Oracle DataGuard and Standby Database Archive Logs

Users see your wonderful DataGuard implementation like this:

Simple Oracle Dataguard Architecture
Simple Oracle Dataguard Architecture courtesy of https://appsdbatraining.files.wordpress.com

And yet, you know the actual picture looks more like this:

A map of Oracle DataGuard Architecture components
A map of Oracle DataGuard Architecture components

High-availability – the concept behind it makes every DBA shudder because every time it seems you deal with one element and have it protected, there’s another underlying component that also needs protection and redudancy, or else your solution is still insufficient.

Real Application Clusters (RAC) covers individual database host failures but is sensitive to failure of the storage subsystem or the network interconnections between the hosts.

Recovery Manager (RMAN) is your vital tool to keeping track of what’s backed up and where is it.  And its catalog of recovery information could reside locally in copies of the controlfiles, or centrally in another database.  Depends on your backup strategies, really.  Are you using SAN-based backups (snaps, virtual images, deduplicated block replication) or off-site methods that would have to be shipped back to start recovery?

But the typical first-time setup scenario, is you use the OEM-based jiffy whizbang method to setup your new DataGuard environment at the recommendation of one of the steps int the Maximum Availability Advisor (MAA), and everything’s up and running nicely.  You schedule a new weekly full backup, plus daily incremental backup as Oracle recommended practices prescribe, and notice everything’s running smoothly.

Except on your standby database, the archivelogs are piling up and not being deleted automatically.  What’s next?

This thread was a basic discussion in the Oracle Community forums of the topic:

https://community.oracle.com/thread/2388130?start=0&tstart=0

This is a typical RMAN-based configuration:

On Primary

RMAN> CONFIGURE ARCHIVELOG DELETION POLICY TO APPLIED ON STANDBY;

On Standby ( Depends upon where backup is preformed )

RMAN> CONFIGURE ARCHIVELOG DELETION POLICY TO NONE;

Or

RMAN> CONFIGURE ARCHIVELOG DELETION POLICY TO APPLIED ON ALL STANDBY;

/* if Standby Where Backups Are Not Performed  */

Source:

Data Guard Concepts and Administration 12c

http://docs.oracle.com/database/121/SBYDB/toc.htm

12 Using RMAN to Back Up and Restore FilesRMAN Configurations at the Primary Database
12.3.4 RMAN Configurations at a Standby Where Backups Are Not Performed

The following RMAN configurations are recommended at a standby database where backups are not done:

  1. Connect RMAN to the standby database as target, and to the recovery catalog.
  2. Enable automatic deletion of archived logs once they are applied at the standby database (this is also applicable to all terminal databases when the cascading or far sync instance features are in use):
  3. CONFIGURE ARCHIVELOG DELETION POLICY TO APPLIED ON ALL STANDBY;

 

** However, that doesn’t really take into consideration what might happen if a final archivelog before switchover of roles doesn’t quite make it on the standby (for whatever reason, it gets corrupted during playback or something similar which results in a Database Needs More Recovery error.)

Based upon:

12.3.3 RMAN Configurations at a Standby Database Where Backups are Performed

The following RMAN configurations are recommended at a standby database where backups are done:

  1. Connect RMAN to the standby database (where backups are performed) as target, and to the recovery catalog.
  2. Enable automatic backup of the control file and the server parameter file:

3.  RMAN > CONFIGURE CONTROLFILE AUTOBACKUP ON;

  1. Skip backing up data files for which there already exists a valid backup with the same checkpoint:

5.  RMAN > CONFIGURE BACKUP OPTIMIZATION ON;

  1. Configure the tape channels to create backups as required by media management software:

7.  RMAN > CONFIGURE CHANNEL DEVICE TYPE SBT PARMS ‘<channel parameters>’;

  1. Because the archived logs are backed up at the standby database, Oracle recommends that you configure the BACKED UP option for the log deletion policy:

9.  RMAN > CONFIGURE ARCHIVELOG DELETION POLICY BACKED UP n TIMES TO [DEVICE TYPE SBT];

 

I came up with the configuration of:

 

On Standby ( Depends upon where backup is preformed )

# If no DataGuard is present (single DB host):

# Ensure daily RMAN backup job is being executed in OEM or via cron.

RMAN> CONFIGURE ARCHIVELOG DELETION POLICY TO BACKED UP 1 TIMES TO DISK;

 

And setup a 2nd backup set for the Standby Host DB.  This puts the backups into the defined Fast Recovery Area and manages both the backups and archivelog retention in the same mountpoint.

 

Each has its pros and cons depending on the scenario.You need to lay out your entire architecture scheme including backup solutions and play out the various scenarios that you’re required to cover as far as your Quality of Service (QOS) guarantee to your end-user population.

And of course, if you’re using the advanced cross-WAN FarSync DataGuard implementation architecture (wherein there’s a separate Failover Archive Log (FAL) standby database whose sole purpose in life is to cache archivelogs in case the data replication stream is too much for WAN bandwidth to handle in real-time.) this all still applies because the FAL server is basically just another standby target which needs managing just as much as any regular LAN-based full DataGuard standby instance (it’s just missing the big datafiles and handles all the archivelog traffic.)  You’ll just have even more servers and services involved in keeping the whole thing running (like your Global Names Service servers and databases, which might also be RAC and DataGuard protected, or your Single-Sign On authentication services, or even the OEM Cloud Control OMS itself orchestrating all of that.)

 

Nespresso Vertuoline Coffee Capsule Brew Formulas

I like Nespresso’s Vertuoline single brew appliance – not because it’s convenient (which it is), nor because it’s quick (ditto). But because of inventive others like My-Cap.com, the rather otherwise wasteful aluminum capsules can be re-used indefinitely (as long as you’re careful not to pierce or dent them too much through handling.)

