Author Archive: Martin Berger

Oracle Cloud Infrastructure – Security first: Cloud Guard and Security Zones – a first View

Two new Oracle Cloud Infrastructure Cloud Security Services

Good news: Oracle has provided two new services for cloud security. Cloud Guard to get an overview of existing possible security breaches and Security Zones, which allows to create a full restricted compartment.  In this blog, I will give you a short overview about this brand new services.

Cloud Guard

The Cloud Guard service helps you to identify security issues in your tenancy. Before the first use, it has to be enabled and a base region and for a minimum one compartment has to be selected. It needs a new policy which Cloud Guard allows to gather information in your tenancy. Oracle Cloud Guard discovers available object in compartments like Compute Instances, Object Storage and many more and checks Oracle Cloud Infrastructure security best practices.

Link to documentation: https://docs.cloud.oracle.com/en-us/iaas/cloud-guard/using/index.htm

Enable Cloud Guard first

Based on recipes, it show you security recommendations for the findings and can execute corrective actions. There are two different receipes types available:

  • Oracle Managed Detector Recipe – provided by Cloud Guard, doesn’t allow to disable rules
  • User Managed Detector Recipe – a clone of an Oracle managed recipe, allows to disable individual rules

Examples for recipes – docs.cloud.oracle.com

  Oracle Managed Recipe User Managed Recipe
Rule Status Risk Level Status Risk Level
Bucket is public ENABLED HIGH DISABLED HIGH
Instance has public IP address ENABLED CRITICAL ENABLED HIGH
VCN has no inbound Security List ENABLED MEDIUM DISABLED MEDIUM

 

Based on detected findings, Cloud Guard is able to to corrective actions. This feature called Responder Rules requires a policy. Problems can be fixed on three ways:

  • Remediated – Fix using Cloud Guard responder
  • Resolved – Fixed by other process
  • Dismissed – Ignore and close

Example for a Cloud Guard Responder Action

Example – Cloud Guard has detected a Public IP 

Cloud Guard Dashboard

The dashboard gives you an overview of the findings and actions. There are direct links to the findings and recommendations. Ok, It looks I have to review my test compartment 😉

Security Zones

A security zone is associated on a compartment and a security zone recipe. For example when in the recipe is defined, users cannot create an Internet Gateway in a defined compartement, an error message occurs when he tries to create one.

Link to documentation: https://docs.cloud.oracle.com/en-us/iaas/security-zone/using/security-zones.htm

Create a new Security Zone

Recipes

There are some basic rules in the Oracle defined recipe (at the moment you can not create a customer based recipe) – for example:

  • Resources can’t be moved out from a security zone to a regular compartment
  • Resources are not accessible by Internet
  • Resources must be regularly backed up

 

Test – Create an Internet Gateway in the new created Security Zone

A violation message occurs, the security zone recipe doesn’t allow creating Internet Gateways.

Summary

I really like these two new services. Cloud Guard which helps me to identify possible security issues and Security Zones to create secure compartments without writing manual policies. This is only a short overview, in next days I will definitely take a deeper look, especially in Cloud Guard and the corrective actions. I have a great interest to find out how it works in the background for example when a public IP is detected and so on. The Oracle Cloud Infrastructure security is definitely on track!

Windows 10 WSL 2, Docker and Oracle – a perfect Partnership

I admit it, I was not a friend of Oracle databases running in Docker containers for a long time. My database systems for testing and demo purposes were all running in VMware, Virtual Box or in the Oracle Cloud. But I have used the Windows Subsystem for Linux since beginning, to work with the Oracle Oracle Cloud Infrastructure CLI, Git Integration etc.. And what I really like is the WSL extension for Visual Studio Code which gives me to chance, to edit Ansible Vault files in Windows without any additional Linux based VM running.

