Dietrich Schroff

In january 2019 Oracle released the documentation for Oracle Database 19c.

More than 7 weeks later there is still nothing at https://www.oracle.com/downloads/:


The gap between release date of the documentation and the on premises software was for 18c not so long...

Will 19c on premises software be released before may? Or later in summer?

After accessing a S3 bucket from an ec2 instance by adding an IAM role to my EC2 instance, i tried to get the access from an ec2 instance by using a AWS endpoint.

First step: Launch an ec2 instance within your VPC and try to access your S3 bucket:

[ec2-user@ip-172-31-30-93 ~]$ wget https://s3-eu-west-1.amazonaws.com/my.webtest/website.json
--2019-02-02 18:29:28--  https://s3-eu-west-1.amazonaws.com/my.webtest/website.json
Auflösen des Hostnamen »s3-eu-west-1.amazonaws.com (s3-eu-west-1.amazonaws.com)«... 52.218.16.244
Verbindungsaufbau zu s3-eu-west-1.amazonaws.com (s3-eu-west-1.amazonaws.com)|52.218.16.244|:443... verbunden.
HTTP-Anforderung gesendet, warte auf Antwort... 403 Forbidden
2019-02-02 18:29:28 FEHLER 403: Forbidden.

Second step: change the bucket policy to this:

{
    "Version": "2012-10-17",
    "Id": "Policy1119991119999",
    "Statement": [
        {
            "Sid": "Access-to-specific-VPC-only",
            "Effect": "Allow",
            "Principal": "*",
            "Action": "*",
            "Resource": [
                "arn:aws:s3:::my.webtest",
                "arn:aws:s3:::my.webtest/*"
            ],
            "Condition": {
                "StringEquals": {
                    "aws:sourceVpc": "vpc-12e0cc74"
                }
            }
        }
    ]
}

The access to the bucket is still forbidden. So next step is to add the endpoint:
Goto VPC -> endpoint:
And then choose the following:



(Here you have to select your route table ID!!!)

After that everything works like expected:

[ec2-user@ip-172-31-30-93 ~]$ wget https://s3-eu-west-1.amazonaws.com/my.webtest/website.json
--2019-02-02 18:29:51--  https://s3-eu-west-1.amazonaws.com/my.webtest/website.json
Auflösen des Hostnamen »s3-eu-west-1.amazonaws.com (s3-eu-west-1.amazonaws.com)«... 52.218.53.66
Verbindungsaufbau zu s3-eu-west-1.amazonaws.com (s3-eu-west-1.amazonaws.com)|52.218.53.66|:443... verbunden.
HTTP-Anforderung gesendet, warte auf Antwort... 200 OK
Länge: 130 [application/json]
In »»website.json.1«« speichern.

100%[===============================================================================================================>] 130         --.-K/s   in 0s      

2019-02-02 18:29:51 (5,28 MB/s) - »»website.json.1«« gespeichert [130/130]

In my Oracle VM server installation the ovmcli refuses to work:

ssh -l admin localhost -p 10000 

Connection to localhost closed by remote host.

Connection to localhost closed.

There some workarounds like:

ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -oHostKeyAlgorithms=+ssh-dss -l  admin localhost -p 10000

But the result is the same.

Here a debug output from ssh -v:

[root@oraVMManager mnt]# ssh -l admin localhost -p 10000  -v
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips  26 Jan 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 58: Applying options for *
debug1: Connecting to localhost [::1] port 10000.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.4
debug1: Remote protocol version 2.0, remote software version ${POM.ARTIFACTID}-${POM.VERSION}
debug1: no match: ${POM.ARTIFACTID}-${POM.VERSION}
debug1: Authenticating to localhost:10000 as 'admin'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: diffie-hellman-group1-sha1
debug1: kex: host key algorithm: ssh-dss
debug1: kex: server->client cipher: aes128-cbc MAC: hmac-sha1 compression: none
debug1: kex: client->server cipher: aes128-cbc MAC: hmac-sha1 compression: none
debug1: kex: diffie-hellman-group1-sha1 need=20 dh_need=20
debug1: kex: diffie-hellman-group1-sha1 need=20 dh_need=20
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
debug1: Server host key: ssh-dss SHA256:E6FYsSD9om4ChxJT17vBGUyqHmz3kLLAIxxJZlYjJCM
debug1: Host '[localhost]:10000' is known and matches the DSA host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: password,publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /root/.ssh/admin
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug1: Authentication succeeded (publickey).
Authenticated to localhost ([::1]:10000).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: pledge: network
debug1: Sending environment.
debug1: Sending env LANG = de_DE.UTF-8
debug1: channel 0: free: client-session, nchannels 1
Connection to localhost closed by remote host.
Connection to localhost closed.
Transferred: sent 3224, received 1432 bytes, in 0.0 seconds
Bytes per second: sent 2461309.8, received 1093236.9
debug1: Exit status -1

The solution was:
Upgrade the OVM Manager (take a look here)

And then:

ssh -l admin localhost -p 10000  -v
SHA256:pidDB23XNyVHE55Q7GJ+9uqJvBfoR3B1lm02gdYeus8
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
SHA256:pidDB23XNyVHE55Q7GJ+9uqJvBfoR3B1lm02gdYeus8.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending DSA key in /root/.ssh/known_hosts:1
RSA host key for [localhost]:10000 has changed and you have requested strict checking.
Host key verification failed.