My-Cap.com foil kit for Nespresso Vertuoline
My-Cap.com foil kit for Nespresso Vertuoline

My-Cap.com makes foils, replacement capsules, little plastic quick caps, and all sorts of accessories for single-use pod/capsule coffee makers which definitely extends their environmental friendliness geometrically (which otherwise, at 1 plastic or aluminum pod per cup creates a ridiculous amount of landfill over time, if not properly recycled – Nespresso is one of the only company that provides free shipping for recycling capsules.)

My full user review is up at Amazon.com:

Nespresso Vertuoline Finished Lungo Custom Deathwish

https://www.amazon.com/review/R2CA7L5M1YTU1M/ref=cm_cr_rdp_perm

But this post is about a more in-depth feature about the Vertuoline capsule brewing formulation coded into the barcodes that surround the bottoms of each capsule.

Only recently has Nespresso started revealing the numerous formulas used in each version of the capsules, allowing those of us doing the re-use/re-pack/re-foil thing, to properly select a barcode that will work best with the coffee being refilled.

I’ll try to keep the following table updated as new information arrives on this subject:

Capsule Type Color Prewetting Flow Temperature
Altissio Espresso Dk Purple Short Slow High
Diavolitto Espresso Dk Blue Long Slow High
Voltesso Espresso Bright Gold Short Slow Low
Decaf Intenso Espresso Dk Red Long Fast High
Giornio Lungo Orange Long Slow Low
Solelio Lungo Yellow Short Fast Low
Intensio Lungo Dk Brown Long Med High
Stormio Lungo Dk Green Long Slow High
Odacio Lungo Med Blue Long Med High
Melozio Lungo Dk Gold Short Fast High
Elvazio Lungo Pink Short Slow->Fast Low->High
Decaffeinato Lungo Red Short Med Low
Half Caffeinato Lungo Red/Black Short Med Low
Flavored Lungo Various Short Med Low

 

My-Cap.com custom Deathwish after brewing
My-Cap.com custom Deathwish after brewing

I use #2 espresso grind for the Lungo size capsules (taking 10-12g of coffee grounds), and #1 espresso for the Espresso size (which take from 5-8g by comparison).  I pack each to within 1mm of the top of the flat rim of the capsule, which allows plenty of expansion room during the pre-wetting stage.

To remove the original foil, just hobby knife around the rounded part of the rim inside the flatter portion that the foil is glued to leaving a nice flat foil ring for the reusable foils to adhere to during extraction.

A cardboard my-cap storage sleeve
A cardboard my-cap storage sleeve

I also made up a few cardboard sleeves (ala Pringles style cans) that close-fit to the edges of the capsules to better keep the re-use foils on the capsules (the adhesive works well during extraction, but I disliked all the extra clamping and crimping others were doing to attempt to seal them better.  I find just placing them on top,  and running around the edge with the fan-brush handle is fine, then just gently fold over the edges.  The adhesive is enough to seal against the rim lip during extraction, and as long as you keep the capsules upright, they won’t spill.)

The price for convenience is that these little capsules do use about 200% more coffee per cup in order to reach the strength level of a standard French press style cup of coffee, but produce a good 2cm of crema in the process (more like a Vev-Vigano stove-top pressure coffee extractor.)  The espresso versions are a little lighter,  in that the brewing process is modified and thus consume closer to the “normal” puck’s worth of coffee per espresso (and they can be double-brewed – reset the cycle by turning the lock open, but don’t open it, then re-lock again to allow the 2nd button press, and re-trigger the pre-wetting cycle, if you prefer something like a 1-1/2 Espresso.)

OEM 12c SSL Certificate Swapping (HowTo)

"This Connection is Untrusted" error message
“This Connection is Untrusted” error message

Oracle Enterprise Manager out of the box, comes with demonstration SSL certificates that are generally okay for getting the basic system up and running, but should not be left as your long-term solution for SSL/HTTPS connections to your Oracle Management Server (OMS).

Similar to how e-Business Suite installations delivered a DEMO Certificate Authority certificate with the bundled Internet Application Server (iAS) installation, OEM packages do the same thing.  But eventually, forced by browser and client workstation OS upgrades, you will eventually need to install “real” certificates by a true trusted Root Certification Authority (RCA) so that your client browsers don’t begin rejecting encrypted connections to your OMS.

If you search for SSL Certificate authorities, there are many well-known public RCA’s  such as, DigiCert, Verisign, Thawte, GeoTrust, and others, or even those available from your domain registrar.  Larger organizations probably have their own Certificate Authority signing server on-premise that allow generation of trusted certificates, as well. The only really important thing is that the CA is actually available in your browser and OS as a Trusted Root Authority, and that the signing chain is verifiable to prevent issues with SSL/HTTPS handshaking.  For each middle-tier OMS host, or virtual host if you are set up for high-availability with multiple WebLogic servers, a certificate request is generated, signed and then imported back into the keychains related to the OMS Weblogic hosts, and the OMS Servicing Agents (the OEM Agents installedo on the OMS middle-tier hosts.)

Once a new certificate is installed to the OMS itself (in WebLogic), you will also need to install the related RCA to the OMS-side OEM Agent servicing all of the connections to the other OEM Agents, so that they too, will be SSL enabled.

