martinberger.com – Page 3 – Deheime@Jurasüdfuss.SO.CH

Latest Posts

Install Oracle 19c RDBMS on Oracle Linux 8 – avoid [WARNING] [INS-08101] Unexpected error while executing the action at state: ‘supportedOSCheck’

Author: Martin Berger 18. May 2020

Oracle RDBMS 19c is now certified on Oracle Linux 8. Unfortunately the Oracle Universal Installer in Silent Mode fails when checking the OS version. My OS release:

[oracle@olten dbhome_1]$ cat /etc/oracle-release
Oracle Linux Server release 8.2

1 2	[oracle@olten dbhome_1]$ cat /etc/oracle-release Oracle Linux Server release 8.2

Oracle Universal Installer in Silent Mode

The OUI installer in silent mode stops and shows this error message: [WARNING] [INS-08101] Unexpected error while executing the action at state: ‘supportedOSCheck’. There is no parameter available like -ignoreOS or whatever, but two workarounds.

[oracle@olten dbhome_1]$ ./runInstaller -ignorePrereq -waitforcompletion -silent \
-responseFile /u01/app/oracle/product/19.0.0/dbhome_1/install/response/db_install.rsp \
oracle.install.option=INSTALL_DB_SWONLY \
> -responseFile /u01/app/oracle/product/19.0.0/dbhome_1/install/response/db_install.rsp \
> oracle.install.option=INSTALL_DB_SWONLY \
> ORACLE_HOSTNAME=mohnweg.kestenholz.net \
> UNIX_GROUP_NAME=oinstall \
> INVENTORY_LOCATION=/u01/app/oraInventory \
> SELECTED_LANGUAGES=en,en_GB \
> ORACLE_HOME=/u01/app/oracle/product/19.0.0/dbhome_1 \
> ORACLE_BASE=/u01/app/oracle \
> oracle.install.db.InstallEdition=EE \
> oracle.install.db.OSDBA_GROUP=dba \
> oracle.install.db.OSBACKUPDBA_GROUP=dba \
> oracle.install.db.OSDGDBA_GROUP=dba \
> oracle.install.db.OSKMDBA_GROUP=dba \
> oracle.install.db.OSRACDBA_GROUP=dba \
> SECURITY_UPDATES_VIA_MYORACLESUPPORT=false \
> DECLINE_SECURITY_UPDATES=true
Launching Oracle Database Setup Wizard...

[WARNING] [INS-08101] Unexpected error while executing the action at state: 'supportedOSCheck'
CAUSE: No additional information available.
ACTION: Contact Oracle Support Services or refer to the software manual.
SUMMARY:
- java.lang.NullPointerException
Moved the install session logs to:
/u01/app/oraInventory/logs/InstallActions2020-05-18_09-48-44AM

[oracle@olten dbhome_1]$ ./runInstaller -ignorePrereq -waitforcompletion -silent \

-responseFile /u01/app/oracle/product/19.0.0/dbhome_1/install/response/db_install.rsp \

oracle.install.option=INSTALL_DB_SWONLY \

> -responseFile /u01/app/oracle/product/19.0.0/dbhome_1/install/response/db_install.rsp \

> oracle.install.option=INSTALL_DB_SWONLY \

> ORACLE_HOSTNAME=mohnweg.kestenholz.net \

> UNIX_GROUP_NAME=oinstall \

> INVENTORY_LOCATION=/u01/app/oraInventory \

> SELECTED_LANGUAGES=en,en_GB \

> ORACLE_HOME=/u01/app/oracle/product/19.0.0/dbhome_1 \

> ORACLE_BASE=/u01/app/oracle \

> oracle.install.db.InstallEdition=EE \

> oracle.install.db.OSDBA_GROUP=dba \

> oracle.install.db.OSBACKUPDBA_GROUP=dba \

> oracle.install.db.OSDGDBA_GROUP=dba \

> oracle.install.db.OSKMDBA_GROUP=dba \

> oracle.install.db.OSRACDBA_GROUP=dba \

> SECURITY_UPDATES_VIA_MYORACLESUPPORT=false \

> DECLINE_SECURITY_UPDATES=true

Launching Oracle Database Setup Wizard...

[WARNING] [INS-08101] Unexpected error while executing the action at state: 'supportedOSCheck'

CAUSE: No additional information available.

ACTION: Contact Oracle Support Services or refer to the software manual.

SUMMARY:

- java.lang.NullPointerException

Moved the install session logs to:

/u01/app/oraInventory/logs/InstallActions2020-05-18_09-48-44AM

Workaround 1

Set the OS parameter in your terminal to a previous version and re-start the Oracle Universal Installer.

export CV_ASSUME_DISTID=OEL7.8

1	export CV_ASSUME_DISTID=OEL7.8

Workaround 2

Edit the file cvu_config which is located in $ORACLE_HOME/cv/admin, change the line from

# Fallback to this distribution id
#CV_ASSUME_DISTID=OEL5

1 2	# Fallback to this distribution id #CV_ASSUME_DISTID=OEL5

# Fallback to this distribution id
CV_ASSUME_DISTID=OEL7.8

1 2	# Fallback to this distribution id CV_ASSUME_DISTID=OEL7.8

Save the file and re-start the Oracle Universal Installer.

Et voilà

Some moments later… the WARNING message about the inventory can be ignored. OUI has created there some files from the previous attempt.

Launching Oracle Database Setup Wizard...

[WARNING] [INS-32047] The location (/u01/app/oraInventory) specified for the central inventory is not empty.
   ACTION: It is recommended to provide an empty location for the inventory.
The response file for this session can be found at:
 /u01/app/oracle/product/19.0.0/dbhome_1/install/response/db_2020-05-18_10-04-19AM.rsp

You can find the log of this install session at:
 /tmp/InstallActions2020-05-18_10-04-19AM/installActions2020-05-18_10-04-19AM.log

As a root user, execute the following script(s):
        1. /u01/app/oraInventory/orainstRoot.sh
        2. /u01/app/oracle/product/19.0.0/dbhome_1/root.sh

Execute /u01/app/oraInventory/orainstRoot.sh on the following nodes:
[olten]
Execute /u01/app/oracle/product/19.0.0/dbhome_1/root.sh on the following nodes:
[olten]


Successfully Setup Software.
Moved the install session logs to:
 /u01/app/oraInventory/logs/InstallActions2020-05-18_10-04-19AM

Launching Oracle Database Setup Wizard...

[WARNING] [INS-32047] The location (/u01/app/oraInventory) specified for the central inventory is not empty.