Ok - this was not expected, but the upgrade changed the host key.

But after removing that line from the known_hosts file:

[root@oraVMManager mnt]# ssh -l admin localhost -p 10000  
OVM> list server
Command: list server
Status: Success
Time: 2019-01-25 05:52:14,849 EST
Data: 
  id:18:e2:a6:9d:5c:b6:48:3a:9b:d2:b0:0f:56:7e:ab:e9  name:oraclevm
OVM> ?
     add
     create
     delete
     edit
     embeddedcreate
     embeddeddelete
     embeddededit
     exit
     help
     list
     remove
     set
     show
     showallcustomcmds
     showclisession
     showcustomcmds
     showobjtypes
     showversion

This weekend i read "Azure for Architects - Implementing cloud design, DevOps, containers, IoT and serverless solutions on your public cloud".


After i had some trouble to publish my review on amazon.de and i put in onto my blog (take a look here), i wrote a smaller review only about 2 chapters. And this worked...

One statement i liked, was:
This is not only true for security, but sometimes it is important to state the obvious.

If you are interested, take a look at my review at amazon.de (like all my reviews: written in german ;-).

After nearly an half year of looking into AWS, here a summary of all postings related to that topic:

• Amazon Web Services: A Start into AWS 

ECS & S3 (Computing & Storage):

• AWS: Running a docker-image with ECS 
• AWS: Running a docker-image with ECS (part 2)
• AWS: Running a docker-image with ECS (part 3): Stop it!  
• AWS: Accessing S3 buckets from the internet and from ec2 instances
by granting acces via IAM and using AWS CLI on the server without a password
• AWS: Accessing S3 buckets from ec2 instances without using IAM
  by using network rules and service endpoints to reach out to S3 with AWS-unaware CLI commands

VPC (Networking):

• AWS: Networking - Virtual Privat Cloud

Billing

• AWS: Billing - how to delete a route 53  
• AWS: What services are free of charge? How to control your costs...
• AWS: What services are free of charge? How to control your costs...(part 2)
• AWS: What services are free of charge? How to control your costs...(part 3)

Automation

• AWS: Installing aws cli (Amazon Web Service Commandline)  
• AWS: Creating a static Website with S3 (simple storage service) with aws cli
• AWS: How to delete a static website via aws cli

Miscellaneous 

• AWS: Logging? CloudTrail! 
• AWS: AWS Solutions Architect Associate - Practice
• Review at amazon: AWS Certified Solutions Architect - Official Study Guide 
• AWS: IAM & security - Best practices: Using a non-root user 

Just to try some things in Microsoft Azure i wanted to add an additional user to my test account. But this was not so easy:

Go to "Azure Active Directory" and "Users":


I thought this is not really a problem, because openesb.eu is my domain, so let's try to verify this one:


So only way to add users in such a minimal setup, is to add accounts from live.com etc..

After installation waagent on my ubunu server, i tried to use this tool.
First guess was to read the manpages, but there is no entry for waagent:
root@ubuntuserver:~# man waagent
No manual entry for waagent
See 'man 7 undocumented' for help when manual pages are not available.So for documentation you have to visit the Microsoft Azure portal:
https://docs.microsoft.com/en-us/azure/virtual-machines/extensions/agent-linux



Here are some commands i tried:

root@ubuntuserver:~# waagent -show-configuration
AutoUpdate.Enabled = True
AutoUpdate.GAFamily = Prod
Autoupdate.Frequency = 3600
CGroups.EnforceLimits = False
CGroups.Excluded = customscript,runcommand
DVD.MountPoint = /mnt/cdrom/secure
DetectScvmmEnv = False
EnableOverProvisioning = True
Extension.LogDir = /var/log/azure
Extensions.Enabled = True
HttpProxy.Host = None
HttpProxy.Port = None
Lib.Dir = /var/lib/waagent
Logs.Verbose = False
OS.AllowHTTP = False
OS.CheckRdmaDriver = False
OS.EnableFIPS = False
OS.EnableFirewall = True
OS.EnableRDMA = False
OS.HomeDir = /home
OS.OpensslPath = /usr/bin/openssl
OS.PasswordPath = /etc/shadow
OS.RootDeviceScsiTimeout = 300
OS.SshClientAliveInterval = 180
OS.SshDir = /etc/ssh
OS.SudoersDir = /etc/sudoers.d
OS.UpdateRdmaDriver = False
Pid.File = /var/run/waagent.pid
Provisioning.AllowResetSysUser = False
Provisioning.DecodeCustomData = False
Provisioning.DeleteRootPassword = True
Provisioning.Enabled = False
Provisioning.ExecuteCustomData = False
Provisioning.MonitorHostName = False
Provisioning.PasswordCryptId = 6
Provisioning.PasswordCryptSaltLength = 10
Provisioning.RegenerateSshHostKeyPair = False
Provisioning.SshHostKeyPairType = rsa
Provisioning.UseCloudInit = True
ResourceDisk.EnableSwap = False
ResourceDisk.Filesystem = ext4
ResourceDisk.Format = False
ResourceDisk.MountOptions = None
ResourceDisk.MountPoint = /mnt
ResourceDisk.SwapSizeMB = 0