With the update of the existing Windows Subsystem for Linux (WSL) architecture to version 2, the Docker Desktop for Windows is now fully integrated and able to run Docker container in WSL as a lightweight VM. Now it’s time to change my mind, why not use Docker to try out new Oracle features, do some development stuff and more?

What to we need to run Oracle databases in WSL 2 Docker Containers?

  1. WSL 2
  2. Docker Desktop for Windows
  3. Docker images with an Oracle Database – I may use the images (oehrlis/docker) from my workmate Stefan Oehrli (oradba.ch)- merci vöumou

This blog post shows you how to setup WSL 2 to run Docker images. Sure, you can use the Oracle provided Docker images or self created images too. But I have verified the Oracle repository today, the Dockerfile version is 19.3.0. And I don’t have the passion, to create new Dockerfiles for example to run 19.8 and download additional RU software.

Installing Windows Subsystem 2 for Linux

Enable Windows Subsystem for Linux basic Functionality

Start Windows PowerShell as Administrator and enable WSL.

dism.exe /online /enable-feature /featurename:Microsoft-Windows-Subsystem-Linux /all /norestart

Do not restart Windows 10 at the moment.

Activate Windows Subsystem for Linux 2

Check your version before enabling WSL 2, the criteria from the install document must be meet – for example for my x64 platform:

  • Running Windows 10, updated to version 1903 or higher, Build 18362 or higher for x64 systems.

Let’s check it with Windows logo key + R and winver – my version us 1904:

Enable the ‘Virtual Machine Platform’ – this component is required for WSL 2.

dism.exe /online /enable-feature /featurename:VirtualMachinePlatform /all /norestart

Restart the Windows machine. Now wsl.exe is available as command in Power Shell.

Set WSL 2 as default when installing Linux distributions from Microsoft Store like Ubuntu and SLES.

 

 

Getting Windows 10 ready for Docker

Install Docker Desktop for Windows

Run the Docker Desktop Installer executable. Let the checkboxes activated.

Two minutes later.

Start Docker and verify the Availability

After starting the Docker Desktop, you get a notification that Docker is starting. Docker is recognising that WSL is installed.

Docker is now ready to use.

Open a new PowerShell as Administrator and verify if docker and docker-compose are available.

docker version --format '{{.Server.Version}}

docker-compose --version

Install Git

Link: https://git-scm.com/download/win

We use Git to checkout the Oracle docker containers later. There are several Git clients for Windows available. I use the one from git-scm.com. Just run the executable. After the successful installation, verify Git availability in PowerShell.

git --version

Go for the Oracle Database

Startup the Oracle Docker Image

Before cloning of the Git repository, I created a new directory in my Workplace folder.

Clone Docker Image Repository

The content of my cloned directory Oracle Database 19.0.0.0.

We use Docker Compose here, this makes it very easy to handle networking stuff like port forwarding. Example content of the docker-compose.yml file. In this case, I have not configured the Docker Volume Base, the files for the container are created in a subfolder of the clone directory.

# multitenant tenant database
tdb190c:
image: ${DOCKER_USER}/${DOCKER_REPO}:19.8.0.0
container_name: tdb190c
hostname: tdb190c
restart: unless-stopped
network_mode: bridge
volumes:
- ${DOCKER_VOLUME_BASE}/tdb190c:/u01
- ./config:/u01/config
ports:
- "1521:1521"
environment:
CONTAINER: 'TRUE'
INSTANCE_INIT: /u01/config
ORACLE_SID: TDB190C

After pulling, let’s start the container with docker-compose.

docker-compose up -d tdb190c

In the background, the database will be created and configured – example output in Docker Desktop.

SQL Developer Connect

Verify in the Shell if the Oracle database and the listener are running – example output from the Trivadis Toolbox component TVD-Basenv.

