Frits Hoogland Weblog

Oracle is involved in the linux community for some time now. Until oracle XE, oracle distributed its software the normal way (for all unix likes in gzipped cpio archives). I’ve seen some software been distributed as rpm archive (redhat package manager), but now oracle also has distributed the oracle XE database as deb archive.

That is good news for debian lovers, but oracle has done even more: they have setup a debian repository, so you can download and install software using aptitude or apt-get!

How do we setup a connection to the oracle debian repository?

Goto /etc/apt/sources.list, and add the following lines:

# oracle
deb http://oss.oracle.com/debian unstable main non-free


Next, update the repository information on your debian machine:

frits@bedrock:~$ sudo apt-get update


Now we are able to install the following software from the oracle repository:
-libaio
-oracle xe client
-oracle xe
-oracle xe universal

Please note the installation process tells the packages are not (gpg) signed. It would be convenient if oracle adds an gpg key, so we can add this to the keyring.

Way to go oracle! I challenge oracle to release more software in the deb package format, and put it in the repository!

Another thing comes to mind: how about a yum repository for the oracle software also?

Before we can import any connectstrings to a place the clients are able to use, we need to setup an ‘OracleContext’. The can easily be done with the directory server manager of the Fedora Directory Server:
Goto the ‘directory’ tab in the directory server manager and add a common name (cn) with objectclass ‘orclContext’. This will be the place where the connectstring-objects will be imported. Write the distinguised name (full name of the object) down. In my case, it is ‘cn=OracleContext, dc=oracle, o=gsd.com”

For most things I do with LDAP servers, I feel comftable with LDAP Browser/Editor. (It uses java).

First, we have to export the connectstrings out of the OID. Using the LDAP browser, I can make selections of what I want to export. This is quite handy, because I just want to export the oracle connectstrings (and their child objects) , and not all the other stuff oracle puts in its OID. (like database security objects, DAS objects, Portal objects, etc.). Search for the first connectstring in the OracleContext of the OID, press shift (in the case of the LDAP browser), and select all the connectstrings. Next, choose ‘LDIF’, export and type the name of the export/ldif file. Also select ‘all children’.

The previous action has given us an ldif file of all the connectstrings in the OID. (ldif=Ldap Directory Interchange Format).

In my case, I wanted to change the position of the Oracle Context. If you keep the Oracle Context the same, skip this part. LDIF files have some properties which make text manipulation annoying, the maximum row length of a LDIF file is 77 characters, and if a row is a continuation of a previous row if it starts with a space. With only a few connectstrings, this can easy be adjusted, but in my case I wanted to transfer 366 connectstrings. If you need to do the same, here is what I have done:
Alter the location (only works if the “old” cn is not ’scattered’ at the end of the line, of course)


frits@bedrock:~/ldap$ cat export_from_oid.ldif | sed 's/dc=cmg/dc=oracle, o=gsd.com/' | fold -w 77 > name_changed.ldif


Problem here is that my new entry is longer than the old one. This could (and did) result in too long lines at some places. The ‘fold’ utility does break the line at the 77th position, but does NOT place a space on the next line. I could write a little script to do so, but thought it would be faster to alter these by hand. The next statements will check if the all the lines are valid, and will show the invalid lines (which then can be easily corrected in vi):


frits@bedrock:~/ldap$ cat name_changed.ldif | egrep -v '\w:' | egrep -v '^$' | egrep -v '^\ .*'


Next step is to import the ldif file into our Fedora Directory Server:


frits@bedrock:~/ldap$ ldapadd -x -c -D "cn=Directory Manager" -w -h ldaphost

Apparently, it seems we have to import at least twice, to get all the children which belong to the directory objects imported. (I’ve checked it by going to the last connectstring (the order in LDAP browser is the same as the order in the ldif file) and expanded it, and see if we got ‘cn=‘,’cn=DESCRIPTION_0′,’cn=ADDRESS_LIST_0′ and ‘cn=ADDRESS_0′). My guess is this is because the hierarchical order is not always obeyed in the ldif file (which could result to a non-existent parent for an object, which means it is not imported).

Now we have the connectstrings imported, we must configure the clients to use it. There are two files responsible for letting a client use ldap:

SQLNET.ORA
This file sets the names-resolution method used. This is my line:

NAMES.DIRECTORY_PATH=(LDAP,TNSNAMES)


LDAP.ORA
This file sets the ldap properties. This is the content of my ldap.ora:

DEFAULT_ADMIN_CONTEXT = "dc=oracle, o=gsd.com"
DIRECTORY_SERVERS = (ldapserver:389:636)
DIRECTORY_SERVER_TYPE = OID


Next, try ‘tnsping’ with a connectstring, and see how charming!

First thing which comes to mind: why would we want that? Well, that is quite obvious to me:
-Fedora Directory Server (formerly netscape directory server) is open sourced since version 1.0.0 (currently at version 1.0.2)
-Fedora Directory Server (or: its predecessor, the Netscape Directory Server) is proven to be stable in various environments
-Because Fedora Directory Server is open source, there is no license fee
-It doesn’t use a schema in an oracle database
-It doesn’t use a daemon of which the working is not very well documented and kind of cryptic (this applies at least to the version of the ldap daemon which comes with oracle 9)

The next thing is getting the Fedora Directory Server on debian/sarge (we use debian for no-cost linux and redhat for linux with has a support contract). The Fedora Directory Server project has a nice wiki which describes how to do this: Fedora DS on ubuntu and sarge

At this stage, we have a working directory server, now we have to insert the oracle specific ldap objects (attributes and objects) in the directory server. Luckily, this has been described for openldap: Using OpenLDAP for Oracle TNS Resolution
This link does describe the way to do it in version 9 (I think it’s version 9.2.0.1 or 9.0.x, it didn’t apply entirely to version 9.2.0.4). I also must be honest and say I used the techniques on this paper.

