I've posted a new video demonstrating Client Side Failover defined by the tnsnames.ora file
I am an Oracle Database Specialist in Singapore.
Please note that this site uses cookies.
11 April, 2024
30 March, 2024
24 March, 2024
Grid Infrastructure --- OCR and Voting Disks Location at Installation
In Oracle Grid Infrastructure, the OCR (Oracle Cluster Registry) and Voting "Disks" must be on Shared Storage accessible by all the nodes of the Cluster. Typically, these are on ASM.
In ASM, a DiskGroup is created for the disks that hold the OCR.
Normally, an ASM DiskGroup may use External Redundancy (Mirroring or other protection against Physical Disk or LUN failure is provided by the underlying Storage) or Normal Redundancy (Two-Way Mirroring, i.e. two Disks or LUN devices) or High Redundancy (Three-Way Mirroring with three Disks).
However, for the OCR and Voting "Disks" (i.e. Voting File), Normal Redundancy requires three Disks or LUN devices where three Voting Files and one OCR (Primary and Secondary copy) are created. High Redundancy requires five Disks or LUN devices where five Voting Files and once OCR (with one Primary and two Secondary copies) are created.
In Test or Lab environments, you might have created your OCR/Vote DiskGroup on ASM storage with External Redundancy so as to not have to provision 3 or 5 disks.
However, in the 19c Lab environment with 2 Virtual Box VMs that I recently built on my Home PC, I created 5 ASM Disks of 2GB each (using ASMLib instead of udev persistent naming) to hold the OCR + VOTE DiskGroup. I then selected High Redundancy for the consequent DiskGroup.
This is the Installer Screen :
This is the subsequent output from running root.sh from the Grid ORACLE_HOME towards the end of the installation :
[datetime] CLSRSC-482: Running command: '/u01/app/grid/product/19.3/bin/ocrconfig
-upgrade grid grid'
CRS-4256:
Updating the profile
Successful
addition of voting disk 6c3ea5fbf0254fd5bfd489fc5c674409.
Successful
addition of voting disk ff3b9da031064fccbfab4b57933f12e1.
Successful
addition of voting disk 44e50015bcf24f7cbfc1b9348fdbe568.
Successful
addition of voting disk de64da366c164f5cbfba2761df5948d5.
Successful
addition of voting disk 4485ff5940384f85bf524a81090c6bd8.
Successfully
replaced voting disk group with +OCR_VOTE.
CRS-4256:
Updating the profile
CRS-4266:
Voting file(s) successfully replaced
## STATE
File Universal Id
File Name Disk group
-- -----
-----------------
--------- ---------
1. ONLINE
6c3ea5fbf0254fd5bfd489fc5c674409 (/dev/oracleasm/disks/OCR_VOTE_DISK_1)
[OCR_VOTE]
2. ONLINE
ff3b9da031064fccbfab4b57933f12e1 (/dev/oracleasm/disks/OCR_VOTE_DISK_2)
[OCR_VOTE]
3. ONLINE
44e50015bcf24f7cbfc1b9348fdbe568 (/dev/oracleasm/disks/OCR_VOTE_DISK_3)
[OCR_VOTE]
4. ONLINE
de64da366c164f5cbfba2761df5948d5 (/dev/oracleasm/disks/OCR_VOTE_DISK_4)
[OCR_VOTE]
5. ONLINE
4485ff5940384f85bf524a81090c6bd8 (/dev/oracleasm/disks/OCR_VOTE_DISK_5)
[OCR_VOTE]
Located
5 voting disk(s).
Thus it did create 5 Voting "Disks" (Voting Files).
After the installation is completed, I verified this again
from the first node "srv1":
and from the second node "srv2" :
Note : Whether I create the DiskGroup with Normal or High Redundancy, it will still show only 1 OCR because there is only 1 Primary OCR location (Normal or High Redundancy will automatically create 1 or 2 Secondary OCR copy).
It is possible to add another location for OCR in this manner (where I add to the FRA DiskGroup):
Furthermore, each node of the Cluster has a Local Cluster Registry (that is called an OLR) :
If you are worried about Failure Groups for the OCR_VOTE DiskGroup, you can see that the FailureGroups are automatically created for this High Redundancy DiskGroup :
05 March, 2024
Installing and Running DBSAT on 21c
DBSAT is Oracle's "Database Security Assessment Tool" that you can get from Oracle Support Document "Oracle Database Security Assessment Tool (DBSAT) (Doc ID 2138254.1)" .
This is the User Guide for the current release (3.1)
It does checks against "proven Oracle Database Security best practices, CIS benchmark recommendations and STIG rules".
See Oracle Support Document "Does DBSAT Scan for all of the STIG And CIS Benchmark Controls? (Doc ID 2651827.1)" for a disclaimer.
Here I demonstrate quick installation :
[oracle@node2 ~]$ cd /u01/app/oracle [oracle@node2 oracle]$ cd DB* [oracle@node2 DBSAT_Installer]$ pwd /u01/app/oracle/DBSAT_Installer [oracle@node2 DBSAT_Installer]$ ls -l total 45180 -rwxr-x---. 1 oracle dba 46264143 Mar 5 22:15 DBSAT.zip [oracle@node2 DBSAT_Installer]$ which unzip /bin/unzip [oracle@node2 DBSAT_Installer]$ [oracle@node2 DBSAT_Installer]$ unzip DBSAT.zip Archive: DBSAT.zip inflating: dbsat inflating: dbsat.bat inflating: sat_collector.sql inflating: sa.jar inflating: jython-standalone-2.7.3.jar inflating: xlsxwriter/app.py inflating: xlsxwriter/chart_area.py inflating: xlsxwriter/chart_bar.py inflating: xlsxwriter/chart_column.py .... .... deleted a few lines of output of the unzip command inflating: Discover/conf/sensitive_en.ini inflating: Discover/conf/sensitive_es.ini inflating: Discover/conf/sensitive_de.ini inflating: Discover/conf/sensitive_pt.ini inflating: Discover/conf/sensitive_it.ini inflating: Discover/conf/sensitive_fr.ini inflating: Discover/conf/sensitive_nl.ini inflating: Discover/conf/sensitive_el.ini [oracle@node2 DBSAT_Installer]$ --- create the default script from the User Guide [oracle@node2 DBSAT_Installer]$ cat > DBSAT_User.sql create user dbsat_user identified by dbsat_user; --If Database Vault is enabled, connect as DV_ACCTMGR to run this command grant create session to dbsat_user; grant select_catalog_role to dbsat_user; grant select on sys.registry$history to dbsat_user; grant read on sys.dba_audit_mgmt_config_params to dbsat_user; grant select on sys.dba_users_with_defpwd to dbsat_user; grant read on sys.dba_credentials to dbsat_user; grant execute on sys.dbms_sql to dbsat_user; grant audit_viewer to dbsat_user; // 12c and later grant capture_admin to dbsat_user;// 12c and later covers sys.dba_priv_captures, sys.priv_capture$, sys.capture_run_log$ [oracle@node2 DBSAT_Installer]$ --- verify the script [oracle@node2 DBSAT_Installer]$ cat DBSAT_User.sql create user dbsat_user identified by dbsat_user; --If Database Vault is enabled, connect as DV_ACCTMGR to run this command grant create session to dbsat_user; grant select_catalog_role to dbsat_user; grant select on sys.registry$history to dbsat_user; grant read on sys.dba_audit_mgmt_config_params to dbsat_user; grant select on sys.dba_users_with_defpwd to dbsat_user; grant read on sys.dba_credentials to dbsat_user; grant execute on sys.dbms_sql to dbsat_user; grant audit_viewer to dbsat_user; // 12c and later grant capture_admin to dbsat_user;// 12c and later covers sys.dba_priv_captures, sys.priv_capture$, sys.capture_run_log$ [oracle@node2 DBSAT_Installer]$ -- I then create this user in my custom PDB [oracle@node2 DBSAT_Installer]$ sqlplus / as sysdba SQL*Plus: Release 21.0.0.0.0 - Production on Tue Mar 5 22:30:29 2024 Version 21.3.0.0.0 Copyright (c) 1982, 2021, Oracle. All rights reserved. Connected to: Oracle Database 21c Enterprise Edition Release 21.0.0.0.0 - Production Version 21.3.0.0.0 SQL> alter session set container=HEMANTPDB; Session altered. SQL> @DBSAT_User.sql User created. Grant succeeded. Grant succeeded. Grant succeeded. Grant succeeded. Grant succeeded. Grant succeeded. Grant succeeded. SQL>
I am now ready to run the Collector.