or list all commands:

root@ubuntuserver:~# waagent -help
usage: /usr/sbin/waagent [-verbose] [-force] [-help] -configuration-path:-deprovision[+user]|-register-service|-version|-daemon|-start|-run-exthandlers|-show-configuration]

Last week i read the exam ref "architecting microsoft azure solutions"

The book cover states
Designed for architects and other cloud professionals ready to advance their status, Exam Ref focuses on the critical thinking and decision-making acumen needed for success at the MCSA level. The book "Architecting Microsoft Azure Solutions" comes with 320 pages and 6 chapters. The claim of the book: "This book teaches you how to design and architect secure, highly-available, performant, monitored and resilient solutions on Azure".

The first chapter is "Design compute infrastructure". The beginning is clearly structured: Fault Domains, Availabilty Sets and Update Domains. Unfortunately, when listing the VM types, thera are various letters shown, but an explanation of the abbreviations of that letters is missing.
The sub-chapter Migration contains only many URLs. Helpful examples are not provided. The next subchapters serverless computing and microservices are not worth reading. It is not at all clear which requirements have to be met in order to build an application serverless or in a container. But there are many comparisons when serverless computing fits better than microservices.
The subchapter "Design Web Applications" loses itself in general considerations regarding availability and description of REST.
The biggest problem with Chapter 1 is that there is a lack of examples that allow the topics to be played through once. Also missing at the end of the chapter of the typical question catalog, with which one could prepare for an exam.

After chapter 1 I did not want to read any further - that would have been a mistake. For all who buy this book: skip Chapter 1!

The chapters 2 and 3 (Storage & Networking) are really good. They provide brief explanations and for every use case detailed instructions for the Azure command line or the portal including screenshots are presented. Both chapters are very well written and give an overview of the respective topics. Here is a list for the storage chapter: Blob Storage, Azure Files, Azure Disks, Azure Data Catalog, Azure Data Factory, SQL Data Warehouse, Data Lake Analytics, Analysis Services, HDInsight, SQL Database, SQL Server Stretch Database, MySQL, Postgresql , Redis Cache, Data Lake, Azure Search, Azure Time Series, Comsmos DB, MongoDB. There is no topic left open. The same applies to the network chapter.

Chapter 4 "Design security and identity solutions" is very well structured. All terms are introduced at the beginning and then various options with sequence diagrams are played through. Subsequently, the appropriate services such as Azure Active Directoy are introduced. Very nice here is the representation of the integration possibilities with ASP.Net. Otherwise, topics such as integration with Office 365 (calendar access) or key management in the cloud are highlighted.

The fifth chapter is, in my view, more an outlook: "Design solutions by using platform service". Here are the topics like AI, IoT, streaming treated. Here you can take with you, what is possible and what building blocks Azure provides.

The final chapter "Design for operations" deals with cross-functionalities such as monitoring and alarming. A wrapper for the following services will be delivered: Azure Monitor, Azure Advisor, Azure Service Health, Azure Activity Log, Azure Dashboard, Azure Metrics Explorer, Azure Alerts, Azure Log Analytics, Azure Application Insights. Almost every topic has an example including configuration via the Azure portal.

Conclusion: Except for the first chapter a very good book to get started. It is not good for exam preparation, as no questionnaires / multiple choice lists are included. It is a pity that the subchapters have no numbering and you have to navigate with the font sizes. Nevertheless, you will hardly find a faster entry into Azure.

After creating my first vm on Microsoft Azure, i took a closer look at the dashboard - especially at the menu bar of the dashboard:
First point of interest was the menu item "virtual networks", which led me to the following overview:
Hm. A little bit strange, that the virtual networks just show up with a list of the resource groups (you have to create one - otherwise you are not able to launch a virtual machine). But after doing a click on the resource group, a nice overview to my virtual network was provided:

The menu bar in the middle contains the entry "diagram". So let's see, what kind of diagram Azure will present:

The green item represents the network interface card. The other three items stand for the virtual machine, the network security group and public ip address. The next three screenshots show the details you can obtain, by clicking on these icons:

One thing which is really important for using cloud infrastructures is to automate your tasks like starting virtual machines, creating storage, ...

