Search

OakieTags

Who's online

There are currently 0 users and 25 guests online.

Recent comments

Oakies Blog Aggregator

Server Problems : Any ideas?

I’m pretty sure last night’s problem was caused by a disk failure in the RAID array. The system is working now, but it might go down sometime today to get the disk replaced. Hopefully they won’t do what they did last time and wipe the bloody lot! </p />
</p></div>

    	  	<div class=

OTN Yathra– scenes from Bangalore and Hyderbad

It’s sad that I could not capture in pictures the amazing sights and sounds from both inside the conference and outside in the streets of these amazing places.

I was too busy just absorbing it myself and neglected to take enough pictures Sad smile

But again, a truly wonderful couple of days.

Please be patient!

angry-1300616_640It’s extremely nice to have a big audience. It’s very flattering that people care enough about what I say to be bothered to read it. The problem with having a large audience is people can get a very demanding at times. </p />
</p></div>

    	  	<div class=

EM13c Proxy Setup, MOS and CSI Setup

The change in EM13c, is that it support multiple proxies, but you may still not know how to set up a proxy and then use it with your MOS credentials and then assign out your CSI’s to targets.

scratcheshead

Proxies

To do this, click on Settings, Proxy Settings, My Oracle Support.  Click on Manual Proxy Setting and then type in your proxy host entry, (sans the HTTPS, that’s already provided for you) and the port to be used:

proxy1http://i2.wp.com/dbakevlar.com/wp-content/uploads/2016/04/proxy1.png?res... 300w, http://i2.wp.com/dbakevlar.com/wp-content/uploads/2016/04/proxy1.png?res... 768w, http://i2.wp.com/dbakevlar.com/wp-content/uploads/2016/04/proxy1.png?w=1206 1206w" sizes="(max-width: 478px) 100vw, 478px" data-recalc-dims="1" />

Once entered, click on Test and if successful, then click on Apply.  If it fails, make sure to check the settings with your network administrator and test the new ones offered.  Once you have a proxy that works, you’ll receive the following message:

proxy2http://i0.wp.com/dbakevlar.com/wp-content/uploads/2016/04/proxy2.png?res... 300w, http://i0.wp.com/dbakevlar.com/wp-content/uploads/2016/04/proxy2.png?res... 768w, http://i0.wp.com/dbakevlar.com/wp-content/uploads/2016/04/proxy2.png?w=1104 1104w" sizes="(max-width: 485px) 100vw, 485px" data-recalc-dims="1" />

My Oracle Support Credentials

Next, you’ll need to submit your MOS credentials to be used with the EM environment.  Keep in mind, the credentials used for this account, (let’s say you’re logged in as SYSMAN)  will be identified with this EM login unless updated or removed.

Click on Settings, My Oracle Support, My Credentials.  Enter the credentials to be used with this login and click Apply.

proxy3http://i2.wp.com/dbakevlar.com/wp-content/uploads/2016/04/proxy3.png?res... 300w, http://i2.wp.com/dbakevlar.com/wp-content/uploads/2016/04/proxy3.png?res... 768w" sizes="(max-width: 477px) 100vw, 477px" data-recalc-dims="1" />

You’ve now configured MOS credentials to work with the main features of EM13c.

Support Identifier Assignment

Under the same location as the one you set up your MOS credentials, you’ll notice the following drop down:  Support Identifier Assignment.

This option allows you to verify and assign CSI’s to the targets in Oracle Enterprise Manager.  Its a nice inventory features in EM that can save you time as you work with MOS and SR support, too.

proxy4http://i2.wp.com/dbakevlar.com/wp-content/uploads/2016/04/proxy4-1.png?r... 300w, http://i2.wp.com/dbakevlar.com/wp-content/uploads/2016/04/proxy4-1.png?r... 768w" sizes="(max-width: 497px) 100vw, 497px" data-recalc-dims="1" />

As you can see from my setup above, I only have a few targets in this EM environment and I was able to do a search of the CSI that is connected to my MOS credentials and then assign it to each of these targets, (whited out.)  If you have more than one CSI, you can assign the appropriate one to the targets that the targets belong to after searching for the target names or by target types you wish to locate.

And that’s the 101 on Proxy, MOS and CSI Setup in EM13c!

 



Tags:  , , , ,


Del.icio.us



Facebook

TweetThis

Digg

StumbleUpon




Copyright © DBA Kevlar [EM13c Proxy Setup, MOS and CSI Setup], All Right Reserved. 2016.

