The Ultimate guide to DevOps Tools Part #1 : Docker

I will try to cover the Docker basics in different posts to allow people and reader understand more about this tools, also i will provide reference in each of the posts in case you need more information:-

  • Set up your Docker environment
  • Build an image and run it as one container
  • Scale your app to run multiple containers
  • Distribute your app across a cluster
  • Stack services by adding a backend database
  • Deploy your app to production
Docker Concept:-
To Understand docker more you can imagine or can been seen as computer inside your current computer, the most cool thing about docker is that you will not even feel that there is another computer running inside your computer and share the same resource of your computer, include to that if you friend ask for the  same container all you have to do is send it to them and they will have the same output for anything running at this container.
Why Should i use docker when there are similar solution :-
  • Very simple to configure.
    • Docker provides this same capability without the overhead of a virtual machine
  • Code management
    • Docker provides a consistent environment for the application from dev through production, easing the code development and deployment pipeline.
  • App Isolation.
  • Server Consolidation.
There is more than these reasons to use docker but i choose to mentioned the one i used docker for, since it will be more reliable and trusted to share something i already done it and used it before.
Basic Vocabulary that you should understand before using Docker:-
  • Container Vs Image 
    • This is very common question to people who using docker what is the difference between container and image ? so the answer is very simple, Container is running the image but not vice versa, so the container is launched by running an image, and the image is group of executable package that include everything you can imagine to run the application such as libraries, code, .. etc.
  • Containers vs Virtual Machine
    • i mentioned earlier that containers/Docker could computer inside your computer which means it’s running on your  operating system without any third party solution or client, and share the same resource of your PC, runs a discrete process, taking no more memory than any other executable, making it lightweight.
    • VM it’s totally different solution which is could be installed in two different way, the first one installed client that control the Server resource using another software such as VMware and ESXI, or the native way for example vmware workstation that installed on the guest PC.
First example on Docker

  • install Docker, Docker could be installed on different operating system distribution you can check here 
    • Yum install docker-engine
    • service docker start
  • to check the current version of docker 
    • docker –version 

[oracle@dockertest ~]$ docker –version
Docker version 1.6.1, build a8a31ef/1.6.1
[oracle@dockertest ~]$

  •  if you need more information about docker that installed on your system.
  • Need to test if your installation is correct without any issue.
  •  The last useful command which listing your image, the image as i already mentioned is executable package to run your code and each image having different executable file depends on your docker purpose.

The first command listing all the images under your machine, the second one List the hello-world image that was downloaded to your machine.

Cheers
i will update you with part 2 soon.

Osama

Clone Weblogic Software from One Machine to another

Cloning is the process of copying an existing entity to a different location while preserving its state. Some situations in which cloning Oracle Fusion Middleware is useful are:

  • Creating a Middleware home or Oracle home that is a copy of a production, test, or development environment. Cloning enables you to create a new Middleware home or an Oracle home with all patches applied to it in a single step. This is in contrast to separately installing, configuring and applying any patches to separate Oracle homes.
  • Preparing a “gold” image of a patched home and deploying it to many hosts.
When you move a Middleware home, you create an archive of the source Middleware home and use the archive to create the copy of the Middleware home:
  • ./copyBinary.sh -javaHome /u01/jdk -archiveLoc /u01/test.jar -sourceOracleHomeLoc /u01/Oracle/Middleware/fmw_soa
After this copy the jar file to new location and run the following command :-
  • ./pasteBinary.sh -javaHome /u01/jdk -archiveLoc /u01/test.jar -targetOracleHomeName /u01/osama/
It’s very simple and useful
Reference:-
Oracle Doc here.
Cheers
Osama

Oracle API Gateway Installation as cluster and single node

I wrote this article because there is no much information about this product to configure it as cluster so i choose to write it step by step to help people around the world in case they need information about this product.

this article is fully details and working on Solaris but the same steps could be follow for Unix/Linux and windows.

The Link here

Cheers
Osama

Oracle Database 18c (18.3) is now available / Oracle XE

  • Now you can download Oracle Database 18c (18.3) from OTN , Time for testing

Here

  • Also now you can download Oracle Database XE , free for everyone:-
    • Free Oracle Database for Everyone: 
    • Up to 12 GB of user data
    • Up to 2 GB of database RAM
    • Up to 2 CPU threads
    • Up to 3 Pluggable Databases

Here

Thank
Osama Mustafa

Change Hostname in Oracle Solaris 11.3

In this post i will share how to change hostname in Solaris 11.3 , i never test this way on other version but regarding to Oracle it will be working without any issue.