[oracle@node2 DBSAT_Installer]$ ./dbsat collect dbsat_user/dbsat_user@hemantpdb Database Security Assessment Tool version 3.1 (Jan 2024) This tool is intended to assist you in securing your Oracle database system. You are solely responsible for your system and the effect and results of the execution of this tool (including, without limitation, any damage or data loss). Further, the output generated by this tool may include potentially sensitive system configuration data and information that could be used by a skilled attacker to penetrate your system. You are solely responsible for ensuring that the output of this tool, including any generated reports, is handled in accordance with your company's policies. Usage: dbsat collect [ -n ] -lt database_connect_string > -lt output_file > dbsat report [ -a ] [ -n ] [ -g ] [ -x -lt section > ] [ -u -lt user > ] -lt input_file > dbsat discover [ -n ] -c -lt config_file > -lt output_file > Options: -a Report with all user accounts, including locked and schema-only, Oracle-supplied users -n No encryption for output -g Show all grants including Common Grants in a Pluggable Database -x Specify sections to exclude from report (may be repeated for multiple sections) -u Specify users to exclude from report -c Configuration file for discoverer [oracle@node2 DBSAT_Installer]$ ./dbsat collect dbsat_user/dbsat_user@hemantpdb hemantpdb_DBSAT_Report Database Security Assessment Tool version 3.1 (Jan 2024) This tool is intended to assist you in securing your Oracle database system. You are solely responsible for your system and the effect and results of the execution of this tool (including, without limitation, any damage or data loss). Further, the output generated by this tool may include potentially sensitive system configuration data and information that could be used by a skilled attacker to penetrate your system. You are solely responsible for ensuring that the output of this tool, including any generated reports, is handled in accordance with your company's policies. Connecting to the target Oracle database... SQL*Plus: Release 21.0.0.0.0 - Production on Tue Mar 5 22:34:39 2024 Version 21.3.0.0.0 Copyright (c) 1982, 2021, Oracle. All rights reserved. Connected to: Oracle Database 21c Enterprise Edition Release 21.0.0.0.0 - Production Version 21.3.0.0.0 Setup complete. SQL queries complete. /bin/cat: /u01/app/oracle/product/21.3.0.0/dbhome_1/network/admin/sqlnet.ora: No such file or directory Warning: Exit status 256 from OS rule: sqlnet.ora /bin/ls: cannot access /u01/app/oracle/product/21.3.0.0/dbhome_1/network/admin/sqlnet.ora: No such file or directory Warning: Exit status 512 from OS rule: ls_sqlnet.ora /bin/cat: /u01/app/oracle/product/21.3.0.0/dbhome_1/network/admin/listener.ora: No such file or directory Warning: Exit status 256 from OS rule: listener.ora /bin/ls: cannot access /u01/app/oracle/product/21.3.0.0/dbhome_1/network/admin/listener.ora: No such file or directory Warning: Exit status 512 from OS rule: ls_listener.ora Warning: Exit status 256 from OS rule: dbcs_status /bin/cat: /u01/app/oracle/product/21.3.0.0/dbhome_1/network/admin/cman.ora: No such file or directory Warning: Exit status 256 from OS rule: cman.ora /bin/cat: /u01/app/oracle/product/21.3.0.0/dbhome_1/ldap/admin/fips.ora: No such file or directory Warning: Exit status 256 from OS rule: fips1.ora /bin/cat: /fips.ora: No such file or directory Warning: Exit status 256 from OS rule: fips2.ora /bin/ls: cannot access /diag: No such file or directory Warning: Exit status 512 from OS rule: diag_dest_base /bin/ls: cannot access /u01/app/oracle/product/21.3.0.0/dbhome_1/rdbms/log/diag: No such file or directory Warning: Exit status 512 from OS rule: diag_dest_home OS commands complete. Disconnected from Oracle Database 21c Enterprise Edition Release 21.0.0.0.0 - Production Version 21.3.0.0.0 DBSAT Collector completed successfully. Calling /u01/app/oracle/product/21.3.0.0/dbhome_1/bin/zip to encrypt hemantpdb_DBSAT_Report.json... Enter password: Verify password: adding: hemantpdb_DBSAT_Report.json (deflated 86%) zip completed successfully. [oracle@node2 DBSAT_Installer]$
So, apparently it assumes the old convention of the network folders being under ORACLE_HOME.
[oracle@node2 DBSAT_Installer]$ rm hemantpdb_DBSAT_Report.json [oracle@node2 DBSAT_Installer]$ ORACLE_BASE=/u01/app/oracle;export ORACLE_BASE [oracle@node2 DBSAT_Installer]$ ./dbsat collect dbsat_user/dbsat_user@hemantpdb hemantpdb_DBSAT_Report Database Security Assessment Tool version 3.1 (Jan 2024) This tool is intended to assist you in securing your Oracle database system. You are solely responsible for your system and the effect and results of the execution of this tool (including, without limitation, any damage or data loss). Further, the output generated by this tool may include potentially sensitive system configuration data and information that could be used by a skilled attacker to penetrate your system. You are solely responsible for ensuring that the output of this tool, including any generated reports, is handled in accordance with your company's policies. Connecting to the target Oracle database... SQL*Plus: Release 21.0.0.0.0 - Production on Tue Mar 5 23:00:54 2024 Version 21.3.0.0.0 Copyright (c) 1982, 2021, Oracle. All rights reserved. Last Successful login time: Tue Mar 05 2024 23:00:00 +08:00 Connected to: Oracle Database 21c Enterprise Edition Release 21.0.0.0.0 - Production Version 21.3.0.0.0 Setup complete. SQL queries complete. /bin/cat: /u01/app/oracle/product/21.3.0.0/dbhome_1/network/admin/sqlnet.ora: No such file or directory Warning: Exit status 256 from OS rule: sqlnet.ora /bin/ls: cannot access /u01/app/oracle/product/21.3.0.0/dbhome_1/network/admin/sqlnet.ora: No such file or directory Warning: Exit status 512 from OS rule: ls_sqlnet.ora /bin/cat: /u01/app/oracle/product/21.3.0.0/dbhome_1/network/admin/listener.ora: No such file or directory Warning: Exit status 256 from OS rule: listener.ora /bin/ls: cannot access /u01/app/oracle/product/21.3.0.0/dbhome_1/network/admin/listener.ora: No such file or directory Warning: Exit status 512 from OS rule: ls_listener.ora Warning: Exit status 256 from OS rule: dbcs_status /bin/cat: /u01/app/oracle/product/21.3.0.0/dbhome_1/network/admin/cman.ora: No such file or directory Warning: Exit status 256 from OS rule: cman.ora /bin/cat: /u01/app/oracle/product/21.3.0.0/dbhome_1/ldap/admin/fips.ora: No such file or directory Warning: Exit status 256 from OS rule: fips1.ora /bin/cat: /fips.ora: No such file or directory Warning: Exit status 256 from OS rule: fips2.ora /bin/ls: cannot access /u01/app/oracle/product/21.3.0.0/dbhome_1/rdbms/log/diag: No such file or directory Warning: Exit status 512 from OS rule: diag_dest_home OS commands complete. Disconnected from Oracle Database 21c Enterprise Edition Release 21.0.0.0.0 - Production Version 21.3.0.0.0 DBSAT Collector completed successfully. Calling /u01/app/oracle/product/21.3.0.0/dbhome_1/bin/zip to encrypt hemantpdb_DBSAT_Report.json... Enter password: Verify password: adding: hemantpdb_DBSAT_Report.json (deflated 86%) zip completed successfully. [oracle@node2 DBSAT_Installer]$
I can afford to ignore the network/admin lookups under $ORACLE_HOME as they are not valid. I might go back and check the "diag_dest_home" check (e.g. review "sat_collector.sql")
