When was the last time you installed or administered Oracle database on Windows Operating System? My first installation was on Windows and that was my first and last installation. Even since I learned to install database on Linux, I have not used Oracle on Window and I do not miss it. I have worked for few great companies in my career and have seen Oracle on Linux. Most companies uses Linux server these days.
DBA supporting Oracle are required to know few Linux server setups command that is done before or after the database installation. This article is not about the popular Linux commands and I assume you are comfortable using Linux. This article will also take your database admin skills to a whole new level. We will learn some Linux admin task that every DBA should know even though the Linux administrator does all the tasks.
Why do you need to learn even if this is not your task? Not all company can afford to hire a Linux administrator, therefore a DBA has to perform all these tasks during database installation. Knowing these admin tasks helps you with the troubleshooting of database. These skills also helps you communicate better with Linux and Networking team. Let's not wast our time and deep dive into the fun exercise, the below exercise was preformed on Oracle Linux 6.6. The setup is no different if you have different flavor of Linux installed. Are you ready?
Linux Syntax: Reboot/Restart
shutdown -r hh:mm "broadcasting message" ### rebooting syntax
shutdown -r 5 " your broadcasting message goes here" ### rebooting in 5 min
shutdown -r now ### rebooting now
reboot -h now ### rebooting now
Passing -r parameter on shutdown command will restart the Linux. You can schedule to reboot at a later time by passing an argument hh:mm to shutdown command. The broadcasting message is visible to anyone who are connected to the server.
Linux Syntax: Shutdown
shutdown now ### take Linux to a single user mode
shutdown -h + 1 " broadcasting message goes here!" ### will power off the Linux
What does shutdown do? The shutdown will bring the system to single user function for performing maintenance of OS.
Linux Syntax: Powered off
poweroff ### power off the machine.
With shutdown command you can reboot the system and with shutdown you can also powered off and convert Linux to single user mode. I hope you are now clear on how to safely use these commands.
[root@oracldev ~]# ifconfig
Linux host file is located under /etc/hosts.
cat /etc/hosts
192.168.1.120 oracldev.baniya.com
[root@oracldev etc]# hostname
oracldev.baniya.com
[root@oracldev etc]# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=oracldev.baniya.com
# oracle-rdbms-server-11gR2-preinstall : Add NOZEROCONF=yes
NOZEROCONF=yes
[root@oracldev etc]#
Edit /etc/sysconfig/nework file HOSTNAME parameter to what you want. In our case, oraclprod.baniya.com.
[root@oracldev etc]# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=oraclprod.baniya.com
# oracle-rdbms-server-11gR2-preinstall : Add NOZEROCONF=yes
NOZEROCONF=yes
The Linux server must be rebooted to complete this change. Also, don't forgot to make the changes in your host file.
cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.120 oraclprod.baniya.com
[root@oraclprod ~]# hostname
oraclprod.baniya.com
Check if SSH package is available or now:
[root@oracldev ~]# rpm -qa | grep ssh
libssh2-1.4.2-1.el6_6.1.x86_64
openssh-server-5.3p1-104.el6_6.1.x86_64
openssh-5.3p1-104.el6_6.1.x86_64
openssh-clients-5.3p1-104.el6_6.1.x86_64
groupadd -g 54322 dba ### create group dba
useradd -u 54321 -g oinstall -G dba -c "Oracle Software Owner" oracle ### create user oracle
passwd oracle ### adding password to oracle user
TMP=/tmp; export TMP
TMPDIR=$TMP; export TMPDIR
ORACLE_HOSTNAME=oracldev.baniya.com; export ORACLE_HOSTNAME
ORACLE_BASE=/u01/app/oracle; export ORACLE_BASE
ORACLE_HOME=$ORACLE_BASE/product/11.2.0/dbhome_1; export ORACLE_HOME
#ORACLE_SID=add_your_sid_name_here; export ORACLE_SID
#PATH=/usr/sbin:$PATH; export PATH
PATH=$ORACLE_HOME/bin:$PATH; export PATH
LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/lib; export LD_LIBRARY_PATH
CLASSPATH=$ORACLE_HOME/jlib:$ORACLE_HOME/rdbms/jlib; export CLASSPATH
DBA supporting Oracle are required to know few Linux server setups command that is done before or after the database installation. This article is not about the popular Linux commands and I assume you are comfortable using Linux. This article will also take your database admin skills to a whole new level. We will learn some Linux admin task that every DBA should know even though the Linux administrator does all the tasks.
