Apr 26 2010

Install 11g Release 2 Grid Infrastructure for Standalone Server on Windows 7 for Sandbox

Category: 11g,Databaseittichai @ 9:08 pm

Oracle 11g Release 2 for Windows was just released this month. With the availability of the grid infrastructure in this version, I plan to install it on my Windows 7 desktop to see what it can do even if it is just on stand alone environment.

In order for database to use Automatic Storage Management (ASM), it requires the Grid Infrastructure. In addition to ASM, Grid Infrastructure will also provide Oracle Restart to manage the Oracle processes (database, listener, and ASM).

One of the first issues I’ve encountered is the new requirement that the clusterware files (OCR & Voting) must be on ASM. I have to admit even though I’ve done ASM on Solaris and Linux before, but never on Windows. Since this is mandatory, I will give it a try. And since I will use ASM for clusterware files, I plan to use it for database data files as well.

In order to use ASM, I’m required to provide the unformatted (raw) basic disks. I plan to use the existing disks without adding new physical ones. Fortunately in Windows 7, I can use the disk management (diskmgmt.msc) tool to shrink volume and create a new logical disk from claimed space. Note that you may have multiple physical disks on your machine, but ASM supports and recognizes only logical drives on the Basic disk (not Dynamic disk). Click here if you’re interested in differences between Basic and Dynamic disks.

Once data volume is shrunk, I can create a new volume and then a logical drive. The new drive must not be formatted or having a drive letter assigned to it. Here is the guidelines from Oracle document on “create disk partitions”.

To use ASM with direct attached storage or SAN, the disks must be stamped with a header. This can be accomplished by using either asmtool (command-line version) or asmtoolg (GUI version). Since we will install Oracle grid infrastructure in interactive mode, the asmtoolg will be called during the configuration. Somehow, if I tried to launch the asmtoolg outside Oracle grid infrastructure installation, I always encountered error with no disks found. However, within the Oracle grid infrastructure installation, there is no issue.

In general, the installation went well. I’ve encountered few issues which I’ve documented them in the documents below. The snapshots of steps here are for educational purpose only.

Windows 7 – Disk Preparation for ASM

Oracle 11g R2 Grid Infrastructure for Standalone Server Installation on Windows

Oracle 11g R2 Software Installation for Single Instance Database on Windows

Oracle 11g R2 Database Creation using ASM on Windows

Tags: , , , , , , ,

Feb 20 2010

Oracle 11g Network Access Denied by Access Control List (ACL) when using UTL_INADDR

Category: 11g,Database,Networkittichai @ 12:10 pm

I wrote in my previous post about the Access Control Lists to Network Services (e.g., UTL_HTTP, UTL_SMTP, UTL_TCP, etc.) in Oracle 11g. However, it did not cover another PL/SQL network utility package named UTL_INADDR which retrieves host names and IP addresses of local and remote hosts.

You can read some usage samples of the UTL_INADDR from Eddie Awad’s blog.

Similar to those UTL_ packages, in 11g, you will be required to configure the access control list in order to use the UTL_INADDR. Otherwise, by default, you will receive errors as follows:

TEST_USER @DB11> SELECT utl_inaddr.get_host_name FROM dual;
SELECT utl_inaddr.get_host_name FROM dual
*
ERROR at line 1:
ORA-24247: network access denied by access control list (ACL)
ORA-06512: at "SYS.UTL_INADDR", line 4
ORA-06512: at "SYS.UTL_INADDR", line 35
ORA-06512: at line 1

Two simple steps to configure are:

1. Create an access control list and its privilege definition.

SQL> connect / as sysdba

begin
dbms_network_acl_admin.create_acl (
acl             => 'Resolve_Access.xml',      -- Name of the access control list XML file
description     => 'Resolve Network Access using UTL_INADDR',  -- Brief description
principal       => 'TEST_USER',               -- First user account or role being granted or denied permission
                                              --   this is case sensitive,
                                              --   but typically user names and roles are stored in upper-case letters
is_grant        => TRUE,                      -- TRUE = granted, FALSE = denied
privilege       => 'resolve',                 -- connect or resolve, this setting is case sensitive,
                                              --   so always enter it in lowercase
                                              --    connect if user uses the UTL_TCP, UTL_HTTP, UTL_SMTP, and UTL_MAIL
                                              --    resolve if user uses the UTL_INADDR
start_date      => null,                      -- optional, null is the default
                                              --   in format of timestamp_with_time_zone (YYYY-MM-DD HH:MI:SS.FF TZR)
                                              --   for example, '2008-02-28 06:30:00.00 US/Pacific'
end_date        => null                       -- optional, null is the default
);

commit;
end;
/

Note that the privilege used for UTL_INADDR is resolve in lowecase.

You can add more users or roles using DBMS_NETWORK_ACL_ADMIN.ADD_PRIVILEGE.

To verify a newly-created ACL.

