Security

Jekyll comments

Sven Illert - October 21, 2023

I’m a big fan of resource efficiency and for this reason I have chosen Jekyll as software for my blog. I don’t really like the idea to use big CMS like software like the big WP which use a database and tons of code for simple static content. Anyways, that’s just my spleen and geekiness. One backdraw of this choice is, that naturally there’s no dynamic content and therefore by default no possibility to leave a comment for a blog post.

DIY bastion for Oracle OCI

Sven Illert - September 7, 2023

Recently I was restructuring my Oracle OCI private tenant to be only built using terraform. I mainly did this because I need to learn that beast for work but I am also interested in the technology by myself. Of course my main hosting machine for the blog is a nice little Ampere A1 VM that resides in a private subnet, let’s call it web01. The internet facing part is a free load balancer that handles all the TLS encryption. To access the internal VM via SSH I didn’t want to use the OCI Bastion service, because it is limited to a session duration of 3 hours and I don’t want to always create a new session when I’m working on the server.

TIL: SQLcl is not a full replacement yet

Sven Illert - August 24, 2023

Today I learned, that the famous SQLcl is not a full replacement for the loved SQL*Plus yet. I encoutered an issue when using a local wallet to authenticate to the database. That becomes handy when you need a connection via SQL*Net instead of the local bequeath authentication, like with dgmgrl when you want to perform a switchover operation. With an inhouse tool I have generated wallet entries with the EZ-Connect String to avoid managing a tnsnames.ora file. With SQL*Plus I can use these entries in the following way:

TIL: Migrate a PDB from backup including datafile movement

Sven Illert - June 14, 2023

Today I learned an improvement for the way to migrate a non-container 12c database from a backup to a new container based database infrastructure in version 19 with all the glory of Oracle managed files (OMF). Of course that’s pretty simple anyways, but sometimes reading the documentation more intensely helps improving the methods you use on a daily basis. So let’s just for completeness describe the way to create a pluggable database as a clone from a database backup of a non-cdb. At first, we need to create a dummy instance and duplicate the database.

Beware of R1 - Updated

Sven Illert - June 2, 2023

The Good Recently I discovered a critical issue when installing a new Oracle cluster for a customer on Oracle Linux systems. The hardware are shiny new blade systems and I started with the latest and greatest software components which are certified for the Oracle Enterprise Edition and Real Application Cluster. Of course the OS would be Oracle Linux 8.7 with the famous Unbreakable Enterprise Kernel which is at version 7 since this year. In April 2023 Oracle relased the release update 1 which of course brings some enhancements and fixes. Business as usual as you would think.

Instance caging vs. CPU pooling

Sven Illert - May 28, 2023

When working with Oracle databases the common recommended methods to restrict the usage of cpu resources are the so called instance caging and hard partitioning using something like Oracle Linux Virtualization Manager. The last one comes with some resource wastage though, because you have to handle multiple operating systems for multiple databases. So let’s assume that is some sort of last resort for the licensing dilemma. Instead, many of us like to have multiple databases coupled together in one operating environment and want to have some measures to tame the herd. For that there are several layers where you can put constraints on your databases, beginning with limiting the number of sessions a database can handle. But to reduce a databases cpu usage to a specific load and/or a subset of your Multi-Core/Multi-Stocket system, there currently are two methods commonly used. Look at the end of this article to see how I implemented the testing method.