Evolution of Masking Vendors

Screen Shot 2016-04-22 at 12.47.52 PM

Masking with Delphix (where duplicate blocks are shared making a new copy almost free storage wise and almost instantaneous) has 4 big advantages

  1. Instant data, no copying
  2. Ease of Use
  3. Consistent across data centers and databases vendors
  4. Master/Slave

Virtual Data Masking

Delphix masking and virtualization is the most advanced solution in the market place, because Delphix doesn’t provision data. Instead of provisioning data, Delphix sets up pointers back to existing data for a new clone. When that new clone tries to modify data, the existing data stays unchanged, and the changed data is stored elsewhere and only visible to the clone that made the change. This allows Delphix to mask once and provision many masked copies in minutes for almost no storage.

  • Some tools requires to subset data. Imagine writing code to subset data from a medium size (5000 objects) custom database, and maintain it.
  • Some tools requires 1.5X disk in the target, because it creates temp tables to copy and mask data.
  • Whereas, Delphix masks in memory, no need for disk, and virtualizes the data.

Screen-Shot-2016-03-07-at-5.17.21-PM

Ease of use saves money

Largest cost in data masking is the personnel to develop and maintain masking code.

Most tools require significant programming skills and dedicated administrators.

  • DELPHIX:
    • Users with no programming background can use the product in 4 hours.
    • Web based interface with profiling integrated to masking: You can profile and start masking in minutes without any programming knowledge.

Mask data consistently

Delphix masks data consistently across different type of data sources, across different data centers automatically

Some tools either masked different data sources differently breaking referential integrity or they require the user to manually maintain relationships across all attributes and across all data sources using the ‘Translation Matrix’.  Other tools based on specific databases require the user to import data into that proprietary database in order to mask it and then the data needs to be copied back out of the proprietary database into the location it is used.

  • DELPHIX:
    • The module which identifies sensitive data (Profiler), also assigns the masking algorithms, so no need to manually define relationships.
    • Delphix masking algorithms are deterministic, so based on the input we create a consistent output, regardless of the data source
    • Delphix architecture separates transformation from a data source

Master/Slave configuration

Delphix provides a central interface to configure/manage users, metadata and algorithms, and execute masking in a consistent and distributed manner for each department, entity, or data center. Without this, each entity would have masked data differently, and aggregation of data would be useless.

Screen Shot 2016-03-07 at 5.21.34 PM

Next Steps

Pete Finnigan recently did a paper reviewing of Delphix and data masking where he points out some of the challenges to masking and solutions.

Pete goes into ways of securing the source database such that the cloned copy benefits from the security in the source. Pete also shares some of the top reasons he has heard at customer sites for why people don’t mask even though they want to.

The top 5 reasons people don’t mask when they should

  1. Fear of not locating all data to mask
  2. Referential integrity
  3. Data distribution
  4. Testing may not be valid with masked data
  5. Time, cost and skills needed

Pete has done a second paper on specifically how to secure data in non production areas. We will be publishing this paper soon.

Pete’s first paper with Delphix on masking is available here.

 

DDL logging

I was presenting at the UKOUG event in Manchester on Thursday last week (21st April 2016), and one of the sessions I attended was Carl Dudley’s presentation of some New Features in 12c. The one that caught my eye in particular was “DDL Logging” because it’s a feature that has come up fairly frequently in the past on OTN and other Oracle forums.

So today I decided to write a brief note about DDL Logging – and did a quick search of my blog to see if I had mentioned it before: and I found this note that I wrote in January last year but never got around to publishing – DDL Logging is convenient, but doesn’t do the one thing that I really want it to do:

DDL Logging – 12c

One of the little new features that should be most welcome in 12c is the ability to capture all DDL executed against the database. All it takes is a simple command (if you haven’t set the relevant parameter in the parameter file):

alter system set enable_ddl_logging = true;

All subsequent DDL will be logged to two different places (in two formats)

  • $ORACLE_BASE/diag/rdbms/{database}/{instance}/log/ddl/log.xml
  • $ORACLE_BASE/diag/rdbms/{database}/{instance}/log/ddl_{instance}.log

Unfortunately the one thing I really wanted to see doesn’t appear – probably because it doesn’t really count as DDL –  it’s the implicit DDL due to inserting into not-yet-existing partitions of an interval partitioned table.

Note: If you’re using a container database with pluggable databases then the DDL for all the pluggable databases goes into the same log file.

Update – Licensing

The following text in the Oracle 12c Database Licensing document has just been brought to my attention:

Licensed Parameters
The init.ora parameter ENABLE_DDL_LOGGING is licensed as part of the Database Lifecycle Management Pack when set to TRUE. When set to TRUE, the database reports schema changes in real time into the database alert log under the message group schema_ddl. The default setting is FALSE.