SQL> SELECT any_path
FROM resource_view
WHERE any_path like '/sys/acls/Resolve%.xml';

ANY_PATH
--------------------------------------------------------------------------------
/sys/acls/Resolve_Access.xml

2. Assign the the access control list to one or more network hosts.

begin
dbms_network_acl_admin.assign_acl (
acl           => 'Resolve_Access.xml', -- Name of the access control list XML file to be modified
host          => '*',                   -- Network host to which this access control list will be assigned
                                        -- This a host name or IP address or wild card name
lower_port    => null,                  -- (optional)
upper_port    => null);                 -- (optional)

commit;
end;
/

TEST_USER @DB11> SELECT utl_inaddr.get_host_name FROM dual;

GET_HOST_NAME
--------------------------------------------------------------------------------
hostname1

Reference: Oracle document on Managing Fine-Grained Access to External Network Services

Tags: , , , , , , ,

Nov 12 2009

11.2.0.1 on Solaris is now available

Category: 11g,Databaseittichai @ 10:35 am

Oracle Database 11g Release 2 (11.2.0.1.0) for Solaris (SPARC) (64-bit) platform is now available for download.

11gr2 solaris

Tags: , ,

Nov 10 2009

11gR2 New Feature – Alter Database Link to Change Password

Category: 11g,Databaseittichai @ 7:26 pm

Our organization requires a regular password change on some database accounts for security compliance. If this account is used in the database link in other database, that database link has to be dropped and recreated with an updated password.

This changes in 11gR2 because it now offers the alter database link to change password. No more drop and recreate database link!

Sample here is on the database where database link is located:

The password of the database link’s account has just been changed.

db11gr2 SQL> select count(*) from tb_test@DL_TEST;
select count(*) from tb_test@DL_TEST
*
ERROR at line 1:
ORA-01017: invalid username/password; logon denied
ORA-02063: preceding line from DL_TEST

db11gr2 SQL> alter database link DL_TEST connect to dblink_test identified by dblink_test;

Database link altered.

db11gr2 SQL> select count(1) from tb_test@DL_TEST;

COUNT(1)
----------
6304

This option is not available in the pre-11gR2.

db11gr1 SQL > alter database link DL_TEST connect to dblink_test identified by dblink_test;
alter database link DL_TEST connect to dblink_test identified by dblink_test
*
ERROR at line 1:
ORA-02231: missing or invalid option to ALTER DATABASE

Tags: , , ,

Oct 19 2009

11gR2 New Feature – File Watchers

Category: 11g,Databaseittichai @ 9:19 pm

The File Watcher is a scheduler object that starts a job whenever files whose attributes met the defined criteria arrived on a system. These criteria include the name, location, and other properties of a file. When the file watcher detects the arrival of the designated file, it raises a file-arrival event. The event message, which has all information on the newly-arrived file, can then be used to process the file.

This new feature simplifies the configurations of the most common triggering event in the data load/batch processing which is to detect the arrival of files.

File Watcher configuration

Setup a new database account to manage the file watcher.

SQL> create user watcher_user identified by watcher_pwd
quota unlimited on users;
User created

SQL> grant connect to watcher_user;
Grant succeeded.

SQL> grant EXECUTE on SYS.SCHEDULER_FILEWATCHER_RESULT to watcher_user;
Grant succeeded.

Other grants needed to complete the tests:

grant create table, create procedure, create job to watcher_user;
grant execute on dbms_lock to watcher_user;
grant execute on dbms_system to watcher_user;
grant manage scheduler to watcher_user;

SQL> create or replace directory STAGING_DIR as '/home/oracle/staging';
Directory created.

SQL> grant read, write on directory staging_dir to watcher_user;
Grant succeeded.

Now as a new watcher_user, we will configure the File Watcher.

1. Create a credential using the OS privilege for file access.

begin
  dbms_scheduler.create_credential(
  credential_name => 'watch_credential',
  username => 'oracle',
  password => 'oracle');
end;
/

2. Create a table to store data processed from file.

create table t_staging_files(
  upload_timestamp  timestamp,
  file_name         varchar2(100),
  file_size         number,
  contents          clob
);

3. The procedure will process file data and put into a database table.

create or replace procedure process_files
(payload IN sys.scheduler_filewatcher_result)
is
  l_clob clob;
  l_bfile bfile;

  dest_offset  INTEGER := 1;
  src_offset   INTEGER := 1;
  src_csid     NUMBER  := NLS_CHARSET_ID ('AL32UTF8');
  lang_context INTEGER := dbms_lob.default_lang_ctx;
  warning      INTEGER;
begin
  insert into t_staging_files (
    upload_timestamp , file_name, file_size, contents)
  values(
    payload.file_timestamp,
    payload.directory_path || '/' || payload.actual_file_name,
    payload.file_size,
    empty_clob()
  ) returning contents into l_clob;

  l_bfile := bfilename('STAGING_DIR', payload.actual_file_name);
  dbms_lob.fileopen(l_bfile);
  dbms_lob.loadclobfromfile (
    l_clob,
    l_bfile,
    dbms_lob.getlength(l_bfile),
    dest_offset,
    src_offset,
    src_csid,
    lang_context,
    warning
  );
  dbms_lob.fileclose(l_bfile);
end;
/

4. Create a Program object with a Metadata argument.

begin
  dbms_scheduler.create_program (
    program_name        => 'file_watcher',
    program_type        => 'stored_procedure',
    program_action      => 'process_files',
    number_of_arguments => 1,
    enabled             => false);

  dbms_scheduler.define_metadata_argument (
    program_name        => 'file_watcher',
    metadata_attribute  => 'event_message',
    argument_position   => 1);

  dbms_scheduler.enable('file_watcher');

end;
/
PL/SQL procedure successfully completed.

5. Create a File Watcher

begin
  dbms_scheduler.create_file_watcher(
    file_watcher_name => 'my_file_watcher',
    directory_path    => '/home/oracle/staging',
    file_name         => '*',
    credential_name   => 'watch_credential',
    destination       => null,
    enabled           => false);
end;
/
PL/SQL procedure successfully completed.

