Oracle 12c on Fedora 28

As always, I have to start with a warning.

So here we go…

Fedora 28 has been out for quite a while now. I installed it pretty much when it was released, but hit a problem with installing Oracle 12c on it. I didn’t have much time to investigate at the time and I kind-of forgot about it. A couple of days ago someone asked me about it, so I had another attempt. The only difference compared to Fedora 27 was a couple of extra symbolic links were needed.

Here were the articles I did as a result of this.

It’s pretty much the same as the installation on Fedora 27, with the exception of those extra symbolic links.

If you are feeling lazy/efficient you can do it all with Vagrant, as described here. 🙂

So now you know how to do it, please don’t! 🙂

Cheers

Tim…

Windows Laptop : Update

Some of the photos of me a nlOUG showed me with my MacBook Pro, which caused some amusement for a few people as I wasn’t using my new Windows laptop, so I thought I would give an update…

The new laptop got delivered while I was in Riga, so I had 4 days between picking it up and leaving for nlOUG. I picked it up from work at 21:00 on the Friday, but didn’t start playing with it until the next day. By the end of the morning it was my main computer.

As far as I can remember I only had one hiccup, which was down to a thunderbolt driver that meant my dock wasn’t working properly. I installed the latest driver from the Dell website and everything was fine.

All my test environments are built using VirtualBox, Vagrant and Docker, so rebuilding all my testing stuff was a matter of issuing a command and waiting. 🙂

So why didn’t I take the new laptop to nlOUG? Two reasons.

  • Like most new laptops, it has thunderbolt and USB-C ports and not much else, so I was waiting for a travel adaptor to arrive. The dock I’ve got is quite big, so I wasn’t going to take that with me.
  • At that point I hadn’t practised using the new laptop with a projector. I had used it with a second screen, but I wanted to try it out in a more realistic situation. I’ve since done that with a projector at work.

I don’t believe I’ve even turned on the MacBook Pro since I got back from the Netherlands, so as it stands, I’m planning on taking the new laptop to Oracle Code : Paris.

Now for some general thoughts…

Something that did surprise me a little was how weird it felt using Windows at home for a while. I use Windows 10 at work and I would often log into my work machine from the MBP when I was at home or away at conferences, so I expected there to be zero mind-shift from this move. I was really surprised how much my mind would just switch when I was working on my own stuff at home, compared to when I was doing my real job. So funny.

It’s nice to be able to use mapped drives reliably again. The MBP was terrible at dealing with my NAS. Didn’t matter what I tried, it would drop connections, and judging by Google I was not alone with this. The Windows machine is 100% so far.

As I’ve said before, most of my life is spent using a browser and a shell prompt connected to local or cloud VMs. As a result I am not tied to any desktop OS, but I’ve definitely been less frustrated with Windows 10 than I was macOS and Linux before it. I’m not sure why I stuck it out for so long.

Cheers

Tim…

PS. For context, you might want to read my post here before you tell me how great your preferred desktop OS is… 🙂

Why Automation Matters : Patching and Upgrading

As I said in a recent post, you know you are meant to, but you don’t. Why not?

The reasons will vary a little depending on the tech you are using, but I’ll divide this answer into two specific parts. The patch/upgrade process itself and testing.

The Patch/Upgrade Process

I’ve lived through the bad old days of Oracle patching and upgrades and it was pretty horrific. In comparison things are a lot better these days, but they are still not what they should be in my opinion. I can script patches and upgrades, but I shouldn’t have to.  I’m sure this will get some negative feedback, but I think people need to stop navel gazing and see how simple some other products are to deal with. I’ll stop there…

That said, I don’t think patches and upgrades are actually the problem. Of course you have to be careful about limiting down time, but much of the this is predictable and can be mitigated.

One of the big problems is the lack of standardisation within a company. When every system is unique, automating a patch or upgrade procedure can become problematic. You have to include too much logic in the automation, which can make the automation a burden. What the cloud has taught us is you should try to standardise as much as possible. When everything most things are the same, scripting and automation gets a lot easier. How do you guarantee things conform to a standard? You automate the initial build process. 🙂

So if you automate your build process, you actually make automating your patch/upgrade process easier too. 🙂

The app layer is a lot simpler than the database layer, because it’s far easier to throw away and replace an application layer, which is what people aim to do nowadays.