  • as root user, list the current hostname using the below command :-

# svccfg -s system/identity:node listprop config

config                                                         application
config/enable_mapping            boolean     true
config/ignore_dhcp_hostname boolean     false
config/loopback                        astring
config/nodename                      astring       solarisdb1

  • change hostname to new one

# svccfg -s system/identity:node setprop config/nodename=”solarisdbnew1″

  • Refresh and restart

# svcadm refresh system/identity:node

# svcadm restart system/identity:node

  •  Check the configuration

# svccfg -s system/identity:node listprop config

 Thank you

Osama

Integrate Weblogic With Active Directory Using LDAPS

In this post i will show how to integrate weblogic with active directory under LDAPS Port 636 and now using the 389, This is usually will work on different version of weblogic in my case i am using weblogic 12C.

I tried to make this article as simple as it’s, since i faced different issue during this and couldn’t find any articles or Oracle Support document that related to any of the issue i faced so i am writing this blog to share it and could be useful for people.

Weblogic Server comes with an Embedded LDAP Server which acts as the Default Provider for authentication, authorization and role mapping .Since authentication is based on JAAS ( Java Authentication and Authorization Service), we can have external providers as well one of these external provider is Active directory authentication. 

Important note :- Before start any of these steps you should ask your system administrator to create active directory user the purpose of this use only to read active directory information and system administrator should provide you with distinguished name (DN) for this user, and Assign it to Administrator Group. This is required as Active Directory gives connection only to Admin User.

Steps:



  • to enable the port you have to do different things before start doing the configuration from weblogic side, since we are using SSL Port and not the unsecured one you have to import the certificate first, the certificate could be provided to you by the system administrator, in my case to avoid any wasting of time i used Jdeveloper to import the certificate because the Jdeveloper having the capability to connect to the LDAP server in both way (636 or 389 ) once you are connected you can import the certificate.
  •  Now after importing the certificate go the weblogic server and run the below command i choose to save my certificate under #WLS_HOME/wlserver/server/lib :

keytool -import -trustcacerts -alias NEWAD -file Certifcate_name  -keystore NEWAD.jks -storepass Oracle123

    •  Alias  : the alternative name for the certificate you can choose yours but make it clear.
    • file : the certificate location where you imported from Jdeveloper or by system admin.
    • keystore : the output file and should be JKS format.
    • storepass : the password for the imported certificate.
  • once you are done from the above steps, shutdown the adminserver and managed server using the console of the weblogic and edit the setDomainEnv.sh or setDomainEnv.cmd depend on your operating system then add the below lines ( the location of the JKS file)

JAVA_OPTIONS=”${JAVA_OPTIONS} -Djavax.net.ssl.trustStore=/u01/Oracle/Middleware/fmw_soa/wlserver/server/lib/NEWAD.jks

  • Now start the AdminServer, the following steps should be done before testing anything.
  • as you see from the below picture choose custom keystore and start fill the information which is the location for the JKS without putting the file, the password for the certificate that you choose it while importing. 
  • After that you should modify the SSL part, this time you have to remember the alias and the password like the below :-
  • Under Security Realms on the left panel choose providers > New providers 
  • Weblogic having different external provider > but we want Active Directory, make sure to choose the right one.
  • Some changes should be done after the provider created which is the order and flag of the  provider , for the order the Active directory provider should come first and flag should be SUFFICIENT.
  • Start fill the information like the below which AD Host, Active directory user ( Should be created first ), Password for the user, User Base DN and in the last Group Base DN ” Don’t change anything else” and check on SSL enabled.
  • For testing and if the provider working or not, under user and groups you should be able to see the AD users and groups now in the weblogic.
Some of the errors that i face during the configuration which is related to certificate in general, i shared these error to allow people to understand what kind of errors they will face and how to solve it:


  • Error [Security:090834]No LDAP connection could be established. ldaps://HOST:636 Cannot connect to the LDAP server 

  • weblogic.security.providers.authentication.LDAPAtnDelegateException: [Security:090294]could not get connection

  • Caused by: java.lang.reflect.InvocationTargetException

  • Caused by: netscape.ldap.LDAPException: General SSLEngine problem (91); Cannot connect to the LDAP server
  • Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
  • Caused by: sun.security.validator.ValidatorException: PKIX path building failed
  • Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Thank you
Osama 

Where is the DBA in the DevOps tools ?

  • Database administrator job has been changed and it’s not like before any more, In the past The DBA responsibility was limited within database which mean troubleshooting, backup , Performance tuning, high availability .. etc after few years new layer has been added to the responsibility which is application server layer for example weblogic ,Oracle embedded the weblogic with most of their products such as enterprise manager cloud, E-business suits, as i remember after three years another layer added to DBA knowledge which is virtualization and regarding to this virtualization  made the DBA life more easier and not like before, solution providing another layer of backup and server management.