6. Create an Event-Based Job that references the File Watcher.

begin
  dbms_scheduler.create_job(
    job_name        => 'staging_file_job',
    program_name    => 'file_watcher',
    event_condition => 'tab.user_data.file_size > 10',
    queue_spec      => 'my_file_watcher',
    auto_drop       => false,
    enabled         => false);

    dbms_scheduler.set_attribute('staging_file_job','parallel_instances',true);
end;
/

7. Enable all objects

begin
  dbms_scheduler.enable('my_file_watcher,staging_file_job');
end;
/

8. Perform validation

$ echo "Hello World Hello World" > /home/oracle/staging/test_file.txt

After waiting for about 10-15 minutes,

col UPLOAD_TIMESTAMP format a20
col FILE_NAME format a20
col CONTENTS format a20

select * from t_staging_files;

UPLOAD_TIMESTAMP     FILE_NAME             FILE_SIZE CONTENTS
-------------------- -------------------- ---------- -----------------------

13-OCT-09 01.42.04.0 /home/oracle/staging         23 Hello World Hello World
00000 PM             /test_file.txt

By default, the file watcher checks for the arrival of files every 10 minutes. You can adjust this interval as follows:

as SYS user

begin
 DBMS_SCHEDULER.SET_ATTRIBUTE('FILE_WATCHER_SCHEDULE','REPEAT_INTERVAL','FREQ=MINUTELY;INTERVAL=2');
end;
/

You can view information about file watchers by querying the views *_SCHEDULER_FILE_WATCHERS.

col FILE_WATCHER_NAME format a20
col DIRECTORY_PATH format a20
col FILE_NAME format a5
col CREDENTIAL_NAME format a17

SELECT file_watcher_name, directory_path, file_name, credential_name
FROM dba_scheduler_file_watchers;

FILE_WATCHER_NAME    DIRECTORY_PATH       FILE_ CREDENTIAL_NAME
-------------------- -------------------- ----- -----------------
MY_FILE_WATCHER      /home/oracle/staging *     WATCH_CREDENTIAL

References:

Oracle 11gR2 document: Starting a Job When a File Arrives on a System

Starting a Job When a File Arrives on a System

Tags: , , , , ,

Oct 18 2009

11gR2 New Feature – DBFS Database File System

Category: 11g,Databaseittichai @ 8:15 pm

The DBFS (Database File System), one of the new 11gR2 features, takes advantage of the SecureFiles feature (which is new in 11gR1). The SecureFiles provide powerful file storage features (including de-duplication, compression, etc.) which removes performance barrier to storing files in the database. This stands in contrast to LOB (now called the BasicFiles). Not only does the DBFS provide the standard file system interface (path names, directories and links) to store and access files in the database, its benefits also include security and performance from using SecureFiles.

DBFS configuration

1. Follow the DBFS prerequisites and installation instructions here.

2. Install the FUSE package.

Since oracle user will do sudo, add it into /etc/sudoers.

$ tar -xzvf fuse-2.7.3.tar.gz
$ cd fuse-2.7.3
$ ./configure --prefix=/usr/src/kernels/`uname -r`-`uname -p`
$ make
$ sudo su
# make install
# /sbin/depmod
# /sbin/modprobe fuse
# chmod 666 /dev/fuse
# echo "/sbin/modprobe fuse" >> /etc/rc.modules

3. Create a database user and a tablespace to store data.

SQL> create user dbfs_admin identified by dbfs_admin;
SQL> grant create session, resource, create view to dbfs_admin;
SQL> grant dbfs_role to dbfs_admin;
SQL> create tablespace tbs_dbfs datafile '/u1/oradata/DB11LNX/dbfs.dbs' size 100m;

The tablespace must be the Automatic Segment Space Management (ASSM) in order to use the SecureFiles. This is the default setting in 11g.

3. Create a file system using dbfs_create_filesystem.sql (located at $ORACLE_HOME/rdbms/admin).

The dbfs_create_filesystem.sql creates a partitioned file system which stores data in the multiple physical segments. The files will be distributed randomly in these partitions. This way it gives the best performance and scalability.

$ cd $ORACLE_HOME/rdbms/admin
SQL> conn dbfs_admin/dbfs_admin
SQL> @dbfs_create_filesystem.sql tbs_dbfs staging_area

Note that the last argument (e.g., staging_area) will be visible as the name of the file system.

When creating a new file system, a new partitioned table will be created having its name from the  file system’s name with T_ prefix.

SQL> select table_name, partition_name from user_tab_partitions
where table_name like '%STAGING_AREA';

TABLE_NAME                    PARTITION_NAME
----------------------------- ------------------------------
T_STAGING_AREA                SYS_P141
T_STAGING_AREA                SYS_P142
T_STAGING_AREA                SYS_P143
T_STAGING_AREA                SYS_P144
T_STAGING_AREA                SYS_P145
T_STAGING_AREA                SYS_P146
T_STAGING_AREA                SYS_P147
T_STAGING_AREA                SYS_P148
T_STAGING_AREA                SYS_P149
T_STAGING_AREA                SYS_P150
T_STAGING_AREA                SYS_P151
T_STAGING_AREA                SYS_P152
T_STAGING_AREA                SYS_P153
T_STAGING_AREA                SYS_P154
T_STAGING_AREA                SYS_P155
T_STAGING_AREA                SYS_P156

16 rows selected.