[oracle@node2 DBSAT_Installer]$ PATH=/u01/app/21.3.0.0/grid/jdk/bin:$PATH;export PATH [oracle@node2 DBSAT_Installer]$ java -version java version "1.8.0_291" Java(TM) SE Runtime Environment (build 1.8.0_291-b09) Java HotSpot(TM) 64-Bit Server VM (build 25.291-b09, mixed mode) [oracle@node2 DBSAT_Installer]$ [oracle@node2 DBSAT_Installer]$ JAVA_HOME=/u01/app/21.3.0.0/grid/jdk;export JAVA_HOME [oracle@node2 DBSAT_Installer]$ ./dbsat report hemantpdb_DBSAT_Report Database Security Assessment Tool version 3.1 (Jan 2024) This tool is intended to assist you in securing your Oracle database system. You are solely responsible for your system and the effect and results of the execution of this tool (including, without limitation, any damage or data loss). Further, the output generated by this tool may include potentially sensitive system configuration data and information that could be used by a skilled attacker to penetrate your system. You are solely responsible for ensuring that the output of this tool, including any generated reports, is handled in accordance with your company's policies. DBSAT Reporter ran successfully. Calling /usr/bin/zip to encrypt the generated reports... Enter password: Verify password: zip warning: hemantpdb_DBSAT_Report_report.zip not found or empty adding: hemantpdb_DBSAT_Report_report.txt (deflated 76%) adding: hemantpdb_DBSAT_Report_report.html (deflated 83%) adding: hemantpdb_DBSAT_Report_report.xlsx (deflated 2%) adding: hemantpdb_DBSAT_Report_report.json (deflated 81%) zip completed successfully. [oracle@node2 DBSAT_Installer]$ [oracle@node2 DBSAT_Installer]$ unzip -l hemantpdb_DBSAT_Report_report.zip Archive: hemantpdb_DBSAT_Report_report.zip Length Date Time Name --------- ---------- ----- ---- 161417 03-05-2024 23:09 hemantpdb_DBSAT_Report_report.txt 261378 03-05-2024 23:09 hemantpdb_DBSAT_Report_report.html 36732 03-05-2024 23:09 hemantpdb_DBSAT_Report_report.xlsx 197620 03-05-2024 23:09 hemantpdb_DBSAT_Report_report.json --------- ------- 657147 4 files [oracle@node2 DBSAT_Installer]$ [oracle@node2 DBSAT_Installer]$ unzip hemantpdb_DBSAT_Report_report.zip hemantpdb_DBSAT_Report_report.txt Archive: hemantpdb_DBSAT_Report_report.zip [hemantpdb_DBSAT_Report_report.zip] hemantpdb_DBSAT_Report_report.txt password: inflating: hemantpdb_DBSAT_Report_report.txt [oracle@node2 DBSAT_Installer]$ [oracle@node2 DBSAT_Installer]$ more hemantpdb_DBSAT_Report_report.txt ### Oracle Database Security Assessment - Highly Sensitive ### * Assessment Date & Time * Date of Data Collection Date of Report Reporter Version ---------------------------------- ---------------------------------- --------------------- Tue Mar 05 2024 23:00:54 UTC+08:00 Tue Mar 05 2024 23:09:51 UTC+08:00 3.1 (Jan 2024) - b73a * Database Identity * Name Container (Type:ID) Platform Database Role Log Mode Created -------- ------------------- ---------------- ------------- ------------ ---------------------------------- DB21CRAC HEMANTPDB (PDB:3) Linux x86 64-bit PRIMARY NOARCHIVELOG Fri Jan 19 2024 15:12:46 UTC+08:00 ### Summary ### Section Pass Evaluate Advisory Low Risk Medium Risk High Risk Total Findings --------------------------- ---- -------- -------- -------- ----------- --------- -------------- Basic Information 0 0 0 0 0 1 1 User Accounts 7 8 1 3 2 1 22 Privileges and Roles 6 23 1 0 0 0 30 Authorization Control 0 3 1 0 0 0 4 Fine-Grained Access Control 0 0 5 0 0 0 5 Auditing 0 2 9 3 0 0 14 Encryption 0 3 1 0 0 0 4 Database Configuration 7 9 0 2 2 0 20 Network Configuration 0 0 0 0 0 1 1 Operating System 4 3 0 1 1 0 9 Total 24 51 18 9 5 3 110 ### Basic Information ### * Database Version * Oracle Database 21c Enterprise Edition Release 21.0.0.0.0 - Production Version 21.3.0.0.0
The TXT format of the report is 161,417 bytes and the HTML format is 261,378 bytes.
* Patch Check * - The Oracle Database should be patched Status: High Risk Summary: Oracle Database version is supported but latest patch is missing. Latest comprehensive patch has not been applied. Details: Latest patch not applied for a supported database version. Remarks: Unsupported commercial and database systems should not be used because fixes to newly identified bugs will not be implemented by the vendor. The lack of support can result in potential vulnerabilities. Systems at unsupported servicing levels or releases will not receive security updates for new vulnerabilities, which leaves them subject to exploitation. When maintenance updates and patches are no longer available, the database software is no longer considered supported and should be upgraded or decommissioned. It is vital to keep the database software up-to-date with security fixes as they are released. Oracle issues comprehensive patches in the form of Release Updates on a regular quarterly schedule. These updates should be applied as soon as they are available. References: Oracle Best Practice CIS Benchmark: Recommendation 1.1 DISA STIG: V-237697, V-237748, V-251802 * Users with Default Passwords * - User accounts should not have default passwords Status: High Risk Summary: Found 1 unlocked user account with default password. Details: Users with default password: HR Remarks: Default passwords for predefined Oracle accounts are well known and provide a trivial means of entry for attackers. Database or account administrators should also change well-known passwords for locked accounts. Having default passwords can lead to unauthorized data manipulation and theft of confidential information. Note that if a script creates the database and the SYS or SYSTEM user password remains unchanged, these users are considered to possess a default password. Your database may be at risk due to the password presence within the script. Change the password to improve security. References: Oracle Best Practice CIS Benchmark: Recommendation 4.1 DISA STIG: V-237698 * Network Encryption * - Check configurations used for Native Network Encryption Status: High Risk Summary: Found unencrypted connections. Clients can connect to the database using unencrypted communication channels. Details: Found 3 connections established over unencrypted channel. Remarks: Network encryption is crucial for protecting the confidentiality and integrity of communication between a database server and its clients. Connections to a database instance must be established using the encrypted channels. References: Oracle Best Practice CIS Benchmark: Recommendation 2.3.1, 2.3.2 DISA STIG: V-219841, V-220263, V-220291, V-237699, V-237700, V-237723
Of course, the Report goes on to detail the 110 "findings".
[oracle@node2 DBSAT_Installer]$ sqlplus / as sysdba SQL*Plus: Release 21.0.0.0.0 - Production on Tue Mar 5 23:18:49 2024 Version 21.3.0.0.0 Copyright (c) 1982, 2021, Oracle. All rights reserved. Connected to: Oracle Database 21c Enterprise Edition Release 21.0.0.0.0 - Production Version 21.3.0.0.0 SQL> alter session set container=HEMANTPDB; Session altered. SQL> drop user dbsat_user; User dropped. SQL> quit Disconnected from Oracle Database 21c Enterprise Edition Release 21.0.0.0.0 - Production Version 21.3.0.0.0 [oracle@node2 DBSAT_Installer]$
So, DBSAT does reference CIS and STIG in its report.
27 February, 2024
Installing and Running Oracle AHF ORACHK on a 12.2 DB Server
The Oracle Autonomous Health Framework is described in Support Document "Autonomous Health Framework (AHF) - Including TFA and ORAchk/EXAchk (Doc ID 2550798.1)"
In a recent video I have demonstrated running 24.1 orachk (with "-b" for "Best Practices Check) against a 21.3 RAC Cluster.
Here I demonstrate the installation and execution against a 12.2 non-RAC database.
When you download the 24.1 release of AHF (AHF-LINUX_v24.1.0.zip, approximately 410MB), you have to unzip it and then run ahf_setup. It is preferable to use the default location /opt/oracle.ahf (and precreate a "data" subfolder if it doesn't exist).
If your first attempt at installation returns an error :
[ERROR] : AHF-00074: Required Perl Modules not found : Data::Dumper
you can check the perl version and download and install this module (Note : In the listings below "AHF_Installer is the location where I have extracted the installation zip file).