ACTION: It is recommended to provide an empty location for the inventory.

The response file for this session can be found at:

/u01/app/oracle/product/19.0.0/dbhome_1/install/response/db_2020-05-18_10-04-19AM.rsp

You can find the log of this install session at:

/tmp/InstallActions2020-05-18_10-04-19AM/installActions2020-05-18_10-04-19AM.log

As a root user, execute the following script(s):

1. /u01/app/oraInventory/orainstRoot.sh

2. /u01/app/oracle/product/19.0.0/dbhome_1/root.sh

Execute /u01/app/oraInventory/orainstRoot.sh on the following nodes:

[olten]

Execute /u01/app/oracle/product/19.0.0/dbhome_1/root.sh on the following nodes:

[olten]

Successfully Setup Software.

Moved the install session logs to:

/u01/app/oraInventory/logs/InstallActions2020-05-18_10-04-19AM

Oracle Universal Installer in GUI Mode

In the OUI Graphical User Interface you can ignore the message which occurs when the installer starts:

Summary

The installation of the RDBMS software by GUI is not my favourite. I try to use the silent method whenever it’s possible. And with a small workaround, this can be successfully done with 19c on OL8.

19c, Oracle Linux

Oracle Cloud Infrastructure and SSH Keys – Jump!

Author: Martin Berger 27. April 2020

Jump!

In our Trivadis Oracle Cloud Infrastructure training environments, we never use direct access to an application or database server by a public IP address. For this case, we use an Oracle Linux based bastion host which acts as a jump host. For security reasons, I never put any SSH keys on a bastion host to connect from there to the target instances. If your bastion host is compromitted, your SSH keys are lost! In one of the last trainings, some participants had problems with. So I decided to blog about. This blog post shows you the different methods to connect to an Oracle Cloud Infrastructure private/public network by using a bastion host.

SSH Keys

Oracle Cloud Infrastructure Linux based offerings like compute instances and virtual machines for databases are accessible by SSH key as per default. For working with these machines, I use these three types of SSH keys:

id_rsa_oci – Private key generated by ssh-keygen
id_rsa_oci.pub – Public key generated by ssh-keygen
id_rsa_oci.ppk – Puttygen-converted private key

This gives me the flexibility, to connect to running OCI instances on different ways like Putty, MobaXterm, Windows Subsystem for Linux, WinSCP etc.

Oracle Cloud Infrastructure Sample Setup

Host	Public IP	Private IP	Accessible by
Bastion Host	140.238.216.114	10.0.0.2	SSH
Windows Application Server		10.0.1.2	RDP
Oracle Database Server		10.0.2.2	SSH

Reminder: In OCI only SSH port 22 is open in the subnet security lists as per default when the VCN is created by the VCN Wizard. If you want to allow connection from the public to the private subnet by RDP and Oracle Net, then port 3389 and 1521 must be added in the security list for the private subnet. Create stateful ingress rules and restrict the source connections to the bastion host private IP range.

Build your own SSH Tunnel

There different ways to build a SSH (tunnel) configuration to Oracle Cloud Infrastructure instances on a Windows based platform, my favourites:

Windows Subsystem for Linux (WSL)
MobaXterm
Putty

Here are some connection examples how to work with instances in a private subnet via bastion host with this three methods. As a Windows 10 user, for some connections I d’ like to use WSL Ubuntu more and more – now available in version 20 🙂

1. Connect by using Windows Subsystem for Linux (WSL)

Test: Verify the Connection to the Bastion Host public IP Address

$ <strong>ssh -i .ssh/id_rsa_oci opc@140.238.216.114</strong>
Last login: Mon Apr 27 15:47:54 2020 from 139.178.22.30
[opc@bastion-host ~]$ oci-metadata | grep hostname
hostname: bastion-host

$ <strong>ssh -i .ssh/id_rsa_oci opc@140.238.216.114</strong>

Last login: Mon Apr 27 15:47:54 2020 from 139.178.22.30

[opc@bastion-host ~]$ oci-metadata | grep hostname

hostname: bastion-host

Database Server: SSH Connect via Bastion Host

This opens a session on the database server as user opc.

$ <strong>ssh -i .ssh/id_rsa_oci -o ProxyCommand="ssh -i .ssh/id_rsa_oci -W %h:%p opc@140.238.216.114" opc@10.0.2.2</strong>
Last login: Mon Apr 27 15:51:32 2020 from 10.0.0.2
[opc@dbsrv01 ~]$ sudo su - oracle
Last login: Mon Apr 27 15:51:47 UTC 2020 on pts/0
[oracle@dbsrv01 ~]$ . oraenv
ORACLE_SID = [DB0427] ?
The Oracle base has been set to /u01/app/oracle
[oracle@dbsrv01 ~]$ sqlplus / as sysdba

SQL*Plus: Release 19.0.0.0.0 - Production on Mon Apr 27 15:52:14 2020
Version 19.6.0.0.0

Copyright (c) 1982, 2019, Oracle. All rights reserved.


Connected to:
Oracle Database 19c Standard Edition 2 Release 19.0.0.0.0 - Production
Version 19.6.0.0.0

SQL> show pdbs

CON_ID CON_NAME OPEN MODE RESTRICTED
---------- ------------------------------ ---------- ----------
2 PDB$SEED READ ONLY NO
3 PDB01 READ WRITE NO

$ <strong>ssh -i .ssh/id_rsa_oci -o ProxyCommand="ssh -i .ssh/id_rsa_oci -W %h:%p opc@140.238.216.114" opc@10.0.2.2</strong>

Last login: Mon Apr 27 15:51:32 2020 from 10.0.0.2

[opc@dbsrv01 ~]$ sudo su - oracle

Last login: Mon Apr 27 15:51:47 UTC 2020 on pts/0

[oracle@dbsrv01 ~]$ . oraenv

ORACLE_SID = [DB0427] ?

The Oracle base has been set to /u01/app/oracle

[oracle@dbsrv01 ~]$ sqlplus / as sysdba

SQL*Plus: Release 19.0.0.0.0 - Production on Mon Apr 27 15:52:14 2020

Version 19.6.0.0.0

Connected to:

Oracle Database 19c Standard Edition 2 Release 19.0.0.0.0 - Production

Version 19.6.0.0.0

SQL> show pdbs

CON_ID CON_NAME OPEN MODE RESTRICTED

---------- ------------------------------ ---------- ----------

2 PDB$SEED READ ONLY NO

3 PDB01 READ WRITE NO

Database Server: Create a new SSH Tunnel to forward port 1521 as port 15210

This opens a connection to the bastion host.