4. Verify by copying files into the exposed file system.

SQL> conn dbfs_admin/dbfs_admin
SQL> !cat ~/dbfs_show_content.sql
col pathname format a40
col pathtype format a10
col contents format a20
select pathname, pathtype,
utl_raw.cast_to_varchar2(filedata) as contents
from dbfs_content
order by std_creation_time;

This shows the default directories currently  in database.

SQL> @~/dbfs_show_content.sql

PATHNAME                       PATHTYPE   CONTENTS
------------------------------ ---------- ------------------------------
/staging_area                  directory
/staging_area/.sfs             directory
/staging_area/.sfs/RECYCLE     directory
/staging_area/.sfs/attributes  directory
/staging_area/.sfs/content     directory
/staging_area/.sfs/snapshots   directory
/staging_area/.sfs/tools       directory

7 rows selected.

Let’s create a directory named test_dir. Please note that base directory name staing_area is from the file system created previously. The dbfs_client can be executed from any systems which meet the prerequisite requirements mentioned in the step 1.

{client}$ dbfs_client dbfs_admin@DB11LNX --command mkdir dbfs:/staging_area/test_dir
Password: dbfs_admin

A new directory test_dir is now visible as a new record.

SQL> @~/dbfs_show_content.sql

PATHNAME                       PATHTYPE   CONTENTS
------------------------------ ---------- ------------------------------
/staging_area                  directory
/staging_area/.sfs             directory
/staging_area/.sfs/RECYCLE     directory
/staging_area/.sfs/attributes  directory
/staging_area/.sfs/content     directory
/staging_area/.sfs/snapshots   directory
/staging_area/.sfs/tools       directory
/staging_area/test_dir         directory

8 rows selected.

Copy a file into it.

{client}$ echo "hello world" > /tmp/dbfs_file
{client}$ dbfs_client dbfs_admin@DB11LNX --command cp /tmp/dbfs_file dbfs:/staging_area/test_dir
Password: dbfs_admin
/tmp/dbfs_file -> dbfs:/staging_area/test_dir/dbfs_file
SQL> @~/dbfs_show_content.sql
PATHNAME                                 PATHTYPE   CONTENTS
---------------------------------------- ---------- ------------------------------
/staging_area                            directory
/staging_area/.sfs                       directory
/staging_area/.sfs/attributes            directory
/staging_area/.sfs/tools                 directory
/staging_area/.sfs/snapshots             directory
/staging_area/.sfs/RECYCLE               directory
/staging_area/.sfs/content               directory
/staging_area/test_dir                   directory
/staging_area/test_dir/dbfs_file         file       hello world

9 rows selected.

Optionally you can also mount this file system on the client, so the file operations can be done without invoking dbfs_client every time.

Create a mount point. (*)

{client}# mkdir /mnt/dbfs
{client}# chown oracle:dba /mnt/dbfs
{client}# chmod 755 /mnt/dbfs
$ dbfs_client dbfs_admin@DB11LNX /mnt/dbfs
password: dbfs_admin
:

Somehow on my test system, the prompt never returned even though the file system is mounted successfully. So in order to test it, I left this window open, and execute the remaining of commands in a new window.

The prompt will never return using above syntax. However, the following example will read the password from a file, mount a file system, and then free the terminal. (Thanks Simon for pointing this out.)

$ nohup dbfs_client dfs_admin@DB11LNX /mnt/dbfs  < passwordfile.f &

Note that now I can perform all standard Unix file/directory syntaxes to this mount point.

{client}$ echo "hello world 2" > /tmp/dbfs_file2
{client}$ cp /tmp/dbfs_file2 /mnt/dbfs/staging_area/test_dir
SQL> @~/dbfs_show_content.sql
PATHNAME                                 PATHTYPE   CONTENTS
---------------------------------------- ---------- ------------------------------
/staging_area                            directory
/staging_area/.sfs                       directory
/staging_area/.sfs/attributes            directory
/staging_area/.sfs/tools                 directory
/staging_area/.sfs/snapshots             directory
/staging_area/.sfs/RECYCLE               directory
/staging_area/.sfs/content               directory
/staging_area/test_dir                   directory
/staging_area/test_dir/dbfs_file         file       hello world
/staging_area/test_dir/dbfs_file2        file       hello world2
10 rows selected.

There are a lot of administrative options you can do from here including using Oracle wallet so no password will be prompted when mounting a DBFS store. You can also mount DBFS through the fstab. See instructions in the Oracle 11gR2′s DBFS File System Client.

One of the claimed benefits of using DBFS is I/O throughput performance in a range of 5-7 GB/sec. I plan to perform performance tests and report the results in the next post. Stay tune!.

(*) Initially, I received this error when trying to run dbfs_client.

dbfs_client: error while loading shared libraries: libfuse.so.2: cannot open shared object file: No such file or directory

By creating a softlink to the /lib folder, it’s solved the problem.