[root@vbgeneric AHF_Installer]# /bin/perl -v This is perl 5, version 16, subversion 3 (v5.16.3) built for x86_64-linux-thread-multi (with 34 registered patches, see perl -V for more detail) Copyright 1987-2012, Larry Wall Perl may be copied only under the terms of either the Artistic License or the GNU General Public License, which may be found in the Perl 5 source kit. Complete documentation for Perl, including FAQ lists, should be found on this system using "man perl" or "perldoc perl". If you have access to the Internet, point your browser at http://www.perl.org/, the Perl Home Page. [root@vbgeneric AHF_Installer]# yum install perl-Data-Dumper Loaded plugins: langpacks, ulninfo ol7_UEKR4 | 3.0 kB 00:00:00 ol7_latest | 3.6 kB 00:00:00 (1/5): ol7_latest/x86_64/group_gz | 136 kB 00:00:00 (2/5): ol7_UEKR4/x86_64/updateinfo | 130 kB 00:00:00 (3/5): ol7_latest/x86_64/updateinfo | 3.6 MB 00:00:00 (4/5): ol7_latest/x86_64/primary_db | 50 MB 00:00:02 (5/5): ol7_UEKR4/x86_64/primary_db | 37 MB 00:00:04 Resolving Dependencies --> Running transaction check ---> Package perl-Data-Dumper.x86_64 0:2.145-3.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved =========================================================================================== Package Arch Version Repository Size =========================================================================================== Installing: perl-Data-Dumper x86_64 2.145-3.el7 ol7_latest 47 k Transaction Summary =========================================================================================== Install 1 Package Total download size: 47 k Installed size: 97 k Is this ok [y/d/N]: y Downloading packages: perl-Data-Dumper-2.145-3.el7.x86_64.rpm | 47 kB 00:00:00 Running transaction check Running transaction test Transaction test succeeded Running transaction Warning: RPMDB altered outside of yum. Installing : perl-Data-Dumper-2.145-3.el7.x86_64 1/1 Verifying : perl-Data-Dumper-2.145-3.el7.x86_64 1/1 Installed: perl-Data-Dumper.x86_64 0:2.145-3.el7 Complete! [root@vbgeneric AHF_Installer]#
Then resume the installation (precreate the "data" folder if it doesn't exist)
[root@vbgeneric AHF_Installer]# mkdir /opt/oracle.ahf/data [root@vbgeneric AHF_Installer]# ./ahf_setup AHF Installer for Platform Linux Architecture x86_64 AHF Installation Log : /tmp/ahf_install_241000_6588_2024_02_27-13_48_51.log Starting Autonomous Health Framework (AHF) Installation AHF Version: 24.1.0 Build Date: 202402051317 Default AHF Location : /opt/oracle.ahf Do you want to install AHF at [/opt/oracle.ahf] ? [Y]|N : Y AHF Location : /opt/oracle.ahf AHF Data Directory stores diagnostic collections and metadata. AHF Data Directory requires at least 5GB (Recommended 10GB) of free space. Please Enter AHF Data Directory : /opt/oracle.ahf/data AHF Data Directory : /opt/oracle.ahf/data Do you want to add AHF Notification Email IDs ? [Y]|N : N Extracting AHF to /opt/oracle.ahf Setting up AHF CLI and SDK Configuring TFA Services Discovering Nodes and Oracle Resources Successfully generated certificates. Starting TFA Services Created symlink from /etc/systemd/system/multi-user.target.wants/oracle-tfa.service to /etc/systemd/system/oracle-tfa.service. Created symlink from /etc/systemd/system/graphical.target.wants/oracle-tfa.service to /etc/systemd/system/oracle-tfa.service. .-------------------------------------------------------------------------------. | Host | Status of TFA | PID | Port | Version | Build ID | +-----------+---------------+------+-------+------------+-----------------------+ | vbgeneric | RUNNING | 8540 | 39049 | 24.1.0.0.0 | 240100020240205131724 | '-----------+---------------+------+-------+------------+-----------------------' Running TFA Inventory... Adding default users to TFA Access list... .-------------------------------------------------------. | Summary of AHF Configuration | +-----------------+-------------------------------------+ | Parameter | Value | +-----------------+-------------------------------------+ | AHF Location | /opt/oracle.ahf | | TFA Location | /opt/oracle.ahf/tfa | | Orachk Location | /opt/oracle.ahf/orachk | | Data Directory | /opt/oracle.ahf/data | | Repository | /opt/oracle.ahf/data/repository | | Diag Directory | /opt/oracle.ahf/data/vbgeneric/diag | '-----------------+-------------------------------------' Starting ORAchk Scheduler from AHF AHF binaries are available in /opt/oracle.ahf/bin AHF is successfully Installed Do you want AHF to store your My Oracle Support Credentials for Automatic Upload ? Y|[N] : N Moving /tmp/ahf_install_241000_6588_2024_02_27-13_48_51.log to /opt/oracle.ahf/data/vbgeneric/diag/ahf/ [root@vbgeneric AHF_Installer]#
orachk can then be executed. This execution is to check against "Best Practices" :
[root@vbgeneric AHF_Installer]# orachk -b List of running databases 1. orcl12c 2. None of above Select databases from list for checking best practices. For multiple databases, select 1 for All or comma separated number like 1,2 etc [1-2][1]. 1 . . . . Checking Status of Oracle Software Stack - Clusterware, ASM, RDBMS . . . . . . . . . . . . . . . ------------------------------------------------------------------------------------------------------- Oracle Stack Status ------------------------------------------------------------------------------------------------------- Host Name CRS Installed ASM HOME RDBMS Installed CRS UP ASM UP RDBMS UP DB Instance Name ------------------------------------------------------------------------------------------------------- vbgeneric No No Yes No No Yes orcl12c ------------------------------------------------------------------------------------------------------- Copying plug-ins . . . . . . . . *** Checking Best Practice Recommendations ( Pass / Warning / Fail ) *** . ============================================================ Node name - vbgeneric ============================================================ . . . . . . Collecting - Database Parameters for orcl12c database Collecting - Database Undocumented Parameters for orcl12c database Collecting - List of active logon and logoff triggers for orcl12c database Collecting - CPU Information Collecting - Disk I/O Scheduler on Linux Collecting - DiskMount Information Collecting - Kernel parameters Collecting - Maximum number of semaphore sets on system Collecting - Maximum number of semaphores on system Collecting - Maximum number of semaphores per semaphore set Collecting - Memory Information Collecting - OS Packages Collecting - Operating system release information and kernel version Collecting - Patches for RDBMS Home Collecting - Patches xml for RDBMS Home Collecting - RDBMS patch inventory Collecting - Table of file system defaults Collecting - number of semaphore operations per semop system call Collecting - Database Server Infrastructure Software and Configuration Collecting - Disk Information Collecting - Root user limits Collecting - Verify ORAchk scheduler configuration Collecting - Verify TCP Selective Acknowledgement is enabled Collecting - Verify no database server kernel out of memory errors Collecting - Verify the vm.min_free_kbytes configuration Data collections completed. Checking best practices on vbgeneric. ------------------------------------------------------------ INFO => Traditional auditing is enabled in database for orcl12c WARNING => Linux swap configuration does not meet recommendation WARNING => Hidden database initialization parameters should not be set per best practice recommendations for orcl12c FAIL => loopback interface MTU value