$ ssh -i .ssh/id_rsa_oci -A -L 15210:10.0.2.2:1521 opc@140.238.216.114
Last login: Mon Apr 27 15:48:23 2020 from 139.178.22.30
[opc@bastion-host ~]$

$ ssh -i .ssh/id_rsa_oci -A -L 15210:10.0.2.2:1521 opc@140.238.216.114

Last login: Mon Apr 27 15:48:23 2020 from 139.178.22.30

[opc@bastion-host ~]$

Database Server: Connect to the Database by SQL Developer

Use port 15210 and localhost as hostname.

Verify the Oracle Net service name from the DBA panel menu.

Application Server: Create a new SSH Tunnel to forward port 3389 as port 33890

This opens a connection to the bastion host.

$ ssh -i .ssh/id_rsa_oci -A -L 33890:10.0.1.2:3389 opc@140.238.216.114
Last login: Mon Apr 27 15:48:23 2020 from 139.178.22.30
[opc@bastion-host ~]$

$ ssh -i .ssh/id_rsa_oci -A -L 33890:10.0.1.2:3389 opc@140.238.216.114

Last login: Mon Apr 27 15:48:23 2020 from 139.178.22.30

[opc@bastion-host ~]$

Application Server: Connect to the Windows Desktop by Remote Desktop Connection

Use port 33890 and localhost as hostname.

2. Connect by using MobaXterm

Database Server: SSH Connect via Bastion Host

This opens a session ion the database server as user opc.

Fill in Remote Host, Specify username and Port. Activate Use private key and select the local private SSH key in Putty format.

Activate Connect through SSH gateway, fill in Gateway SSH server, Port, User. Activate Use private key and select the local private SSH key in Putty format.

Start the session.

As you can see in the MobaXterm Header, X-Forwarding works too.

Database Server: Create a new SSH Tunnel to forward port 1521 as port 15210

Open MobaXterm Tunneling menu and add a New SSH tunnel. Fill in Forwarded port, Remote server, Remote port, SSH server, SSH login and SSH port. Save the tunnel settings. For an application server tunnel, just replace Remote server, Remote port and Forwared port settings.

Add the private SSH key in Putty format by click on the key icon. Start the tunnel.

Database Server: Connect to the Database by SQL Developer

Use port 15210 and localhost as hostname.

Verify the database control file settings from the DBA panel menu.

3. Connect by using Putty

Database Server: SSH Connect via Bastion Host

As prerequisite, I have created a Putty session called OCI Bastion Host for the jump host connection with the SSH private key in Putty format and user opc. This session is now used as Proxy.

Fill in database server private IP. The red one is the already existing session.

Add proxy command and save session settings. Optioanl enable proxy diagnostics.

plink "OCI Bastion Host" -agent -nc %host:%port

1	plink "OCI Bastion Host" -agent -nc %host:%port

Open the new created session to connect to database server with user opc.

Application Server: Create a new SSH Tunnel to forward port 3389 as port 33890

This opens a connection to the bastion host. Fill in bastion host public IP.

Add private key file in Putty format and enable checkbox Allow agent forwarding.

Add a port forwarding rule for RDP. Save session.

Open the new created session to enable port forwarding for Remote Desktop Protocol.

Application Server: Connect to the Windows Desktop by Remote Desktop Connection

Use port 33890 and localhost as hostname.

Alternative Method – Start Putty from Command Line

Start Putty with the port forwarding settings by command line. This opens a Putty session and port 3389 can be used. No addtional settings are required.

C:\> putty.exe -ssh -A -i C:\oci\ssh\id_rsa_oci.ppk -L 33890:10.0.1.2:3389 opc@140.238.216.114

1	C:\> putty.exe -ssh -A -i C:\oci\ssh\id_rsa_oci.ppk -L 33890:10.0.1.2:3389 opc@140.238.216.114

Summary

A bastion host is an “easy-to-setup” alternative to a VPN connection without any huge infrastructure overhead. There are several ways how to connect & tunnel to the target servers. Use the method which are you familiar with it, but NEVER place SSH keys on a bastion host.

And now: click here to make some noise – Jump by Van Halen

Links

Oracle Cloud Infrastructure, Oracle Linux, Oracle RDBMS, TrivadisContent

Oracle Cloud Infrastructure – Stop your 20c Preview Database Instance Node by OCI CLI now – Great MOS Experience

Author: Martin Berger 31. March 2020

This was really great experience with the guys from My Oracle Support and Oracle teams. Seven days ago I raised an SR that there was no possibility to stop a 20c Preview database instance node if it’s not in use.

No chance to stop a 20c Preview Instance

There was no stop action in the Oracle Cloud Infrastructure UI and not in OCI CLI. The only way was to terminate an 20c preview instance. If I tried to stop a database node in the OCI CLI, this message occurs: Operation is not allowed for Preview Database version.

mbg@LTMBG03:~$ oci db node stop --db-node-id ocid1.dbnode.oc1.eu-zurich-1.ab5heljr6uogrcbvopqvw4ppihq3hl75nh6e1234567891234567
ServiceError:
{
"code": "NotAuthorizedOrNotFound",
"message": "Operation is not allowed for Preview Database version.",
"opc-request-id": "0627623907F948C6AB50645F4D5086B9/A5A12041A7E77DDD5551AF4146963663/2A14DAC00F90DC2A657DA47E7856F0F1",
"status": 404
}

mbg@LTMBG03:~$ oci db node stop --db-node-id ocid1.dbnode.oc1.eu-zurich-1.ab5heljr6uogrcbvopqvw4ppihq3hl75nh6e1234567891234567

ServiceError:

{

"code": "NotAuthorizedOrNotFound",

"message": "Operation is not allowed for Preview Database version.",

"opc-request-id": "0627623907F948C6AB50645F4D5086B9/A5A12041A7E77DDD5551AF4146963663/2A14DAC00F90DC2A657DA47E7856F0F1",