# ln -s /usr/src/kernels/2.6.18-92.el5-i686/lib/libfuse.so.2 /lib/libfuse.so.2

Tags: , , ,

Oct 06 2009

The Access Control Lists to Network Services (e.g., UTL_HTTP, UTL_SMTP, UTL_TCP, etc.) in Oracle 11g

Category: 11g,Database,PL/SQLittichai @ 8:43 pm

This is one of the 11g features I read it once when it was first released but did not see its significance until now. Last week we just migrated an application from 9i to 11g. During a test of the send mail package using UTL_SMTP, we got this error, “ORA-24247: network access denied by access control list (ACL).” After a quick search, I’m in luck because I found a lot of articles written about this new 11g feature. However, I particularly find these two well-written concepts and samples from Arup Nanda’s Access Control Lists for UTL_TCP/HTTP/SMTP and Oracle-Base’s Fine-Grained Access to Network Services in Oracle Database 11g Release 1 very helpful.

My sample here is from our test case:

1. The send mail package which executes the UTL_SMTP failed.

TEST_USER SQL> exec pkg_LoadStatus.SendMail('user@company.com', 'Test Subject', 'Hello World');

ORA-24247: network access denied by access control list (ACL)
ORA-06512: at "SYS.UTL_TCP", line 17
ORA-06512: at "SYS.UTL_TCP", line 246
ORA-06512: at "SYS.UTL_SMTP", line 115
ORA-06512: at "SYS.UTL_SMTP", line 138
ORA-06512: at "pkg_LoadStatus", line 283
ORA-06512: at line 3

2. To fix it, an ACL has to be created.

The principal is the user or role to be added into this ACL. In this case, the TEST_USER account is added during the ACL creation. This field is case sensitive.

SQL> connect / as sysdba

begin
dbms_network_acl_admin.create_acl (
acl             => 'Mail_UTL_Access.xml',
description     => 'Mail UTL Network Access',
principal       => 'TEST_USER',
is_grant        => TRUE,
privilege       => 'connect',
start_date      => null,
end_date        => null
);

commit;
end;
/

The description of each variable is clearly described in the Oracle-Base’s article.

3. Verify a newly-created ACL.

SQL> SELECT any_path
     FROM resource_view
     WHERE any_path like '/sys/acls/%.xml';

ANY_PATH
--------------------------------------------------------------------------------
/sys/acls/Mail_UTL_Access.xml
/sys/acls/OLAP_XS_ADMIN/OLAP_XS_ADMIN602a67cf3684e24e04403ba6c65c6_acl.xml
/sys/acls/OLAP_XS_ADMIN/OLAP_XS_ADMIN602a67cf36e4e24e04403ba6c65c6_acl.xml
/sys/acls/OLAP_XS_ADMIN/OLAP_XS_ADMIN602a67cf3724e24e04403ba6c65c6_acl.xml
/sys/acls/OLAP_XS_ADMIN/OLAP_XS_ADMIN602a67cf3764e24e04403ba6c65c6_acl.xml
/sys/acls/all_all_acl.xml
/sys/acls/all_owner_acl.xml
/sys/acls/bootstrap_acl.xml
/sys/acls/ro_all_acl.xml
/sys/acls/ro_anonymous_acl.xml

4. Optionally you can add more users or roles into this ACL by using the add_privilege procedure. This is similar to the create_acl procedure except no description. Sample shown here is to add ADMIN_ADMIN_ROLE role.

begin
dbms_network_acl_admin.add_privilege (
acl           => 'Mail_UTL_Access.xml',
principal     => 'APP_ADMIN_ROLE',
is_grant      => TRUE,
privilege     => 'connect',
start_date    => null,
end_date      => null);

commit;
end;
/

5. Add a host and port range allowed.

begin
dbms_network_acl_admin.assign_acl (
acl           => 'Mail_UTL_Access.xml',
host          => 'smtp.company.com',
lower_port    => 1,
upper_port    => 1024);

commit;
end;
/

6. Test the send mail package again. This time there is no error, and the recipient receives email.

TEST_USER SQL> exec pkg_LoadStatus.SendMail('user@company.com', 'Test Subject', 'Hello World');

PL/SQL procedure successfully completed

Tags: , , , , ,

Oct 05 2009

Online SAN Storage Migration for Oracle 11g RAC database with ASM

Category: 11g,Database,Migrationittichai @ 7:30 am

It has been awhile since my last post. My pathetic excuses are all pretty much mentioned here. :-)

Last month we’ve worked with the storage team to migrate the SAN storage of our Oracle 11gR1 database to a new one. The drive of migration is mainly for SAN consolidation which is, of course, ultimately for cost saving. In addition to migrating the ASM disk groups storing database’s data files, all clusterware files (OCR and voting disk) must be migrated too. The rebalance feature in Oracle ASM makes data migration very easy and seamless. And since the clusterware files have redundancy, they can be seamlessly migrated as well. With 11gR1, all migration tasks can be performed online.

Prerequisites/Assumptions:

- New SAN LUNs/disks are already visible to all RAC nodes. In case of the disks for ASM diskgroups, they are already discovered by ASM. The minimum numbers and permissions of the OCR and voting disks must be met.

- It is recommended to perform the migration tasks during off-peak hours or even better if during planned maintenance window period.

Note that the sample shown here is specific to my environment (11.1.0.7 on Solaris 10 with dual-pathing to Hitachi SAN, and OCR and voting disks are on raw devices).

SAN Migration of the ASM diskgroups

If you’re more comfortable with GUI, all tasks here can be accomplished using the Enterprise Manager.

