Sunday, February 8, 2015

New Oracle VM Templates for Oracle Database

Oracle VM application driven architecture is designed to enable rapid application deployment. With the use of Oracle VM Templates, sophisticated applications such as Oracle Database or Oracle Real Application Clusters (Oracle RAC) can be deployed in minutes—10x faster than with other solutions. Today, we are pleased to announce the latest Oracle VM Templates for Oracle Database.


  •  [Feb 2015] Single Instance & Oracle RAC 12c Release 1, including Oracle Grid Infrastructure (12.1.0.2.2) & Oracle Linux 6 Update 6 - Available from My Oracle Support under Patch number 18888811 for 64-Bit Linux
  • [Feb 2015] Oracle RAC 11g Release 2, including Oracle Grid Infrastructure Patch Set three (11.2.0.4.5) & Oracle Linux 5 Update 11 - Available from My Oracle Support under Patch number 14000033 for 64-Bit Linux 
    NEW in 2015 Templates:
    • Yum@Deploy support(11gR2 & 12c) - Allows running yum install/update during first boot/deployment and subsequent re-builds.
    • Multi-Diskgroup support for Oracle ASM
    • Support for multiplexed Controlfile & REDO logfiles
    • Default kernel boot is Unbreakable Enterprise Kernel  Release 3 (3.8.13-55), seamless transition to HVM mode
    • Oracle Linux 7, BTRFS & KSplice Ready!
    The Oracle VM Templates for Oracle Database provides a framework that fully automates the creation of a Single Instance, Oracle Restart (Single Instance/HA) or Oracle Real Application Clusters (RAC) configurations in an Oracle VM environment. In a matter of minutes the versatile and powerful Oracle VM Templates for Oracle Database can be cloned into any number of VMs which could be deployed as a Single Instance, Oracle Restart (Single Instance/HA) or Oracle RAC of any number of nodes.


  • Monday, February 2, 2015

    VMware Rebranding

    In the last quarter of 2014, VMware rebranded, their Cloud Management products with vRealize names. VMware vRealize Rebranding is complete now. Several customers asked me since then were some products have gone/are named. So after many requests I compared the products and compiled a table with product names how they are formerly known and how their vRealize name is now. I hope this helps a bit to find the correct product and how its called nowadays.

    vRealize from Former to New name

    vRealize Automation

    VMware vRealize Automation drives business agility by automating the delivery of personalized IT services.

    vRealize Operations

    Automate IT operations management, manage performance and gain visibility across physical and virtual infrastructure with VMware vRealize Operations (vROps, formerly vCOps).

    vRealize Operations for Horizon

    VMware vRealize Operations for Horizon allows you to easily troubleshoot, manage and monitor your end-user computing environment with a single pane of glass that extends from your data center through to your devices.

    vRealize Business

    VMware vRealize Business provides transparency and control over the costs and quality of IT services enabling the CIO to align IT with the business and to accelerate IT transformation.

    vRealize Log Insight

    VMware vRealize Log Insight delivers real-time log management for VMware environments, with machine learning-based Intelligent Grouping, high performance search and better troubleshooting across physical, virtual, and cloud environments.

    vRealize Code Stream

    VMware vRealize Code Stream provides release automation and continuous delivery to enable frequent, reliable software releases, while reducing operational risks.

    vRealize Orchestrator

    VMware vRealize Orchestrator simplifies the automation of complex IT tasks and integrates with VMware vCloud Suite components to adapt and extend service delivery and operational management, effectively working with existing infrastructure, tools and processes.

    vRealize Hyperic

    VMware vRealize Hyperic is a component of VMware vRealize Operations. It monitors operating systems, middleware and applications running in physical, virtual and cloud environments.

    Sunday, January 18, 2015

    Location of vCenter Server log files

    The vCenter Server logs are placed in a different directory on disk depending on vCenter Server version and the deployed platform:
    • vCenter Server 5.x and earlier versions on Windows XP, 2000, 2003: %ALLUSERSPROFILE%\Application Data\VMware\VMware VirtualCenter\Logs\
    • vCenter Server 5.x and earlier versions on Windows Vista, 7, 2008: C:\ProgramData\VMware\VMware VirtualCenter\Logs\
    • vCenter Server Appliance 5.x: /var/log/vmware/vpx/ 
    • vCenter Server Appliance 5.x UI: /var/log/vmware/vami
       
      Note
      : If the service is running under a specific user, the logs may be located in the profile directory of that user instead of %ALLUSERSPROFILE%.
    vCenter Server logs are grouped by component and purpose:
    • vpxd.log: The main vCenter Server logs, consisting of all vSphere Client and WebServices connections, internal tasks and events, and communication with the vCenter Server Agent (vpxa) on managed ESX/ESXi hosts.

    • vpxd-profiler.log, profiler.log and scoreboard.log: Profiled metrics for operations performed in vCenter Server. Used by the VPX Operational Dashboard (VOD) accessible at https://VCHostnameOrIPAddress/vod/index.html.

    • vpxd-alert.log: Non-fatal information logged about the vpxd process.

    • cim-diag.log and vws.log: Common Information Model monitoring information, including communication between vCenter Server and managed hosts' CIM interface.

    • drmdump\: Actions proposed and taken by VMware Distributed Resource Scheduler (DRS), grouped by the DRS-enabled cluster managed by vCenter Server. These logs are compressed.

    • ls.log: Health reports for the Licensing Services extension, connectivity logs to vCenter Server.

    • vimtool.log: Dump of string used during the installation of vCenter Server with hashed information for DNS, username and output for JDBC creation.

    • stats.log: Provides information about the historical performance data collection from the ESXi/ESX hosts

    • sms.log: Health reports for the Storage Monitoring Service extension, connectivity logs to vCenter Server, the vCenter Server database and the xDB for vCenter Inventory Service.

    • eam.log: Health reports for the ESX Agent Monitor extension, connectivity logs to vCenter Server.

    • catalina.<date>.log and localhost.<date>.log: Connectivity information and status of the VMware Webmanagement Services.

    • jointool.log: Health status of the VMwareVCMSDS service and individual ADAM database objects, internal tasks and events, and replication logs between linked-mode vCenter Servers.

    • Additional log files:
      • manager.<date>.log
      • host-manager.<date>.log
    Note: As each log grows, it is rotated over a series of numbered component-nnn.log files. On some platforms, the rotated logs are compressed.
    vCenter Server logs can be viewed from:
    • The vSphere Client connected to vCenter Server 4.0 and higher – Click Home > Administration > System Logs.
    • The Virtual Infrastructure Client connected to VirtualCenter Server 2.5 – Click Administration > System Logs.
    • From the vSphere 5.1 and 5.5 Web Client – Click Home > Log Browser, then from the Log Browser, click Select object now, choose an ESXi host or vCenter Server object, and click OK.

    Saturday, January 10, 2015

    Configuring Postfix as Mail Gateway

    Configuring Postfix

    Configure main.cf with the following values.
    inet_interfaces = 1.1.1.1
    mydestination =
    myorigin = domain.com
    local_recipient_maps =
    local_transport = error:no local delivery
    
    parent_domain_matches_subdomains = debug_peer_list smtpd_access_maps
    
    # this file contains the list to relay for
    relay_domains = domain1.com, domain2.com, domain3.com, domain4.com
    
    # list of addresses/domains to accept mail for
    relay_recipient_maps = cdb:/etc/postfix/relay_recipient_maps
    
    # Seems OK
    smtpd_recipient_restrictions = permit_mynetworks reject_unauth_destination
    
    # Where to send mail for addresses/domains
    transport_maps = cdb:/etc/postfix/transport_maps
    
    # 
    # virtual_alias_maps = cdb:/etc/postfix/virtual
    

    Creating Relay Maps

    Create the following values in the /etc/postfix.gate/relay_recipient_maps file. The file is simply a list of addresses or domain names, the lookup result is not used.
    # mail for the first of the domains we accept for
    info@domain1.com x
    host@domain1.com x
    root@domain1.com x
    bill@domain1.com x
    
    # Another Set of Users
    info@domain2.com x
    host@domain2.com x
    root@domain2.com x
    bill@domain2.com x
    
    # Accept mail for anyone at domain3.com
    @domain3.com x
        
    # Accept All Mail Here
    @domain4.com x
    
    
    After editing recreate the map with postmap -c /etc/postfix.gate/main.cf /etc/postfix.gate/relay_recipient_maps
    This list can be cumbersome to maintain; postfix supports LDAP or SQL lookups here, configuration is beyond the scope of this document.

    Creating Transport Maps

    This configures all mail for a [recipient] lookup to transport/next-hop, see man 5 transport section on table search order
    # Mail to anyone at domain.com is sent via SMTP to this host
    domain1.com smtp:smtp.domain.com
    
    # Also mail to *.domain.com
    .domain1.com smtp:[1.1.1.2]:25
    
    # this user goes to a different host for delivery
    root@domain1.com smtp:trap.domain.com:25
    
    # Mail to anyone at domain.com is sent via SMTP to this host
    domain2.com smtp:[2.2.2.2]:25
    
    # Mail to anyone at domain.com is sent via SMTP to this host
    domain3.com smtp:[3.3.3.3]:25
    
    # Mail to anyone at domain.com is sent via SMTP to this host
    domain3.com smtp:[4.4.4.4]:25
    
    # bounce these
    example.com error:we do not mail to them
    hotmail.com error:we do not mail to them
    microsoft.com error:we do not mail to them
    
    After editing recreate the map with postmap -c /etc/postfix.gate/main.cf /etc/postfix.gate/transport_maps

    Friday, January 2, 2015

    Linux Kernel /etc/sysctl.conf Hardening

    Securing your Linux server is important to protect your data, intellectual property, and time, from the hands of crackers (hackers). The system administrator is responsible for security Linux box.

    /etc/sysctl.conf file is used to configure kernel parameters at runtime.
    Linux reads and applies settings from /etc/sysctl.conf at boot time.

    Sample /etc/sysctl.conf:
    # Turn on execshield
    kernel.exec-shield=1
    kernel.randomize_va_space=1
    # Enable IP spoofing protection
    net.ipv4.conf.all.rp_filter=1
    # Disable IP source routing
    net.ipv4.conf.all.accept_source_route=0
    # Ignoring broadcasts request
    net.ipv4.icmp_echo_ignore_broadcasts=1
    net.ipv4.icmp_ignore_bogus_error_messages=1
    # Make sure spoofed packets get logged
    net.ipv4.conf.all.log_martians = 1