Video : Multitenant : Disk I/O (IOPS, MBPS) Resource Management for Pluggable Databases (PDBs)

In today’s video we’ll discuss how Resource Manager allows us to manage the disk I/O (IOPS, MBPS) usage in PDBs. This can be useful to stop a small number of PDBs using all disk IOPS and/or bandwidth on the server.

The video is based on the following article.

You might also find these useful.

The star of the today’s video is my dad Graham Wood, who is now living a life of leisure. Unfortunately the travel restrictions mean I won’t be able to visit him this year. 🙁

Cheers

Tim…

Oracle REST Data Services (ORDS) : Database APIs – First Steps

In my never ending quest for automation, I finally got round to looking at the Oracle REST Data Services (ORDS) Database APIs.

These have been around for some time, but I was testing them for the first time using ORDS version 20.2, so I was basing my tests on that version of the documentation, and more importantly version 20 of the APIs.

The are several sets of APIs, and they don’t have the same dependencies or authentication methods. It’s not that big a deal once you know what’s going on, but it confused the hell out of me for a while, and the documentation doesn’t give you much of a steer for some of this.

PDB Lifecycle Management

My first tests were of the PDB Lifecycle Management endpoints. I enable all the relevant features in my normal installation, but there was one big road block. I always install ORDS in the PDB, and this feature only works if ORDS is installed in the root container. This makes sense as the management of PDBs is done at the root container level, but I prefer not to put anything in the root container if I can help it. I uninstalled and reinstalled ORDS so I could give it a go. This resulted in this article.

The PDB Lifecycle Management functionality seemed better suited to a self-contained article, as it is only available from a CDB installation, has its own authentication setup and only has a small number of endpoints. The available APIs are kind-of basic, but they could still be useful. It will be interesting to see if this expands to fit all the possible requirements for a PDB, which are now pretty large. I suspect not.

Most of the other stuff

Next up was “most of the other stuff”. There are too many endpoints to go into any level of detail in a single article, so I figured this should focus on the setup to use most of the other endpoints.

There are two methods of authentication discussed. The default administrator approach, which is good because it hides the database credentials from the user making the API calls. Instead they use application server credentials mapped to the “System Administrator” role. This is similar to that used by the PDB Lifecycle Management feature, except that uses the “SQL Administrator” role, and the ORDS properties are different..

The other approach is to use an ORDS enabled schema. This will be very familiar to people already using ORDS, but it comes with one big disadvantage compared to the previous method. For this functionality you have to expose the database credentials of the ORDS enabled schema to the person calling the API. Normally we would not expose these, instead using another form of authentication (Basic, OAUTH2 etc.) to allow the user to gain access. Even then the ORDS enabled schema would be a weak user that only has access to the specific objects we want it to interact with, but in this case it’s a DBA user, so it makes me nervous. Using the default administrator method the caller is constrained to some extent by the APIs, but with the database credentials they have everything if they have direct access to the database server. It’s probably insignificant when you consider the amount of damage someone could do with the APIs alone, but I feel myself wincing a little when putting DBA credentials into a HTTPS call.

For me as a DBA/Developer I would see myself as the person using these APIs to develop something, whether that was an automation, or an application. If this were to be handed over to a developer to do the work, these security questions may be a much bigger issue.

Having read that, you are probably thinking, just use the default administrator method then. I would, only some APIs don’t work with that method. Some seem to only work with the ORDS enabled schema method for authentication, while others only work with the default administrator method. What’s more, I don’t see any reference to this in the documentation. The API doc doesn’t even mention the default administrator approach, and the setup doc doesn’t mention the limitations on any of the approaches except the PDB lifecycle management. As a result, I think you will need to use a mix of the authentication methods if you plan to use a variety of functionality.

The good thing is they can all live side-by-side. At one point I was testing with a CDB installation of ORDS with credentials for PDB Lifecycle Management, default administrator and ORDS enabled schema authentication all configured at the same time. No problem. It’s just confusing when endpoints fail and you have to “trial and error” your way through them. It would be nice if there was a grid of which groups of endpoints need which type of authentication.

