Video : Install Docker on Oracle Linux 7 (OL7)

Today’s video is a run through installing the Docker engine on Oracle Linux 7 (OL7).

You can get the commands mentioned in this video from the following article.

You can see my other Docker posts and builds here.

The star of today’s video is Robyn Sands, formerly of the Oracle Real World Performance Group, and now something to do with some fruit company… πŸ™‚

Cheers

Tim…

Birmingham Digital & DevOps Meetup : August 2019

Yesterday evening I went along to the Birmingham Digital & DevOps Meetup for the first time. It followed the usual meetup format of quick intro, talk, break, talk then home.

First up was Elton Stoneman from Docker with “Just What Is A β€œService Mesh”, And If I Get One Will It Make Everything OK?” The session started by describing the problems associated with communication between the building blocks of a system, and how a service mesh can alleviate some of them. It then moved on to some service mesh demos using Istio. These included examples of altering the routing of traffic to do canary testing and targeting specific groups etc.

Elton was really honest about the learning curve, issues and overhead associated with this sort of setup. One comment I really liked was when he showed a slide containing the following, saying that often people assume there is a progression from left to right.

Meaning people assume you learn Docker, then you need some form of orchestration so you learn Swarm. From there you naturally progress to Kubernetes and once you understand that, you will inevitably move on to a service mesh using something like Istio. Elton’s point was you don’t *have to* continue on this progression. You can step off at any point once you’ve achieved the functionality you need. I think this is a really important point and I can see it reflected in what I do with Docker. We’ve got some things that stop at just using Docker containers, with no orchestration at all. I work on a project that requires some orchestration, so we use Swarm, which is really easy to use. So far I’ve had no reason to go beyond Swarm, and even considering a service mesh is so far down the line for us. I’m not discounting the relevance of these for everyone, but they don’t make sense for me at this point.

It was a really good session and I learned a lot. You can check out Elton’s blog here.

After the break it was James Relph with “Container Security Fundamentals”. This started of with a basic introduction to containers, using that as an entry point to explain how containers can be problematic from a security perspective, and what you can do to reduce the impact. He covered a lot of stuff, some of which I already do, some I know about and some stuff that was new to me. This is not an exhaustive list.

  • Don’t automatically trust images from Docker hub. Do your due diligence, even when they are from a reputable source.
  • Use your own image repository. He mentioned ECR amongst others. This can be used for your own images, but also base images from Docker Hub, which you have verified.
  • Don’t use “latest”, but use specific tagged versions. Latest gives you all the latest fixes, but all the latest bugs too. You should test and verify before you let images out into your infrastructure.
  • Multi-stage builds to reduce the size of containers and minimise the attack surface. Basically, copy out what you need and leave the crap behind.
  • Using sidecar containers to provide specific services, allowing your application images to remain more focused. The sidecar images can be maintained by feature experts to make sure they are as secure as possible.
  • Scanning images using Clair, amongst other things, to check for dodgy software. One of the audience mentioned Anchore.
  • Using microVMs like Firecracker to provide additional isolation, whilst retaining the ease of use of containers. I’ve not played with this, but I have tried Kata Containers, which seems to do pretty much the same.

There was a lot in there!

I was a bit nervous going into the event thinking it would all go over my head, and some of it probably did, but it was cool. I got to speak to a few people before the event, during the break and at the end. It seemed like there were quite a mix of people there from beginners in these areas upward, so I didn’t feel out of place.

A few times I found myself thinking, that’s great, but what do I do about my 3rd party applications? I’ve written before (here) about how 3rd party apps screw everything up. πŸ™‚

Thanks to Elton Stoneman and James Relph for taking the time to come and speak to us. Thanks to the folks from BrumDigitalDevOps for organising the event, and to Capgemini UK for sponsoring the event.

Cheers

Tim…

Docker : New Builds Using Oracle Linux 8 (oraclelinux:8-slim)

Yesterday I noticed the oraclelinux section on Docker Hub included “oraclelinux:8-slim”, so when I got home a did a quick run through some builds using it.

  • ol8_ords : This build is based on “oraclelinux:8-slim” and includes OpenJDK 12, Tomcat 9, ORDS 19, SQLcl 19 and the APEX 19 images.
  • ol8_19 : This build is based on “oraclelinux:8-slim” and includes the 19c database and APEX 19.
  • ol8_183 : This build is based on “oraclelinux:8-slim” and includes the 18c database and APEX 19.

There are also some new compose files, so I could test database and ORDS containers working together.

Everything worked fine, but here come the inevitable warnings and comments.

  • The Oracle database is not certified on Oracle Linux 8 yet, so the database builds are just for playing around, not a recommendation.
  • The database preinstall packages don’t exist yet, so I installed the main required packages with DNF, but I didn’t do some of the additional manual setup I would normally do, so it’s not a perfect example of an installation. I assume the preinstall packages will eventually be released, and I will substitute them in.
  • The ORDS build is not subject to the same certification restrictions as the database, so as far as I know, I could consider using this, although the build I use for work differs a little to this and is still using Oracle JDK 8 and Tomcat 8.5.

If you are interested in playing around with Docker, you can find my articles on it here, and my public builds here.

Cheers

Tim…

Java and Tomcat Updates : Vagrant and Docker

Yesterday was another update frenzy.

I already mentioned the update to VirtualBox 6.0.6 in yesterday’s post.

At the same time we got the quarterly updates to Java and I noticed a new version of Tomcat, so I downloaded OpenJDK 12.0.1 and Tomcat 9.0.19 and added them to my Vagrant and Docker builds.

If you are interested in this stuff, you can check it out here.