However now everything has been changed and the market working under new term which is CLOUD including different vendor AWS, Azure, and Oracle, As DBA your knowledge shouldn’t stop by only Database, within cloud there is new tools that can help the DBA with their daily Job and it’s called Devops.

DBA usually review each change request to ensure that it is well thought out,They are in charge of monitoring their databases and keeping them available and high-performing, manage access to and the overall security of the platform.

Database automation frees the DBA from the bottleneck of the past that delayed application releases since there is different environment production, Pre-Production, Development or Testing, the DevOps Automation relieved of the pressures of constantly having to juggle and merge various teams’ database changes, are now free to help their organisations take bigger steps forward in ongoing innovation.

But what is the Devops ? And How can i use to make my Job Easier

DevOps is the combination of cultural philosophies, practices, and tools that increases an organization’s ability to deliver applications and services at high velocity: evolving and improving products at a faster pace than organizations using traditional software development and infrastructure management processes. This speed enables organizations to better serve their customers and compete more effectively in the market.

Benefits of DevOps
  • Speed
  • Rapid Delivery
  • Reliability
  • Scale
  • Security

DevOps Practices

  • Continuous Integration
  • Continuous Delivery
  • Microservices
  • Infrastructure as Code
  • Monitoring and Logging
  • Communication and Collaboration
DevOps practices for DBA and Data Team focus on the Tools, practices and techniques that are useful for the Data team to use for Development activities, Testing setup and execution, Collaboration techniques and Deployment tools and techniques. The aim of this site is to further the practice and help the DBA’s and Data team to use these practices to become productive and become part of the delivery team and embrace the devops movement.
DevOps Tools
  • Docker
  • Jenkins
  • Ansible
  • Puppet
  • Nagios
  • Monit
  • Behat
  • Chef
There is more tools for sure each one of these tools having it’s own purpose for example Docker is one of the powerful container solutions, A container image is a lightweight, stand-alone, executable package of a piece of software that includes everything needed to run it: code, runtime, system tools, system libraries, settings Available for both Linux and Windows based apps, containerized software will always run the same, regardless of the environment. Containers isolate software from its surroundings, for example differences between development and staging environments and help reduce conflicts between teams running different software on the same infrastructure.
Cheers
Osama Mustafa 

Error: Server refused our key or No supported authentication methods available

If you use PuTTY to connect to your instance and get either of the following errors, Error: Server refused our key or Error: No supported authentication methods available, verify that you are connecting with the appropriate user name for your AMI. Enter the user name in the User name box in the PuTTY Configuration window.

The appropriate user names are as follows:

  • For an Amazon Linux AMI, the user name is ec2-user.
  • For a RHEL AMI, the user name is ec2-user or root.
  • For an Ubuntu AMI, the user name is ubuntu or root.
  • For a Centos AMI, the user name is centos.
  • For a Fedora AMI, the user name is ec2-user.
  • For SUSE, the user name is ec2-user or root.
  • Otherwise, if ec2-user and root don’t work, check with the AMI provider.

Thanks
Osama

Out Of memory , Not Enough Space Solaris 11

SQL> startup mount ;
ORA-27102: out of memory
SVR4 Error: 12: Not enough space
Additional information: 1671
Additional information: 16106127360
Additional information: 64424509440

The Above error appeared When trying to start Oracle 12c on Solaris 11.3, this is published bug 
Bug:20635316 – 12C DATABASE INSTANCE STARTUP FAILS WITH ORA-27102: OUT OF MEMORY
Solaris using something called OSM , Optimized Shared memory You can know more about it here 
To avoid this error as workaround just set the parameter

_use_osm=FALSE

Thanks
Osama

Configure AWS Command Line Interface

In this lesson i will show you how to configure AWS command line, and how to start working with your AWS account thru command line with very simple and basic steps :-

  • First of i will assume that you don’t have any user or group in your AWS console
  • from the AWS Console :-
  • From IAM ( Identity access management ) Choose Group Create Group with permission Administrator access and then hit create.
  • create user and add that user to the group in my case the group name shown above, save the secret key and access ID as CSV.
  • Now from this link here, Download AWS Command Line Interface depend on your operating system and open cmd , terminal … etc.
  • Now from Dos enter AWS configure and fill the information like the below:-
  • Open the command line and test if it’s connected to AWS now.
You can learn more about the command line from AWS documentation , if you recive the following error 
“Could not connect to the endpoint URL: “https://s3.london.amazonaws.com/”
Then make sure you are on the right Region.
Thanks
Osama