The licensing document is also linked to from the 12c online html page for the parameter.

The 11g parameter definition makes no mention of licensing, and the 11g “New Features” manual don’t mention the feature at all, but the parameter does get a special mention in the 11g licensing document where it is described as being part of the Change Management Pack.

init.ora Parameters
The use of the following init.ora parameter is licensed under Oracle Change Management Pack:
■ ENABLE_DDL_LOGGING: when set to TRUE (default: FALSE)

 

OTN Yathra Chennai

Rather than try to convey in words the first couple of days in India, I thought I’d share some of the images from the first days here in India, covering the Chennai conference. Enjoy

 

Video : Flashback Version Query

Today’s video gives a quick run through of flashback version query.

If you prefer to read articles, rather than watch videos, you might be interested in these.

The star of today’s video is Tanel Poder. I was filming some other people, he saw something was going on, came across and struck a pose. I figured he knew what I was doing, but it’s pretty obvious from the outtake at the end of the video he was blissfully unaware, but wanted in on the action whatever it was! A true star! </p />
</p></div>

    	  	<div class=

Delphix replication and push button cloud migration

Someone just asked on the Delphix Forums whether they could test Delphix replication with the free version of Delphix called Delphix Express.

I’d never tried, so I sat down to try and was amazed at how easy it was.

One of the coolest things about Delphix replication is that it makes it super easy to migrate to the cloud and also to fall back to in house if need be.  For cloud migration, I just set up a Delphix engine in house and one in a cloud, for example Amazon EC2. Then I just give the in house engine the  credentials to replicate to the engine in the cloud. The replication can been compressed and encrypted. The replication is active/active so I can use either or both engines.  (stay tuned for a Delphix Express .ami file that we plan to release. Currently Delphix enterprise is supplied as an ami for AWS/EC2 but not Delphix Express though you could use the .ova to set up Delphix Express in AWS/EC2)

Setup

I created two Delphix Express installations.

On one engine, the source engine, (http://172.16.103.16/)  I linked to an Oracle 11.1.0.7 database on Solaris Sparc called “yesky”.

On that same engine I went to the menu “system” and chose “replication”

Screen Shot 2016-04-22 at 12.28.25 PM

 

That brought me to the configuration page

Screen Shot 2016-04-22 at 12.22.46 PM

where I filled out

  1. Replica Profile name – any name
  2. Description – any description
  3. Target Engine – in my case I used the IP address of the engine to receive the replicaiton
  4. User Name – login name to the target engine
  5. Password – password for the login to the target engine
  6. Enabled – check this to make replication run automatically on a schedule
  7. Every – set the schedule to every 15 minutes for my test

Then I clicked “Create Profile” in the bottom right.

And within a few minutes the replicated version was available on my replication target engine (172.16.100.92). On the target I choose from the Databases pulldown menu “DelphixExpress” and there is my “yesky” source replicated from my source Delphix Express engine.

Screen Shot 2016-04-22 at 12.20.56 PM

 

Now I have two Delphix engines where engine 1 is replicating to engine 2. Both engines are active active so I can use the second engine for other work and/or actually cloning the Oracle datasource replicated from engine 1 (“yesky”).

Next Steps

Try it out  yourself with our free version of Delphix called Delphix Express.

 

Pictures from the good ol’ days

My friends from childhood will know my dad. He was likely their high school principal (he was mine too) in a very small town (of about 2500 people on a good day). Those who knew our school may have seen the inside of his office; some were there because they stopped in for a nice visit, others were directed there by upset teachers. In either case, seeing the wall in his office was somewhat overwhelming. At peak, he had 70+ 8×10 photos framed and hanging on his wall. The pictures were of various sports teams and graduating classes from his tenure as principal.

I found those pictures in some old boxes recently. Almost 100% of them were taken by one of our high school math teachers, Jim Mikeworth, who was also a local photographer. Mr. Mike said he was fine with me posting the pictures, so I scanned all of them in and posted them online. If you have a facebook account, you may have already seen them, but if not, they are still accessible without a facebook account. You can find the pictures at https://www.facebook.com/franknorriswall. I hope you enjoy them!

My dad died almost 20 years ago and arguably was one of the most loved men in the history of Villa Grove. He would love for everyone to enjoy this shrine to his office wall of pictures–he was very proud of all the kids that passed through VGHS during his time there (1978-1993, I think).