# OEM SSL Certificate swapping
#    EM 12c Cloud Control: How to Create a Wallet With Third Party Trusted Certificate that Can Be Imported into the OMS Console application ? (Doc ID 1937457.1)
#     EM 12c: Steps to Create and Import Third Party / Self-Signed SSL Certificates for WebLogic Server in an Enterprise Manager 12c Cloud Control Installation (Doc ID 1527874.1)
STAGE_DIR=/mnt/nfs/FMW/certs
EM_INSTANCE_HOME=/oemgc/Oracle/gc_inst2/em/EMGC_OMS1      #WebTierIH2 OHS/ohs2 on (alternate hostname

oemmgr@(primary hostname) $> cd $STAGE_DIR

oemmgr@(primary hostname) $> cat import.sh
export JAVA_JREBIN=$JAVA_HOME/jre/bin
export CERTS=/mnt/nfs/FMW/certs
$JAVA_JREBIN/keytool -import -file $CERTS/ORGPOLICYCA.cer -trustcacerts -alias ORGROOTCA -storepass changeit -noprompt  -keystore $JAVA_HOME/jre/lib/security/cacerts
$JAVA_JREBIN/keytool -import -file $CERTS/ORGROOTCA.cer -trustcacerts -alias ORGRootPolicyCA -storepass changeit -noprompt   -keystore $JAVA_HOME/jre/lib/security/cacerts
$JAVA_JREBIN/keytool -import -file $CERTS/ORGHOSTISSUECA1.cer -trustcacerts -alias ORGHOSTissueca1 -storepass changeit -noprompt  -keystore  $JAVA_HOME/jre/lib/security/cacerts

oemmgr@(primary hostname) $> . ./import.sh
Certificate was added to keystore
Certificate was added to keystore
Certificate was added to keystore

# Determine keystore directory (found by locating your Oracle Home Service (OHS) installation filesystem)
oemmgr@(primary hostname) $> ps -ef | grep ohs
oemmgr     873  9334  0 Jan13 ?        00:47:48 /oemgc/Oracle/MW3/Oracle_WT/ohs/bin/httpd.worker -DSSL
oemmgr    9334  9305  0 Jan13 ?        00:00:06 /oemgc/Oracle/MW3/Oracle_WT/ohs/bin/httpd.worker -DSSL
oemmgr    9342  9334  0 Jan13 ?        00:00:11 /oemgc/Oracle/MW3/Oracle_WT/ohs/bin/odl_rotatelogs -l /oemgc/Oracle/gc_inst2/WebTierIH1/diagnostics/logs/OHS/ohs1/ohs1-%Y%m%d%H%M%S.log 10M 70M
oemmgr    9344  9334  0 Jan13 ?        00:00:11 /oemgc/Oracle/MW3/Oracle_WT/ohs/bin/odl_rotatelogs /oemgc/Oracle/gc_inst2/WebTierIH1/diagnostics/logs/OHS/ohs1/access_log 10M 100M
oemmgr    9345  9334  0 Jan13 ?        00:00:01 /oemgc/Oracle/MW3/Oracle_WT/ohs/bin/odl_rotatelogs /oemgc/Oracle/gc_inst2/WebTierIH1/diagnostics/logs/OHS/ohs1/em_upload_http_access_log 10M 100M
oemmgr    9346  9334  0 Jan13 ?        00:02:13 /oemgc/Oracle/MW3/Oracle_WT/ohs/bin/odl_rotatelogs /oemgc/Oracle/gc_inst2/WebTierIH1/diagnostics/logs/OHS/ohs1/em_upload_https_access_log 10M 100M
oemmgr    9349  9334  0 Jan13 ?        00:00:07 /oemgc/Oracle/MW3/Oracle_WT/ohs/bin/odl_rotatelogs /oemgc/Oracle/gc_inst2/WebTierIH1/diagnostics/logs/OHS/ohs1/mod_wl_ohs.log 10M 100M
oemmgr    9350  9334  0 Jan13 ?        00:00:00 /oemgc/Oracle/MW3/Oracle_WT/ohs/bin/odl_rotatelogs -l -h:/oemgc/Oracle/gc_inst2/WebTierIH1/config/OHS/ohs1/component_events.xml_ohs1 /oemgc/Oracle/gc_inst2/WebTierIH1/auditlogs/OHS/ohs1/audit-pid9334-%Y%m%d%H%M%S.log 1M 4M
oemmgr    9351  9334  0 Jan13 ?        00:00:28 /oemgc/Oracle/MW3/Oracle_WT/ohs/bin/httpd.worker -DSSL
oemmgr    9352  9334  0 Jan13 ?        00:47:55 /oemgc/Oracle/MW3/Oracle_WT/ohs/bin/httpd.worker -DSSL
oemmgr    9353  9334  0 Jan13 ?        00:47:52 /oemgc/Oracle/MW3/Oracle_WT/ohs/bin/httpd.worker -DSSL

# Confirm settings
oemmgr@(primary hostname) $> grep keystore /oemgc/Oracle/gc_inst2/WebTierIH1/config/OHS/ohs1/ssl.conf
SSLWallet file:/oemgc/Oracle/gc_inst2/WebTierIH1/config/OHS/ohs1/keystores/console

# Stage copy of revised CA wallet                                  #WebTierIH2/config/OHS/ohs2 on (secondary hostname)
oemmgr@(primary hostname) $> cp -r /mnt/nfs/FMW/certs/oemgc.domain /oemgc/Oracle/gc_inst2/WebTierIH1/config/OHS/ohs1/keystores
cp -r /mnt/nfs/FMW/certs/oemgc.domain /oemgc/Oracle/gc_inst2/WebTierIH2/config/OHS/ohs2/keystores

# Check permissions 770 on wallet dir, 600 on wallets
oemmgr@(secondary hostname) $> ls -la /oemgc/Oracle/gc_inst2/WebTierIH2/config/OHS/ohs2/keystores/oemgc.domain
ls -la /oemgc/Oracle/gc_inst2/WebTierIH1/config/OHS/ohs1/keystores/oemgc.domain
total 32
drwxrwx— 2 oemmgr oinstall  4096 Mar  9 12:50 .
drwx—— 7 oemmgr oinstall  4096 Mar  9 12:50 ..
-rw——- 1 oemmgr oinstall 11653 Mar  9 12:50 cwallet.sso
-rw——- 1 oemmgr oinstall 11576 Mar  9 12:50 ewallet.p12

# Primary wallet for the OMS console
oemmgr@(primary hostname) $> cd /oemgc/Oracle/MW3/oracle_common/bin
oemmgr@(primary hostname) $> ./orapki wallet display -wallet /oemgc/Oracle/gc_inst2/WebTierIH1/config/OHS/ohs1/keystores/console
Oracle PKI Tool : Version 11.1.1.7.0
Copyright (c) 2004, 2013, Oracle and/or its affiliates. All rights reserved.