1. Add new disks to ASM diskgroups.

ALTER DISKGROUP PMDW_DG1 ADD DISK
  '/dev/rdsk/c4t60060E80056FB30000006FB300000823d0s6' NAME PMDW_DG1_0003,
  '/dev/rdsk/c4t60060E80056FB30000006FB300000826d0s6' NAME PMDW_DG1_0004,
  '/dev/rdsk/c4t60060E80056FB30000006FB300000829d0s6' NAME PMDW_DG1_0005
REBALANCE POWER 11;

We go with the rebalance power of 11 which is full throttle because it is planned maintenance.

2. Check rebalance status from Enterprise Manager or v$ASM_OPERATION.

3. When rebalance completes, drop the old disks.

ALTER DISKGROUP PMDW_DG1 DROP DISK
   PMDW_DG1_0000,
   PMDW_DG1_0001,
   PMDW_DG1_0002
REBALANCE POWER 11;

When adding or removing several disks, it is recommend to add or remove all disks at once. This is to reduce the number of the rebalance operations that are needed for storage changes.

SAN Migration of the OCR Files

1. Backup all OCR-related files.

# {CRS_HOME}/bin/ocrcheck
Status of Oracle Cluster Registry is as follows :
         Version                  :          2
         Total space (kbytes)     :     921332
         Used space (kbytes)      :       4548
         Available space (kbytes) :     916784
         ID                       :  776278942
         Device/File Name         : /dev/rdsk/c4t50060E800000000000002892000003F8d0s6
                      Device/File integrity check succeeded
         Device/File Name         : /dev/rdsk/c4t50060E800000000000002892000003F9d0s6
                       Device/File integrity check succeeded

Backup the /var/opt/oracle/ocr.loc file:

# cp ocr.loc ocr.loc.old

Manually backup OCR:

# {CRS_HOME}/bin/ocrconfig -manualbackup

2. As root, run the following commands to replace OCR files. This change can be performed on-line, and will be reflected across the entire cluster.

# {CRS_HOME}/bin/ocrconfig -replace ocr /dev/rdsk/c4t60060E80056FB30000006FB300001014d0s6

# {CRS_HOME}/bin/ocrconfig -replace ocrmirror /dev/rdsk/c4t60060E80056FB30000006FB300001015d0s6

3. Verify the new configuration.

Check new ocr.loc file updated:

# cat /var/opt/oracle/ocr.loc
#Device/file /dev/rdsk/c4t50060E800000000000002892000003F9d0s6 getting replaced by device /dev/rdsk/c4t60060E80056FB30000006FB300001015d0s6
ocrconfig_loc=/dev/rdsk/c4t60060E80056FB30000006FB300001014d0s6
ocrmirrorconfig_loc=/dev/rdsk/c4t60060E80056FB30000006FB300001015d0s6

Check OCR:

# {CRS_HOME}/bin/ocrcheck
Status of Oracle Cluster Registry is as follows :
Version                  :          2
Total space (kbytes)     :     921332
Used space (kbytes)      :       4548
Available space (kbytes) :     916784
ID                       :  776278942
Device/File Name         : /dev/rdsk/c4t60060E80056FB30000006FB300001014d0s6
Device/File integrity check succeeded
Device/File Name         : /dev/rdsk/c4t60060E80056FB30000006FB300001015d0s6
Device/File integrity check succeeded

Cluster registry integrity check succeeded

Logical corruption check succeeded

SAN Migration of the voting disks

1. Backup the voting disks.

Query the original locations:

# /opt/oracrs/bin/crsctl query css votedisk
0.     0    /dev/rdsk/c4t50060E800000000000002892000003FBd0s6
1.     0    /dev/rdsk/c4t50060E800000000000002892000003FCd0s6
2.     0    /dev/rdsk/c4t50060E800000000000002892000003FFd0s6

Backup voting disks using dd:

dd if={voting_disk_name} of={backup_file_name}

Example,
dd if=/dev/rdsk/c4t50060E800000000000002892000003FBd0s6 of=/tmp/voting1

2. Move voting disks.

Starting with 11.1 onwards, the voting disk migration can be performed on-line.

# /opt/oracrs/bin/crsctl delete css votedisk /dev/rdsk/c4t50060E800000000000002892000003FBd0s6
# /opt/oracrs/bin/crsctl add  css votedisk /dev/rdsk/c4t60060E80056FB30000006FB300001017d0s6

# /opt/oracrs/bin/crsctl delete css votedisk  /dev/rdsk/c4t50060E800000000000002892000003FCd0s6
# /opt/oracrs/bin/crsctl add css votedisk  /dev/rdsk/c4t60060E80056FB30000006FB300001018d0s6

# /opt/oracrs/bin/crsctl delete css votedisk  /dev/rdsk/c4t50060E800000000000002892000003FFd0s6
# /opt/oracrs/bin/crsctl add css votedisk  /dev/rdsk/c4t60060E80056FB30000006FB300001019d0s6

3. Verify the new configuration.

# /opt/oracrs/bin/crsctl query css votedisk
0.     0    /dev/rdsk/c4t60060E80056FB30000006FB300001017d0s6
1.     0    /dev/rdsk/c4t60060E80056FB30000006FB300001018d0s6
2.     0    /dev/rdsk/c4t60060E80056FB30000006FB300001019d0s6

Reference:
Metalink #428681.1:  OCR / Vote disk Maintenance Operations: (ADD/REMOVE/REPLACE/MOVE), including moving from RAW Devices to Block Devices

Tags: , , , , , ,

May 15 2009

RAC Assessment from Oracle

Category: 11g,Databaseittichai @ 7:30 am

In our first large-scale Oracle 11g RAC with ASM deployment, we started this project by engaging Oracle. The primary goal of this engagement is to get as much technical input as possible especially when it comes to the areas of best practices. We’ve been advised by our Oracle account manager to use free RAC assessment service provided by a special unit called Oracle RAC Assurance Team. That was really the first time I’ve heard of this kind of service even though we’ve worked with Oracle since our first Oracle 9i RAC many years back. Please note that this assessment service is not available to all customers as a general offering – business justification is required.