Remember, this is just my playground stuff. If you find it useful, that’s great. If not, there are plenty of other people messing about with this stuff. πŸ™‚

Cheers

Tim…

ORDS, SQLcl and SQL Developer 19.1 Released, and some Vagrant and Docker Stuff

Yesterday Kris Rice put out some tweets to say ORDS, SQLcl and SQL Developer version 19.1 had been released.

As usual I downloaded SQL Developer and put it on my desktop, and I started the process of updating my Vagrant and Docker builds. If you are interested in that stuff, you can find those updates here.

You won’t be surprised that these updates are pretty simple. Just replacing the environment variables with the new version numbers. Such are the joys of automation. πŸ™‚

Happy upgrading!

Cheers

Tim…

APEX 19.1, Vagrant and Docker

Last night Joel Kallman announced the release of APEX 19.1.

It wasn’t exactly a surprise as the APEX 19.1 Early Adopter site was shutdown and there was a maintenance window on apex.oracle.com, which is running APEX 19.1.

I downloaded the 19.1 software and plugged though my Vagrant and Docker stuff bringing it up to date. If you are into that stuff you can find it on my GitHub.

I guess this means I can start the process of upgrading everything at work on Monday. πŸ™‚

Cheers

Tim…

My GitHub, Vagrant and Docker Updates

I thought I would post an update about some of the things I’ve been doing that don’t necessarily fall exactly in line with my normal website content. All of it can be found on my GitHub.

Vagrant

Once the ‘bento/fedora-29’ box was released I created a Oracle 18c on Fedora 29 build. If you are interested in that sort of thing you can find it here.

A few of the other Vagrant builds have been updated to use the ‘bento/oracle-7.6’ box. I’ve run through them all and they seem to be fine.

As part of a recent question, I ran my RAC builds on Windows 10, Oracle Linux 7.6 and macOS Majave hosts. They all worked fine, with no drama. I also tried them with less memory than before, as my MBP only has 16G of memory. It worked fine. I updated some of the “README.md” files to reflect these tests, and the option to use less memory.

I’ll be doing some stuff with Data Guard soon, so I will probably update those builds to use the latest ‘bento/oracle-7.6’ box and maybe neaten up anything that annoys me along the way. πŸ™‚

All the Vagrant-related stuff can be found in this GitHub repository.

I’ve always assumed Vagrant was so simple it didn’t really require much in the way of explanation, but I was discussing it with someone from work, and figured it was worth a short post to explain a few things, just to save me having to repeat myself, so here it is.

Docker

I’ve done a few random things on Docker recently. Nothing particularly earth-shattering, but maybe worth a mention.

At UKOUG last year (a month ago πŸ™‚ ) I was speaking to Roel Hartman about some stuff he mentioned in his Docker session. As a result of that I had a play with Portainer and Docker Swarm. I know Kubernetes has won the container orchestration war, but Swarm is so simple and does most of what I need.

I also needed to make some changes to my DB and ORDS Docker images to make using host directories as persistent volumes a little easier. I wrote these up as some short posts.

All the Docker-related stuff can be found in this GitHub repository.

As always, I feel the need to mention I’m not an expert in this stuff, and I don’t consider any of is “production ready”. It’s just stuff I’m playing with to learn the tech. If you find it useful, great. If not, that’s OK too. πŸ™‚

Cheers

Tim…

ORDS, SQLcl and SQL Developer 18.3 Updates (VirtualBox, Vagrant, Docker)

A few days ago we got version 18.3 of a bunch of Oracle tools.

Over the weekend I updated some of my VirtualBox andΒ Vagrant builds to include these versions. If you want to play around with them you can see them on GitHub here.

I also updated my ORDS Docker container build, which uses both ORDS and SQLcl. You can find this on GitHub here.

I use this container for live demos of ORDS, as well as a demo for my “DBA Does Docker” talk, which I am doing at Oracle OpenWorld this year.

I put the latest versions of SQL Developer and SQLcl on my laptop. I’m doing an analytic functions talk at Oracle Code One this year. The demos use SQLcl on my laptop connecting to Autonomous Transaction Proccessing (ATP) on Oracle Cloud. I had a little bit of drama with SQLcl on Saturday, which turned out to be PEBCAK. I thought “SET ECHO ON” wasn’t working, but it turned out I had a “login.sql” file in the path that contained “SET TERMOUT OFF”. Once I removed that setting the demos ran fine. πŸ™‚

I’m going to put a freeze on changing my stuff until after OpenWorld and Code One. Honest. πŸ™‚

Cheers

Tim…

Oracle Database 18.3.0 and Docker

Just a quick heads-up to let you know I’ve updated my Docker builds to use the new 18c on-prem software.

If you like to play around with Docker, here is some stuff you might want to check out. Remember, I’m not saying this is production ready. It’s just stuff I use for learning and demos…

  • My Docker GitHub Repo here.
  • The new 18c container build here.
  • The new Docker compose file here to fire up an 18c DB container and a Tomcat 9 + ORDS 18.2 container to front APEX 18.1, and allow you to play with ORDS.

Remember, if Docker is not your thing, you can always my Vagrant build here to fire up the same thing, but in a single VirtualBox VM.

Cheers

Tim…

APEX 18.1 Docker Builds Updated

You’ve probably seen that APEX 18.1 was released recently. This is just a quick note to say I’ve updated my Docker builds to include the latest versions of all the software including APEX. You can find the builds here.

https://github.com/oraclebase/dockerfiles

I always install APEX into every database, so the database builds include APEX and the ORDS build includes the APEX images.

Remember, I’m not saying you should use these, but if you like to play around with Docker you might find them useful, along with my Docker articles here.

Regardless of how you like to use APEX, get on board with APEX 18.1… πŸ™‚

Cheers

Tim…