Testing

Testing is usually the killer part of the patch/upgrade process. I can patch/upgrade anything without too much drama, but getting someone to test it and agree to moving it forward is a nightmare. Spending time to test a patch is always going to lose out in the war for attention if there is a new spangly widget or screen needed in the application.

This is where automation can come to the rescue. If you have automated testing not only can you can move applications through the development pipeline quicker, but you can also progress infrastructure changes, such as patches and upgrades, much quicker too, as there will be a greater confidence in the outcome of the process.

Conclusion

Patching and upgrades can’t be considering in isolation where automation is concerned. It doesn’t matter how quick and reliably you can patch a database or app server if nobody is ever going to validate it is safe to progress to the next level.

I’m not saying don’t automate patching and upgrades, you definitely should. What I’m saying is it might not deliver on the promise of improved roll-out speed as a chain is only as strong as the weakest link. If testing is the limiting factor in your organisation, all you are doing by speeding up your link in the chain is adding to the testing burden down the line.

Having said all that, at least you will know your stuff is going to work and you can spend your time focusing on other stuff, like maybe helping people sort out their automated testing… 🙂

Check out the rest of the series here.

Cheers

Tim…

The Death of TLS 1.0 and 1.1 : Should You Panic?

There have been some stories recently about the death/deprecation of TLS 1.0 and 1.1. They follow a similar format to those of a few years ago about SSLv3. The obvious question is, should you panic? The answer is, as always, it depends!

Web Apps

For commercial web apps you are hopefully doing the right thing and using a layered approach to your architecture. User traffic hits a load balancer that does the SSL termination, then maybe re-encrypts to send traffic to the web servers and/or app servers below it. It’s great if you can make all the layers handle TLS 1.2, but the only one that absolutely must is the load balancer. You can hide a multitude of sins behind it. Provided your load balancer isn’t ancient, your typical web traffic won’t be a problem. If you still allow direct traffic to web and app servers you might be in for a rough ride. The quickest and easiest way to progress is to slap a load balancer or reverse proxy in front of everything.

Server Call-Outs (Back-End)

Where it can get tricky is when the back end servers make call-outs to other systems. Back when SSLv3 was getting turned off, because of the POODLE vulnerability, a bunch of people took a hit because Oracle 11.2.0.2 couldn’t use TLS1.0 when making call-outs from the database using UTL_HTTP. Support for that appeared in 11.2.0.3, so the fix was to patch the database. Oracle 11.2 (when patched accordingly), 12.1 and 12.2 can all cope with TLS 1.2. You could have similar problems when using “curl” or “wget” on old/unpatched Linux installations. Obviously the same is true for old software and frameworks.

So what’s the solution from the back end? Depending on the ages of the software you are using, and what you are actually trying to do, it’s likely to be one of the following.

  • Patch : You know you are meant to, but you don’t. This is one of those situations where you will wish you had. It always makes sense to keep up to date with patches. Often it means these sort of changes pass you by without you ever having to consider them.
  • Upgrade : If you are using a version of software that can’t be patched to enable TLS 1.2 for callouts, you probably need to upgrade to a version that can.
  • Proxy : The same way you can use a reverse proxy, or load balancer, to handle calls coming into your system, you can stick a proxy in front of outbound locations, allowing your old systems to call out with insecure protocols. The proxy then contacts the destination using a secure protocol. It’s kind-of messy, but we all have skeletons in our closet. If you have applications that simply can’t be updated, you might have to do this.
  • Stop : Stop doing what you are doing, the way you are doing it. I guess that’s not an option right? 🙂

The first step in fixing a problem is to admit you have one. You need to identify your incoming and outgoing calls to understand what the impact of these and future deprecations will have. I’m no expert at this, but it seems like architecture 101 to me. 🙂

Deprecation Doesn’t Mean Desupport

True, but it’s how the world reacts that counts. If Chrome stops allowing anything less than TLS 1.2, all previous protocols become dead instantly. If a web service provider you make call-outs to locks down their service to TLS 1.2, deprecation suddenly means death.