Now I am a noob, so maybe I’ve missed the point here, but I spent a long time trying out variations, and this seems like the way it is. If someone can educate me about why I am wrong I will willingly amend the articles, and this blog post. 🙂

Thoughts and what next?

At this point I’ve just been finding my feet, and I’m not sure what I will do next. There are some endpoints that interest me, so I might do separate articles on those, and refer back to the setup in the above articles. Then again, it may feel like just regurgitating the API documentation, so I may not. It’s worth taking a look at the available endpoints, broken down into these main sections.

  • Clusterware CLIs
  • Data Dictionary
  • Environment
  • Fleet Patching and Provisioning
  • General
  • Monitoring
  • Performance
  • Pluggable Database Lifecycle Management

Some will require additional setup, but many will not.

From the look of it, the vast majority of the endpoints are for reporting purposes. There are far fewer that actually allow you to manipulate the contents of the database. You can always write your own services for that, or use REST Enabled SQL to do it I guess. The question will be, can I get enough value out of these APIs as they stand to warrant the investment in time? I’m not sure at this point.

Cheers

Tim…

PS. If you were watching my twitter feed over the weekend and wondered what bit of tech I gave up on. It was this. I’m very stubborn though, so I came back…

Video : Multitenant : Dynamic CPU Scaling – Resource Manager Control of CPU using CPU_COUNT and CPU_MIN_COUNT

In today’s video we’ll discuss how Resource Manager can control CPU usage in PDBs using the CPU_COUNT and CPU_MIN_COUNT parameters. Oracle call this Dynamic CPU Scaling. This can be useful to stop a small number of PDBs using all CPU resources assigned to the instance.

This video is based on the following article.

Most of this information was in my instance caging article, but I’ve moved it into this separate article now.

You might also find these useful.

The star of today’s video is Bailey. He has a human called Connor McDonald. I suspect Bailey got is human to voice the video…

Cheers

Tim…

Video : Simple Oracle Document Access (SODA) for SQLcl

In today’s video we give a demonstration of Simple Oracle Document Access (SODA) for SQLcl. SODA is a feature of Oracle REST Data Services (ORDS),
but this allows to access the document store directly from SQLcl.

This video is based on the following article.

You might find these useful.

The star of today’s video is Kris Rice, who’s essentially singing “dot com” underwater. 🙂

Cheers

Tim…

Video : Simple Oracle Document Access (SODA) for PL/SQL

In today’s video we give a demonstration of Simple Oracle Document Access (SODA) for PL/SQL. SODA is a feature of Oracle REST Data Services (ORDS),
but this PL/SQL interface for SODA was introduced in Oracle Database 18c.

The video is based on this article.

You might find these useful.

The star of today’s video is the son of Dan Iverson. Dan, not his son, is an Oracle ACE focusing on PeopleSoft and Oracle Cloud Architect. He’s also in Army National Guard, which means he’s already prepared for the zombie apocalypse! 🙂

Cheers

Tim…

Video : Simple Oracle Document Access (SODA) for REST

In today’s video we’ll give a demonstration of Simple Oracle Document Access (SODA) for REST. This is a feature of Oracle REST Data Services (ORDS).

This video is based on the following article.

There are some other resources that might come in handy.

The star of today’s video is the son of Rodrigo Mufalani. Rodrigo is a fellow Oracle ACE and you can check out Rodrigo’s blog here.

Cheers

Tim…

Video : Multitenant : Running Scripts Against Multiple Pluggable Databases Using catcon.pl

In today’s video we give a quick demonstration of using catcon.pl to run scripts against multiple pluggable databases (PDBs) in a container database (CDB).

The video is based on one section of this article.

You can find loads of information about living with CDBs and PDBs in the following articles and the YouTube playlist linked below.

The star of today’s video is my long suffering wife Debra Lilley. Clearly suffering because of her social isolation, which of course means not seeing me. 🙂

Cheers

Tim…

Video : Hybrid Partitioned Tables in Oracle Database 19c

In today’s video we’ll give a quick demonstration of Hybrid Partitioned Tables, introduced in Oracle Database 19c.