needs to be set to 16436 INFO => Most recent ADR incidents for /u01/app/oracle/product/12.2/db_1 FAIL => Verify Database Memory Allocation INFO => Oracle GoldenGate failure prevention best practices FAIL => The vm.min_free_kbytes configuration is not set as recommended INFO => user_dump_dest has trace files older than 30 days for orcl12c INFO => At some times checkpoints are not being completed for orcl12c WARNING => One or more redo log groups are not multiplexed for orcl12c WARNING => Primary database is not protected with Data Guard (standby database) for real-time data protection and availability for orcl12c INFO => Important Storage Minimum Requirements for Grid & Database Homes CRITICAL => Operating system hugepages count does not satisfy total SGA requirements FAIL => Table AUD$[FGA_LOG$] should use Automatic Segment Space Management for orcl12c FAIL => Database parameter DB_LOST_WRITE_PROTECT is not set to recommended value on orcl12c instance INFO => umask for RDBMS owner is not set to 0022 FAIL => Database parameter DB_BLOCK_CHECKING on primary is not set to the recommended value. for orcl12c INFO => Operational Best Practices INFO => Database Consolidation Best Practices INFO => Computer failure prevention best practices INFO => Data corruption prevention best practices INFO => Logical corruption prevention best practices INFO => Database/Cluster/Site failure prevention best practices INFO => Client failover operational best practices WARNING => Oracle patch 30712670 is not applied on RDBMS_HOME /u01/app/oracle/product/12.2/db_1 WARNING => Oracle patch 29867728 is not applied on RDBMS_HOME /u01/app/oracle/product/12.2/db_1 WARNING => Oracle patch 31142749 is not applied on RDBMS_HOME /u01/app/oracle/product/12.2/db_1 WARNING => Oracle patch 26749785 is not applied on RDBMS_HOME /u01/app/oracle/product/12.2/db_1 WARNING => Oracle patch 29302565 is not applied on RDBMS_HOME /u01/app/oracle/product/12.2/db_1 WARNING => Oracle patch 29259068 is not applied on RDBMS_HOME /u01/app/oracle/product/12.2/db_1 WARNING => Oracle clusterware is not being used WARNING => RAC Application Cluster is not being used for database high availability on orcl12c instance WARNING => DISK_ASYNCH_IO is NOT set to recommended value for orcl12c WARNING => Flashback on PRIMARY is not configured for orcl12c INFO => Database failure prevention best practices WARNING => fast_start_mttr_target has NOT been changed from default on orcl12c instance FAIL => Active Data Guard is not configured for orcl12c WARNING => Perl Patch 31858212 is not found in 12.2.0.1 RDBMS_HOME. /u01/app/oracle/product/12.2/db_1 WARNING => Oracle patch 31602782 is not applied on RDBMS_HOME /u01/app/oracle/product/12.2/db_1 WARNING => Oracle patch 33121934 is not applied on RDBMS_HOME /u01/app/oracle/product/12.2/db_1 WARNING => Oracle patch 31211220 is not applied on RDBMS_HOME /u01/app/oracle/product/12.2/db_1 INFO => Software maintenance best practices INFO => Oracle recovery manager(rman) best practices INFO => Database feature usage statistics for orcl12c WARNING => Consider investigating changes to the schema objects such as DDLs or new object creation for orcl12c WARNING => Consider investigating the frequency of SGA resize operations and take corrective action for orcl12c ------------------------------------------------------------ UPLOAD [if required] - /opt/oracle.ahf/data/vbgeneric/orachk/user_root/output/orachk_vbgeneric_orcl12c_022724_140315.zip [root@vbgeneric AHF_Installer]#
Thus, you can actually run the 24.1 orachk against even a 12.2 non-RAC (single instance) database.
23 February, 2024
A PDB as a Cluster Resource in RAC
In my previous post, I have demonstrated how a new service can be created for a Pluggable Database (PDB) in Oracle RAC.
Custom Services are configured as Resources. Thus, in that post, I have demonstrated the custom service "newservice" for the PDB "hemantpdb" being configured in the Cluster.
However, PDBs can also be configured and managed as resources. (see the reference in the Oracle Database Features documentation).
This is the current listing of resources in my 2-node 21c RAC Cluster :
[grid@node1 ~]$ crsctl status resource -t -------------------------------------------------------------------------------- Name Target State Server State details -------------------------------------------------------------------------------- Local Resources -------------------------------------------------------------------------------- ora.LISTENER.lsnr ONLINE ONLINE node1 STABLE ONLINE ONLINE node2 STABLE ora.chad ONLINE ONLINE node1 STABLE ONLINE ONLINE node2 STABLE ora.net1.network ONLINE ONLINE node1 STABLE ONLINE ONLINE node2 STABLE ora.ons ONLINE ONLINE node1 STABLE ONLINE ONLINE node2 STABLE -------------------------------------------------------------------------------- Cluster Resources -------------------------------------------------------------------------------- ora.ASMNET1LSNR_ASM.lsnr(ora.asmgroup) 1 ONLINE ONLINE node1 STABLE 2 ONLINE ONLINE node2 STABLE ora.DATA.dg(ora.asmgroup) 1 ONLINE ONLINE node1 STABLE 2 ONLINE ONLINE node2 STABLE ora.LISTENER_SCAN1.lsnr 1 ONLINE ONLINE node1 STABLE ora.LISTENER_SCAN2.lsnr 1 ONLINE ONLINE node1 STABLE ora.LISTENER_SCAN3.lsnr 1 ONLINE ONLINE node2 STABLE ora.RECO.dg(ora.asmgroup) 1 ONLINE ONLINE node1 STABLE 2 ONLINE ONLINE node2 STABLE ora.asm(ora.asmgroup) 1 ONLINE ONLINE node1 Started,STABLE 2 ONLINE ONLINE node2 Started,STABLE ora.asmnet1.asmnetwork(ora.asmgroup) 1 ONLINE ONLINE node1 STABLE 2 ONLINE ONLINE node2 STABLE ora.cdp1.cdp 1 ONLINE ONLINE node1 STABLE ora.cdp2.cdp 1 ONLINE ONLINE node1 STABLE ora.cdp3.cdp 1 ONLINE ONLINE node2 STABLE ora.cvu 1 ONLINE ONLINE node1 STABLE ora.db21crac.db 1 ONLINE ONLINE node2 Open,HOME=/u01/app/o racle/product/21.3.0 .0/dbhome_1,STABLE 2 ONLINE ONLINE node1 Open,HOME=/u01/app/o racle/product/21.3.0 .0/dbhome_1,STABLE ora.db21crac.hemantpdb.pdb 1 ONLINE ONLINE node1 STABLE 2 ONLINE ONLINE node2 STABLE ora.db21crac.newservice.svc 1 ONLINE ONLINE node1 STABLE ora.node1.vip 1 ONLINE ONLINE node1 STABLE ora.node2.vip 1 ONLINE ONLINE node2 STABLE ora.qosmserver 1 ONLINE ONLINE node1 STABLE ora.scan1.vip 1 ONLINE ONLINE node1 STABLE ora.scan2.vip 1 ONLINE ONLINE node1 STABLE ora.scan3.vip 1 ONLINE ONLINE node2 STABLE -------------------------------------------------------------------------------- [grid@node1 ~]$
Above, we can see
[oracle@node1 ~]$ sqlplus / as sysdba SQL*Plus: Release 21.0.0.0.0 - Production on Fri Feb 23 17:04:31 2024 Version 21.3.0.0.0 Copyright (c) 1982, 2021, Oracle. All rights reserved. Connected to: Oracle Database 21c Enterprise Edition Release 21.0.0.0.0 - Production Version 21.3.0.0.0 SQL> create pluggable database pdb2 admin user pdb2_admin identified by pdb2_admin; Pluggable database created. SQL> SQL> col name format a30 SQL> select name, open_mode from v$pdbs; NAME OPEN_MODE ------------------------------ ---------- PDB$SEED READ ONLY HEMANTPDB READ WRITE PDB2 MOUNTED SQL> [grid@node1 ~]$ crsctl status resource -t -------------------------------------------------------------------------------- Name Target State Server State details -------------------------------------------------------------------------------- Local Resources -------------------------------------------------------------------------------- ora.LISTENER.lsnr ONLINE ONLINE node1 STABLE ONLINE ONLINE node2 STABLE ora.chad ONLINE ONLINE node1 STABLE ONLINE ONLINE node2 STABLE ora.net1.network ONLINE ONLINE node1 STABLE ONLINE ONLINE node2 STABLE ora.ons ONLINE ONLINE