It is clear, that there is a CLI for Windows, but is there also a CLI on Linux provided by Microsoft?
And really there is one:
https://docs.microsoft.com/de-de/cli/azure/?view=azure-cli-latest

The installation procedure can be found here.

# apt-get install apt-transport-https lsb-release software-properties-common dirmngr -y
Paketlisten werden gelesen... Fertig
Abhängigkeitsbaum wird aufgebaut.       
Statusinformationen werden eingelesen.... Fertig
lsb-release ist schon die neueste Version (9.20170808ubuntu1).
dirmngr ist schon die neueste Version (2.2.4-1ubuntu1.2).
Die folgenden Pakete werden aktualisiert (Upgrade):
  apt-transport-https python3-software-properties software-properties-common software-properties-gtk
4 aktualisiert, 0 neu installiert, 0 zu entfernen und 173 nicht aktualisiert.
Es müssen 87,2 kB an Archiven heruntergeladen werden.
Nach dieser Operation werden 2.048 B Plattenplatz zusätzlich benutzt.
Holen:1 http://de.archive.ubuntu.com/ubuntu bionic-updates/universe amd64 apt-transport-https all 1.6.8 [1.692 B]
Holen:2 http://de.archive.ubuntu.com/ubuntu bionic-updates/main amd64 software-properties-common all 0.96.24.32.7 [9.908 B]
Holen:3 http://de.archive.ubuntu.com/ubuntu bionic-updates/main amd64 software-properties-gtk all 0.96.24.32.7 [53,6 kB]
Holen:4 http://de.archive.ubuntu.com/ubuntu bionic-updates/main amd64 python3-software-properties all 0.96.24.32.7 [22,0 kB]
Es wurden 87,2 kB in 0 s geholt (427 kB/s).             
(Lese Datenbank ... 421429 Dateien und Verzeichnisse sind derzeit installiert.)
Vorbereitung zum Entpacken von .../apt-transport-https_1.6.8_all.deb ...
Entpacken von apt-transport-https (1.6.8) über (1.6.6ubuntu0.1) ...
Vorbereitung zum Entpacken von .../software-properties-common_0.96.24.32.7_all.deb ...
Entpacken von software-properties-common (0.96.24.32.7) über (0.96.24.32.6) ...
Vorbereitung zum Entpacken von .../software-properties-gtk_0.96.24.32.7_all.deb ...
Entpacken von software-properties-gtk (0.96.24.32.7) über (0.96.24.32.6) ...
Vorbereitung zum Entpacken von .../python3-software-properties_0.96.24.32.7_all.deb ...
Entpacken von python3-software-properties (0.96.24.32.7) über (0.96.24.32.6) ...
apt-transport-https (1.6.8) wird eingerichtet ...

# echo "deb [arch=amd64] https://packages.microsoft.com/repos/azure-cli/ $AZ_REPO main" > /etc/apt/sources.list.d/azure-cli.list

# apt-key --keyring /etc/apt/trusted.gpg.d/Microsoft.gpg adv \
>      --keyserver packages.microsoft.com \
>      --recv-keys BC528686B50D79E339D3721CEB3E94ADBE1229CF
Executing: /tmp/apt-key-gpghome.D49hIjQpQ5/gpg.1.sh --keyserver packages.microsoft.com --recv-keys BC528686B50D79E339D3721CEB3E94ADBE1229CF
gpg: Schlüssel EB3E94ADBE1229CF: Öffentlicher Schlüssel "Microsoft (Release signing) " importiert
gpg: Anzahl insgesamt bearbeiteter Schlüssel: 1
gpg:               importiert: 1

# apt-get update && apt-get install azure-cli
Die folgenden NEUEN Pakete werden installiert:
  azure-cli
0 aktualisiert, 1 neu installiert, 0 zu entfernen und 173 nicht aktualisiert.
Es müssen 43,9 MB an Archiven heruntergeladen werden.
Nach dieser Operation werden 398 MB Plattenplatz zusätzlich benutzt.
Holen:1 https://packages.microsoft.com/repos/azure-cli bionic/main amd64 azure-cli all 2.0.56-1~bionic [43,9 MB]
Es wurden 43,9 MB in 7 s geholt (5.905 kB/s).                                                                                                                               
Vormals nicht ausgewähltes Paket azure-cli wird gewählt.
(Lese Datenbank ... 421429 Dateien und Verzeichnisse sind derzeit installiert.)
Vorbereitung zum Entpacken von .../azure-cli_2.0.56-1~bionic_all.deb ...
Entpacken von azure-cli (2.0.56-1~bionic) ...
azure-cli (2.0.56-1~bionic) wird eingerichtet ...