Requested Certificates:
User Certificates:
Subject:        CN=oemgc.domain
Trusted Certificates:
Subject:        CN=(primary hostname).domain,C=US,ST=CA,L=EnterpriseManager on (primary hostname).domain,OU=EnterpriseManager on (primary hostname).domain,O=EnterpriseManager on (primary hostname).domain

# Confirm new wallet contents
oemmgr@(primary hostname) $> ./orapki wallet display -wallet /oemgc/Oracle/gc_inst2/WebTierIH1/config/OHS/ohs1/keystores/oemgc.domain
Oracle PKI Tool : Version 11.1.1.7.0
Copyright (c) 2004, 2013, Oracle and/or its affiliates. All rights reserved.

Requested Certificates:
User Certificates:
Subject:        CN=*.domain,OU=Information Technology,O=ORG My Org,L=My City,ST=California,C=US
Trusted Certificates:
Subject:        OU=Class 2 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US
Subject:        CN=ORG POLICY CA
Subject:        CN=GTE CyberTrust Global Root,OU=GTE CyberTrust Solutions\, Inc.,O=GTE Corporation,C=US
Subject:        CN=ORG ROOT CA
Subject:        CN=HOSTISSUECA1,DC=fss,DC=ORG,DC=com
Subject:        OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US
Subject:        OU=Class 1 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

#Add certificates to monitoring agent for the OMS:
cd $AGENT_HOME/bin
./emctl stop agent
# Default jks keyring password – welcome
./emctl secure add_trust_cert_to_jks -trust_certs_loc /mnt/nfs/FMW/certs/ORGROOTCA.cer -alias ORGROOTCA
./emctl secure add_trust_cert_to_jks -trust_certs_loc /mnt/nfs/FMW/certs/ORGPOLICYCA.cer -alias ORGPOLICYCA
./emctl secure add_trust_cert_to_jks -trust_certs_loc /mnt/nfs/FMW/certs/ORGHOSTISSUECA1.cer -alias HOSTISSUECA1
./emctl start agent

# Support virtual host ignore hostname verification
export EM_COMMON_JAVA_OPTIONS=”-Dweblogic.security.SSL.ignoreHostnameVerification=true -Djava.security.egd=file:///dev/./urandom -Dweblogic.log.FileName=/oemgc/Oracle/gc_inst2/em/EMGC_OMS1/sysman/log/wls.log”

# Backup the EM_INSTANCE_BASE/em/EMGC_OMS1/emgc.properites file
cd /oemgc/Oracle/gc_inst2/em/EMGC_OMS1                               #OMS2 on (secondary hostname)
cp emgc.properties emgc.properties_selfsign

# Requires SYSMAN password
# (secondary hostname)
$OMS_TOP/bin/emctl secure console -wallet /oemgc/Oracle/gc_inst2/WebTierIH2/config/OHS/ohs2/keystores/oemgc.domain

# Example output
# Oracle Enterprise Manager Cloud Control 12c Release 5
# Copyright (c) 1996, 2015 Oracle Corporation.  All rights reserved.
# Securing Console… Started.
# Enter Enterprise Manager Root (SYSMAN) Password :
# Securing Console… Successful
# Restart OMS

# (primary hostname)
$OMS_TOP/bin/emctl secure console -wallet /oemgc/Oracle/gc_inst2/WebTierIH1/config/OHS/ohs1/keystores/oemgc.domain
$OMS_TOP/bin/emctl stop oms
$OMS_TOP/bin/emctl start oms

#Section 4: Rolling back to the Demonstration WLS Certificate
#If you need to switch back the WLS components in the OMS installation to use the default WebLogic Server demonstration certificates, execute the following steps on each OMS.

1.Stop the OMS:

cd <OMS_HOME>/bin
emctl stop oms

2.Run the following command:

cd <OMS_HOME>/bin>
emctl secure wls -use_demo_cert
emctl secure console -self_signed

3.Stop the OMS:

cd <OMS_Home>/bin
emctl stop oms -all

4.Start the OMS:

cd <OMS_Home>/bin
emctl start oms

Wire Bail Canning Jar Gasket Sizes – Fido, Bormioli, Le Parfait, et.al.

5.0L Common Canning Jar - Glass
5.0L Common Wire Bail Canning Jar – Glass

The rubber or silicone ring invariably wears out, cracks, splits or otherwise no longer seals properly.

Interestingly, I noticed that when browsing for replacements, there are a number of different pseudo-standard sizes involved.

Since they are flexible, one size too small may fit anyway, even if the gasket slightly buckles or curls, and sometimes the thickness varies enough (especially if too thick) that means you will need to adjust the wire band to accommodate the additional thickness (sometimes the lower band – the one on the jar itself, can be flipped upside down to give an additional 2mm of closure clearance for thicker 4mm gaskets – most gaskets are of the 2mm variety.)

Modern canning jar gaskets 70mm, 80mm, 100mm
Modern canning jar gaskets 70mm, 80mm, 100mm

Common Canning Wire Bail Jar Gasket Sizes with Inside and Outside Diameter measurements:

Antique 1/4" width canning jar gaskets
Antique 1/4″ width canning jar gaskets

* Antique gaskets were usually only 1/4″ wide instead of the modern 1/2″ width.

 

 

 

 

 

Ball wide-mouth versus regular-mouth glass canning jars
Ball wide-mouth versus regular-mouth glass canning jars

For reference, Modern Standard Ball/Mason Screw-on Canning Lid sizes:

  • Standard Mouth Ball 2-1/2″ (on center at lid seal) – 2-3/8″ (60mm) ID 2-5/8″ (67mm) OD – at jar opening.
  • Wide Mouth Ball 3-1/8″ (on center at lid seal) – 3.0″ (76mm) ID 3-1/4″ (83mm) OD – at jar opening.