node1 STABLE ONLINE ONLINE node2 STABLE -------------------------------------------------------------------------------- Cluster Resources -------------------------------------------------------------------------------- ora.ASMNET1LSNR_ASM.lsnr(ora.asmgroup) 1 ONLINE ONLINE node1 STABLE 2 ONLINE ONLINE node2 STABLE ora.DATA.dg(ora.asmgroup) 1 ONLINE ONLINE node1 STABLE 2 ONLINE ONLINE node2 STABLE ora.LISTENER_SCAN1.lsnr 1 ONLINE ONLINE node1 STABLE ora.LISTENER_SCAN2.lsnr 1 ONLINE ONLINE node1 STABLE ora.LISTENER_SCAN3.lsnr 1 ONLINE ONLINE node2 STABLE ora.RECO.dg(ora.asmgroup) 1 ONLINE ONLINE node1 STABLE 2 ONLINE ONLINE node2 STABLE ora.asm(ora.asmgroup) 1 ONLINE ONLINE node1 Started,STABLE 2 ONLINE ONLINE node2 Started,STABLE ora.asmnet1.asmnetwork(ora.asmgroup) 1 ONLINE ONLINE node1 STABLE 2 ONLINE ONLINE node2 STABLE ora.cdp1.cdp 1 ONLINE ONLINE node1 STABLE ora.cdp2.cdp 1 ONLINE ONLINE node1 STABLE ora.cdp3.cdp 1 ONLINE ONLINE node2 STABLE ora.cvu 1 ONLINE ONLINE node1 STABLE ora.db21crac.db 1 ONLINE ONLINE node2 Open,HOME=/u01/app/o racle/product/21.3.0 .0/dbhome_1,STABLE 2 ONLINE ONLINE node1 Open,HOME=/u01/app/o racle/product/21.3.0 .0/dbhome_1,STABLE ora.db21crac.hemantpdb.pdb 1 ONLINE ONLINE node1 STABLE 2 ONLINE ONLINE node2 STABLE ora.db21crac.newservice.svc 1 ONLINE ONLINE node1 STABLE ora.node1.vip 1 ONLINE ONLINE node1 STABLE ora.node2.vip 1 ONLINE ONLINE node2 STABLE ora.qosmserver 1 ONLINE ONLINE node1 STABLE ora.scan1.vip 1 ONLINE ONLINE node1 STABLE ora.scan2.vip 1 ONLINE ONLINE node1 STABLE ora.scan3.vip 1 ONLINE ONLINE node2 STABLE -------------------------------------------------------------------------------- [grid@node1 ~]$
The new PDB, "pdb2" has been created but not opened yet (it is still only in the MOUNT state). However, if I try to manually add it, I get an error message that CARDINALITY wasn't specified for the first PDB that had been manually created from the SQL command line but not registered via srvctl. However, I *can* add the new PDB without having to specify CARDINALITY and then verify the status in the Cluster :
[oracle@node1 ~]$ srvctl add pdb -db DB21CRAC -pdb PDB2 -cardinality ALL -startoption open PRCZ-4036 : failed to create pluggable database PDB2 with '-cardinality' option because this option was not specified for the previously created pluggable databases for database DB21CRAC [oracle@node1 ~]$ srvctl config pdb -db DB21CRAC Pluggable database name: HEMANTPDB Application Root PDB: Cardinality: %CRS_SERVER_POOL_SIZE% Maximum CPU count (whole CPUs): 0 Minimum CPU count unit (1/100 CPU count): 0 Management policy: MANUAL Rank value: 0 Start Option: open Stop Option: immediate [oracle@node1 ~]$ srvctl add pdb -db DB21CRAC -pdb PDB2 -startoption open [oracle@node1 ~]$ srvctl config pdb -db DB21CRAC Pluggable database name: HEMANTPDB Application Root PDB: Cardinality: %CRS_SERVER_POOL_SIZE% Maximum CPU count (whole CPUs): 0 Minimum CPU count unit (1/100 CPU count): 0 Management policy: MANUAL Rank value: 0 Start Option: open Stop Option: immediate Pluggable database name: PDB2 Application Root PDB: Cardinality: %CRS_SERVER_POOL_SIZE% Maximum CPU count (whole CPUs): 0 Minimum CPU count unit (1/100 CPU count): 0 Management policy: AUTOMATIC Rank value: 0 Start Option: open Stop Option: immediate [grid@node1 ~]$ crsctl status resource -t -------------------------------------------------------------------------------- Name Target State Server State details -------------------------------------------------------------------------------- Local Resources -------------------------------------------------------------------------------- ora.LISTENER.lsnr ONLINE ONLINE node1 STABLE ONLINE ONLINE node2 STABLE ora.chad ONLINE ONLINE node1 STABLE ONLINE ONLINE node2 STABLE ora.net1.network ONLINE ONLINE node1 STABLE ONLINE ONLINE node2 STABLE ora.ons ONLINE ONLINE node1 STABLE ONLINE ONLINE node2 STABLE -------------------------------------------------------------------------------- Cluster Resources -------------------------------------------------------------------------------- ora.ASMNET1LSNR_ASM.lsnr(ora.asmgroup) 1 ONLINE ONLINE node1 STABLE 2 ONLINE ONLINE node2 STABLE ora.DATA.dg(ora.asmgroup) 1 ONLINE ONLINE node1 STABLE 2 ONLINE ONLINE node2 STABLE ora.LISTENER_SCAN1.lsnr 1 ONLINE ONLINE node1 STABLE ora.LISTENER_SCAN2.lsnr 1 ONLINE ONLINE node1 STABLE ora.LISTENER_SCAN3.lsnr 1 ONLINE ONLINE node2 STABLE ora.RECO.dg(ora.asmgroup) 1 ONLINE ONLINE node1 STABLE 2 ONLINE ONLINE node2 STABLE ora.asm(ora.asmgroup) 1 ONLINE ONLINE node1 Started,STABLE 2 ONLINE ONLINE node2 Started,STABLE ora.asmnet1.asmnetwork(ora.asmgroup) 1 ONLINE ONLINE node1 STABLE 2 ONLINE ONLINE node2 STABLE ora.cdp1.cdp 1 ONLINE ONLINE node1 STABLE ora.cdp2.cdp 1 ONLINE ONLINE node1 STABLE ora.cdp3.cdp 1 ONLINE ONLINE node2 STABLE ora.cvu 1 ONLINE ONLINE node1 STABLE ora.db21crac.db 1 ONLINE ONLINE node2 Open,HOME=/u01/app/o racle/product/21.3.0 .0/dbhome_1,STABLE 2 ONLINE ONLINE node1 Open,HOME=/u01/app/o racle/product/21.3.0 .0/dbhome_1,STABLE ora.db21crac.hemantpdb.pdb 1 ONLINE ONLINE node1 STABLE 2 ONLINE ONLINE node2 STABLE ora.db21crac.newservice.svc 1 ONLINE ONLINE node1 STABLE ora.db21crac.pdb2.pdb 1 OFFLINE OFFLINE STABLE 2 OFFLINE OFFLINE STABLE ora.node1.vip 1 ONLINE ONLINE node1 STABLE ora.node2.vip 1 ONLINE ONLINE node2 STABLE ora.qosmserver 1 ONLINE ONLINE node1 STABLE ora.scan1.vip 1 ONLINE ONLINE node1 STABLE ora.scan2.vip 1 ONLINE ONLINE node1 STABLE ora.scan3.vip 1 ONLINE ONLINE node2 STABLE -------------------------------------------------------------------------------- [grid@node1 ~]$
If I then OPEN the new PDB on both instances, I can query the status again :
[oracle@node1 ~]$ sqlplus / as sysdba SQL*Plus: Release 21.0.0.0.0 - Production on Fri Feb 23 17:19:20 2024 Version 21.3.0.0.0 Copyright (c) 1982, 2021, Oracle. All rights reserved. Connected to: Oracle Database 21c Enterprise Edition Release 21.0.0.0.0 - Production Version 21.3.0.0.0 SQL> alter pluggable database pdb2 open; Pluggable database altered. SQL> [oracle@node2 ~]$ sqlplus / as sysdba SQL*Plus: Release 21.0.0.0.0 - Production on Fri Feb 23 17:19:36 2024 Version 21.3.0.0.0 Copyright (c) 1982, 2021, Oracle. All rights reserved. Connected to: Oracle Database 21c Enterprise Edition Release 21.0.0.0.0 - Production Version 21.3.0.0.0 SQL> alter pluggable database pdb2 open; Pluggable database altered. SQL> [grid@node1 ~]$ crsctl status resource ora.db21crac.pdb2.pdb NAME=ora.db21crac.pdb2.pdb TYPE=ora.pdb.type TARGET=ONLINE , ONLINE STATE=ONLINE on node1, ONLINE on node2 [grid@node1 ~]$ crsctl status resource -t -------------------------------------------------------------------------------- Name Target State Server State details -------------------------------------------------------------------------------- Local Resources -------------------------------------------------------------------------------- ora.LISTENER.lsnr ONLINE ONLINE node1 STABLE ONLINE ONLINE node2 STABLE ora.chad ONLINE ONLINE node1 STABLE ONLINE ONLINE node2 STABLE ora.net1.network ONLINE ONLINE node1 STABLE ONLINE ONLINE node2 STABLE ora.ons ONLINE ONLINE node1 STABLE ONLINE ONLINE node2 STABLE -------------------------------------------------------------------------------- Cluster Resources -------------------------------------------------------------------------------- ora.ASMNET1LSNR_ASM.lsnr(ora.asmgroup) 1 ONLINE ONLINE node1 STABLE 2 ONLINE ONLINE node2 STABLE ora.DATA.dg(ora.asmgroup) 1 ONLINE ONLINE node1 STABLE 2 ONLINE ONLINE node2 STABLE ora.LISTENER_SCAN1.lsnr 