"status": 404

}

Service Request Update today

Today my SR was updated with a short message: “PIease retry through API and confirm.” Sure 🙂

mbg@LTMBG03:~$ oci db node stop --db-node-id ocid1.dbnode.oc1.eu-zurich-1.ab5heljruj5qry2fs6l3xgk33cvolprvqs123456789123456789a
{
  "data": {
    "backup-vnic-id": null,
    "db-system-id": "ocid1.dbsystem.oc1.eu-zurich-1.ab5heljruj5qry2fs6l3xgk33cvolprvqs123456789123456789a",
    "fault-domain": "FAULT-DOMAIN-3",
    "hostname": "srvst20c01",
    "id": "ocid1.dbnode.oc1.eu-zurich-1.ab5heljrmxvsgn44lrphahrvkmcbnldukzkyw123456789123456789a",
    "lifecycle-state": "STOPPING",
    "software-storage-size-in-gb": 200,
    "time-created": "2020-02-17T08:56:22.751000+00:00",
    "vnic-id": "ocid1.vnic.oc1.eu-zurich-1.ab5heljr3niyga3b73pxitfplpo6uvmjtqqt2123456789123456789a"
  },
  "etag": "a2cfce62",
  "opc-work-request-id": "ocid1.coreservicesworkrequest.oc1.eu-zurich-1.ab5heljr7p5ez76oycfupmxwj4pvyhuekwicb5ketwa7avipq2cgpu5ipfpq,ocid1.coreservicesworkrequest.oc1.eu-zurich-1.ab5heljr7p5ez76oycfupmxwj4pvyhuekwicb5ketwa7avipq2cgpu5ipfpq"
}

mbg@LTMBG03:~$ oci db node stop --db-node-id ocid1.dbnode.oc1.eu-zurich-1.ab5heljruj5qry2fs6l3xgk33cvolprvqs123456789123456789a

{

"data": {

"backup-vnic-id": null,

"db-system-id": "ocid1.dbsystem.oc1.eu-zurich-1.ab5heljruj5qry2fs6l3xgk33cvolprvqs123456789123456789a",

"fault-domain": "FAULT-DOMAIN-3",

"hostname": "srvst20c01",

"id": "ocid1.dbnode.oc1.eu-zurich-1.ab5heljrmxvsgn44lrphahrvkmcbnldukzkyw123456789123456789a",

"lifecycle-state": "STOPPING",

"software-storage-size-in-gb": 200,

"time-created": "2020-02-17T08:56:22.751000+00:00",

"vnic-id": "ocid1.vnic.oc1.eu-zurich-1.ab5heljr3niyga3b73pxitfplpo6uvmjtqqt2123456789123456789a"

"etag": "a2cfce62",

"opc-work-request-id": "ocid1.coreservicesworkrequest.oc1.eu-zurich-1.ab5heljr7p5ez76oycfupmxwj4pvyhuekwicb5ketwa7avipq2cgpu5ipfpq,ocid1.coreservicesworkrequest.oc1.eu-zurich-1.ab5heljr7p5ez76oycfupmxwj4pvyhuekwicb5ketwa7avipq2cgpu5ipfpq"

}

After some seconds, the instance node was successfully stopped.

Let’s start it again.

mbg@LTMBG03:~$ oci db node start --db-node-id ocid1.dbnode.oc1.eu-zurich-1.ab5heljruj5qry2fs6l3xgk33cvolprvqs123456789123456789a
"data": {
"backup-vnic-id": null,
"db-system-id": "ocid1.dbsystem.oc1.eu-zurich-1.ab5heljruj5qry2fs6l3xgk33cvolprvqs123456789123456789a",
"fault-domain": "FAULT-DOMAIN-2",
"hostname": "srvst20c01",
"id": "ocid1.dbnode.oc1.eu-zurich-1.ab5heljrmxvsgn44lrphahrvkmcbnldukzkyw123456789123456789a",
"lifecycle-state": "STARTING",
"software-storage-size-in-gb": 200,
"time-created": "2020-02-17T08:22:36.336000+00:00",
"vnic-id": "ocid1.vnic.oc1.eu-zurich-1.ab5heljr3niyga3b73pxitfplpo6uvmjtqqt2123456789123456789a"
},
"etag": "69f24776",
"opc-work-request-id": "ocid1.coreservicesworkrequest.oc1.eu-zurich-1.ab5heljreak3amaiavzqgqek7zwbwnnlc47xbasmxart63putgdr7cqlo3ia"
}

mbg@LTMBG03:~$ oci db node start --db-node-id ocid1.dbnode.oc1.eu-zurich-1.ab5heljruj5qry2fs6l3xgk33cvolprvqs123456789123456789a

"data": {

"backup-vnic-id": null,

"db-system-id": "ocid1.dbsystem.oc1.eu-zurich-1.ab5heljruj5qry2fs6l3xgk33cvolprvqs123456789123456789a",

"fault-domain": "FAULT-DOMAIN-2",

"hostname": "srvst20c01",

"id": "ocid1.dbnode.oc1.eu-zurich-1.ab5heljrmxvsgn44lrphahrvkmcbnldukzkyw123456789123456789a",

"lifecycle-state": "STARTING",

"software-storage-size-in-gb": 200,

"time-created": "2020-02-17T08:22:36.336000+00:00",

"vnic-id": "ocid1.vnic.oc1.eu-zurich-1.ab5heljr3niyga3b73pxitfplpo6uvmjtqqt2123456789123456789a"

"etag": "69f24776",

"opc-work-request-id": "ocid1.coreservicesworkrequest.oc1.eu-zurich-1.ab5heljreak3amaiavzqgqek7zwbwnnlc47xbasmxart63putgdr7cqlo3ia"

}

Node is starting…

Node is available

Summary

Thanks My Oracle Support to implement this change!

Oracle Cloud Infrastructure

Oracle Cloud Infrastructure – Network Troubleshooting with VCN Flow Logs

Author: Martin Berger 5. March 2020

Do have a problem with a connection from or to your private/public subnet? There is a new functionality called VCN Flow Logs available. It collects information about network traffic (source/target) in the Oracle Cloud Infrastructure VCN subnet. At the moment (05/03/2020), this functionality is not available in all regions and I did not find any command in OCI CLI, but will be rolled out. There is no documentation available at docs.cloud.oracle.com.

Link to the OCI blog announcement and demo: https://blogs.oracle.com/cloud-infrastructure/announcing-vcn-flow-logs-for-oracle-cloud-infrastructure

LA

I have registered our company tenant for the Cloud Native Limited Availability Program to get this brand new feature available. Watch here: https://blogs.oracle.com/cloud-infrastructure/announcing-limited-availability-of-oracle-cloud-infrastructure-logging-service

Use Case

A public compute instance with private IP 10.92.10.2 is not able to connect to the private database server with IP 10.92.100.2 anymore via SSH/22 – data center is Switzerland North (Zurich).

Create a new Log Group in your Compartment

Fill in name and description for the Log Group

The Log Group is created, Enable Log

Enable Resource Log

Define the service and resource for VCN Flow Logs and enable logging. For the private subnet investigation I used:

Service: Flow Logs
Resource: My Private Subnet Name

Flow Log

The Flow is created, now we can explore the log. You can also disable logging or indexing or edit the name.