Summary

The integration of Docker in Windows Subsystem for Linux is fast and easy to configure. I like the idea to run a lightweight VM inside my existing WSL. In future, before I think about to start a VMware or Virtual Box VM to do some Oracle testing stuff, I will verify if there is Docker image available. And I will definitely spend more time to discover the possibilities of Docker 🙂

Oracle Enterprise Manager 13c Release 4 Update 5 (13.4.0.5) – Time to Patch the OMS

Availability and Information Release Update 13.4.0.5

Since some days, the Release Update 13.4.0.5 for the Oracle Enterprise Manager 13c Release 4 is available in My Oracle Support. Time to update my lab environment.

Note: This blog post describes how to apply the RU on an Oracle Enterprise Manager 13 Release 4 Oracle Management Server which is running on an Oracle Linux 7.6 machine. Applying the RU for agents is not part of of this blog post. For agent patching please visit readme of Patch 31544641: Oracle Enterprise Manager 13c Release 4 Platform Update 5 (13.4.0.5) for Oracle Management Agent.

The RU for the Oracle Management Server is generic and the compressed patch file has the size of 964.6 MB. Useful links for this Release Update like contained fixes and improvements:

From the Patch Readme:

Oracle Enterprise Manager 13c Release 4 Update 5 for Oracle Management Service contains bug fixes, and can be applied on the following:

  • Oracle Management Service 13c Release 4 (13.4.0.0.0)
  • Any Release Update previously released for Oracle Management Service 13c Release 4 (13.4.0.0.0)

OMSPatcher Prerequisites 

OMSPatcher has to be version 13.9.4.1.0 for Enterprise Manager 13.4.0.0.0 – let’s verify it on my OEM environment:

$ export ORACLE_HOME=/u01/app/oracle/product/em13cr4

$ORACLE_HOME/OMSPatcher/omspatcher version
OMSPatcher Version: 13.9.4.1.0
OPlan Version: 12.2.0.1.16
OsysModel build: Thu Oct 25 18:18:12 PDT 2018

OMSPatcher succeeded.

If your OMSPatcher has an older release, take a look here how to update it: EM 13c: How To Upgrade Enterprise Manager 13.4 Cloud Control OMSPatcher Utility to Version 13.9.4.1.0 (Doc ID 2646080.1)

Transfer and extract Release Update

The RU is extracted in the stage directory on the OEM server:

$ ll
total 987904
drwxr-xr-x 3 oracle oinstall 81 Aug 18 21:26 .
drwxr-xr-x. 13 oracle dba 4096 May 11 13:03 ..
drwxr-x--- 15 oracle oinstall 4096 Aug 13 07:37 31604791
-rw-rw-r-- 1 oracle oinstall 123537 Aug 17 19:54 PatchSearch.xml
-rw-r--r-- 1 oracle oinstall 1011475597 Aug 18 21:25 p31604791_134000_Generic.zip

Pre-Check

Run the pre-check to analyze the existing Oracle Enterprise Manager system.

$ cd /u01/app/oracle/stage/31604791
$ $ORACLE_HOME/OMSPatcher/omspatcher apply -analyze

Extract from the OMSPatch logfile, here in my case called omspatcher_2020-08-18_21-35-49PM_analyze.log.

The following sub-patches are incompatible with components installed in the OMS system:
31511488,31511179,31511147,30851102,31187567,31352743,31510486

These warnings can ignored, these are patches for plugins which I am not using. So the patch will not be applied here, for example:

  • oracle.sysman.emfa.oms.plugin (Enterprise Manager for Fusion Applications)
  • oracle.sysman.bda.oms.plugin (Oracle Big Data Appliance)

OPatch – The inventory shows Platform Update 13.4.0.3 which is my actual release.