 

 

 

There are also any number of decorative model jars which were very tiny in comparison (1″ 25mm ID) which were not meant for actual canning use, but were often used for salt and pepper shakers or for gifting jam samples. Naturally, getting replacement lids or gaskets for these is pretty much impossible other than finding something that would work at your local hardware store in the pipe and plumbing department.

Miniature 1-7/10" 42mm wire bail decorative canning jar
Miniature 1-7/10″ 42mm wire bail decorative canning jar
2" 51mm mini decorative mason jar
2″ 51mm mini decorative mason jar

#C16LV Collaborate 2016 Networking Opportunity Events

collab16-2015-08-750

Where I can keep track of the special events (note: these are not “parties” as so many people are misled to believe) at Collaborate (April 10-14, 2016 – Las Vegas, Nevada). To attend one of these events:

  1. You’re registered as an Collaborate Attendee.
  2. You’re either a prospect, customer, or goodwill contact for the host.
  3. You visit the host’s booth at Collaborate in order to pick up whatever is required for entry.
  4. Do not just show up at the event and attempt to “crash” it – just spend your time at a regular #C16LV reception the same evening and you’ll still get plenty of party time.

To be confirmed (replicated from last years’ schedule):

+IOUG Volunteer Reception, Sat 8-9:30p, Tacos & Tequila (Luxor Mezz)
+Kaygen CA, Tue 7-9p, Veranda Italian (4Seasons)
+Cisco
#NightSliders, Tue 9-12p, Suite 30-001 (MB – Tweet Req’d)
+Hyperion Connect Reception, Tue 7-8:30p, North CC, Islander C
+OAUG Young Professionals Cocktail MeetUp, Wed 6:30-7:30p, North CC, Islander C
+#C16LV Young & New Professionals Dine-Around (non-hosted), Tue, 7p, Meet at Main Entrance of Exh Shwcse
+Data Intensity CA, Tue 7-9p, Eyecandy Lounge
+InsightSoftware
VIP, Tue 7-10p, Franklin Lounge (Delano Tower MB)
+Mercury Technology
CA, Tue 7-9:30p, Border Grill (MB)
+Quest
Members Welcome, Sun 6:30-8p, MB Ballroom Lvl2 I,J (JD Edwards)/L (Peoplesoft)
+Oracle Data Mgt Lunch (KPIT Sponsored), Mon 12-1:30p, Slice of Vegas (MP Shoppes)
+DatAvail 
CA, Mon 7:30-9:30p, Strip Steak (MB)

 

 

My sessions for this year:

 

Big Data Cloud Storage Framework Solutions

Based upon a recent meeting of minds at MESS (Media Entertainment & Scientific Systems) http://www.meetup.com/MESS-LA the challenge facing the industries is how to deal with petabyte-sized amassed data that still needs to be accessible in real-time for secured editing purposes by downstream customers and suppliers.
Here’s a multi-phase solution idea:

big_data_arch_model
My idea for a secure big file delivery model. Figured by J. H. Lui (c) 2016

Using torrent technology for access, with authenticated peer-to-peer hosts. private SSL-encrypted trackers/announcers, and encrypted bit streams, this maintains access to the fundamental data source using minimal infrastructure.
Add two-factor authentication to the authentication protocol to allow time- and role-based security to be enforced (so-and-so p2p host is authorized to connect to the torrent during X days/N hours per day/etc.)
Use generic two-factor authentication providers (e.g. Symantec VIP or SAASPass) to allow the small service providers to access data without excessive overhead cost, or dedicated hardware solutions.
Store the data source files using a torrent+sharding+bit-slicing protocol (similar to the Facebook imaging storage model.) Without authenticated access to the cloud torrent, any individual data chunk or shard grabbed by a sniffer becomes useless.
Segregate and divide the data files using a role-based security architecture (e.g. Scene 1 needed by X post-production editor, during N time-period.) Individual torrent participants can select the individual virtual file segments they need for work, without downloading the data chunks unrelated to them. Similarly, the above described time+role based security prevents access to/from data segments that are not authorized for that endpoint. Could even add password-protection to individual sensitive segments to provide one more level of turn-key security.
Use a Google Drive/Dropbox style OS protocol to allow mounting of the torrent sources to the end-user workstations with transparent access.  Whichever mechanism can provide adequate latency for the block replication should be sufficient.  Rather than mounting the same cloud torrent to every local workstation, use local NFS servers to provide local home-basing of the cloud mount (WAN speed), then export that mount locally (LAN speed) to the various workstations that need access to it.  That way, there’s only one penetration point to/from the cloud torrent, which can be adequately firewalled locally by the end-user. This is a solution for the end consumers that need access to the largest portion of the cloud data set.
The source data hives can use multi-path networking protocol ( https://jhlui1.wordpress.com/2015/05/21/multi-path-multiplexed-network-protocol-tcpip-over-mmnp-redundant-connections ) to further split and sub-divide the data streams (which are already encrypted), to maximize performance to bandwidth-limited consumer endpoints.
Media companies have a rather different data value model to deal with because during pre-production the data value is extremely high, but it drops off rapidly post-production release once the market consumes it. But the same model at a lower protection level would work for actual distribution – wherein end subscribers are authenticated for access to a particular resolution or feature set of the original cloud segments (e.g. 8K versus 1K media, or audio-only, or with or without Special Features access.)