You know it’s coming. You’ve been warned… 🙂

Cheers

Tim…

Why Automation Matters : Reliability and Confidence

In my previous post on this subject I mentioned the potential for human error in manual processes. This leads nicely into the subject of this post about reliability and confidence…

I’ve been presenting at conferences for over a decade. Right from the start I included live demos in those talks. For a couple of years I avoided them to make my life simpler, but I’ve moved back to them again as I feel in some cases showing something has a bigger impact than just saying it…

The Problem

One of the stressful things about live demos is they require something to run the demo on, and what happens if that’s not in the state you expect it to be?

I had an example of this a few years ago. I was in Bulgaria doing a talk about CloneDB and someone asked me a question at the end of the session, so I trashed my demo to allow me to show the answer to their question. I forgot to correct the situation, so when I came to do the same demo at UKOUG it went horribly wrong, which lead someone on Twitter to say “session clone db is a mess“, and they were correct. It was. The problem here was I wasn’t starting from a known state…

This is no different for us developers and DBAs out in the real world. When we are given some kit, we want to know it’s in a consistent state, but it might not be for a few reasons.

Human Error

The system was created using a manual build process and someone made a mistake. I think almost every system coming out of a manual process has something screwed on it. I make mistakes like this too. The phone rings, you get distracted and you come back to the original task and you forget a step. You can minimise this with recipes and checklists, but we are human. We will goof up, regardless of the measures we put in place.

Sometimes it’s easy to find and fix the issue. Sometimes you have to step through the whole process again to identify the issue. For complex builds this can take a long time, and that’s all wasted time.

Changes During the Lifespan

The delivered system was perfect, but then it was changed during its lifespan. Here are a couple of examples.

App Server: Someone is diagnosing an issue and they change some app server parameters and forget to set them back. Those don’t fix the current issue, but they do affect the outcome of the next test. Having completed the testing successfully, the application gets moved to production and fails, because UAT and Live no longer have the same environment, so the outcomes are not comparable or predictable.

Database: Several developers are using a shared development database. Each person is trying to shape the data to fit their scenario, and in the process trashing someone else’s work. The shared database is only refreshed a handful of times a year, so these inconsistencies linger for a long time. If the setup of test data is not done carefully you can add logical corruptions to the data, making it no longer representative of a real situation. Once again the outcomes are not comparable or predicable.

The Solution?

I guess from the title you already know this. Automation.

Going back to my demo problem again, I almost had a repeat of this scenario at Oracle Code: Bangalore a few months ago. I woke up the day of the conference and did a quick run through my demos and something wasn’t working. How did I solve it? I rebuilt everything. 🙂

I do most of my demos using Docker these days, even for non-Docker stuff. I use Oracle Linux 7 and UEK4 as my base OS and kernel, so I run Docker inside a VirtualBox VM. The added bonus is I get a consistent experience regardless of underlying host OS (Windows, macOS or Linux). So what did the rebuild involve? From my laptop I just ran these commands.

vagrant destroy -f
vagrant up

I subsequently connected to the resulting VM and ran this command to build and run the specific containers for my demo.

docker-compose up

What I was left with was a clean build in exactly the condition I needed it to be to do my demos. Now I’m not saying I wasn’t nervous, because not having working demos on the morning of the conference is a nerve wracking thing, but I knew I could get back to a steady state, so this whole issue resulted in one line in the blog post for that day. 🙂 Without automation I would be trying to find and fix the problem, or manually rebuilding everything under time pressure, which is a sure fire way to make mistakes.

I do some demos on Oracle Database Cloud Service too. When I recently switched between trial accounts my demo VM was lost, so I provisioned a new 18c DBaaS, uploaded a script and ran it. Setup complete.

Confidence

Automation is quicker. I think we all get that. Having a reliable build process means you have the confidence to throw stuff away and build clean at any point. Think about it.