Why do you need to learn even if this is not your task? Not all company can afford to hire a Linux administrator, therefore a DBA has to perform all these tasks during database installation. Knowing these admin tasks helps you with the troubleshooting of database. These skills also helps you communicate better with Linux and Networking team. Let's not wast our time and deep dive into the fun exercise, the below exercise was preformed on Oracle Linux 6.6. The setup is no different if you have different flavor of Linux installed. Are you ready?
Reboot, Shutdown and Power-off
You may need to reboot, shutdown or power-off Linux during database maintenance. There are various ways you can accomplish this task. Only a root user or anyone who has sudoer privilege can perform these shutdown, restart and power off commands.Linux Syntax: Reboot/Restart
shutdown -r hh:mm "broadcasting message" ### rebooting syntax
shutdown -r 5 " your broadcasting message goes here" ### rebooting in 5 min
shutdown -r now ### rebooting now
reboot -h now ### rebooting now
Passing -r parameter on shutdown command will restart the Linux. You can schedule to reboot at a later time by passing an argument hh:mm to shutdown command. The broadcasting message is visible to anyone who are connected to the server.
shutdown now ### take Linux to a single user mode
shutdown -h + 1 " broadcasting message goes here!" ### will power off the Linux
What does shutdown do? The shutdown will bring the system to single user function for performing maintenance of OS.
Linux Syntax: Powered off
poweroff ### power off the machine.
With shutdown command you can reboot the system and with shutdown you can also powered off and convert Linux to single user mode. I hope you are now clear on how to safely use these commands.
Network Configuration:
Are your clear on shutdown, reboot and power-off? We are now moving on to a more advance topic of networking in Linux. ifconfig gives you the IP address or a server if network is set up correctly. Microsoft Windows OS uses similar (ipconfig) command.
ifconfig ### displays IP of the server if networking is enabled
ifup eth0 ### start the network interface eth0
ifup eth1 ### stops the network interface eth0
ifup eth1 ### starts the network interface eth1
ifdown eth1 ### stops the network inerface eth1
ifup eth1 ### starts the network interface eth1
ifdown eth1 ### stops the network inerface eth1
The above commands should be run on the Linux server itself, you can't run them remotely on putty or similar tool. By default the networking interface is set to disable on many flavors of Linux. The networking gets disabled after each reboot therefore it is necessary to automate auto enable when the server reboots it. There will be zero communication if the network interface is disabled, you cannot ping or connect to the machine.
Edit file /etc/sysconfig/network-scripts/ifcfg-eth0
/etc/sysconfig/network-scripts/ifcfg-eth1
and change from
ONBOOT=no
to
ONBOOT=yes
Make this change on all networking interface files, save it and verify the change. The next time you reboot the server, the network interface is enabled automatically. Who doesn't like this?
Edit file /etc/sysconfig/network-scripts/ifcfg-eth0
/etc/sysconfig/network-scripts/ifcfg-eth1
and change from
ONBOOT=no
to
ONBOOT=yes
Make this change on all networking interface files, save it and verify the change. The next time you reboot the server, the network interface is enabled automatically. Who doesn't like this?
IP Static:
A Server should have a static IP and by default your Server or PC will be assigned a dynamic IP address. A dynamic IP address keeps changing, therefor it is hard to keep up with the change in IP address. The Linux server needs a static IP meaning the IP should not be changed. The process to convert dynamic IP to static IP is easy and the steps are explained below.[root@oracldev ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 08:00:27:9D:81:E5
inet addr:192.168.1.120 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe9d:81e5/64 Scope:Link
inet6 addr: 2602:306:37ed:31f0:a00:27ff:fe9d:81e5/64 Scope:Global
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:119 errors:0 dropped:0 overruns:0 frame:0
TX packets:60 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:11018 (10.7 KiB) TX bytes:8013 (7.8 KiB)
The IP address of this machine as of now is 192.168.1.120. We will change the IP address of this machine to 192.168.1.125 and make it a static IP.
cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
HWADDR=08:00:27:9D:81:E5
TYPE=Ethernet
UUID=70c2cbad-83ae-497e-a444-fed5d390ba26
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=dhcp
[root@oracldev network-scripts]#
Add the following(highlighted) to /etc/sysconfig/network-scripts/ifcfg-eth0.