What must we do for oracle version 10.2.0.1?

-get the files for creating the ‘base’,'net’ and ‘rdbms’ objects:

frits@bedrock:~$ mkdir ldap
frits@bedrock:~$ cd ldap
frits@bedrock:~/ldap$ cp $ORACLE_HOME/ldap/schema/oid/oidSchemaCreateBase.sbs .
frits@bedrock:~/ldap$ cp $ORACLE_HOME/ldap/schema/oid/oidSchemaCreateNet.sbs .
frits@bedrock:~/ldap$ cp $ORACLE_HOME/ldap/schema/oid/oidSchemaCreateRDBMS.sbs .


-convert the files to a format that the Fedora Directory Server understands:


frits@bedrock:~/ldap$ cat oidSchemaCreateBase.sbs | grep -i attributetypes | egrep -v '^add' > base.ldif
frits@bedrock:~/ldap$ cat oidSchemaCreateBase.sbs | grep -i objectclasses | egrep -v '^add' | egrep -v '^#' >> base.ldif
frits@bedrock:~/ldap$ cat oidSchemaCreateNet.sbs | grep -i attributetypes | egrep -v '^add' > net.ldif
frits@bedrock:~/ldap$ cat oidSchemaCreateNet.sbs | grep -i objectclasses | egrep -v '^add' | egrep -v '^#' >> net.ldif
frits@bedrock:~/ldap$ cat oidSchemaCreateRDBMS.sbs | grep -i attributetypes | egrep -v '^add' > rdbms.ldif
frits@bedrock:~/ldap$ cat oidSchemaCreateRDBMS.sbs | grep -i objectclasses | egrep -v '^add' | egrep -v '^#' >> rdbms.ldif


-make one (easy) file of it:


frits@bedrock:~/ldap $ cat base.ldif net.ldif rdbms.ldif > oracle.ldif


-transfer the oracle.ldif file to the ’schema’ directory of the Fedora Directory Server and make it read to get used by the server:


# cd /opt/fedora-ds/slapd-ldapserver/config/schema
/opt/fedora-ds/slapd-server/config/schema #scp frits@bedrock:~/ldap/oracle.ldif .
/opt/fedora-ds/slapd-server/config/schema #echo "dn: cn=schema" >71oracle.ldif
/opt/fedora-ds/slapd-server/config/schema #cat oracle.ldif >> 71oracle.ldif
/opt/fedora-ds/slapd-server/config/schema #rm oracle.ldif


-start the Fedora Directory Server

(/opt/fedora-ds/slapd-server/start-slapd does that, the management console gets started using /opt/fedora-ds/start-admin), and see (using /opt/fedora-ds/startconsole) if the oracle objects are existent (both the object classes and attributes are prefixed by ‘orcl’) in the console.

This can be seen in the managent console by choosing the directory server in the server group, open it, and choose the tab configuration and select/open the “schema” folder.

First of all I would like to introduce Xen, in case you haven’t heard of: Link to Xen homepage
In essence, Xen is a way of virtualizing the hardware for the operating system. Xen doesn’t do this like WMWare GSX and Microsoft virtual PC. Those products emulate the hardware, which means that resources (like CPU, Memory, disk, network) inside a virtual machine are operating system processes instead of the real hardware. This enlarges the codepath (the number of machine code instructions to get something done) so tremendously that a slowdown is noticeable when processes running in such a virtual machine and get resource intensive. Xen lets the virtual machines use the hardware as good as directly, using what is called a ‘hypervisor’, eg. a program which schedules the access to hardware resources.

I’ve used Xen 3.0.0 and installed it in a ubuntu ‘breezy’ install. I am using LVM, because it is the most easy way to use partitions for the virtual machines. The administration or ‘Domain-0′ virtual machine starts the ubuntu installation. It appears to work nice and speedy in 128M (!). All other virtual machines are called ‘Domain-U’ machines, user domains. The first virtual machine I made is an ubuntu install using debootstrap which does DNS and DHCP. Without X, it runs happy in just 64M. (debootstrap is a tool to do an installation of in a directory, instead of on a filesystem)

For the oracle domain-U’s I wanted to use RHEL4. Because RHEL4 is not freely available, I’ve used centos. This seemed troublesome, because RHEL/Centos is not installable using debootstrap. Luckily, there is a tool which can do the same, but uses the centos repositories: rpmstrap. I’ve used version 0.5.1, which I needed to modify because the rpm’s in the centos depository had been updated. There is a newer version on the rpmstrap website.

Starting the virtual machine first did not succeed, due to udev. This was easily resolved by making two devices in /dev: null and console. Before I started installation, I’ve made a backup logical volume, and copied the freshly installed operating system to it.

First test is: the installation of oracle 9.2.0.4. Because we are (except for the kernel; which is 2.6.12.6-xenU) as good as the same as RHEL4, we need to fulfill the requirements for running 9.2.0.4 on RHEL4. I’ve used werner puschitz’s page.

As for now, I’ve just done an installation (using the installer, which means also relinking of the executables) and the creation of a database. I didn’t encounter any single issue.

Second test is: the installation of oracle 10.2.0.1. I copied the operating system from the backup logical volume to the logical volume my 10.2.0.1 installation is going to use, and started it. This process involves editting the configuration file of the new domain-U (set new hostname ‘oracle102′, pointing the configuration file to the new logical volume and specify a unique MAC address for the virtual LAN interface) which takes about three minutes (how’s that for an install!). Next I followed the guide on werner puschitz’s page again, which also went seamless and easy. I did the same, so it all relinked fine and created a database with all options set default (it did work with memory set to 128M, but not that speedy