.67.12.34[500] to 139.178.78.910[500] (92 bytes)

08[ENC] parsed INFORMATIONAL_V1 request 1450492415 [ HASH N(DPD) ]

08[ENC] generating INFORMATIONAL_V1 request 3141172786 [ HASH N(DPD_ACK) ]

08[NET] sending packet: from 139.178.78.910[500] to 152.67.12.34[500] (92 bytes)

14[NET] received packet: from 152.67.12.34[500] to 139.178.78.910[500] (92 bytes)

14[ENC] parsed INFORMATIONAL_V1 request 2294336399 [ HASH N(DPD) ]

14[ENC] generating INFORMATIONAL_V1 request 1226471776 [ HASH N(DPD_ACK) ]

14[NET] sending packet: from 139.178.78.910[500] to 152.67.12.34[500] (92 bytes)

Troubleshooting in Oracle Cloud Infrastructure

There is a small document available to verify the basic configuration, maybe in future some log access will be provided. In a past project where we had VPN connection issues with a Fortigate firewall, I had a good experience with the guys from My Oracle Support.

Link: https://docs.cloud.oracle.com/en-us/iaas/Content/Network/Troubleshoot/ipsectroubleshoot.htm

Summary

Finally I have a stable VPN connection to Oracle Cloud Infrastructure for free. If all requirements are met, the configuration can be done in a few minutes. Next steps: Activation of the second tunnel to get VPN redundancy, enable notifications when a IPsec tunnel is down and some other Oracle Enterprise Manager 13c monitoring stuff. The weather conditions in Switzerland are bad for the next days, so there is enough time in the evenings to do further research.

#freedom #network #together #doer #curiosity

DBaaS, Oracle Cloud Infrastructure, Oracle Linux, Oracle Tools, Security, TrivadisContent

Oracle Cloud Infrastructure – Security first: Cloud Guard and Security Zones – a first View

Author: Martin Berger 15. September 2020

Two new Oracle Cloud Infrastructure Cloud Security Services

Good news: Oracle has provided two new services for cloud security. Cloud Guard to get an overview of existing possible security breaches and Security Zones, which allows to create a full restricted compartment. In this blog, I will give you a short overview about this brand new services.

Cloud Guard

The Cloud Guard service helps you to identify security issues in your tenancy. Before the first use, it has to be enabled and a base region and for a minimum one compartment has to be selected. It needs a new policy which Cloud Guard allows to gather information in your tenancy. Oracle Cloud Guard discovers available object in compartments like Compute Instances, Object Storage and many more and checks Oracle Cloud Infrastructure security best practices.

Link to documentation: https://docs.cloud.oracle.com/en-us/iaas/cloud-guard/using/index.htm

Enable Cloud Guard first

Based on recipes, it show you security recommendations for the findings and can execute corrective actions. There are two different receipes types available:

Oracle Managed Detector Recipe – provided by Cloud Guard, doesn’t allow to disable rules
User Managed Detector Recipe – a clone of an Oracle managed recipe, allows to disable individual rules

Examples for recipes – docs.cloud.oracle.com

	Oracle Managed Recipe		User Managed Recipe
Rule	Status	Risk Level	Status	Risk Level
Bucket is public	ENABLED	HIGH	DISABLED	HIGH
Instance has public IP address	ENABLED	CRITICAL	ENABLED	HIGH
VCN has no inbound Security List	ENABLED	MEDIUM	DISABLED	MEDIUM

Based on detected findings, Cloud Guard is able to to corrective actions. This feature called Responder Rules requires a policy. Problems can be fixed on three ways:

Remediated – Fix using Cloud Guard responder
Resolved – Fixed by other process
Dismissed – Ignore and close

Example for a Cloud Guard Responder Action

Example – Cloud Guard has detected a Public IP

Cloud Guard Dashboard

The dashboard gives you an overview of the findings and actions. There are direct links to the findings and recommendations. Ok, It looks I have to review my test compartment 😉

Security Zones

A security zone is associated on a compartment and a security zone recipe. For example when in the recipe is defined, users cannot create an Internet Gateway in a defined compartement, an error message occurs when he tries to create one.

Link to documentation: https://docs.cloud.oracle.com/en-us/iaas/security-zone/using/security-zones.htm

Create a new Security Zone

Recipes

There are some basic rules in the Oracle defined recipe (at the moment you can not create a customer based recipe) – for example:

Resources can’t be moved out from a security zone to a regular compartment
Resources are not accessible by Internet
Resources must be regularly backed up

Test – Create an Internet Gateway in the new created Security Zone

A violation message occurs, the security zone recipe doesn’t allow creating Internet Gateways.

Summary

I really like these two new services. Cloud Guard which helps me to identify possible security issues and Security Zones to create secure compartments without writing manual policies. This is only a short overview, in next days I will definitely take a deeper look, especially in Cloud Guard and the corrective actions. I have a great interest to find out how it works in the background for example when a public IP is detected and so on. The Oracle Cloud Infrastructure security is definitely on track!

DBaaS, Oracle Cloud Infrastructure, Oracle RDBMS, Security, TrivadisContent

Windows 10 WSL 2, Docker and Oracle – a perfect Partnership

Author: Martin Berger 2. September 2020

I admit it, I was not a friend of Oracle databases running in Docker containers for a long time. My database systems for testing and demo purposes were all running in VMware, Virtual Box or in the Oracle Cloud. But I have used the Windows Subsystem for Linux since beginning, to work with the Oracle Oracle Cloud Infrastructure CLI, Git Integration etc.. And what I really like is the WSL extension for Visual Studio Code which gives me to chance, to edit Ansible Vault files in Windows without any additional Linux based VM running.

With the update of the existing Windows Subsystem for Linux (WSL) architecture to version 2, the Docker Desktop for Windows is now fully integrated and able to run Docker container in WSL as a lightweight VM. Now it’s time to change my mind, why not use Docker to try out new Oracle features, do some development stuff and more?

What to we need to run Oracle databases in WSL 2 Docker Containers?

WSL 2
Docker Desktop for Windows
Docker images with an Oracle Database – I may use the images (oehrlis/docker) from my workmate Stefan Oehrli (oradba.ch)- merci vöumou

This blog post shows you how to setup WSL 2 to run Docker images. Sure, you can use the Oracle provided Docker images or self created images too. But I have verified the Oracle repository today, the Dockerfile version is 19.3.0. And I don’t have the passion, to create new Dockerfiles for example to run 19.8 and download additional RU software.

Installing Windows Subsystem 2 for Linux

https://docs.microsoft.com/en-us/windows/wsl/install-win10

Enable Windows Subsystem for Linux basic Functionality

Start Windows PowerShell as Administrator and enable WSL.

dism.exe /online /enable-feature /featurename:Microsoft-Windows-Subsystem-Linux /all /norestart

1	dism.exe /online /enable-feature /featurename:Microsoft-Windows-Subsystem-Linux /all /norestart

Do not restart Windows 10 at the moment.

Activate Windows Subsystem for Linux 2

Check your version before enabling WSL 2, the criteria from the install document must be meet – for example for my x64 platform:

Running Windows 10, updated to version 1903 or higher, Build 18362 or higher for x64 systems.

Let’s check it with Windows logo key + R and winver – my version us 1904:

Enable the ‘Virtual Machine Platform’ – this component is required for WSL 2.

dism.exe /online /enable-feature /featurename:VirtualMachinePlatform /all /norestart

1	dism.exe /online /enable-feature /featurename:VirtualMachinePlatform /all /norestart

Restart the Windows machine. Now wsl.exe is available as command in Power Shell.

Set WSL 2 as default when installing Linux distributions from Microsoft Store like Ubuntu and SLES.

Getting Windows 10 ready for Docker

https://docs.docker.com/docker-for-windows/wsl/
https://hub.docker.com/editions/community/docker-ce-desktop-windows/
https://code.visualstudio.com/blogs/2020/03/02/docker-in-wsl2

Install Docker Desktop for Windows

Run the Docker Desktop Installer executable. Let the checkboxes activated.

Two minutes later.

Start Docker and verify the Availability

After starting the Docker Desktop, you get a notification that Docker is starting. Docker is recognising that WSL is installed.

Docker is now ready to use.

Open a new PowerShell as Administrator and verify if docker and docker-compose are available.

docker version --format '{{.Server.Version}}

1	docker version --format '{{.Server.Version}}

docker-compose --version

1	docker-compose --version

Install Git

Link: https://git-scm.com/download/win

We use Git to checkout the Oracle docker containers later. There are several Git clients for Windows available. I use the one from git-scm.com. Just run the executable. After the successful installation, verify Git availability in PowerShell.

git --version

1	git --version

Go for the Oracle Database

Startup the Oracle Docker Image

Before cloning of the Git repository, I created a new directory in my Workplace folder.

Clone Docker Image Repository

The content of my cloned directory Oracle Database 19.0.0.0.

We use Docker Compose here, this makes it very easy to handle networking stuff like port forwarding. Example content of the docker-compose.yml file. In this case, I have not configured the Docker Volume Base, the files for the container are created in a subfolder of the clone directory.

# multitenant tenant database
tdb190c:
image: ${DOCKER_USER}/${DOCKER_REPO}:19.8.0.0
container_name: tdb190c
hostname: tdb190c
restart: unless-stopped
network_mode: bridge
volumes:
- ${DOCKER_VOLUME_BASE}/tdb190c:/u01
- ./config:/u01/config
ports:
- "1521:1521"
environment:
CONTAINER: 'TRUE'
INSTANCE_INIT: /u01/config
ORACLE_SID: TDB190C

# multitenant tenant database

tdb190c:

image: ${DOCKER_USER}/${DOCKER_REPO}:19.8.0.0

container_name: tdb190c

hostname: tdb190c

restart: unless-stopped

network_mode: bridge

volumes:

- ${DOCKER_VOLUME_BASE}/tdb190c:/u01

- ./config:/u01/config

ports:

- "1521:1521"

environment:

CONTAINER: 'TRUE'

INSTANCE_INIT: /u01/config

ORACLE_SID: TDB190C

After pulling, let’s start the container with docker-compose.

docker-compose up -d tdb190c

1	docker-compose up -d tdb190c

In the background, the database will be created and configured – example output in Docker Desktop.

SQL Developer Connect

Verify in the Shell if the Oracle database and the listener are running – example output from the Trivadis Toolbox component TVD-Basenv.

Summary

The integration of Docker in Windows Subsystem for Linux is fast and easy to configure. I like the idea to run a lightweight VM inside my existing WSL. In future, before I think about to start a VMware or Virtual Box VM to do some Oracle testing stuff, I will verify if there is Docker image available. And I will definitely spend more time to discover the possibilities of Docker 🙂

19c, Docker, Oracle Linux, Oracle Tools, Testing

Docker