Log Search

Basically you see all log entries, with Explore with Log Search we can add filters. For example for a source IP address or a log content text like REJECTED.

Modify Filters & Columns

Now we add a filter to find out REJECTED connections. Wildcards are allowed in search terms.

Log Field: msg
Value: *REJECT*

Apply.

Now we see the connections with state REJECT.

The solution – Add the IP to the Security List

There was a missing entry in the private subnet security list. After adding the source IP address range to the list, the connection is ok now. There are no REJECT message entries anymore in the VCN Flow Logs by this source IP address.

Object Storage

Flow logs are stored in Object Storage too. The bucket is created automatically. Housekeeping can be configured by a Lifecycle Rule for the log file bucket or by CLI. Take a look into the documentation to avoid error when you want to create a lifecycle rule . You have to create a Service Permissions policy first for the object storage before you can create a rule.

OCI Object Storage Lifecycle Rule

You can remove them by a lifecycle rule or by CLI. Take a look at the OCI documentation section Using Object Lifecycle Management to avoid permission errors when you want to create a lifecycle rule . You have to create a service permissions policy first for the object storage before you can create a rule.

Missing permissions error message:

Example Policy Statement to allow actions on object store:

Allow service objectstorage-eu-zurich-1 to {BUCKET_INSPECT, BUCKET_READ, OBJECT_INSPECT, OBJECT_CREATE, OBJECT_DELETE} in compartment Compartment_Trivadis_MOHNWEG

1	Allow service objectstorage-eu-zurich-1 to {BUCKET_INSPECT, BUCKET_READ, OBJECT_INSPECT, OBJECT_CREATE, OBJECT_DELETE} in compartment Compartment_Trivadis_MOHNWEG

OCI CLI example command to remove old files – for example with date pattern 2020-03-05T07 – 7AM

oci os object bulk-delete -ns trivadisbdsxsp -bn oci-logs._flowlogs.ocid1.compartment.oc1..aaaaaaaayc5kgqshdb5g2mjg4bnt34htnybbho3hx2exkz5pzi6kt4kunhiq --include *2020-03-05T07*

1	oci os object bulk-delete -ns trivadisbdsxsp -bn oci-logs._flowlogs.ocid1.compartment.oc1..aaaaaaaayc5kgqshdb5g2mjg4bnt34htnybbho3hx2exkz5pzi6kt4kunhiq --include 2020-03-05T07

OCI Command Line Interface starter page: https://docs.cloud.oracle.com/en-us/iaas/Content/API/Concepts/cliconcepts.htm

What’s next

Try out the new logging feature for other OCI components like Functions, Event Service and Object Storage. And why not to integrate the logs in your existing Splunk environment? There is Splunk OCI object storage plugin available. Take a look here: https://blogs.oracle.com/cloud-infrastructure/announcing-the-object-storage-plugin-for-splunk

Autonomous Database, Oracle Cloud Infrastructure

Oracle Enterprise Manager 13c Release 4 – Time to Upgrade – First Experiences

Author: Martin Berger 3. February 2020

The roll-out of the newest Oracle Enterprise Manager 13 Release 4 is a few days old, about time to try out the upgrade process in my ESXi lab environment.

First: This blog post about the OEM upgrade process is based on my own experience.

Software

https://www.oracle.com/enterprise-manager/downloads/cloud-control-downloads.html

Documents

https://docs.oracle.com/en/enterprise-manager/cloud-control/enterprise-manager-cloud-control/13.4/emupg/index.html

The Environment

Oracle Enterprise Manager 13.3 running on Oracle Linux 7.6 – OEM Patchlevel January 2020 – Non-HA
Oracle Enterprise Edition Repository 19.6.0 Single Tenant Database
Oracle Restart / ASM 19.6.0
Additional Oracle Linux Server with 19.3.0 Container Databases
All targets up and running
My Oracle Support connected
Software staged directory in /u01/app/oracle/stage/em13cr4 and permission changed to execute bin file (chmod u+x em13400_linux64.bin).

oracle@kestenholz:/u01/app/oracle/stage/em13cr4/ [oms1303] ll
total 12429656
drwxr-xr-x 2 oracle oinstall       4096 Feb  2 12:13 .
drwxr-xr-x 3 oracle oinstall         21 Feb  2 20:13 ..
-rw-r--r-- 1 oracle oinstall 2109004737 Feb  2 12:11 em13400_linux64-2.zip
-rw-r--r-- 1 oracle oinstall 2047749474 Feb  2 12:11 em13400_linux64-3.zip
-rw-r--r-- 1 oracle oinstall 2117312528 Feb  2 12:12 em13400_linux64-4.zip
-rw-r--r-- 1 oracle oinstall  808014516 Feb  2 12:12 em13400_linux64-5.zip
-rw-r--r-- 1 oracle oinstall 2143125187 Feb  2 12:13 em13400_linux64-6.zip
-rw-r--r-- 1 oracle oinstall 1879163226 Feb  2 12:14 em13400_linux64-7.zip
-rwxr-x--- 1 oracle oinstall 1623577684 Feb  2 12:10 em13400_linux64.bin

oracle@kestenholz:/u01/app/oracle/stage/em13cr4/ [oms1303] ll

total 12429656

drwxr-xr-x 2 oracle oinstall 4096 Feb 2 12:13 .

drwxr-xr-x 3 oracle oinstall 21 Feb 2 20:13 ..

-rw-r--r-- 1 oracle oinstall 2109004737 Feb 2 12:11 em13400_linux64-2.zip

-rw-r--r-- 1 oracle oinstall 2047749474 Feb 2 12:11 em13400_linux64-3.zip

-rw-r--r-- 1 oracle oinstall 2117312528 Feb 2 12:12 em13400_linux64-4.zip

-rw-r--r-- 1 oracle oinstall 808014516 Feb 2 12:12 em13400_linux64-5.zip

-rw-r--r-- 1 oracle oinstall 2143125187 Feb 2 12:13 em13400_linux64-6.zip

-rw-r--r-- 1 oracle oinstall 1879163226 Feb 2 12:14 em13400_linux64-7.zip

-rwxr-x--- 1 oracle oinstall 1623577684 Feb 2 12:10 em13400_linux64.bin

Prerequisites

It’s important to verify the changed prerequisites – Chapter 3 – Prerequisites for Upgrading to Enterprise Manager Cloud Control 13c Release 4 – I had do disable all adaptive features in the repository pluggable database:

alter system set "_optimizer_nlj_hj_adaptive_join"= FALSE scope=both
sid='*';
alter system set "_optimizer_strans_adaptive_pruning" = FALSE
scope=both sid='*';
alter system set "_px_adaptive_dist_method" = OFF scope=both sid='*';
alter system set "_sql_plan_directive_mgmt_control" = 0 scope=both
sid='*';
alter system set "_optimizer_dsdir_usage_control" = 0 scope=both
sid='*';
alter system set "_optimizer_use_feedback" = FALSE scope=both sid='*';
alter system set "_optimizer_gather_feedback" = FALSE scope=both
sid='*';
alter system set "_optimizer_performance_feedback" = OFF scope=both
sid='*';

alter system set "_optimizer_nlj_hj_adaptive_join"= FALSE scope=both

sid='*';

alter system set "_optimizer_strans_adaptive_pruning" = FALSE

scope=both sid='*';

alter system set "_px_adaptive_dist_method" = OFF scope=both sid='*';

alter system set "_sql_plan_directive_mgmt_control" = 0 scope=both

sid='*';

alter system set "_optimizer_dsdir_usage_control" = 0 scope=both

sid='*';

alter system set "_optimizer_use_feedback" = FALSE scope=both sid='*';

alter system set "_optimizer_gather_feedback" = FALSE scope=both

sid='*';

alter system set "_optimizer_performance_feedback" = OFF scope=both

sid='*';

Restart the database after the changed settings.From my view this sentence here is wrong is the documentation (my database has version 19.6.0):

If your Management Repository is using Oracle Database 12.2 or higher, none of these parameters need to be set.

Why? If these parameters are not set, the installer refuses working.

EMKEY Copy Requirements

The Key was copied to the repository. It well be removed after the successful upgrade.

oracle@kestenholz: [oms1303] $ORACLE_HOME/bin/emctl config emkey -copy_to_repos
Oracle Enterprise Manager Cloud Control 13c Release 3
Copyright (c) 1996, 2018 Oracle Corporation.  All rights reserved.
Enter Enterprise Manager Root (SYSMAN) Password :
The EMKey has been copied to the Management Repository. This operation will cause the EMKey to become unsecure.
After the required operation has been completed, secure the EMKey by running "emctl config emkey -remove_from_repos".

oracle@kestenholz: [oms1303] $ORACLE_HOME/bin/emctl config emkey -copy_to_repos

Oracle Enterprise Manager Cloud Control 13c Release 3

Enter Enterprise Manager Root (SYSMAN) Password :

The EMKey has been copied to the Management Repository. This operation will cause the EMKey to become unsecure.

After the required operation has been completed, secure the EMKey by running "emctl config emkey -remove_from_repos".

Run Installer

Start the Oracle Universal Installer

The OMS is down now (emctl stop oms -all). Start the installer.

oracle@kestenholz:/u01/app/oracle/stage/em13cr4/ [oms1303] ./em13400_linux64.bin

1	oracle@kestenholz:/u01/app/oracle/stage/em13cr4/ [oms1303] ./em13400_linux64.bin

My Oracle Support Details

I am a registered user in My Oracle Support, I get enough information every week… I don’t enable this checkbox.

Software Updates

At the moment, there are no updates available. Maybe in future there will be any patches available for auto apply during the installation/upgrade process.

Installation Type

Upgrade an existing Enterprise Manager system, this one is my existing installation.

Installation Details

Enter a new Middleware Home Location.

Database Connection Details

Enter the SYS and SYSMAN password of the running repository. DDMP (Deferred Data Migration) Jobs are enabled. According the documentation, these jobs are running in the background when the OEM is starting up during the upgrade process to convert old data to the new format. If you have a huge amount of data in your earlier release, then the upgrade can take longer. You can run this job – if disabled – later as Post Upgrade Tasks.

Warnings

I will change to SHA communication later.

The repository has 19.6.0, all required patches are included.

I confirm that the JVMD engine is stopped, this has happened by stopping the OMS.

I had to stop the agent which was running on the management server.

Fix Parameter Settings by the Installer

For my environment, I let the installer fix this settings.

Plug-in Upgrade

Here we see the already installed plugins, they will be upgraded too.

Select Plug-ins

I don’t ant to install additional plug-ins.

Extend WebLogic Server Domain

Enter the password for the weblogic user and define the OMS Instance Base Location.

Enterprise Manager Shared Location Details

My Oracle Enterprise Manager doesn’t run in a high availability setup, I don’t need any shared location.

Port Configuration Details

I use the settings from the existing installation.

Review

Let’s start the upgrade!

Repository Upgrade failed

The upgrade process fails at the step where the repository has to be upgraded.

View Log – ORA-01950

When I scroll up the provided log from the installer, I see this error message here:

The schema manager logfile located in the 13.4 subdirectory $ORACLE_HOME/sysman/log/schemamanager confirms this error.

oracle@kestenholz:/u01/app/oracle/product/em13cr4/sysman/log/schemamanager/m_020220_0947_PM/m_020220_0947_PM.PREUPGRADE/ [oms1303] grep 1950 *
emschema.log.PREUPGRADE:SEVERE: ERROR:ORA-01950: no privileges on tablespace 'USERS'
grep: RCU2020-02-02_21-47_829509113: Is a directory
rcu.log:Sun Feb 2 21:47:41.519 CET 2020 ERROR assistants.rcu.Rcu: oracle.sysman.assistants.rcu.backend.action.AbstractAction::handleNonIgnorableError: Received Non-Ignorable Error: ORA-01950: no privileges on tablespace 'USERS'
rcu.log:Sun Feb 2 21:47:41.520 CET 2020 ERROR assistants.rcu.Rcu: oracle.sysman.assistants.common.dbutil.jdbc.JDBCEngine::onException: SQLException: ORA-01950: no privileges on tablespace 'USERS'
rcu.log:java.sql.SQLSyntaxErrorException: ORA-01950: no privileges on tablespace 'USERS'
rcu.log:oracle.sysman.assistants.common.dbutil.SQLFatalErrorException: java.sql.SQLSyntaxErrorException: ORA-01950: no privileges on tablespace 'USERS'
rcu.log:Caused by: java.sql.SQLSyntaxErrorException: ORA-01950: no privileges on tablespace 'USERS'
rcu.log:Caused by: oracle.sysman.assistants.common.dbutil.SQLFatalErrorException: java.sql.SQLSyntaxErrorException: ORA-01950: no privileges on tablespace 'USERS'
rcu.log:Caused by: java.sql.SQLSyntaxErrorException: ORA-01950: no privileges on tablespace 'USERS'