$ $ORACLE_HOME/OPatch/opatch lsinventory | grep Platform
Patch description: "Oracle Enterprise Manager 13c Release 4 Platform Update 3 (13.4.0.3) for Oracle Management Service"

About Enterprise Manager

Show the installed Plugins – emcli

Login

$ $ORACLE_HOME/bin/emcli login -username=sysman
Enter password :
Login successful

Sync emcli

$ $ORACLE_HOME/bin/emcli sync
Synchronized successfully

List plugins

$ $ORACLE_HOME/bin/emcli list_plugins_on_server
OMS name is kestenholz.martinberger.local:4889_Management_Service
Plug-in Name Plugin-id Version [revision]

Oracle Cloud Framework oracle.sysman.cfw 13.4.1.0.0
Oracle Database oracle.sysman.db 13.4.1.0.0
Oracle Fusion Middleware oracle.sysman.emas 13.4.1.0.0
Systems Infrastructure oracle.sysman.si 13.4.1.0.0
Oracle Exadata oracle.sysman.xa 13.4.1.0.0

Release Update Apply

1st – Stop the OMS

$ORACLE_HOME/bin/emctl stop oms

2nd – Apply RU with OMSPatcher

I don’t use a credential file, therefore the username (if not using weblogic which is default) and the password for the Weblogic AdminServer has to be provied.

$ cd /u01/app/oracle/stage/31604791
$ $ORACLE_HOME/OMSPatcher/omspatcher apply
OMSPatcher Automation Tool
Copyright (c) 2017, Oracle Corporation. All rights reserved.


OMSPatcher version : 13.9.4.1.0
OUI version : 13.9.4.0.0
Running from : /u01/app/oracle/product/em13cr4
Log file location : /u01/app/oracle/product/em13cr4/cfgtoollogs/omspatcher/opatch2020-08-19_09-49-05AM_1.log

OMSPatcher log file: /u01/app/oracle/product/em13cr4/cfgtoollogs/omspatcher/31604791/omspatcher_2020-08-19_09-49-10AM_analyze.log

Please enter OMS weblogic admin server URL(t3s://kestenholz.martinberger.local:7102):>
Please enter OMS weblogic admin server username(weblogic):>
Please enter OMS weblogic admin server password:>
...
<patching actions>
<patching actions>
<patching actions>
...

Deployment summary:
-------------------

The following artifact(s) have been successfully deployed:

Artifacts Log file
--------- --------
SQL rcu_applypatch_original_patch_2020-08-18_21-54-04PM.log
SQL rcu_applypatch_original_patch_2020-08-18_21-56-10PM.log
SQL rcu_applypatch_original_patch_2020-08-18_21-56-27PM.log
SQL rcu_applypatch_original_patch_2020-08-18_21-56-45PM.log
SQL rcu_applypatch_original_patch_2020-08-18_21-57-03PM.log
MRS-commands emctl_register_commands_2020-08-18_21-57-24PM.log
MRS-commands emctl_register_commands_2020-08-18_21-57-28PM.log
MRS-procedures emctl_register_procedures_2020-08-18_21-57-32PM.log
MRS-swlib emctl_register_swlib_2020-08-18_21-57-39PM.log
MRS-swlib emctl_register_swlib_2020-08-18_21-57-45PM.log
MRS-targetType emctl_register_targetType_2020-08-18_21-57-53PM.log
MRS-targetType emctl_register_targetType_2020-08-18_21-58-02PM.log
MRS-storeTargetType emctl_register_storeTargetType_2020-08-18_22-00-48PM.log
MRS-storeTargetType emctl_register_storeTargetType_2020-08-18_22-00-54PM.log
MRS-default_collection emctl_register_default_collection_2020-08-18_22-01-01PM.log
MRS-default_collection emctl_register_default_collection_2020-08-18_22-01-08PM.log
MRS-omsPropertyDef emctl_register_omsPropertyDef_2020-08-18_22-01-35PM.log
MRS-omsPropertyDef emctl_register_omsPropertyDef_2020-08-18_22-01-40PM.log
MRS-jobTypes emctl_register_jobTypes_2020-08-18_22-01-45PM.log
MRS-jobTypes emctl_register_jobTypes_2020-08-18_22-01-50PM.log
MRS-jobTypes emctl_register_jobTypes_2020-08-18_22-01-55PM.log
MRS-systemStencil emctl_register_systemStencil_2020-08-18_22-02-03PM.log
MRS-systemStencil emctl_register_systemStencil_2020-08-18_22-02-08PM.log
MRS-gccompliance emctl_register_gccompliance_2020-08-18_22-02-12PM.log
MRS-discovery emctl_register_discovery_2020-08-18_22-02-28PM.log
MRS-CredstoreMetadata emctl_register_CredstoreMetadata_2020-08-18_22-02-33PM.log