DEVICE=eth0
HWADDR=08:00:27:9D:81:E5
TYPE=Ethernet
UUID=70c2cbad-83ae-497e-a444-fed5d390ba26
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=none
PEERROUTES=yes
IPADDR=192.168.1.125
NETMASK=255.255.255.0
GATEWAY=192.168.1.254
DNS1=192.168.1.254
USERCTL=no
Save the file and restart the network.The information that we added is the information that is from your router. You can find these information on cmd by running a ipconfig command, don't just copy the information from this article.
To make the change into effect, restart the network.
service network restart
If you saved the file, verify the ip address of your server
[root@orcleprod ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 08:00:27:3A:FF:B6
inet addr:192.168.1.125 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: 2602:306:37ed:31f0:a00:27ff:fe3a:ffb6/64 Scope:Global
inet6 addr: fe80::a00:27ff:fe3a:ffb6/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2803 errors:0 dropped:0 overruns:0 frame:0
TX packets:377 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:187582 (183.1 KiB) TX bytes:54241 (52.9 KiB)
ifconfig provides the information on netmask, gateway, DNS etc. Similarly, if you have more than one network interface, you will need to make the changes on those files as well.
eg ifcfg-eth0, eth1, eth2..etc..
Your IP 192.168.1.125 is now static.
cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
HWADDR=08:00:27:9D:81:E5
TYPE=Ethernet
UUID=70c2cbad-83ae-497e-a444-fed5d390ba26
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=dhcp
[root@oracldev network-scripts]#
Add the following(highlighted) to /etc/sysconfig/network-scripts/ifcfg-eth0.
DEVICE=eth0
HWADDR=08:00:27:9D:81:E5
TYPE=Ethernet
UUID=70c2cbad-83ae-497e-a444-fed5d390ba26
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=none
PEERROUTES=yes
IPADDR=192.168.1.125
NETMASK=255.255.255.0
GATEWAY=192.168.1.254
DNS1=192.168.1.254
USERCTL=no
Save the file and restart the network.The information that we added is the information that is from your router. You can find these information on cmd by running a ipconfig command, don't just copy the information from this article.
To make the change into effect, restart the network.
service network restart
If you saved the file, verify the ip address of your server
[root@orcleprod ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 08:00:27:3A:FF:B6
inet addr:192.168.1.125 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: 2602:306:37ed:31f0:a00:27ff:fe3a:ffb6/64 Scope:Global
inet6 addr: fe80::a00:27ff:fe3a:ffb6/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2803 errors:0 dropped:0 overruns:0 frame:0
TX packets:377 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:187582 (183.1 KiB) TX bytes:54241 (52.9 KiB)
ifconfig provides the information on netmask, gateway, DNS etc. Similarly, if you have more than one network interface, you will need to make the changes on those files as well.
eg ifcfg-eth0, eth1, eth2..etc..
Your IP 192.168.1.125 is now static.
Host File:
What is a host file? A host file converts or resolves domain name to IP address. DNS server and host does the conversation of domain name to IP. Host file takes precedent of DNS server.Linux host file is located under /etc/hosts.
cat /etc/hosts
192.168.1.120 oracldev.baniya.com
Host Name Change:
During the installation of Linux, you are asked to input the server host name. You may need to change the host name after the installation because of change in policy within our company or to give meaning full name. The current hostname of my server is oracldev.baniya.com which we will change that to oraclprod.baniya.com.[root@oracldev etc]# hostname
oracldev.baniya.com
[root@oracldev etc]# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=oracldev.baniya.com
# oracle-rdbms-server-11gR2-preinstall : Add NOZEROCONF=yes
NOZEROCONF=yes
[root@oracldev etc]#
[root@oracldev etc]# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=oraclprod.baniya.com
# oracle-rdbms-server-11gR2-preinstall : Add NOZEROCONF=yes
NOZEROCONF=yes
The Linux server must be rebooted to complete this change. Also, don't forgot to make the changes in your host file.
cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.120 oraclprod.baniya.com
oraclprod.baniya.com
Secure Shell SSH:
SSH is a secure protocol that log onto remoter system. SSH is the most common way to access remoter Linus and Unix servers. It was created to provide the best security when accessing another machine remotely. Where possible use SSH and don;t use telnet session. Telnet is not secure and poses a danger in everything you send and receive.Check if SSH package is available or now:
[root@oracldev ~]# rpm -qa | grep ssh
libssh2-1.4.2-1.el6_6.1.x86_64
openssh-server-5.3p1-104.el6_6.1.x86_64
openssh-5.3p1-104.el6_6.1.x86_64
openssh-clients-5.3p1-104.el6_6.1.x86_64
SSH Start,Stop and Status:
[root@oracldev ~]# service sshd start ### to start ssh
[root@oracldev ~]# service sshd start ### to stop ssh
[root@oracldev ~]# service sshd status ### to check ssh status
[root@oracldev ~]# chkconfig sshd on ### to start ssh automatically on boot time.