  • Developers replacing their whole infrastructure whenever they want. At a minimum once per sprint.
  • Deployments to environments not just deploying code, but replacing the infrastructure with it.
  • Environments fired up for a single purpose, maybe some automated QA or staff training, then destroyed.
  • When something goes wrong in production, just replace it. You know it’s going to work because it did in all your other environments.

Having reliable automation brings with it a greater level of confidence in what you are delivering, so you can spend less time on unplanned work fixing stuff and focus more on delivering value to the business.

Tooling

The tooling you choose will depend a lot on what you are doing and what your preferences are. For example, if you are focusing on the RDBMS layer, it is unlikely you will choose Docker for anything other than little demos. For some 3rd party software it’s almost impossible to automate a build process, so you might use gold images as your starting point or partially automate the process. In some cases you might use the cloud to provide the automation for you. The tooling is less important than the mindset in my opinion.

Check out the rest of the series here.

Cheers

Tim…

Midlife Crisis : Tough Year So Far…

I wrote this post earlier in the year, then didn’t publish it because it felt like I was drowning in self pity, but recently I accidentally showed it during a presentation, so I thought I would put it out there… So here goes…

I dislike writing this because I lead a charmed life compared to many people, this is very much “First World Problems”, but we are half way through the year and I’m already thinking I’m cursed…

Work

Work is proving extremely challenging for me. I like to be good at stuff, but more importantly I hate being bad at stuff. At the moment I’m doing so many different things at work I feel like my day is a massive pile of mediocrity, and that is really hard on my ego.

I’m in no different a position to many DBAs and developers out there, Googling my way through life, but it’s really quite depressing. The counter to this is I can’t imagine ever being so blinkered as I used to be, back in the days when I considered myself as just an “Oracle specialist”.

This is where the difficulty lies. I don’t see a way forward that I will be happy with. These types of situation where every option comes with a set of bad outcomes fry my brain…

Conferences

There is just something that is not clicking into place for me right now. It’s not a criticism of the events or the people, it’s something to do with me. I’m really daunted in the lead up to the events and although I enjoy the events themselves and interacting with people, I come away with a massive sense of relief when they are over, and then have a bad post-event crash where I just want to stop everything and give up. The post-event crash is not a new thing, but the peaks and troughs seem more exaggerated than before.

It doesn’t matter how much prep I do, it never seems to be enough. I’ve been doing this for over 10 years and I can’t remember feeling this way before. I don’t think it’s anything to do with impostor syndrome, as that has always been there and I came to terms with it a long time ago. People who think they are great are probably too rubbish to realise how much they don’t know. 🙂 I suspect there are a number of factors feeding into this.

Oracle user group conferences are much easier for me, but over the last year I’ve been doing more events that aren’t straight Oracle events, where you don’t have a good handle on the audience before you get there. As a result these events are a lot more daunting for me. Sometimes they work. Sometimes they don’t. I guess it plays into my insecurities about presenting…

Part of the Dev Champion program is about taking you out of your comfort zone. It’s certainly done this, and I know it’s probably good for me, but it doesn’t always feel like it. 🙂

Website

Over the years the website has been the one thing I can always count on to get me out of a funk. I sit down, play with technology and write. Some of it becomes articles. Some of it gets lost in the midst of time. Either way I’ve always felt like I’m having fun when I’m doing it. It doesn’t feel like that at the moment though. The pressure of other stuff encroaching on my time means this is suffering, which in turn makes me put pressure on myself to deliver, which stops it feeling like fun…

Conclusion

So there it is. I’m having a midlife crisis. I have no plan regarding how to fix it, but convention tells me I should go out with a 19 year old gold digger (sorry Debra), buy a drop-top car and/or a motorbike and generally try to act like I’m 20, so people can discuss how sad my behaviour is and laugh about me behind my back… I’m off to do some test drives and install Tinder on my phone…

Cheers

Tim…

PS. Since writing this, but before posting it, I’ve had a conference where things have worked out OK, so I’m hoping my mindset and luck are changing…

PPS. A couple of people encouraged me to release this, because they thought it would be good for people to hear that experienced presenters have all the same problems as newbies. That is definitely true…

Why Automation Matters : Lost Time

Sorry for stating what I hope is the obvious, but automation matters. It’s mattered for a long time, but the constant mention of Cloud and DevOps over the last few years has thrown even more emphasis on automation.