oracle@kestenholz:/u01/app/oracle/product/em13cr4/sysman/log/schemamanager/m_020220_0947_PM/m_020220_0947_PM.PREUPGRADE/ [oms1303] grep 1950 *

emschema.log.PREUPGRADE:SEVERE: ERROR:ORA-01950: no privileges on tablespace 'USERS'

grep: RCU2020-02-02_21-47_829509113: Is a directory

rcu.log:Sun Feb 2 21:47:41.519 CET 2020 ERROR assistants.rcu.Rcu: oracle.sysman.assistants.rcu.backend.action.AbstractAction::handleNonIgnorableError: Received Non-Ignorable Error: ORA-01950: no privileges on tablespace 'USERS'

rcu.log:Sun Feb 2 21:47:41.520 CET 2020 ERROR assistants.rcu.Rcu: oracle.sysman.assistants.common.dbutil.jdbc.JDBCEngine::onException: SQLException: ORA-01950: no privileges on tablespace 'USERS'

rcu.log:java.sql.SQLSyntaxErrorException: ORA-01950: no privileges on tablespace 'USERS'

rcu.log:oracle.sysman.assistants.common.dbutil.SQLFatalErrorException: java.sql.SQLSyntaxErrorException: ORA-01950: no privileges on tablespace 'USERS'

rcu.log:Caused by: java.sql.SQLSyntaxErrorException: ORA-01950: no privileges on tablespace 'USERS'

rcu.log:Caused by: oracle.sysman.assistants.common.dbutil.SQLFatalErrorException: java.sql.SQLSyntaxErrorException: ORA-01950: no privileges on tablespace 'USERS'

rcu.log:Caused by: java.sql.SQLSyntaxErrorException: ORA-01950: no privileges on tablespace 'USERS'

At this point, this is curious, because in 13.3, there were no objects of the SYSMAN in the USERS tablespace. All objects are located in OEM tablespaces with the MGMT prefix. Here is a list of objects in a repository where an Oracle Enterprise Manager 13c Release 3 is up and running.

SQL> select owner,segment_type,tablespace_name,count(*) from dba_segments where owner='SYSMAN' group by owner,segment_type,tablespace_name order by 1,2,3;

OWNER                SEGMENT_TYPE       TABLESPACE_NAME                  COUNT(*)
-------------------- ------------------ ------------------------------ ----------
SYSMAN               INDEX              MGMT_AD4J_TS                           18
SYSMAN               INDEX              MGMT_ECM_DEPOT_TS                      10
SYSMAN               INDEX              MGMT_TABLESPACE                      1701
SYSMAN               INDEX PARTITION    MGMT_AD4J_TS                          192
SYSMAN               INDEX PARTITION    MGMT_ECM_DEPOT_TS                      15
SYSMAN               INDEX PARTITION    MGMT_TABLESPACE                      1515
SYSMAN               LOB PARTITION      MGMT_ECM_DEPOT_TS                      15
SYSMAN               LOB PARTITION      MGMT_TABLESPACE                       203
SYSMAN               LOBINDEX           MGMT_AD4J_TS                            1
SYSMAN               LOBINDEX           MGMT_ECM_DEPOT_TS                      37
SYSMAN               LOBINDEX           MGMT_TABLESPACE                       159
SYSMAN               LOBSEGMENT         MGMT_AD4J_TS                            1
SYSMAN               LOBSEGMENT         MGMT_ECM_DEPOT_TS                      37
SYSMAN               LOBSEGMENT         MGMT_TABLESPACE                       159
SYSMAN               NESTED TABLE       MGMT_TABLESPACE                         7
SYSMAN               TABLE              MGMT_AD4J_TS                           13
SYSMAN               TABLE              MGMT_ECM_DEPOT_TS                      11
SYSMAN               TABLE              MGMT_TABLESPACE                      1053
SYSMAN               TABLE PARTITION    MGMT_AD4J_TS                          192
SYSMAN               TABLE PARTITION    MGMT_TABLESPACE                       622

20 rows selected.

SQL> select owner,segment_type,tablespace_name,count(*) from dba_segments where owner='SYSMAN' group by owner,segment_type,tablespace_name order by 1,2,3;

OWNER SEGMENT_TYPE TABLESPACE_NAME COUNT(*)

-------------------- ------------------ ------------------------------ ----------

SYSMAN INDEX MGMT_AD4J_TS 18

SYSMAN INDEX MGMT_ECM_DEPOT_TS 10

SYSMAN INDEX MGMT_TABLESPACE 1701

SYSMAN INDEX PARTITION MGMT_AD4J_TS 192

SYSMAN INDEX PARTITION MGMT_ECM_DEPOT_TS 15

SYSMAN INDEX PARTITION MGMT_TABLESPACE 1515

SYSMAN LOB PARTITION MGMT_ECM_DEPOT_TS 15

SYSMAN LOB PARTITION MGMT_TABLESPACE 203

SYSMAN LOBINDEX MGMT_AD4J_TS 1

SYSMAN LOBINDEX MGMT_ECM_DEPOT_TS 37

SYSMAN LOBINDEX MGMT_TABLESPACE 159

SYSMAN LOBSEGMENT MGMT_AD4J_TS 1

SYSMAN LOBSEGMENT MGMT_ECM_DEPOT_TS 37

SYSMAN LOBSEGMENT MGMT_TABLESPACE 159

SYSMAN NESTED TABLE MGMT_TABLESPACE 7

SYSMAN TABLE MGMT_AD4J_TS 13

SYSMAN TABLE MGMT_ECM_DEPOT_TS 11

SYSMAN TABLE MGMT_TABLESPACE 1053

SYSMAN TABLE PARTITION MGMT_AD4J_TS 192

SYSMAN TABLE PARTITION MGMT_TABLESPACE 622

20 rows selected.

The solution is simple. Just grant the permissions for the USERS tablespace to SYSMAN and retry the installation progress.But, don’t ask me why SYSMAN creates now objects in USERS…

SQL> ALTER USER sysman QUOTA UNLIMITED ON users;

User altered.

SQL> ALTER USER sysman QUOTA UNLIMITED ON users;

User altered.

After a while, you can see new created tables and indexes in tablespace USERS for user SYSMAN.