The focus of the review is to validate system components, pertinent to designed functionality and implementation, in order to assess capabilities needed to sustain and support an Oracle RAC environment. The goal is to determine whether the configuration has the potential to cause availability or integrity problems.

The assessment does not imply certifications by Oracle of any hardware and software related to infrastructure.

We’ve been asked to provide the following:

  • Architecture diagrams depicting RAC and application components
  • RDA from each node (Metalink Note 314422.1)
  • Oracle Clusterware information
       $ env
       $ id
       $ cluvfy stage -post crsinst -n all -verbose
       $ crs_stat –t
       $ crsctl query css votedisk
       $ ocrcheck
  • Cluster diagnostic information (using diacollection.pl from Metalink Note 330358.1)
  • System logs
  • Public and Private interconnection definitions
       $ oifcfg getif
       $ oifcfg iflist
  • Interconnection traffic
       select * from gv$configured_interconnects;
  • Service definition
       set pages 60 space 2 num 8 lines 132 verify off feedback off
       column name format a15
       column network_name format a12
       column failover_method format a10
       column failover_type format a10

       select service_id, name, network_name, failover_method,
        failover_type, goal,dtp, enabled, AQ_HA_NOTIFICATIONS, CLB_GOAL
       from dba_services;
  • Opatch information
       opatch lsinventory -oh $RDBMS_HOME
       opatch lsinventory -oh $ASM_HOME
       opatch lsinventory -oh $CRS_HOME
  • System definitions (/etc/system)
  • Layer 3/Network Configuration
       # dladm show-link
  • Adaptor summary statistics for public, VIP and interconnect
       kstat -n <NIC name>
       netstat -in
       ifconfig –a
  • UDP parameter settings
       # ndd /dev/udp udp_xmit_hiwat
       # ndd /dev/udp udp_recv_hiwat
  • ASM instance information
       set linesize 1500
       set pagesize 1000
       column name format a20
       column path format a40
       column failgroup format a20

       select GROUP_NUMBER, NAME, SECTOR_SIZE, BLOCK_SIZE,
         ALLOCATION_UNIT_SIZE, STATE, TYPE, TOTAL_MB, FREE_MB
       from v$asm_diskgroup
         order by GROUP_NUMBER;

       select GROUP_NUMBER, DISK_NUMBER, NAME, MOUNT_STATUS,
         MODE_STATUS, STATE, REDUNDANCY, FAILGROUP, PATH,
         TOTAL_MB, FREE_MB
       from v$asm_disk
       order by GROUP_NUMBER, DISK_NUMBER;
  • AWR/Statspack report for peak load period with
  • OSWatcher or OS statistics (top, mpstat, iostat, vmstat, SAR for same corresponding period as AWR/Statspack data) – See Metalink note 301137.1
  • Alert and others logs

After a few weeks, Oracle came back with recommendations which have been evaluated against best practices compiled from its experience with its global RAC customer base. I found these recommendations very helpful. In fact, in some cases, I would not have known of some of the recommendations without this analysis. I’d like to share with you some recommendations given for our specific environment (Oracle 11.1.0.7 with ASM on Solaris 10). Please keep in mind that this may not apply to your environment. So it is advisable to consult Oracle support and/or the provided Metalink Notes if you have any questions.

These are some best practices and recommendations:

  • Whenever possible use a non-shared Oracle Home for ASM and the RDBMS. In most cases the non-shared Oracle Home is the preferred solution due to the ability to patch in a rolling upgrade fashion with zero downtime and the elimination of the single point of failure and binary dependency issues that the shared Oracle Home approach introduces.
  • Do not install the CRS Oracle Home using a shared file system location.
  • Ensure that run-time files in directories /var/tmp/.oracle, or /tmp/.oracle are not removed while Oracle background, or user processes are active. These directories contains a number of “special” socket files that are used by local clients to connect via the IPC protocol (sqlnet) to various Oracle processes including the TNS listener, the CSS, CRS & EVM daemons or even the database instance.
  • Add  slewalways yes and disable pll in /etc/inet/ntp.conf to avoid node reboot due to a leap second event. Refer to Metalink Note: 759143.1.
  • On Solaris, set the UDP buffer settings (udp_xmit_hiwat and udp_recv_hiwat) to 65536. These should improve cluster interconnect throughput. Refer to Metalink Note: 181489.1. Please create an RC script so that it will set udp_xmit_hiwat and udp_recv_hiwat to 65536 everytime the server rebooted.
        ndd -set /dev/udp udp_xmit_hiwat 65536
        ndd -set /dev/udp udp_recv_hiwat 65536
  • Ensure that both OCR and Voting disks are backed up periodically. The OCR backups are taken automatically, and stored on the Master RAC node. Voting disks can be backed up manually using dd with a 4k block size (hot backup).
  • Do not use crs_unregister to remove default CRS resources (nodeapps) unless instructed by Oracle Support.
  • Ensure that the CSS DIAGWAIT parameter is set to 13 seconds on all platforms. DIAGWAIT is a CSS parameter built-into 10.1.0.5+, 10gR2, 11g which will allow enough time for the failed node to flush final trace files to better help debug a node failure. Always keep CSS misscount greater than the setting of DIAGWAIT. Refer to MetaLink Note:559365.1.
  • Increase PARALLEL_EXECUTION_MESSAGE_SIZE from the default (2k), to 4k or 8k in order to provide better recovery slave performance.
  • Set PARALLEL_MIN_SERVERS to CPU_COUNT-1, in order to pre-spawn recovery slaves at startup, instead of when recovery is required.
  • On each RDBMS instance supported by ASM, add the following SHARED_POOL allocations, based on each Disk Group type in use:

    • - For disk groups using external redundancy, every 100GB of space needs 1MB of extra shared pool plus 2MB
    - For disk groups using normal redundancy, every 50GB of space needs 1MB of extra shared pool plus 4MB
    - For disk groups using high redundancy, every 33GB of space needs 1MB of extra shared pool plus 6MB

  • Avoid bad writes to ASM disks by avoiding Raid 5. See NOTE: 30286.1 – I/O Tuning with Different RAID Configurations.
  • Ensure the Network Listener is configured to use an address-list that specifies an IPC connection before the TCP connections. This will avoid fail-over delays associated with TCP timeouts. Refer to Metalink Note: 403743.1.

In conclusion, I’m very impressed with the information and the kind of professionalism Oracle RAC Assessment team has provided. This has definitely given us (as well as management) more confidence with our new setup.

Tags: , ,

May 01 2009

Oracle RAT’s Workload Capture With Duration Set Does Not Stop Automatically

Category: 11g,Databaseittichai @ 8:18 am

One of most exciting features of Oracle 11g is the Oracle Real Application Testing (RAT). Fortunately, Oracle extends support of this feature back to the previous versions. Even though the workload replay is only possible on Oracle 11g, the workload capture is now available in Oracle 9i and 10g. See the Metalink note: 560977.1 – Real Application Testing for Earlier Releases for more details.

I’ve tried the capture on Oracle 9.2.0.8 with all required patches mentioned in above Metalink note. I used the scripts as provided by Oracle.

I’ve found that everything works except for one minor issue which was later identified by Oracle support as an unpublished bug. This issue was that the workload capture initiated by the DBMS_WORKLOAD_CAPTURE.START_CAPTURE does not stop automatically even when the duration parameter is specified. For your reference, the bug number is 6068696 – “Gen V111 (74) CAPTURE WITH DURATION SET DOES NOT STOP AUTOMATICALLY.” And as expected, there will be no fix backported to 9.2.0.8. The only workaround is to manually stop it.

-- Check Date/Time before start
SQL> !date
Fri Apr 17 09:43:39 CDT 2009

-- Check for any existing capture
SQL> select NAME, DBNAME, DBVERSION, STATUS, START_TIME from DBA_WORKLOAD_CAPTURES
where STATUS <> 'COMPLETED';

no rows selected

-- Start capture
SQL> BEGIN
DBMS_WORKLOAD_CAPTURE.START_CAPTURE (name => 'TSDW_CAPTURE_TEST',
dir => 'CAPTURE_DIR_FA_TSDW',
duration => 30); -- duration in seconds
END;
/

PL/SQL procedure successfully completed.

-- Verify that capture is running
SQL> select NAME, DBNAME, DBVERSION, STATUS, START_TIME from DBA_WORKLOAD_CAPTURES
where STATUS <> 'COMPLETED';

NAME               DBNAME DBVERSION   STATUS        START_TIME
------------------ -----  ----------- ------------- --------------------
TSDW_CAPTURE_TEST  TSDW   9.2.0.8.0   IN PROGRESS   Apr 17 2009 09:43:47

-- Check point after about one minute
SQL> !date
Fri Apr 17 09:44:42 CDT 2009

-- Capture is still running - ok, let's give some more time...
SQL> select NAME, DBNAME, DBVERSION, STATUS, START_TIME from DBA_WORKLOAD_CAPTURES
where STATUS <> 'COMPLETED';

NAME               DBNAME DBVERSION   STATUS        START_TIME
------------------ -----  ----------- ------------- --------------------
TSDW_CAPTURE_TEST  TSDW   9.2.0.8.0   IN PROGRESS   Apr 17 2009 09:43:47

-- Next check point - almost 2 minutes past
SQL> !date
Fri Apr 17 09:45:48 CDT 2009

-- Still running
SQL> select NAME, DBNAME, DBVERSION, STATUS, START_TIME from DBA_WORKLOAD_CAPTURES
where STATUS <> 'COMPLETED'; 

NAME               DBNAME DBVERSION   STATUS        START_TIME
------------------ -----  ----------- ------------- --------------------
TSDW_CAPTURE_TEST  TSDW   9.2.0.8.0   IN PROGRESS   Apr 17 2009 09:43:47

-- Use finish_capture manually
SQL> BEGIN
DBMS_WORKLOAD_CAPTURE.FINISH_CAPTURE ();
END;
/

PL/SQL procedure successfully completed.

-- Gone. No more capture.
SQL> select NAME, DBNAME, DBVERSION, STATUS, START_TIME from DBA_WORKLOAD_CAPTURES
where STATUS <> 'COMPLETED';

no rows selected

Tags: , ,

Next Page »