User & Group
groupadd -g 54321 oinstall ### crate group oinstallgroupadd -g 54322 dba ### create group dba
useradd -u 54321 -g oinstall -G dba -c "Oracle Software Owner" oracle ### create user oracle
passwd oracle ### adding password to oracle user
Directory and Permission
mkdir -p /u01/app/oracle/software
chown -R oracle:oinstall /u01
chmod -R 775 /u01
Oracle Profile:
vi /home/oracle/.bash_profile
# Oracle variablesTMP=/tmp; export TMP
TMPDIR=$TMP; export TMPDIR
ORACLE_HOSTNAME=oracldev.baniya.com; export ORACLE_HOSTNAME
ORACLE_BASE=/u01/app/oracle; export ORACLE_BASE
ORACLE_HOME=$ORACLE_BASE/product/11.2.0/dbhome_1; export ORACLE_HOME
#ORACLE_SID=add_your_sid_name_here; export ORACLE_SID
#PATH=/usr/sbin:$PATH; export PATH
PATH=$ORACLE_HOME/bin:$PATH; export PATH
LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/lib; export LD_LIBRARY_PATH
CLASSPATH=$ORACLE_HOME/jlib:$ORACLE_HOME/rdbms/jlib; export CLASSPATH
Change whatever is highlighted above to match your server parameters and reload the profile.
. ~/.bash_profile ## reload oracle bash profile
Port 1521
Why do you need port 1521 open in your Linux server. By default SQL Developer uses port 1521 to connect to Linux server therefore port 1521 should be open to make your SQL Developer connection work on Linux.
Before opening a port check if the port 1521 is active or not.
iptables -L -n | grep 1521
To open port 1521
iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 1521 -j ACCEPT
service iptables save
open file /etc/sysconfig/iptables:
# vi /etc/sysconfig/iptables
and put the below line of code just above the REJECT code
-A INPUT -p tcp -m state --state NEW -m tcp --dport 1521 -j ACCEPT
[root@orcleprod ~]# iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@orcleprod ~]# service iptables stop
iptables: Setting chains to policy ACCEPT: filter [ OK ]
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: [ OK ]
[root@orcleprod ~]# service iptables status
iptables: Firewall is not running.
[root@orcleprod ~]# service iptables start
iptables: Applying firewall rules: [ OK ]
[root@orcleprod ~]#
Port 1521 is opened, lets verify if the port 1521 is active again.
iptables -L -n
iptables -L -n | grep 1521
Before opening a port check if the port 1521 is active or not.
iptables -L -n | grep 1521
To open port 1521
iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 1521 -j ACCEPT
service iptables save
open file /etc/sysconfig/iptables:
# vi /etc/sysconfig/iptables
and put the below line of code just above the REJECT code
-A INPUT -p tcp -m state --state NEW -m tcp --dport 1521 -j ACCEPT
[root@orcleprod ~]# iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@orcleprod ~]# service iptables stop
iptables: Setting chains to policy ACCEPT: filter [ OK ]
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: [ OK ]
[root@orcleprod ~]# service iptables status
iptables: Firewall is not running.
[root@orcleprod ~]# service iptables start
iptables: Applying firewall rules: [ OK ]
[root@orcleprod ~]#
[root@orcleprod ~]# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
2 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
4 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
5 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
num target prot opt source destination
1 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
Port 1521 is opened, lets verify if the port 1521 is active again.
iptables -L -n
iptables -L -n | grep 1521
Interested in working with me? I can be reached at pbaniya04[at]gmail.com for any questions, consulting opportunities or you may drop a line to say HELLO. Thank your again for visiting my blog and looking forward to serving you more.
Have a Database-ious Day!
Have a Database-ious Day!
No comments