After that i tried to login:

schroff@zerberus:~$ az login
Note, we have launched a browser for you to login. For old experience with device code, use "az login --use-device-code"
You have logged in. Now let us find all the subscriptions to which you have access...
[
  {
    "cloudName": "AzureCloud",
    "id": "yyyy-xxxxx",
    "isDefault": true,
    "name": "Free Trial",
    "state": "Enabled",
    "tenantId": "yyyyy-xxxxxx",
    "user": {
      "name": "d.schroff@gmx.de",
      "type": "user"
    }
  }
]

Within the login process i was redirected to my browser:

and after choosing my account the browser showed up with this message:

And then you can issue commands like:

schroff@zerberus:~$ az vm list
[
  {
    "additionalCapabilities": null,
    "availabilitySet": null,
    "diagnosticsProfile": {
      "bootDiagnostics": {
        "enabled": true,

If you want to build your own Linux images for Microsoft Azure, you have to use waagent. So i created a virtual machine on my local host with ubuntu server.
The installation of waagent is easy, if you know, that the package is not called waagent on ubunut but walinuxagent:

# apt install walinuxagent
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following NEW packages will be installed:
  walinuxagent
0 upgraded, 1 newly installed, 0 to remove and 24 not upgraded.
Need to get 170 kB of archives.
After this operation, 1,075 kB of additional disk space will be used.
Get:1 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 walinuxagent amd64 2.2.32-0ubuntu1~18.04.1 [170 kB]
Fetched 170 kB in 0s (400 kB/s)  
Selecting previously unselected package walinuxagent.
(Reading database ... 66707 files and directories currently installed.)
Preparing to unpack .../walinuxagent_2.2.32-0ubuntu1~18.04.1_amd64.deb ...
Unpacking walinuxagent (2.2.32-0ubuntu1~18.04.1) ...
Processing triggers for ureadahead (0.100.0-20) ...
Setting up walinuxagent (2.2.32-0ubuntu1~18.04.1) ...
update-initramfs: deferring update (trigger activated)
Created symlink /etc/systemd/system/multi-user.target.wants/walinuxagent.service → /lib/systemd/system/walinuxagent.service.
Created symlink /etc/systemd/system/multi-user.target.wants/ephemeral-disk-warning.service → /lib/systemd/system/ephemeral-disk-warning.service.
Processing triggers for ureadahead (0.100.0-20) ...
Processing triggers for initramfs-tools (0.130ubuntu3.6) ...
update-initramfs: Generating /boot/initrd.img-4.15.0-45-generic

To get more information wether waagent is supported for your preferred distribution just check this github page: https://github.com/Azure/WALinuxAgent

When working with Microsoft Azure, you want to be able to review all actions taken inside your cloud. Therefore you have to go to "monitor":
Inside the subwindow just select "activity log" and edit the filters to your needs (i added "successful):

Some of the activities can be further drilled down. For example the creation of a virtual machine lists many subactivities like "created or updated public ip address":

In january Oracle released the documentation for 19c:


If you are interested in the new features, take a look here:
https://docs.oracle.com/en/database/oracle/oracle-database/19/whats-new.html

Very nice is this link: Interactive Architecture Diagram where you can get a very good introduction to oracle database with many pictures like this one:


This new feature i find very interesting:
Root Scripts Automation Support for Oracle Database Installation

Because of my connection problem to ovmcli via

ssh -l admin@localhost -p 10000

i decided to upgrade my OVM Manager.

After downloading OVM Manager 0.3.4.6 i mounted the ISO image:

mount /dev/sr0 /mnt
cd /mnt

[root@oraVMManager mnt]# ls -l
insgesamt 149832
drwxr-xr-x. 7 root root      8192 18. Nov 21:00 components
-r-xr-x---. 1 root root     11556 18. Nov 20:59 createOracle.sh
-rw-r--r--. 1 root root       230 18. Nov 20:59 oracle-validated.params
-r-xr-x---. 1 root root 149109589 18. Nov 21:00 ovmm-installer.bsx
-rw-r--r--. 1 root root   4293118 18. Nov 20:55 OvmSDK_3.4.6.2105.zip
-r-xr-x---. 1 root root      1919 18. Nov 20:59 runInstaller.sh
-rw-r--r--. 1 root root       372 18. Nov 20:59 sample.yml
-r--r--r--. 1 root root      1596 18. Nov 21:00 TRANS.TBL

The upgrade procedure can be found here (Oracle Documentation). So let's start:

# ./runInstaller.sh --installtype Upgrade

Oracle VM Manager Release 3.4.6 Installer

Oracle VM Manager Installer log file:
/var/log/ovmm/ovm-manager-3-install-2019-01-25-051107.log

Verifying upgrading prerequisites ...
*** WARNING: Ensure that each Oracle VM Server for x86 has at least 200MB of available space for the /boot partition and 3GB of available space for the / partition.
*** WARNING: Recommended memory for the Oracle VM Manager server installation using Local MySql DB is 7680 MB RAM

Starting Upgrade ...

Reading database parameters from config ...

==========================
Typically the current Oracle VM Manager database password will be the same as the Oracle VM Manager application password.

==========================
Database Repository
==========================
Please enter the current Oracle VM Manager database password for user ovs: 

Oracle VM Manager application
=============================
Please enter the current Oracle VM Manager application password for user admin: 

Oracle Weblogic Server 12c
==========================
Please enter the current password for the WebLogic domain administrator: 

Please enter your fully qualified domain name, e.g. ovs123.us.oracle.com, (or IP address) of your management server for SSL certification generation 192.168.178.37 [oraVMManager.fritz.box]:  
Successfully verified password for user root
Successfully verified password for user appfw

Verifying configuration ...
Verifying 3.4.4 meets the minimum version for upgrade ...

Upgrading from version 3.4.4.1709 to version 3.4.6.2105

Start upgrading Oracle VM Manager:
   1: Continue
   2: Abort

   Select Number (1-2): 1

Running full database backup ...
Successfully backed up database to /u01/app/oracle/mysql/dbbackup/3.4.4_preUpgradeBackup-20190125_051150
Running ovm_preUpgrade script, please be patient this may take a long time ...
Exporting weblogic embedded LDAP users
Stopping service on Linux: ovmcli ...
Stopping service on Linux: ovmm ...
Exporting core database, please be patient this may take a long time  ... 
NOTE: To monitor progress, open another terminal session and run: tail -f /var/log/ovmm/ovm-manager-3-install-2019-01-25-051107.log

Product component : Java in '/u01/app/oracle/java'
Java is installed ...

Removing Java installation ...


Installing Java ...


DB component : MySQL RPM package

MySQL RPM package installed by OVMM was found...

Removing MySQL RPM package installation ...


Installing Database Software...
Retrieving MySQL Database 5.6 ...
Unzipping MySQL RPM File ...
Installing MySQL 5.6 RPM package ...
Configuring MySQL Database 5.6 ...
Installing MySQL backup RPM package ...

Product component : Oracle VM Manager in '/u01/app/oracle/ovm-manager-3/'
Oracle VM Manager is installed ...
Removing Oracle VM Manager installation ...

Product component : Oracle WebLogic Server in '/u01/app/oracle/Middleware/'
Oracle WebLogic Server is installed

Removing Oracle WebLogic Server installation ...
Service ovmm is deleted.
Service ovmcli is deleted.


Retrieving Oracle WebLogic Server 12c and ADF ...
Installing Oracle WebLogic Server 12c and ADF ...
Applying patches to Weblogic ...
Applying patch to ADF ...


Installing Oracle VM Manager Core ...
Retrieving Oracle VM Manager Application ...
Extracting Oracle VM Manager Application ...

Retrieving Oracle VM Manager Upgrade tool ...
Extracting Oracle VM Manager Upgrade tool ...
Installing Oracle VM Manager Upgrade tool ...
Installing Oracle VM Manager WLST Scripts ...


Dropping the old database user 'appfw' ...
Dropping the old database 'appfw' ...
Creating new domain...
Creating new domain done.
Upgrading core database, please be patient this may take a long time ...
NOTE: To monitor progress, open another terminal session and run: tail -f /var/log/ovmm/ovm-manager-3-install-2019-01-25-051107.log
Starting restore domain's SSL configuration and create appfw database tables.
Restore domain's SSL configuration and create appfw database tables done.
AdminServer started.
Importing weblogic embedded LDAP users

Retrieving Oracle VM Manager CLI tool ...
Extracting Oracle VM Manager CLI tool...
Installing Oracle VM Manager CLI tool ...



Retrieving Oracle VM Manager Shell & API ...
Extracting Oracle VM Manager Shell & API ...
Installing Oracle VM Manager Shell & API ...

Retrieving Oracle VM Manager Wsh tool ...
Extracting Oracle VM Manager Wsh tool ...
Installing Oracle VM Manager Wsh tool ...

Retrieving Oracle VM Manager Tools ...
Extracting Oracle VM Manager Tools ...
Installing Oracle VM Manager Tools ...

Retrieving ovmcore-console ...
The ovmcore-console RPM package is latest, needn't to upgrade ...
Copying Oracle VM Manager shell to '/usr/bin/ovm_shell.sh' ...
Installing ovm_admin.sh in '/u01/app/oracle/ovm-manager-3/bin' ...
Installing ovm_upgrade.sh in '/u01/app/oracle/ovm-manager-3/bin' ...



Enabling Oracle VM Manager service ...
Shutting down Oracle VM Manager instance ...
Starting Oracle VM Manager instance ...

Please wait while WebLogic configures the applications...
Trying to connect to core via ovmwsh (attempt 1 of 20) ...
Trying to connect to core via ovm_shell (attempt 1 of 5)...

Installation Summary
--------------------
Database configuration:
  Database type               : MySQL
  Database host name          : localhost
  Database name               : ovs
  Database listener port      : 49500
  Database user               : ovs

Weblogic Server configuration:
  Administration username     : weblogic

Oracle VM Manager configuration:
  Username                    : admin
  Core management port        : 54321
  UUID                        : 0004fb000001000019f1074e05c43aa1


Passwords:
There are no default passwords for any users. The passwords to use for Oracle VM Manager, Database, and Oracle WebLogic Server have been set by you during this installation. In the case of a default install, all passwords are the same.

Oracle VM Manager UI:
  https://oraVMManager.fritz.box:7002/ovm/console
Log in with the user 'admin', and the password you set during the installation.

For more information about Oracle Virtualization, please visit:
  http://www.oracle.com/virtualization/

3.2.10/3.2.11 Oracle VM x86 Servers and SPARC agent 3.3.1 managed Servers are no longer supported in Oracle VM Manager 3.4. Please upgrade your Server to a more current version for full support
For instructions, see the Oracle VM 3.4 Installation and Upgrade guide. 

Oracle VM Manager upgrade complete.

Please remove configuration file /tmp/ovm_configA6Dpxd.

And the GUI shows after that via "help":

Today i got an e-mail about my azure account:


 Microsoft provides a little FAQ for this upgrading process:
So there is no option not to upgrade. "you won't be able to access any Azure services" is not really an option...

There 4 upgrade paths i can choose:
To use this account only for my blog, i decided to choose "no technical support", which is perfectly adequate.

After hitting the upgrade button, the notifications bar came up with the following message:
And the subscriptions tab inside the Azure portal shows:

After having logged in to azure.microsoft.com i navigated to "Virtual machines":
There i hit the "create virtual machine" button and a wizard was opened, where the following steps have to be completed:


So here are the basic settings:


Inside the basic settings you have to choose the name and a resource group (in my case i had to create a resource group, because its my first vm).


Then i had to select an image:
Below this drop down is a link "browse all images and disks". If you choose that, you get many more options:

At "Administrator account" i chose "SSH public key" i added one (this field has a built-in check function, so if there is an copy/paste error, you get an immediate response):
Then i added the following for the disks:
And i left "networking" to the defaults up to the "select inbound ports":



For "Management" i had to create a storage account. This account has to unique  (mystorage  was already taken by some other azure users).


I left "Guest config" unchanged:
"Tags":
And then i had to wait some seconds at "Review + create" until the "validation passed" messaged appeared.
After that i had to wait for three minutes until my vm was ready to use:

 ssh 40.112.94.136
The authenticity of host '40.112.94.136 (40.112.94.136)' can't be established.
ECDSA key fingerprint is SHA256:PxIwA6+b0lfcrV//yXpFUPjY3jiD2GgxME57EYQlx9Y.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '40.112.94.136' (ECDSA) to the list of known hosts.
Welcome to Ubuntu 18.04.1 LTS (GNU/Linux 4.15.0-1036-azure x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

  System information as of Sat Jan 26 19:06:21 UTC 2019

  System load:  0.0               Processes:           113
  Usage of /:   4.1% of 28.90GB   Users logged in:     0
  Memory usage: 3%                IP address for eth0: 10.0.0.4
  Swap usage:   0%

  Get cloud support with Ubuntu Advantage Cloud Guest:
    http://www.ubuntu.com/business/services/cloud

0 packages can be updated.
0 updates are security updates.



The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.

To run a command as administrator (user "root"), use "sudo ".
See "man sudo_root" for details.

If you are thinking about to move your server/services/apps into Micosoft Azure, the pricing calculator would be very helpful to estimate the cost:
https://azure.microsoft.com/de-de/pricing/calculator/


The usage is very simple. Just use the kind of service you want to use from Microsoft Azure:
 And modify the defaults to you needs:

The problem is, that it is not so easy to calculate the number of i/o transactions for your application, but for a first start these number should be sufficient.

I decided to use a multi function printer including scanner and fax with my ubuntu systems.
First step was to download the hplip package from HP:
https://developers.hp.com/hp-linux-imaging-and-printing/gethplip

The installation process worked like a charme
bash ./hplip-3.19.1.run But running the scan utility ends up with the following error:


$ hp-scan

HP Linux Imaging and Printing System (ver. 3.19.1)
Scan Utility ver. 2.2

Copyright (c) 2001-15 HP Development Company, LP
This software comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to distribute it
under certain conditions. See COPYING file for more details.

warning: No destinations specified. Adding 'file' destination by default.
Using device hpaio:/net/HP_ColorLaserJet_MFP_M278-M281?ip=192.168.178.200
Opening connection to device...
error: SANE: Error during device I/O (code=9)After searching around the solution was the following:
"Install the plugin"?
!

$ hp-plugin




HP Linux Imaging and Printing System (ver. 3.19.1)
Plugin Download and Install Utility ver. 2.1

Copyright (c) 2001-15 HP Development Company, LP
This software comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to distribute it
under certain conditions. See COPYING file for more details.


HP Linux Imaging and Printing System (ver. 3.19.1)
Plugin Download and Install Utility ver. 2.1

Copyright (c) 2001-15 HP Development Company, LP
This software comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to distribute it
under certain conditions. See COPYING file for more details.

Checking for network connection...
Downloading plug-in from:
Plugin is not accessible. Trying to download it from fallback location: [https://developers.hp.com/sites/default/files/hplip-3.19.1-plugin.run]
Receiving digital keys: /usr/bin/gpg --homedir /home/esther/.hplip/.gnupg --no-permission-warning --keyserver pgp.mit.edu --recv-keys 0x4ABA2F66DBD5A95894910E0673D770CDA59047B9
Creating directory plugin_tmp
Verifying archive integrity... All good.
Uncompressing HPLIP 3.19.1 Plugin Self Extracting Archive..............................................................

HP Linux Imaging and Printing System (ver. 3.19.1)
Plugin Installer ver. 3.0

Copyright (c) 2001-15 HP Development Company, LP
This software comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to distribute it
under certain conditions. See COPYING file for more details.

Plug-in version: 3.19.1
Installed HPLIP version: 3.19.1
Number of files to install: 64


Done.
 Plug-in installation successful

Done.After that running hp-scan immediately creates a PNG file with the scan:
 hp-scan

HP Linux Imaging and Printing System (ver. 3.19.1)
Scan Utility ver. 2.2

Copyright (c) 2001-15 HP Development Company, LP
This software comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to distribute it
under certain conditions. See COPYING file for more details.

warning: No destinations specified. Adding 'file' destination by default.
Using device hpaio:/net/HP_ColorLaserJet_MFP_M278-M281?ip=192.168.178.200
Opening connection to device...

Resolution: 300dpi
Mode: gray
Compression: JPEG
Scan area (mm):
  Top left (x,y): (0.000000mm, 0.000000mm)
  Bottom right (x,y): (215.899994mm, 296.925995mm)
  Width: 215.899994mm
  Height: 296.925995mm
Destination(s): file
Output file:
warning: File destination enabled with no output file specified.
Setting output format to PNG for greyscale mode.
warning: Defaulting to '/home/esther/Downloads/hpscan001.png'.

Warming up...


Scanning...
Reading data: [*************************************************************************************************************************] 100%  8.5 MB    
Read 8.5 MB from scanner.
Closing device.

Outputting to destination 'file':

Done.This is really fast. But if you want a GUI just use xsane...

Before running a VM or any other service inside Microsoft Azure, just a look where the servers can be placed:

 Each region has several availibility zones (same wording like AWS):
The definition give at Microsoft Azure:
RegionsA region is a set of datacenters deployed within a latency-defined perimeter and connected through a dedicated regional low-latency network.
With more global regions than any other cloud provider, Azure gives customers the flexibility to deploy applications where they need to. Azure is generally available in 42 regions around the world, with plans announced for 12 additional regions.

Availability ZonesAvailability Zones are physically separate locations within an Azure region. Each Availability Zone is made up of one or more datacenters equipped with independent power, cooling, and networking.
Availability Zones allow customers to run mission-critical applications with high availability and low-latency replication.

After i found this strange "No-Op Garbage Collector", i was keen, if there are some other new GC features with Java 11.


There is another JEP with the number 333:
 If you look here, the goals are:

• GC pause times should not exceed 10ms
• Handle heaps ranging from relatively small (a few hundreds of megabytes) to very large (many terabytes) in size
• No more than 15% application throughput reduction compared to using G1
• Lay a foundation for future GC features and optimizations leveraging colored pointers and load barriers
• Initially supported platform: Linux/x64

 Inside JEP 333 there are some numbers for the performance provided:
Below are typical GC pause times from the same benchmark. ZGC manages to stay well below the 10ms goal. Note that exact numbers can vary (both up and down, but not significantly) depending on the exact machine and setup used.
(Lower is better)

ZGC
                avg: 1.091ms (+/-0.215ms)
    95th percentile: 1.380ms
    99th percentile: 1.512ms
  99.9th percentile: 1.663ms
 99.99th percentile: 1.681ms
                max: 1.681ms

G1
                avg: 156.806ms (+/-71.126ms)
    95th percentile: 316.672ms
    99th percentile: 428.095ms
  99.9th percentile: 543.846ms
 99.99th percentile: 543.846ms
                max: 543.846ms

This looks very promising. But within the limitations you can read, that it will take some more time, until this can be used:
The initial experimental version of ZGC will not have support for class unloading. The ClassUnloading and ClassUnloadingWithConcurrentMark options will be disabled by default. Enabling them will have no effect.
Also, ZGC will initially not have support for JVMCI (i.e. Graal). An error message will be printed if the EnableJVMCI option is enabled.
These limitations will be addressed at a later stage in this project.Nevertheless: You can use this GC with the command line argument
-XX:+UnlockExperimentalVMOptions -XX:+UseZGCFor more information take a look here: https://wiki.openjdk.java.net/display/zgc/Main