1 ONLINE ONLINE node1 STABLE ora.LISTENER_SCAN2.lsnr 1 ONLINE ONLINE node1 STABLE ora.LISTENER_SCAN3.lsnr 1 ONLINE ONLINE node2 STABLE ora.RECO.dg(ora.asmgroup) 1 ONLINE ONLINE node1 STABLE 2 ONLINE ONLINE node2 STABLE ora.asm(ora.asmgroup) 1 ONLINE ONLINE node1 Started,STABLE 2 ONLINE ONLINE node2 Started,STABLE ora.asmnet1.asmnetwork(ora.asmgroup) 1 ONLINE ONLINE node1 STABLE 2 ONLINE ONLINE node2 STABLE ora.cdp1.cdp 1 ONLINE ONLINE node1 STABLE ora.cdp2.cdp 1 ONLINE ONLINE node1 STABLE ora.cdp3.cdp 1 ONLINE ONLINE node2 STABLE ora.cvu 1 ONLINE ONLINE node1 STABLE ora.db21crac.db 1 ONLINE ONLINE node2 Open,HOME=/u01/app/o racle/product/21.3.0 .0/dbhome_1,STABLE 2 ONLINE ONLINE node1 Open,HOME=/u01/app/o racle/product/21.3.0 .0/dbhome_1,STABLE ora.db21crac.hemantpdb.pdb 1 ONLINE ONLINE node1 STABLE 2 ONLINE ONLINE node2 STABLE ora.db21crac.newservice.svc 1 ONLINE ONLINE node1 STABLE ora.db21crac.pdb2.pdb 1 ONLINE ONLINE node1 STABLE 2 ONLINE ONLINE node2 STABLE ora.node1.vip 1 ONLINE ONLINE node1 STABLE ora.node2.vip 1 ONLINE ONLINE node2 STABLE ora.qosmserver 1 ONLINE ONLINE node1 STABLE ora.scan1.vip 1 ONLINE ONLINE node1 STABLE ora.scan2.vip 1 ONLINE ONLINE node1 STABLE ora.scan3.vip 1 ONLINE ONLINE node2 STABLE -------------------------------------------------------------------------------- [grid@node1 ~]$
I can now add a custom service "pdb2service" for pdb2 to use DB21CRAC2 (instance 2, instead of instance 1) as preferred and with SESSION failover (and compare it with "newservice" for hemantpdb that I had added in the previous blogpost) :
[oracle@node1 ~]$ srvctl add service -db DB21CRAC -service pdb2service -preferred DB21CRAC2 -available DB21CRAC1 \ > -tafpolicy BASIC -failovertype SESSION -pdb PDB2 [oracle@node1 ~]$ srvctl status service -db DB21CRAC -service pdb2service Service pdb2service is not running. [oracle@node1 ~]$ srvctl config service -db DB21CRAC -service pdb2service Service name: pdb2service Server pool: Cardinality: 1 Service role: PRIMARY Management policy: AUTOMATIC DTP transaction: false AQ HA notifications: false Global: false Commit Outcome: false Reset State: NONE Failover type: SESSION Failover method: Failover retries: Failover delay: Failover restore: NONE Connection Load Balancing Goal: LONG Runtime Load Balancing Goal: NONE TAF policy specification: BASIC Edition: Pluggable database name: PDB2 Hub service: Maximum lag time: ANY SQL Translation Profile: Retention: 86400 seconds Failback : no Replay Initiation Time: 300 seconds Drain timeout: Stop option: Session State Consistency: DYNAMIC GSM Flags: 0 Service is enabled Preferred instances: DB21CRAC2 Available instances: DB21CRAC1 CSS critical: no [oracle@node1 ~]$ [oracle@node1 ~]$ srvctl config service -db DB21CRAC -service newservice Service name: newservice Server pool: Cardinality: 1 Service role: PRIMARY Management policy: AUTOMATIC DTP transaction: false AQ HA notifications: false Global: false Commit Outcome: false Reset State: NONE Failover type: SELECT Failover method: Failover retries: Failover delay: Failover restore: NONE Connection Load Balancing Goal: LONG Runtime Load Balancing Goal: NONE TAF policy specification: BASIC Edition: Pluggable database name: HEMANTPDB Hub service: Maximum lag time: ANY SQL Translation Profile: Retention: 86400 seconds Failback : no Replay Initiation Time: 300 seconds Drain timeout: Stop option: Session State Consistency: DYNAMIC GSM Flags: 0 Service is enabled Preferred instances: DB21CRAC1 Available instances: DB21CRAC2 CSS critical: no Service uses Java: false [oracle@node1 ~]$ [oracle@node1 ~]$ srvctl start service -db DB21CRAC -service pdb2service [oracle@node1 ~]$ srvctl config service -db DB21CRAC -service pdb2service Service name: pdb2service Server pool: Cardinality: 1 Service role: PRIMARY Management policy: AUTOMATIC DTP transaction: false AQ HA notifications: false Global: false Commit Outcome: false Reset State: NONE Failover type: SESSION Failover method: Failover retries: Failover delay: Failover restore: NONE Connection Load Balancing Goal: LONG Runtime Load Balancing Goal: NONE TAF policy specification: BASIC Edition: Pluggable database name: PDB2 Hub service: Maximum lag time: ANY SQL Translation Profile: Retention: 86400 seconds Failback : no Replay Initiation Time: 300 seconds Drain timeout: Stop option: Session State Consistency: DYNAMIC GSM Flags: 0 Service is enabled Preferred instances: DB21CRAC2 Available instances: DB21CRAC1 CSS critical: no Service uses Java: false [oracle@node1 ~]$ [oracle@node1 ~]$ srvctl status service -db DB21CRAC -service pdb2service Service pdb2service is running on instance(s) DB21CRAC2 [oracle@node1 ~]$ srvctl status service -db DB21CRAC -service newservice Service newservice is running on instance(s) DB21CRAC1 [oracle@node1 ~]$ [grid@node1 ~]$ crsctl status resource -t -------------------------------------------------------------------------------- Name Target State Server State details -------------------------------------------------------------------------------- Local Resources -------------------------------------------------------------------------------- ora.LISTENER.lsnr ONLINE ONLINE node1 STABLE ONLINE ONLINE node2 STABLE ora.chad ONLINE ONLINE node1 STABLE ONLINE ONLINE node2 STABLE ora.net1.network ONLINE ONLINE node1 STABLE ONLINE ONLINE node2 STABLE ora.ons ONLINE ONLINE node1 STABLE ONLINE ONLINE node2 STABLE -------------------------------------------------------------------------------- Cluster Resources -------------------------------------------------------------------------------- ora.ASMNET1LSNR_ASM.lsnr(ora.asmgroup) 1 ONLINE ONLINE node1 STABLE 2 ONLINE ONLINE node2 STABLE ora.DATA.dg(ora.asmgroup) 1 ONLINE ONLINE node1 STABLE 2 ONLINE ONLINE node2 STABLE ora.LISTENER_SCAN1.lsnr 1 ONLINE ONLINE node1 STABLE ora.LISTENER_SCAN2.lsnr 1 ONLINE ONLINE node1 STABLE ora.LISTENER_SCAN3.lsnr 1 ONLINE ONLINE node2 STABLE ora.RECO.dg(ora.asmgroup) 1 ONLINE ONLINE node1 STABLE 2 ONLINE ONLINE node2 STABLE ora.asm(ora.asmgroup) 1 ONLINE ONLINE node1 Started,STABLE 2 ONLINE ONLINE node2 Started,STABLE ora.asmnet1.asmnetwork(ora.asmgroup) 1 ONLINE ONLINE node1 STABLE 2 ONLINE ONLINE node2 STABLE ora.cdp1.cdp 1 ONLINE ONLINE node1 STABLE ora.cdp2.cdp 1 ONLINE ONLINE node1 STABLE ora.cdp3.cdp 1 ONLINE ONLINE node2 STABLE ora.cvu 1 ONLINE ONLINE node1 STABLE ora.db21crac.db 1 ONLINE ONLINE node2 Open,HOME=/u01/app/o racle/product/21.3.0 .0/dbhome_1,STABLE 2 ONLINE ONLINE node1 Open,HOME=/u01/app/o racle/product/21.3.0 .0/dbhome_1,STABLE ora.db21crac.hemantpdb.pdb 1 ONLINE ONLINE node1 STABLE 2 ONLINE ONLINE node2 STABLE ora.db21crac.newservice.svc 1 ONLINE ONLINE node1 STABLE ora.db21crac.pdb2.pdb 1 ONLINE ONLINE node1 STABLE 2 ONLINE ONLINE node2 STABLE ora.db21crac.pdb2service.svc 1 ONLINE ONLINE node2 STABLE ora.node1.vip 1 ONLINE ONLINE node1 STABLE ora.node2.vip 1 ONLINE ONLINE node2 STABLE ora.qosmserver 1 ONLINE ONLINE node1 STABLE ora.scan1.vip 1 ONLINE ONLINE node1 STABLE ora.scan2.vip 1 ONLINE ONLINE node1 STABLE ora.scan3.vip 1 ONLINE ONLINE node2 STABLE -------------------------------------------------------------------------------- [grid@node1 ~]$
So, I have two PDBs "hemantpdb" and "pdb2" and their corresponding services ("newservice" and "pdb2service") using alternate database instances as Preferred Instances. "hemantpdb"'s service "newservices" runs on node1 (database instance DB21CRAC1) and "pdb2"'s service "pdb2service" runs on node2 (database instance DB21CRAC2) while both PDBs are actually OPEN on both nodes.