The video is based on this 19c article.

The video only has a single example using external partitions pointing to CSV data. The article also includes and example using a Data Pump file.

The star of today’s video is Oren Nakdimon, who was taking a day off from being a God of Edition-Based Redefinition. 🙂

Cheers

Tim…

Video : Using Podman With Existing Dockerfiles (Oracle Database and ORDS)

Today’s video shows me using some of my existing Docker builds with Podman. Specifically a 19c database container and an Oracle REST Data Services (ORDS) container.

For those with an understanding of Docker, it should look really familiar, but it does introduce a twist in the form of a pod.

The video is based on this article.

You can see more information about containers here.

The star of today’s video is Bart Sjerps. It was really hard to find a piece of this recording that didn’t have James Morle wittering over everyone on it. 🙂

Cheers

Tim…

Oracle Linux 8 (OL8) : Vagrant and Docker builds for 19c Database

A couple of days ago I mentioned the certification of Oracle database 19c on Oracle Linux 8 (OL8) with UEK6.

I’ve had a bunch of OL8 articles and builds for a while, but up until now they’ve included warnings to say they weren’t certified. Over the last couple of evenings I’ve made some changes, so I thought I would summarise then here.

Database 19c on OL8 Article

My article on installing 19c on OL8 (from July last year) now includes the new preinstall package. It also mentions that the installation will work without patches, but it will not be supported unless you include the 19.7 patches, and are using UEK6.

Oracle Database 19c Installation On Oracle Linux 8 (OL8)

Vagrant Build

I’ve had a vagrant build of 19c on OL8 since last year. This has been amended to use the new preinstall package, and to optionally include the 19.7 patches if you’ve downloaded them. By default the patch script is commented out, so folks without a support contract can still use the build. This isn’t meant to be a “supported build”, so I’m not personally bothered about the patches for it, but it seemed a little wrong to not include them, even if it is lip-service.

https://github.com/oraclebase/vagrant/tree/master/database/ol8_19

The base box is ‘bento/oracle-8’, which hasn’t been updated to 8.2 and UEK6 yet. Once again, this doesn’t phase me. The ‘bento/oracle-8’ image tracks the latest release (8.0, 8.1, 8.2 etc.), so at some point it will updated to the latest spin and UEK6.

My go-to Vagrant build has typically been the “ol7_19” build. I’m now going to switch to the “ol7_19” build.

I’ve also added 19c Data Guard build on OL8.

https://github.com/oraclebase/vagrant/tree/master/dataguard/ol8_19

Container (Docker/Podman) Build

Similar to the Vagrant build, I’ve updated by Docker build. It also uses the new preinstall package and includes and optional patch script. I’ve also switched back from the “oraclelinux:8” image to the “oraclelinux:8-slim” base image, which means I had to make some changes, like using “microdnf” instead of “dnf”. Similar to the vagrant build, I’ve left the patch script commented out by default, because I only use this build for playing and demos.

https://github.com/oraclebase/dockerfiles/tree/master/database/ol8_19

My go-to container combination was “ol7_19” plus “ol7_ords”. I’m now going to switch to “ol8_19” plus “ol8_ords” for running APEX 20.1 using containers.

What’s Next?

I’ve got a few things in the pipeline.

  • RAC on OL8 Vagrant Build. I’m unsure at the moment if I will include the patching for this, as it makes it more complicated. I might just stick with the base release. It’s definitely not production, so I’m not sure how much I care about making the build slower and more complicated.
  • I’ve got some Podman stuff I want to talk about that relates to both Vagrant and Docker, but that is better served in a separate post.

Cheers

Tim…

PS. I don’t feel I should need to say this, but experience tells me I should. This stuff on GitHub is just a playground for me. There is no error checking. It’s purposely kept simple so people can read it easily. It’s not production ready. I don’t support it. It’s not scripture. If you find value in it, that’s great. If you don’t, don’t use it. 🙂

PPS. I used the pirate costume as I thought it looked funny. There was no deeper meaning behind this. It was nearly a Pharaoh.