SQL> select owner,segment_type,tablespace_name,count(*) from dba_segments where owner='SYSMAN' group by owner,segment_type,tablespace_name order by 1,2,3;

OWNER                SEGMENT_TYPE       TABLESPACE_NAME                  COUNT(*)
-------------------- ------------------ ------------------------------ ----------
SYSMAN               INDEX              MGMT_AD4J_TS                           18
SYSMAN               INDEX              MGMT_ECM_DEPOT_TS                      10
SYSMAN               INDEX              MGMT_TABLESPACE                      1753
SYSMAN               INDEX              USERS                                   7
SYSMAN               INDEX PARTITION    MGMT_AD4J_TS                          192
SYSMAN               INDEX PARTITION    MGMT_ECM_DEPOT_TS                      15
SYSMAN               INDEX PARTITION    MGMT_TABLESPACE                      1537
SYSMAN               LOB PARTITION      MGMT_ECM_DEPOT_TS                      15
SYSMAN               LOB PARTITION      MGMT_TABLESPACE                       205
SYSMAN               LOBINDEX           MGMT_AD4J_TS                            1
SYSMAN               LOBINDEX           MGMT_ECM_DEPOT_TS                      37
SYSMAN               LOBINDEX           MGMT_TABLESPACE                       181
SYSMAN               LOBSEGMENT         MGMT_AD4J_TS                            1
SYSMAN               LOBSEGMENT         MGMT_ECM_DEPOT_TS                      37
SYSMAN               LOBSEGMENT         MGMT_TABLESPACE                       181
SYSMAN               NESTED TABLE       MGMT_TABLESPACE                         7
SYSMAN               TABLE              MGMT_AD4J_TS                           13
SYSMAN               TABLE              MGMT_ECM_DEPOT_TS                      11
SYSMAN               TABLE              MGMT_TABLESPACE                      1079
SYSMAN               TABLE              USERS                                  53
SYSMAN               TABLE PARTITION    MGMT_AD4J_TS                          192
SYSMAN               TABLE PARTITION    MGMT_TABLESPACE                       625

22 rows selected.

SQL> select owner,segment_type,tablespace_name,count(*) from dba_segments where owner='SYSMAN' group by owner,segment_type,tablespace_name order by 1,2,3;

OWNER SEGMENT_TYPE TABLESPACE_NAME COUNT(*)

-------------------- ------------------ ------------------------------ ----------

SYSMAN INDEX MGMT_AD4J_TS 18

SYSMAN INDEX MGMT_ECM_DEPOT_TS 10

SYSMAN INDEX MGMT_TABLESPACE 1753

SYSMAN INDEX USERS 7

SYSMAN INDEX PARTITION MGMT_AD4J_TS 192

SYSMAN INDEX PARTITION MGMT_ECM_DEPOT_TS 15

SYSMAN INDEX PARTITION MGMT_TABLESPACE 1537

SYSMAN LOB PARTITION MGMT_ECM_DEPOT_TS 15

SYSMAN LOB PARTITION MGMT_TABLESPACE 205

SYSMAN LOBINDEX MGMT_AD4J_TS 1

SYSMAN LOBINDEX MGMT_ECM_DEPOT_TS 37

SYSMAN LOBINDEX MGMT_TABLESPACE 181

SYSMAN LOBSEGMENT MGMT_AD4J_TS 1

SYSMAN LOBSEGMENT MGMT_ECM_DEPOT_TS 37

SYSMAN LOBSEGMENT MGMT_TABLESPACE 181

SYSMAN NESTED TABLE MGMT_TABLESPACE 7

SYSMAN TABLE MGMT_AD4J_TS 13

SYSMAN TABLE MGMT_ECM_DEPOT_TS 11

SYSMAN TABLE MGMT_TABLESPACE 1079

SYSMAN TABLE USERS 53

SYSMAN TABLE PARTITION MGMT_AD4J_TS 192

SYSMAN TABLE PARTITION MGMT_TABLESPACE 625

22 rows selected.

The repository upgrade step runs fine now, the whole upgrade process continuous.

Finish

After while, yes we did it, the root script execution is the last task.

Script execution.

# /u01/app/oracle/product/em13cr4/allroot.sh

Starting to execute allroot.sh .........

Starting to execute /u01/app/oracle/product/em13cr4/root.sh ......
Performing root user operation.

The following environment variables are set as:
    ORACLE_OWNER= oracle
    ORACLE_HOME=  /u01/app/oracle/product/em13cr4

Enter the full pathname of the local bin directory: [/usr/local/bin]:
The contents of "dbhome" have not changed. No need to overwrite.
The file "oraenv" already exists in /usr/local/bin.  Overwrite it? (y/n)
[n]:
The file "coraenv" already exists in /usr/local/bin.  Overwrite it? (y/n)
[n]:

Entries will be added to the /etc/oratab file as needed by
Database Configuration Assistant when a database is created
Finished running generic part of root script.
Now product-specific root actions will be performed.
/etc exist
/u01/app/oracle/product/em13cr4
Finished execution of  /u01/app/oracle/product/em13cr4/root.sh ......

# /u01/app/oracle/product/em13cr4/allroot.sh

Starting to execute allroot.sh .........

Starting to execute /u01/app/oracle/product/em13cr4/root.sh ......

Performing root user operation.

The following environment variables are set as:

ORACLE_OWNER= oracle

ORACLE_HOME= /u01/app/oracle/product/em13cr4

Enter the full pathname of the local bin directory: [/usr/local/bin]:

The contents of "dbhome" have not changed. No need to overwrite.

The file "oraenv" already exists in /usr/local/bin. Overwrite it? (y/n)

[n]:

The file "coraenv" already exists in /usr/local/bin. Overwrite it? (y/n)

[n]:

Entries will be added to the /etc/oratab file as needed by

Database Configuration Assistant when a database is created

Finished running generic part of root script.

Now product-specific root actions will be performed.

/etc exist

/u01/app/oracle/product/em13cr4

Finished execution of /u01/app/oracle/product/em13cr4/root.sh ......

The Enterprise Manager is now running with Release 4.

About Enterprise Manager

Next steps are

upgrade the Oracle agents
uninstall the old OEM software – btw, the installer already detaches the old ORACLE_HOME from Oracle’s central inventory for you and removes the emkey from the repository 🙂

Summary

This is a lab environment, not a huge setup with hundreds of targets. But we can see here two important points for the upgrade process. a) read the manual and disable all adaptive features, even when you have an 19c database and b) user SYSMAN needs permission on the USERS tablespace. This is very unusual and should be corrected from my side. But now, enjoy Oracle Enterprise Manager 13c Release 4!

19c, EM13c Cloud Control, Oracle RDBMS, TrivadisContent