--------------------------------------------------------------------------------
The following warnings have occurred during OPatch execution:
1) Could not apply the patch "31511488" because the "oracle.sysman.vt.oms.plugin with version 13.4.1.0.0" core component of the OMS or the plug-in for which the patch is intended is either not deployed or deployed with another version in your Enterprise Manager system.
2) Could not apply the patch "31511179" because the "oracle.sysman.emct.oms.plugin with version 13.4.1.0.0" core component of the OMS or the plug-in for which the patch is intended is either not deployed or deployed with another version in your Enterprise Manager system.
3) Could not apply the patch "31511147" because the "oracle.sysman.am.oms.plugin with version 13.4.1.0.0" core component of the OMS or the plug-in for which the patch is intended is either not deployed or deployed with another version in your Enterprise Manager system.
4) Could not apply the patch "30851102" because the "oracle.sysman.vi.oms.plugin with version 13.4.1.0.0" core component of the OMS or the plug-in for which the patch is intended is either not deployed or deployed with another version in your Enterprise Manager system.
5) Could not apply the patch "31187567" because the "oracle.sysman.bda.oms.plugin with version 13.4.1.0.0" core component of the OMS or the plug-in for which the patch is intended is either not deployed or deployed with another version in your Enterprise Manager system.
6) Could not apply the patch "31352743" because the "oracle.sysman.ssa.oms.plugin with version 13.4.1.0.0" core component of the OMS or the plug-in for which the patch is intended is either not deployed or deployed with another version in your Enterprise Manager system.
7) Could not apply the patch "31510486" because the "oracle.sysman.emfa.oms.plugin with version 13.4.1.0.0" core component of the OMS or the plug-in for which the patch is intended is either not deployed or deployed with another version in your Enterprise Manager system.
--------------------------------------------------------------------------------
OMSPatcher Session completed with warnings.
Log file location: /u01/app/oracle/product/em13cr4/cfgtoollogs/omspatcher/31604791/omspatcher_2020-08-18_21-41-32PM_deploy.log

OMSPatcher completed with warnings.

Warnings can be ignored as long they depend on plugins which are not installed.

OPatch – The inventory shows Platform Update 13.4.0.5 the RU is applied.

$ $ORACLE_HOME/OPatch/opatch lsinventory | grep Platform
Patch description: "Oracle Enterprise Manager 13c Release 4 Platform Update 5 (13.4.0.5) for Oracle Management Service"

3rd – Start the OMS again

$ $ORACLE_HOME/bin/emctl start oms

About Enterprise Manager

Summary

Oracle Enterprise Manager 13c Release 4 Update 5 (13.4.0.5) – easy to apply, works!

Oracle Enterprise Manager EM13c – My Oracle Support is back!

Since a few weeks, the online connection in Oracle Enterprise Manager EM13c to My Oracle Support was broken. This resulted in errors like Error occurred when sending request to My Oracle Support, for example when you tried to set the My Oracle Support credentials in a fresh EM13c setup. Existing configurations were not able to get newest patch information anymore. Oracle has documented it in the note Recent Changes to MOS will Disable Enterprise Manager Online Connections (Doc ID 2664002.1)

Screenshot when trying to set MOS credentials in a new EM13c RU4 setup:

Now there is a fix available for all current EM 13 releases, RU included. For more details see Patch Now Available For Recent Changes to MOS That Disabled Enterprise Manager Online Connections (Doc ID 2678494.1). Here is the installation of the patch for an Oracle Enterprise Manager EM13c Release 4 RU2 without using a property file (optional). The patch is transferred to target OMS server and extracted in directory /u01/app/oracle/stage/31233849.

oracle@kestenholz:/u01/app/oracle/stage/ [em13cr4] ll
total 424
drwxr-xr-x 3 oracle oinstall 92 Jul 12 23:00 .
drwxr-xr-x. 13 oracle dba 4096 May 11 13:03 ..
drwxr-x--- 4 oracle oinstall 76 Jun 22 22:10 31233849
-rw-rw-r-- 1 oracle oinstall 3092 Jul 6 17:24 PatchSearch.xml
-rw-r--r-- 1 oracle oinstall 425127 Jul 12 23:00 p31233849_13400200531Bundle_Generic.zip

 

Stop OMS

oracle@kestenholz:/u01/app/oracle/stage/ [em13cr4] emctl stop oms

Validate Patch Apply

oracle@kestenholz:/u01/app/oracle/stage/ [em13cr4] cd /u01/app/oracle/stage/31233849

oracle@kestenholz:/u01/app/oracle/stage/31233849/ [em13cr4] $ORACLE_HOME/OMSPatcher/omspatcher apply -analyze
OMSPatcher Automation Tool
Copyright (c) 2017, Oracle Corporation. All rights reserved.


OMSPatcher version : 13.9.4.1.0
OUI version : 13.9.4.0.0
Running from : /u01/app/oracle/product/em13cr4
Log file location : /u01/app/oracle/product/em13cr4/cfgtoollogs/omspatcher/opatch2020-07-12_23-01-08PM_1.log

OMSPatcher log file: /u01/app/oracle/product/em13cr4/cfgtoollogs/omspatcher/31233849/omspatcher_2020-07-12_23-01-13PM_analyze.log

Please enter OMS weblogic admin server URL(t3s://kestenholz.martinberger.local:7102):>
Please enter OMS weblogic admin server username(weblogic):>
Please enter OMS weblogic admin server password:>

Configuration Validation: Success


Running apply prerequisite checks for sub-patch(es) "31233849" and Oracle Home "/u01/app/oracle/product/em13cr4"...
Sub-patch(es) "31233849" are successfully analyzed for Oracle Home "/u01/app/oracle/product/em13cr4"


Complete Summary
================


All log file names referenced below can be accessed from the directory "/u01/app/oracle/product/em13cr4/cfgtoollogs/omspatcher/2020-07-12_23-01-08PM_SystemPatch_31233849_1"

Prerequisites analysis summary:
-------------------------------

The following sub-patch(es) are applicable:

Featureset Sub-patches Log file
---------- ----------- --------
oracle.sysman.top.oms 31233849 31233849_opatch2020-07-12_23-01-13PM_1.log

Log file location: /u01/app/oracle/product/em13cr4/cfgtoollogs/omspatcher/31233849/omspatcher_2020-07-12_23-01-13PM_analyze.log

OMSPatcher succeeded.

Patch Apply

oracle@kestenholz:/u01/app/oracle/stage/31233849/ [em13cr4] $ORACLE_HOME/OMSPatcher/omspatcher apply
OMSPatcher Automation Tool
Copyright (c) 2017, Oracle Corporation. All rights reserved.