13 February, 2024
Adding a PDB (and Service) to a RAC database -- service running on only 1 Instance
[oracle@node1 ~]$ srvctl status database -db DB21CRAC Instance DB21CRAC1 is running on node node1 Instance DB21CRAC2 is running on node node2 [oracle@node1 ~]$ [oracle@node1 ~]$ srvctl status service -d DB21CRAC -s hemantpdb PRKO-2017 : Service hemantpdb does not exist for database DB21CRAC. [oracle@node1 ~]$ srvctl status service -db DB21CRAC -service hemantpdb -pdb HEMANTPDB PRKO-2017 : Service hemantpdb does not exist for database DB21CRAC. [oracle@node1 ~]$ [grid@node1 ~]$ lsnrctl status LISTENER_SCAN1 LSNRCTL for Linux: Version 21.0.0.0.0 - Production on 13-FEB-2024 15:06:11 Copyright (c) 1991, 2021, Oracle. All rights reserved. Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=LISTENER_SCAN1))) STATUS of the LISTENER ------------------------ Alias LISTENER_SCAN1 Version TNSLSNR for Linux: Version 21.0.0.0.0 - Production Start Date 13-FEB-2024 14:51:13 Uptime 0 days 0 hr. 14 min. 57 sec Trace Level off Security ON: Local OS Authentication SNMP OFF Listener Parameter File /u01/app/21.3.0.0/grid/network/admin/listener.ora Listener Log File /u01/app/grid/diag/tnslsnr/node1/listener_scan1/alert/log.xml Listening Endpoints Summary... (DESCRIPTION=(ADDRESS=(PROTOCOL=ipc)(KEY=LISTENER_SCAN1))) (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.56.115)(PORT=1521))) Services Summary... Service "0f488ad896262f80e0636f38a8c0fc18" has 2 instance(s). Instance "DB21CRAC1", status READY, has 1 handler(s) for this service... Instance "DB21CRAC2", status READY, has 1 handler(s) for this service... Service "DB21CRAC" has 2 instance(s). Instance "DB21CRAC1", status READY, has 1 handler(s) for this service... Instance "DB21CRAC2", status READY, has 1 handler(s) for this service... Service "DB21CRACXDB" has 2 instance(s). Instance "DB21CRAC1", status READY, has 1 handler(s) for this service... Instance "DB21CRAC2", status READY, has 1 handler(s) for this service... Service "hemantpdb" has 2 instance(s). Instance "DB21CRAC1", status READY, has 1 handler(s) for this service... Instance "DB21CRAC2", status READY, has 1 handler(s) for this service... The command completed successfully [grid@node1 ~]$ [oracle@node1 ~]$SQL> select inst_id, name, network_name from gv$services order by 1; INST_ID NAME NETWORK_NAME ---------- ---------------- ---------------- 1 hemantpdb hemantpdb 1 DB21CRAC DB21CRAC 1 SYS$BACKGROUND 1 DB21CRACXDB DB21CRACXDB 1 SYS$USERS 2 hemantpdb hemantpdb 2 DB21CRAC DB21CRAC 2 SYS$BACKGROUND 2 DB21CRACXDB DB21CRACXDB 2 SYS$USERS 10 rows selected. SQL> SQL> select inst_id, con_id, name, open_mode from gv$pdbs order by 1,2; INST_ID CON_ID NAME OPEN_MODE ---------- ---------- ---------------- ---------- 1 2 PDB$SEED READ ONLY 1 3 HEMANTPDB READ WRITE 2 2 PDB$SEED READ ONLY 2 3 HEMANTPDB READ WRITE SQL>
Which means that I have created a custom PDB called "HEMANTPDB" and there is a default service called "hemantpdb" on each instance. However, this services is NOT listed when I check via srvctl.
[oracle@node1 ~]$ srvctl add service -db DB21CRAC -service newservice -preferred DB21CRAC1 -available DB21CRAC2 -tafpolicy BASIC -failovertype SELECT -pdb HEMANTPDB [oracle@node1 ~]$ [oracle@node1 ~]$ srvctl config service -db DB21CRAC -service newservice Service name: newservice Server pool: Cardinality: 1 Service role: PRIMARY Management policy: AUTOMATIC DTP transaction: false AQ HA notifications: false Global: false Commit Outcome: false Reset State: NONE Failover type: SELECT Failover method: Failover retries: Failover delay: Failover restore: NONE Connection Load Balancing Goal: LONG Runtime Load Balancing Goal: NONE TAF policy specification: BASIC Edition: Pluggable database name: HEMANTPDB Hub service: Maximum lag time: ANY SQL Translation Profile: Retention: 86400 seconds Failback : no Replay Initiation Time: 300 seconds Drain timeout: Stop option: Session State Consistency: DYNAMIC GSM Flags: 0 Service is enabled Preferred instances: DB21CRAC1 Available instances: DB21CRAC2 CSS critical: no [oracle@node1 ~]$ [oracle@node1 ~]$ srvctl start service -db DB21CRAC -service newservice [oracle@node1 ~]$ srvctl status service -db DB21CRAC -service newservice Service newservice is running on instance(s) DB21CRAC1 [oracle@node1 ~]$
[oracle@node1 ~]$ srvctl status service -db DB21CRAC -service newservice Service newservice is running on instance(s) DB21CRAC1 [oracle@node1 ~]$ ps -ef |grep smon oracle 2951 1 0 16:05 ? 00:00:00 ora_smon_DB21CRAC1 root 3521 1 1 14:50 ? 00:00:48 /u01/app/21.3.0.0/grid/bin/osysmond.bin grid 4068 1 0 14:50 ? 00:00:00 asm_smon_+ASM1 oracle 4146 25526 0 16:05 pts/0 00:00:00 grep --color=auto smon [oracle@node1 ~]$ kill -9 2951 [oracle@node1 ~]$ srvctl status service -db DB21CRAC -service newservice Service newservice is running on instance(s) DB21CRAC2 [oracle@node1 ~]$
In this case, connections using this service name ("newservice") will connect (failover) to the 2nd database instance running on node2 of the Cluster.