2016-01 Shinnyo Podcast Divine Protectio

2016-01 Shinnyo Podcast Divine Protection and Luck – 2016-01 Shinnyo Podcast Divine Protection and Luck A Heap of Good Fortune For Some Bullets and Bracelets Against the Bad and Wicked Being Fed to Death The Lesser Trodden Path Subscribe to this Podcast (RSS) or iTunes or via Flipboard Ever noticed when some people seem to live a charmed life? Not referring to being … Continue reading 2016-01 Shinnyo Podcast Divine Protection and Luck → http://ow.ly/3aL2jt

2016-01 Shinnyo Podcast Divine Protection and Luck

2016-01 Shinnyo Podcast Divine Protection and Luck

  • A Heap of Good Fortune For Some
  • Bullets and Bracelets Against the Bad and Wicked
  • Being Fed to Death
  • The Lesser Trodden Path
electrical-work-funny-safety-fails
https://nationalsafety.files.wordpress.com/2012/12/electrical-work-funny-safety-fails.jpg?w=587

Subscribe to this Podcast (RSS) or iTunes or via Flipboard

Ever noticed when some people seem to live a charmed life? Not referring to being lucky, or fortunate success-wise, but more towards how some people haven’t had a lot of bad things happen to them. Accidents are few and far between, or never broken a bone, or became really ill. Some are winning every contest they enter, and seem to go through life with an ever-present ray of sunshine falling upon them, never casting a shadow.

Every accident I’ve ever had came from my own action or inaction. I was either unaware of my surroundings because of distraction or focus on something else, or thought I could do something that would get me there faster or presumed someone else was responsible for an action (whether avoiding me because I was there, or was otherwise responsible for predicting what I was about to do.)

I’ve driven always as though I’m invisible, because for all practical purposes, people have the most accidents when something predicted doesn’t happen (the person isn’t supposed to be there; the fan I tripped on wasn’t supposed to in my path; the food I’m eating wasn’t supposed to be spoiled, though it tasted oddly metallic, etc.)

One of the puzzling observations I’ve made has to do with how some people have many people in their lives that are in some way negatively influential, or critical, or even just chronically unhappy with life.  While I don’t have any definitive idea where that comes from, I know that for myself, those kinds of people simply aren’t naturally attracted to me.  I do encounter plenty of people who have ideas for improvement, or ways to do things better or more effectively in my daily life, but none who see the world as impossible to solve, or are faced with challenges beyond their capacity to cope. Much of that could be attributed to my belief that I can’t really do anything in someone else’s life other than show a different way of handling things. But it’s ultimately still their choice to make a difference for themselves. Whether that forms its own kind of invisible force-field against being surrounded by naysayers and prophets of doom, is up to pure speculation, but it is what it is.

Many years ago, I subscribed to the concept of rescuer mentality, developing sort of a Pygmalion attitude about relationships, which in turn attracted many people of similar belief. You became attractive both to those seeking refuge from circumstance and wanting a hand-up to a better life, as well as those who sought to rescue those in need. By itself this would seem to be an amicable relationship, seeing that those wanting support are matched with those seeking to provide it. But I think you can also see the co-dependency aspect of this situation – how the hungry never learn to satiate their own hunger, and the providers never fulfill the illusion of creating independence. Instead of a symbiotic relationship of mutual support, it becomes a parasitic relationship with each party needing the other to continue unfulfilled, lest the relationship (and the emotional satisfaction derived from it) collapse.  The tensions of the need becomes the energy fueling the connections.

To this very day, I still find an innate sense of wanting to rescue, but with a realization that people are not stray dogs and cats, you do what you can to provide an example of self-sufficiency and ability, and do your best to embrace whatever life deals you. There’s a subtle but real difference between when one of those stray animals wanders into your life, looking for solace, versus the ones you go out and trap and domesticate.  Similarly, you can be a great teacher and inspire people to learn, or just talk a lot about great things, and never pay attention that your audience isn’t really listening or learning.

While it makes no sense to try and draw direct relationships between bad luck and how one behaves in life, it may be worth noticing that the little rumbles and ripples from broken promises, and living a life of incongruity is often accompanied with a certain over-abundance of misfortune and misfeasance.   Or if screaming at the top of your lungs that life isn’t fair and the world needs to treat you better hasn’t worked, maybe it’s time to instead invite a few faeries of good fortune and the leprechauns of luck into your life by trying the nicer road. Bad times are challenging, but not a curse, and at the time you encounter them, you do have the muster to overcome them. But if you insist on encouraging the worst by spouting your bravado, I’m pretty sure it will prove to be an entertaining event at the very least. Enjoy the lesser trodden path of life; it often comes filled with surprises and unforeseen opportunities.

Subscribe to this Podcast (RSS) or iTunes or via Flipboard

/* For more information and discussion feel free to e-mail me at jlui at jlui dot net, or twitter @jhlui1; With Gassho _()_, James*/

 

DataGuard and OEM 12c OMS DB Failover Configuration

# When Oracle DataGuard high-availability for the OMS database is configured using the OEM DataGuard Administration Wizard, and fast-start failover is configured, fail-overs automatically rename the standby as primary, and vice-versa and establish the change-over in roles.  While this accomplishes the database staying online and available on the secondary host (or all other databases in the DG group), the Enterprise Manager OMS must be told how to connect to it – preferably transparently.

# DataGuard OMS Registration
# Enterprise Manager Grid Control 11g: How to Configure the OMS Connect String when Repository is in a Dataguard setup (Doc ID 1328768.1)
# OEMPR11 is our primary DB SID/Service Name
# OEMPR11_DGMGRL is our alias for the fail-over service (pointing to all DG instances)

SQLPLUS as SYS:
SQL> exec DBMS_SERVICE.CREATE_SERVICE (service_name => ‘OEMPR11_DGMGRL’,network_name => ‘OEMPR11_DGMGRL’,aq_ha_notifications => true,failover_method => ‘BASIC’,failover_type => ‘SELECT’,failover_retries => 180,failover_delay => 1);

SQL> exec dbms_service.start_service(‘OEMPR11_DGMGRL’);

# Verify operation:

$> lsnrctl services     # Should see the new OEMPR11_DGMGRL service listed

# Create a Database Trigger so that the service can be stopped when the Database role becomes standby and started only when the Database role is Primary:

SQL> CREATE OR REPLACE TRIGGER manage_OCIservice after startup on database
DECLARE
role VARCHAR(30);
BEGIN
SELECT DATABASE_ROLE INTO role FROM V$DATABASE;
IF role = ‘PRIMARY’ THEN
DBMS_SERVICE.START_SERVICE(‘OEMPR11_DGMGRL’);
ELSE
DBMS_SERVICE.STOP_SERVICE(‘OEMPR11_DGMGRL’);
END IF;
END;

# Re-configure the OMS (All MT hosts) to have the connection string as:
$>  cd <OMS_HOME>/bin
# Following is a single-line command (basically an entire JDBC style connect string)
$> ./emctl config oms -store_repos_details -repos_conndesc ‘(DESCRIPTION=(FAILOVER=ON)(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=<primaryDBHostnameFQDN>)(PORT=1522))(ADDRESS=(PROTOCOL=TCP)(HOST=<secondaryDBHostnameFQDN>)(PORT=1521)))(CONNECT_DATA=(SERVICE_NAME=OEMPR11_DGMGRL))(FAILOVER_MODE=(TYPE=select)(METHOD=basic)))’ -repos_user sysman

# Example output
$> ./emctl config oms <…> TYPE=select)(METHOD=basic)))’ -repos_user sysman               <
Oracle Enterprise Manager Cloud Control 12c Release 5
Copyright (c) 1996, 2015 Oracle Corporation.  All rights reserved.
Enter Repository User’s Password :
Successfully updated datasources and stored repository details in Credential Store.
If there are multiple OMSs in this environment, run this store_repos_details command on all of them.
And finally, restart all the OMSs using ’emctl stop oms -all’ and ’emctl start oms’.
It is also necessary to restart the BI Publisher Managed Server.

# Add the tnsnames.ora entry (all DB hosts at minimum)
OEMPR11_DGMGRL=
(DESCRIPTION=
(ADDRESS_LIST=
(ADDRESS=(PROTOCOL=TCP)(HOST=<primaryDBHostnameFQDN>)(PORT=1522))
(ADDRESS=(PROTOCOL=TCP)(HOST=<secondaryDBHostnameFQDN>)(PORT=1521))
)
(CONNECT_DATA=(SERVICE_NAME=OEMPR11_DGMGRL))
(FAILOVER_MODE=(TYPE=select)(METHOD=basic))
)

# Testing connectivity:

$> sqlplus sysman/$SYSMAN_PW@'(DESCRIPTION=(FAILOVER=ON)(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=<primaryDBHostnameFQDN>)(PORT=1522))(ADDRESS=(PROTOCOL=TCP)(HOST=<secondaryDBHostnameFQDN>)(PORT=1521)))(CONNECT_DATA=(SERVICE_NAME=OEMPR11_DGMGRL))(FAILOVER_MODE=(TYPE=select)(METHOD=basic)))’

# Test the Failover Service:

# Connect to the Database from sqlplus using SYSMAN user via the new service created above:

$> sqlplus sysman/$SYSMAN_PW@OEMPR11_DGMGRL

# Execute these queries to verify the Database name and service names:

SQL> select db_unique_name from v$database;

DB_UNIQUE_NAME
——————-
OEMPR11

SQL> show parameter service_names

NAME            TYPE     VALUE
————-   ——-  ————————————
service_names   string   OEMPR11, OEMPR11_DGMGRL

# Re-start the OMS once so that the connection string change is saved:

cd <OMS_HOME>/bin
./emctl stop oms -all    #on AdminServer MT
./emctl stop oms         #other MTs
./emctl start oms

Something New from Dove – A Dry Spray?

Courtesy of the try and review site Influenster a couple new interesting ideas showed up in the mail this weekend.

http://www.dove.us/Products/Deodorant/Dry-Spray/dryspray.aspx
Dove Dry Spray anti-perspirant/deodorant trials.

Since these new products do not contain alcohol or water, they spray on but evaporate immediately on-contact.

The 48-hour claim probably was under conditions of not actually washing anything off (regardless of the petroleum distallates used – see the ingredient list below); for practical purposes, this is a non-powder based D/AP product that as long as you shake well before using, doesn’t have a residue, and works relatively invisably (long-term effects of spraying butane on yourself, or the environmental impacts still to be determined.)

The inventors are still at it.

Ingredients as listed:
Butane, Hydrofluorocarbon 152A, Cyclopentasiloxane, Isobutane, Ppg-14 Butyl Ether, Helianthus Annus Seed Oil, Disteardimonium Hectorite, C12-15 Alkyl Benzoate, Fragrance, Propane, Bht, Octyldodecanol, Propylene Carbonate, Dimethiconol, Tocopheryl Acetate

 

Investigating an OEM 12c E-Business Suite Alert (AMS 12.1.0.x)

OEM 12 Home Page
OEM 12 Home Page

The Applications Management Suite plug-in for Oracle Enterprise Manager simplifies discovery of the myriad of subtargets that make up an Oracle E-Business Suite instance.  Correspondingly, the number of alerts sent out can rise dramatically because of the inter-relationships between the components.

For example, the outage of a single Apache process triggers all of the following associated targets also to flag as a service Down status:

INSTANCE-Oracle E-Business Suite
INSTANCE-Infrastructure INSTANCE_host-APPL_TOP Context
HTTP_Server

The number of downed targets increases if a subcomponent of a primary component (such as a single JVM thread under the OACore process) experiences an outage.

This is a simple walk-through of navigating one of the e-mail alerts to start figuring out what happened.