If you are not sure why automation matters, I would just like to give you an example of the bad old days, which might be the current time for some who are still doing everything manually, with separate teams responsible for each stage of the process.

Lost Time : Handover/Handoff Lag

In the diagram below we can see all the stages you might go through to deploy a new application server. Every time the colour of the box changes, it means a handover to a different team.

So there are a few things to consider here.

  • Each team is likely to have different priorities, so a handover between teams is not necessarily instantaneous. The next stage may be waiting on a queue for a long time. Potentially days. Don’t even get me started on things waiting for people to return from holiday…
  • Even if an individual team has created build scripts and has done their best to automate their tasks, if it is relying on them to pick something off a queue to initiate it, there will still be a handover delay.
  • When things are done manually people make mistakes. It doesn’t matter how good the people are, they will mess up occasionally. That is why the diagram includes a testing failure, and the process being redirected back through several teams to diagnose and fix the issue. This results in even more work. Specifically, unplanned work.
  • Manual processes are just slower. Running an installer and clicking the “Next” button a few times takes longer than just running a script. If you have to type responses and make choices it’s going to take even more time, and don’t forget that bit about human error…

Let’s contrast this to the “perfect” automated setup, where the request triggers an automated process to deliver the new service.

In this example, the request initiates an automated workflow that completes the action and delivers the finished product without any human intervention along the path. The automation takes as long as it takes, and ultimately has to do most of the same work, but there is no added handover lag in this process.

I think it’s fair to say you would be expecting a modern version of this process to complete in a matter of minutes, but I’ve seen the manual process take weeks or even months, not because of “work time”, but because of the idle handover time and human processes involved…

They Took Our Jobs!

At first glance it might seem like this is a problem if you are employed in any of the teams responsible for doing the manual tasks. Surely the automation is going to mean job cuts right? That depends really. In order to fully automate the delivery of any service you are going to have to design and build the blocks that will be threaded together to produce the final solution. This is not always simple. Depending on your current setup this might mean having fewer, more highly skilled people, or it might require more people in total. It’s impossible to know without knowing the requirements and the current staffing levels. Also, cloud provides a lot of the building blocks for you, so if you go that route there may be less work to do in total.

Even if the number of people doesn’t change as part of the automation process, you are getting work through the door quicker, so you are adding value to the business at a higher rate. From a DevOps perspective you have not added value to the business until you’ve delivered something to them. All the hours spent getting part of the build done equate to zero value to the business…

But we are doing OK without automation!

No you’re not! You’re drowning! You just don’t know it yet!

I never hear people saying they haven’t got enough projects waiting. I always hear people saying they have to shelve things because they don’t have time staff/resources/time to do them.

As your processes get more efficient you should be able to reallocate staff to projects that add value to the business, rather than wasting their lives on clicking the “Next” button.

If your process stays inefficient you will always be saying you are short of staff and every new project will require yet another round of internal recruitment or outsourcing.

Is this DevOps?

I’m hesitant to use the term DevOps as it can be a bit of a divisive term. I struggle to see how anyone who understands DevOps can’t see the benefits, but I think many people don’t know what it means, and without the understanding the word is useless…

Certainly automation is one piece of the DevOps puzzle, but equally if you have company resistance to the term DevOps, feel free to ignore it and focus on trying to sell the individual benefits of DevOps, one of which is improved automation…

Check out the rest of the series here.

Cheers

Tim…

PS. Conway’s Law – Melvin Conway 1967

“organizations which design systems … are constrained to produce designs which are copies of the communication structures of these organizations.”

In language I can understand.

If you have 10 departments, each process will have 10 sections, with a hand-off between them.

nlOUG Tech Experience 2018 : The Journey Home

The trip home from nlOUG Tech Experience 2018 started pretty early, so true to form I didn’t sleep properly, for fear of sleeping through my alarm. At about 04:00 I was in the bath watching YouTube videos. 🙁

A couple of hours later I was at the station in Amersfoort waiting for the train to the airport where I was joined by Sabine Heimsath. Pretty soon we were on the train, where I made use of the wifi, as witnessed by Sabine (see her photo). 🙂 It was about 40 minutes to the airport, which was just about enough time to get out a blog post about the previous day.

Once at the airport I had a total brain freeze looking at the departure boards, so Sabine gave me a reboot and pointed me in the right direction. We were leaving from different parts of the airport, so we said our goodbyes and I was off to security…

Security was really busy, with the queue for the passport scanners moving rather slowly. Luckily they opened the second half of the scanners, which made things move a bit faster… I made my way over to the boarding gate and parked until my flight…

Boarding time came and we were told the cabin crew were missing… They arrived and be boarded pretty quick, so I don’t think it delayed us drastically, even though I was personally having flashbacks to last week. I originally had a middle seat, but I was asked if I wanted to move to the empty exit row, and of course I said yes and got an aisle seat. The laptop came out as soon as we were in the air…

From the airport I decided to take the train into town as I wanted to pick something up. Unfortunately the shop didn’t have what I wanted, so I had to console myself with a giant burrito for breakfast. You win some, you lose some. 🙂 From the city centre is was a quick taxi ride home and the trip was complete.

What a difference a year makes. I was ill for the nlOUG Tech Experience 2017 event and just about made it through my sessions, then went back to bed. This year I was able to get involved in the whole conference and have fun.

Thanks very much to the folks in nlOUG for letting me come along to play. Thanks to the speakers and attendees that make this stuff possible. This was a self-funded event for me, but I’d still like to thank the Oracle ACE Program and the Oracle Developer Program for continuing to allow me to fly the flag.

Here are my posts related to this event.

Cheers

Tim…

nlOUG Tech Experience 2018 : Day 2

I had a rough start to day 2 of nlOUG Tech Experience 2018. The night before I was in bed and foolishly checked my email only to find some problems at work. I got out of bed, logged in and was checking out the impact of a storage fault. Some databases had been down and some app servers weren’t exactly happy. It was some time after midnight when things started to stabilise out. That meant the following morning I felt a little fuzzy…

Once I got to the conference the day started with a keynote about “Autonomous Data Management” by Penny Avril. Hopefully we will see Penny at UKOUG at the end of the year…

If you’ve followed the blog you will know I’m a fan of what Oracle is trying to achieve with this family of cloud services. To use my own words, it’s all about less time doing boring stuff, more time doing interesting stuff.

From there I went to see Ron Ekins talk about “DevOPS, Ansible and automation for the DBA”. Due to clashes I’ve managed to miss this session at each event where we’ve been together, although he did run through some of it with me in Ireland earlier in the year. Even though I was present during this session, I missed most of it as I was logged into work again. Sorry Ron. Someday I will actually see the full session. 🙂 Just in case you are curious, yes this was a train carriage.

The next session I went to was “All about linux memory usage by the Oracle database” by Frits Hoogland. If gaining knowledge is like peeling back the layers of an onion, Frits has got through a lot more layers than me. I was surprised at how little I knew about this subject before this session. Of course I will act all superior now like I always knew it, but seriously…

From there it was off to “Kicking the Tyres on Oracle Database 18c with Swingbench” by Dominic Giles. What’s not to love about Swingbench (and Dom)? I’ve been using SwingBench for years, long before I knew who Dom was. 🙂 Keep those releases coming Dom!

The last session of my day was my presentation called DBA Does Docker, which is about my journey so far with Docker. I’m a big fan, but I’ve not drunk the KoolAid… I think the session wet well, and all the demos worked. 🙂

After a quick closing ceremony, then some drinks and nibbles the conference was over.

A few of us went into town to get some food and then before I knew it the day was over.

I will do all the proper thank you messages in the closing post when I get home, but thanks everyone for a great conference. It’s been a tough year so far and this was the first conference where I felt things went OK for me. That’s not a criticism of the other events I’ve been to. It’s about something not clicking into position with me. I’m hoping this event has broken my run of bad luck…

Cheers

Tim…