OMSPatcher version : 13.9.4.1.0
OUI version : 13.9.4.0.0
Running from : /u01/app/oracle/product/em13cr4
Log file location : /u01/app/oracle/product/em13cr4/cfgtoollogs/omspatcher/opatch2020-07-12_23-03-23PM_1.log

OMSPatcher log file: /u01/app/oracle/product/em13cr4/cfgtoollogs/omspatcher/31233849/omspatcher_2020-07-12_23-03-27PM_deploy.log

Please enter OMS weblogic admin server URL(t3s://kestenholz.martinberger.local:7102):>
Please enter OMS weblogic admin server username(weblogic):>
Please enter OMS weblogic admin server password:>

Configuration Validation: Success


Running apply prerequisite checks for sub-patch(es) "31233849" and Oracle Home "/u01/app/oracle/product/em13cr4"...
Sub-patch(es) "31233849" are successfully analyzed for Oracle Home "/u01/app/oracle/product/em13cr4"

To continue, OMSPatcher will do the following:
[Patch and deploy artifacts] : Apply sub-patch(es) [ 31233849 ]
Apply RCU artifact with patch "/u01/app/oracle/product/em13cr4/.omspatcher_storage/31233849_Jun_22_2020_22_08_35/original_patch";
Register MRS artifact "omsPropertyDef"


Do you want to proceed? [y|n]
y
User Responded with: Y

Applying sub-patch(es) "31233849"
Please monitor log file: /u01/app/oracle/product/em13cr4/cfgtoollogs/opatch/opatch2020-07-12_23-03-27PM_1.log


Updating repository with RCU reference file "/u01/app/oracle/product/em13cr4/.omspatcher_storage/31233849_Jun_22_2020_22_08_35/original_patch"

Registering service "omsPropertyDef" with register file "/u01/app/oracle/product/em13cr4/sysman/metadata/omsProperties/definition/MosOMSPropDefinition.xml" for plugin id as "core"...
Please monitor log file: /u01/app/oracle/product/em13cr4/cfgtoollogs/omspatcher/2020-07-12_23-03-23PM_SystemPatch_31233849_1/emctl_register_omsPropertyDef_2020-07-12_23-06-34PM.log


Complete Summary
================


All log file names referenced below can be accessed from the directory "/u01/app/oracle/product/em13cr4/cfgtoollogs/omspatcher/2020-07-12_23-03-23PM_SystemPatch_31233849_1"

Patching summary:
-----------------

Binaries of the following sub-patch(es) have been applied successfully:

Featureset Sub-patches Log file
---------- ----------- --------
oracle.sysman.top.oms_13.4.0.0.0 31233849 31233849_opatch2020-07-12_23-03-27PM_1.log

Deployment summary:
-------------------

The following artifact(s) have been successfully deployed:

Artifacts Log file
--------- --------
SQL rcu_applypatch_original_patch_2020-07-12_23-06-16PM.log
MRS-omsPropertyDef emctl_register_omsPropertyDef_2020-07-12_23-06-34PM.log


Log file location: /u01/app/oracle/product/em13cr4/cfgtoollogs/omspatcher/31233849/omspatcher_2020-07-12_23-03-27PM_deploy.log

OMSPatcher succeeded.

 

Start OMS

oracle@kestenholz:/u01/app/oracle/stage/31233849/ [em13cr4] emctl start oms
Oracle Enterprise Manager Cloud Control 13c Release 4
Copyright (c) 1996, 2020 Oracle Corporation. All rights reserved.
Starting Oracle Management Server...
WebTier Successfully Started
Oracle Management Server Successfully Started
Oracle Management Server is Up
JVMD Engine is Up

 

New try to set My Oracle Support Credentials – MOS is back!

Et voilà

MOS is back, take care if you use a proxy or a firewall – a new URL has to be whitelisted:  https://oauth-e.oracle.com !

Install Oracle 19c RDBMS on Oracle Linux 8 – avoid [WARNING] [INS-08101] Unexpected error while executing the action at state: ‘supportedOSCheck’

Oracle RDBMS 19c is now certified on Oracle Linux 8. Unfortunately the Oracle Universal Installer in Silent Mode fails when checking the OS version. My OS release:

[oracle@olten dbhome_1]$ cat /etc/oracle-release
Oracle Linux Server release 8.2

Oracle Universal Installer in Silent Mode

The OUI installer in silent mode stops and shows this error message: [WARNING] [INS-08101] Unexpected error while executing the action at state: ‘supportedOSCheck’. There is no parameter available like -ignoreOS or whatever, but two workarounds.

[oracle@olten dbhome_1]$ ./runInstaller -ignorePrereq -waitforcompletion -silent \
-responseFile /u01/app/oracle/product/19.0.0/dbhome_1/install/response/db_install.rsp \
oracle.install.option=INSTALL_DB_SWONLY \
> -responseFile /u01/app/oracle/product/19.0.0/dbhome_1/install/response/db_install.rsp \
> oracle.install.option=INSTALL_DB_SWONLY \
> ORACLE_HOSTNAME=mohnweg.kestenholz.net \
> UNIX_GROUP_NAME=oinstall \
> INVENTORY_LOCATION=/u01/app/oraInventory \
> SELECTED_LANGUAGES=en,en_GB \
> ORACLE_HOME=/u01/app/oracle/product/19.0.0/dbhome_1 \
> ORACLE_BASE=/u01/app/oracle \
> oracle.install.db.InstallEdition=EE \
> oracle.install.db.OSDBA_GROUP=dba \
> oracle.install.db.OSBACKUPDBA_GROUP=dba \
> oracle.install.db.OSDGDBA_GROUP=dba \
> oracle.install.db.OSKMDBA_GROUP=dba \
> oracle.install.db.OSRACDBA_GROUP=dba \
> SECURITY_UPDATES_VIA_MYORACLESUPPORT=false \
> DECLINE_SECURITY_UPDATES=true
Launching Oracle Database Setup Wizard...

[WARNING] [INS-08101] Unexpected error while executing the action at state: 'supportedOSCheck'
CAUSE: No additional information available.
ACTION: Contact Oracle Support Services or refer to the software manual.
SUMMARY:
- java.lang.NullPointerException
Moved the install session logs to:
/u01/app/oraInventory/logs/InstallActions2020-05-18_09-48-44AM

Workaround 1

Set the OS parameter in your terminal to a previous version and re-start the Oracle Universal Installer.

export CV_ASSUME_DISTID=OEL7.8

Workaround 2

Edit the file cvu_config which is located in $ORACLE_HOME/cv/admin, change the line from

# Fallback to this distribution id
#CV_ASSUME_DISTID=OEL5

to

# Fallback to this distribution id
CV_ASSUME_DISTID=OEL7.8

Save the file and re-start the Oracle Universal Installer.

Et voilà

Some moments later… the WARNING message about the inventory can be ignored. OUI has created there some files from the previous attempt.

Launching Oracle Database Setup Wizard...

[WARNING] [INS-32047] The location (/u01/app/oraInventory) specified for the central inventory is not empty.
   ACTION: It is recommended to provide an empty location for the inventory.
The response file for this session can be found at:
 /u01/app/oracle/product/19.0.0/dbhome_1/install/response/db_2020-05-18_10-04-19AM.rsp

You can find the log of this install session at:
 /tmp/InstallActions2020-05-18_10-04-19AM/installActions2020-05-18_10-04-19AM.log

As a root user, execute the following script(s):
        1. /u01/app/oraInventory/orainstRoot.sh
        2. /u01/app/oracle/product/19.0.0/dbhome_1/root.sh

Execute /u01/app/oraInventory/orainstRoot.sh on the following nodes:
[olten]
Execute /u01/app/oracle/product/19.0.0/dbhome_1/root.sh on the following nodes:
[olten]


Successfully Setup Software.
Moved the install session logs to:
 /u01/app/oraInventory/logs/InstallActions2020-05-18_10-04-19AM

Oracle Universal Installer in GUI Mode

In the OUI Graphical User Interface you can ignore the message which occurs when the installer starts:

Summary

The installation of the RDBMS software by GUI is not my favourite. I try to use the silent method whenever it’s possible. And with a small workaround, this can be successfully done with 19c on OL8.