The e-mail alert looks like this:

From: OEM12 Burbank
Sent: Monday, December 07, 2015 8:30 AM
To: DBAs
Subject: EM Event: Fatal:INSTANCE-Oracle E-Business Suite – Target is down; 1 member is down: INSTANCE_EBS Availability System

Host=hostname
Target type=Oracle E-Business Suite
Target name=INSTANCE-Oracle E-Business Suite
Categories=Availability
Message=Target is down; 1 member is down: INSTANCE_EBS Availability System
Severity=Fatal
Event reported time=Dec 7, 2015 8:29:14 AM PST
Target Lifecycle Status=Production
Operating System=Linux
Platform=x86_64
Associated Incident Id=390885
Associated Incident Status=New
Associated Incident Owner=
Associated Incident Acknowledged By Owner=No
Associated Incident Priority=None
Associated Incident Escalation Level=0
Event Type=Target Availability
Event name=Status
Availability status=Down
Root Cause Analysis Status=Symptom
Rule Name=EBS Notifications,Rule_EBS_Notifications
(to get notified, you set up Rule Sets that tell OEM when and what to notify you about)

Rule Owner=DBA
Update Details:
Target is down; 1 member is down: INSTANCE_EBS Availability System
Incident created by rule (Name = Incident management rule set for all targets, Incident creation rule for a Target Down availability status [System generated rule]).


To investigate an event alert, click on the Associated Incident ID (e.g. the 390885 which on your system will be a URL taking you into OEM) which will take you to the associated Incident Summary page.

Click on Related Events to investigate what raised the event alert (there may be more than one cause):

ss1
OEM 12c AMS 12.1.0.4 – Incident Details

From the screen, it shows the red mark on PRODARMK-Infrastructure PRODARMK_ascopofinm01-APPL_TOP Context (Oracle E-Business Suite Node).

Click on that link in the list of Targets.

Navigate to Monitoring -> Status History:

ss2
OEM 12c AMS 12.1.0.4 – Navigation Target: Monitoring -> Status History

Change the Availability History view to All History (the related underlying event caused is displayed.)

ss3
OEM 12c AMS 12.1.0.4 – Target: Status History Details

If you click on the related Message (e.g. Target is down; 1 member is down: INSTANCE_hostname.auca.corp_oacore_JVM_…); you will then be shown the related Event page for that target:

ss4
OEM 12c AMS 12.1.0.4 – Target: Event Details

Click on the Related Events tab for this target, to confirm the service alert recorded:

ss5
OEM 12c AMS 12.1.0.4 – Target: Event Details -> Related Events Timeline

If this is a recurring issue, by sliding the timeline back and forth (and adjusting the period view to a larger sample) you can see if there are any associated time-related occurrences that can be used to identify root cause.

For the specific issue, login to the associated host, and view the output and error logs for the process itself to determine what triggered the alert (in this case, the JVM automatically restarted the OACore process that had run out of memory.)

Oracle OpenWorld 2015 Networking Opportunity Events #OOW15

Where I can keep track of the special events (note: these are not “parties” as so many people are misled to believe – you should expect to be contacted by sales and account professionals at each event) at OOW.  To attend one of these events:

  1. You’re registered as an OpenWorld Attendee.
  2. You’re either a prospect, customer, or goodwill contact for the host. That means you actually contact the host and ask to attend before OOW.
  3. You visit the host’s booth at OpenWorld in order to pick up whatever is required for entry and get to know what the host actually does.
  4. Do not just show up at the event and attempt to “crash” it – just spend your time at a regular OOW reception the same evening and you’ll still get plenty of party time.

Visit all those vendors and make them feel welcomed this year!


Also here’s a guide to noshing at the nearby Ferry Building (end of Market St, at the waterfront):

http://www.7×7.com/eat-drink/ultimate-foodie-tour-ferry-building

Oracle OpenWorld Fun Community Events
There are 3 community events at OOW this year,

  1. A guided bike tour hosted by Oracle’s PL/SQL and cycling guru, Bryn Llewelyn on Saturday, October 24th at 10 a.m.
  2. A run across the Golden Gate Bridge hosted by the SQL Dev team on Sunday, October 25th at 8:30 a.m.
  3. 4th annual swim in the San Francisco Bay hosted by Oracle ACE Director Chet Justice on Monday, October 26th at 7:30 a.m.

The 2014 List of OOW Events

The 2013 List of OOW Events

The 2012 List of OOW Events

And OakTable World is back once again, at the Creativity Museum (this year, no pre-registration required).

Agenda:

http://www.oaktable.net/oaktable%20world%202015

Agenda for Oaktable World 2015, located at Creativity Museum, is

 time Monday Oct 26 Tuesday Oct 27
8  8:30 – Welcome with Mogens  Toon Koppelaars – hash joins and Bloom filters
9 Mark W. Farnham – Minimizing the concurrency footprint of transactions with Logical Units of Work stored in PL/SQL Kyle Hailey – Virtual Data
10

Kerry Osborne – SQL Translation Framework

Kellyn Pot’Vin-Gorman, AWR Warehouse Trending and Analysis with OBIEE
11 Greg Rahn – Taming JSON with SQL: From Raw to Results

Marco Gralike – Improving XML performance with the 12c In-Memory Column Store

12 ted talks ted talks
1

Dan Norris – Exadata Database Machine Security

Cary Millsap – Performance

2  John Beresniwicz – AWR Ambiguity: What do do when the numbers don’t add up?

Gwen Shapira – Real-time data integration

3 Kevin Closson – Modern Platform Topics for Modern DBAs

Alex Gorbachev – Big Data 

4 Tanel Poder – Connecting Oracle with Hadoop  Chris Antognini – Adaptive Dynamic Sampling

Ted Talks between noon and 1pm

 Monday  Tuesday
 Eric Grancher – graphing outliers Jonah H. Harris – Manipulating the Oracle Call Interface

Greg Rahn- What Cloud Can Offer For A DBMS

Kellyn Pot’Vin-Gorman – TBD

Jonathan Lewis – indexes, column groups and 12c

Jonathan Lewis Virtual columns

If you Care a Little More, Things Happen. Bees can be dangerous. Always wear protective clothing when approaching or dealing with bees. Do not approach or handle bees without proper instruction and training.

Follow

Get every new post delivered to your Inbox.

Join 392 other followers

%d bloggers like this: