SlideShare une entreprise Scribd logo

Tips & Tricks for Oracle PaaS Admins

Simon Haslam
Simon Haslam

Now in its 3rd edition - this version was presented with Bruno Neves Alves at UKOUG Tech18 in Liverpool in December 2018.

Technologie
1  sur  34
Télécharger pour lire hors ligne
Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIPS & TRICKS FOR ORACLE PAAS ADMINS Simon Haslam Bruno Neves Alves 1 3rd Edition
Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential INSPIRATION FOR THIS PRESENTATION I have a note where I keep “tips & tricks” I find as I work… – This is my current list but is work in progress (I haven’t done everything possible in PaaS ☺ ) – Some are opinions, mainly with an Ops/Admin focus – YMMV! – I have perfectionist tendencies (but am in therapy!) and want to improve each batch of environments I provision – Oracle Cloud changes all the time (monthly releases) – in future they may change/become irrelevant – Oracle Managed / Autonomous services are making these tips less relevant – Even if you are not using services like SOA CS or JCS today hopefully they may be a useful reference for later 3rd Edition
Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential DIFFERENT TYPES OF PAAS, WITH EXAMPLES Software as a Service Infrastructure as a Service Autonomous Oracle Integration Cloud Oracle Integration Cloud Oracle Managed, Minimal customer config. Oracle Managed, Moderate customer config. Oracle SOA CloudCustomer Managed, Advanced customer config. Autonomous Transaction Processing Oracle & Auto Managed, Minimal customer config. Database Cloud Service / DBaaS Oracle Java Cloud Autonomous Oracle DIPC Oracle DIPC high level low level
Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential 5 • Planning: Setup and Identity • Networking, VPN & Misc • Operation: SSH and internal access
Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 1: KNOW WHETHER YOU WANT OCI OR CLASSIC 6 Sounds obvious but… • The noise around Oracle Cloud Infrastructure is deafening! • State of transition (18Q4) – many PaaS services are now provisioning via PSM on OCI but Classic is still available. • Very little ‘new’ PaaS yet on OCI (database & load balancers) NB: there is no migration between OCI Classic and OCI – think of them as completely different clouds Both use IDCS PSM Generally use OCI if you can but, if you are in a hurry and it’s not a “forever” platform, you might be better with Classic currently OCI Classic aka OPC Mature, around for 3-4 years Simpler, lower tech Blogs, discussions & docs mostly about this Legacy but not EOL OCI aka Next Gen IaaS New, around for ~2 years More sophisticated, esp. DR, better meets enterprise needs New services & autonomous are OCI Info harder to find, e.g. PaaS+OCI Strategic C L A S S I C Shiny!
Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 2: KNOW YOUR OCI(C) REGIONS • *com- ones are Classic: – eucom-* – gbcom-* – uscom-* • <country>- ones are OCI: – eu-frankfurt-1 – uk-london-1 – us-ashburn-1 – us-phoenix-1 7 If you have an account created before ~Oct 2017 you may not have any OCI regions in the list C L A S S I C For PaaS this list is determined by your home region (set during provisioning) Govt regions are separate (2 in US, 1 in EMEA)
Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 3: PRACTICE ON A TRIAL ACCOUNT 8 • There’s a lot to learn: – User management – How consoles look, what names/naming conventions fit – Auto-generated names – ( You usually have one identity domain for both live and test: how will you manage instances for your organisation? – You will probably end up with things in the wrong place – usually it’s easier/quicker to start fresh – more likely to delete stuff in trial account especially if your org. has multiple admins – Makes you less nervous about creating stuff that might cost $$$! • Downside: trial accounts get burnt up - can be hard to get new ones C L A S S I C
Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 4: CHOOSE YOUR DOMAIN NAME CAREFULLY 9 • Name is used a lot in URLs and references – Since IDCS + PaaS name is in log-in URL too, e.g. https://myservices-eproseeduk.console.oraclecloud.com • You may or may not get to choose – Depends on how cloud was purchased and type – may get choice or maybe just a123456 – Oracle added feature to rename but that is superficial • Domains can’t be re-used later AFAIK so think about it carefully especially if you are a multi-national – E.g. I created “eproseeduk” in case we want to use “eproseed” globally – Are there annoying domain squatters out there…? • This is probably vanity/perfectionism led! Most corporates may be happy with a123456 ☺ C L A S S I C
Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 5: BE AWARE THERE ARE 2 IDENTITY DOMAIN TERMS • Prior to IDCS, now called “traditional” ID, there was one “Identity Domain” – a short name you chose, like mycompany, or, – for a phase Oracle allocated it, e.g. a1234567 • With IDCS (any cloud account provisioned since ~Oct 2017) you have a second “Identity Domain” or “Identity Service ID” (terms used interchangeably) – Generated: idcs-******* (32 hex digits) 10 C L A S S I C For API calls know which one you need: it’s usually the idcs-* one but docs may be out of date
Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 6: BE MINDFUL OF OVERLAPPING IDENTITY PROVIDERS It’s possible to get to funny situations where initial user/password has been provisioned in two places and password only changed in one 11 Traditional IDM Pre-Oct 2017 Post-Oct 2017 OCI Identity Federated ID IDCS Classic Identity Only ID store Most users are here (or federated, e.g. to AD)
Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 7: CREATE A PROVISIONING USER • The username of user who creates instances & other artefacts ends up in URIs. Default usernames are email addresses. • Create a provisioning user – make sure it is only used by scripts, and not for administration functions • Create the provisioning user as a name, not an email address – I like something short, typically just the organisation name • This concept is valid for: – IDCS-backed PaaS on Classic since you might be using PSM scripts – OCI provisioning which need an API key defined for the user in the OCI identity domain 12 C L A S S I C
Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 8: CREATE A STORAGE USER • The domain name is in the storage container name BUT the storage user is what the PaaS instances use for backup/restore. • Oracle Cloud user passwords expire after ~4 months – you can’t prevent this – If you let them expire your backups will break – If your database backups break you start using more Recovery Area – If your Recovery Area fills up the database archiver can’t archive the redo log – If the archiver can’t archive the redo log the db can’t do a log switch – BANG! • Oracle Cloud “password change dance” was possible last year – not sure about now • Create a separate storage user to limit the scope of a password change 13 Practise change of Oracle Cloud storage user password before user expiry!!!
Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 8 (CONTINUED) STORAGE USER’S REQUIRED PERMISSIONS • Needs to have: (not just ReadWriteGroup – console allows that… then fails later) 14
Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 9: CREATE A STORAGE CONTAINER PER INSTANCE • When you create service instances that are fully managed by Oracle Cloud (i.e. not Virtual Image service types) you need to supply Storage Cloud container • It’s tempting to have one big bucket but don’t… – remember in the future you may have 20 instances but want to delete one including its backups – a storage container makes this much easier to track • You now have an option in console and REST API to create a new container at provisioning time – I’m not really sure why this isn’t the default – Not yet the case on OCI – you need to create object containers first 15 C L A S S I C
Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 10: CHOOSE YOUR TIMING FOR PROVISIONING • OOW introduces a lot of change (2017 after, 2018 before & after) – if not bugs then maybe new ways to do things • Monthly release cycle • Put provisioning jobs onto a Build Server & run weekly to minimise surprises 16
Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential 17 • Planning: Setup and Identity • Networking, VPN & Misc • Operation: SSH and internal access
Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 11: USE AUTONOMOUS / ORACLE MANAGED • If available & suitable use Autonomous / Oracle Managed – Positive experience so far (July-) with API Platform, though primarily it’s the Gateway that is critical (and that’s on our own infra) – Doesn’t necessarily mean service level is better, but it’s someone else’s problem! • This is the “direction of travel”, e.g. look at pricing for Integration Cloud • Time will tell, especially for early adopters 18
Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 12: APIP OAUTH DEBUGGING When troubleshooting APIs that you have configured in Oracle API Platform cloud service you can use the following tools: • Oracle API Platform Cloud Service Analytics: shows the type of error • jwt.io debugger: tool lets you inspect OAuth tokens generated by a provider • Change Oracle API Platform logging policies so you can you log the content of objects 19 See Lonneke Dikman’s (eProseed NL) blog post at: http://blog.vennster.nl/2017/12/troubleshooting-oracle-api-platform.html
Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 13: BUILD YOURSELF A STOP/START SCHEDULER • Often we size non-prod environments now based on part-time usage, e.g. 9 hours, weekday • There’s no feature in Oracle Cloud Platform to allow you to simply set up a timetable •  Create a simple scheduler to do that – e.g. crontab plus PSM work OK on an IaaS VM or DevCS 20
Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 14: USE IP NETWORKS • “IP Networks” on Oracle Cloud Infrastructure Classic allow you to choose your own network numbering, and VMs to talk directly to one another • “Shared Network” is the original network where every VM is allocated to a 4-IP subnet… adds all sorts of complexity • Going forward: IP Networks will dominate: – No migration path – you have to re-provision – If you have any choice then set up IP Networks from the start! 21 This relates to Classic – for OCI you will have to use VCNs anyway C L A S S I C
Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 15: WATCH OUT FOR IP RESERVATIONS ON IP NETWORKS • Was no method to reserve internal IPs (not public IPs) – depended on VM start-up order • Critical if you have op-prem firewall rules to specific cloud IP Network addresses • This was an Enhancement Request but according to recent SR you can now specify IP reservation at time of provisioning… needs verification though 22 C L A S S I C
Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 16: NO OVERLAPPING NETWORKS ON VPNAAS Example: i.e. not how you’d expect with normal routing VCN/IP network planning – liaise with all your network teams to choose global network 23 On-premises 10.5.0.0/16 IP Network 10.5.1.0/8 IP Network 10.6.1.0/8 VPNaaS tunnel VPNaaS tunnel ✓
Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential 24 • Planning: Setup and Identity • Networking, VPN & Misc • Operation: SSH and internal access
Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 17: CREATE SSH USERS FOR VM ADMINS • Have centralised, secret OPC SSH key-pairs – Don’t be lazy… I typically have one for each env type (prod, acceptance, test, etc) – You may choose to have a super-user keypair per instance (if you are fully scripted and have good key) • Don’t give out the OPC private key for admin use – if admins need to access the VMs create local accounts for them • You probably should re-generate your opc keypair periodically • Medium term – I’d like to authenticate against LDAP or IDCS 25 RELATED Cloud Ops/Admins should have their own Oracle Cloud users with appropriate privs (easy to revoke etc – remember Oracle Cloud console is available outside the corporate firewall)
Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 18: CREATE AT LEAST 3 VM UNIX USER GROUPS • It’s pretty rare for users to need SSH access to PaaS VMs their roles might be: – Non-privileged user - not too much use but possibly for tunnelling SQL*net if you don’t have VPN – Admin user allowed to sudo to oracle <= most common – Admin user allowed to sudo to root • Oracle Support expects you to have root, e.g. to fix backup issues. (even though they are often just writing to an Oracle owned filesystem or calling RMAN) 26
Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 19: CREATE UNIX USERS ONLY USING SCRIPTS • Only specific users are allowed to SSH in (hard-coded list in sshd_config) • SSH is used for ALL low level access to the VM – Your admins – The OPC admin account – Oracle Cloud tooling • If you break the SSH login configuration you will not be able to log in! – The VM boot attempts to make sure oracle and opc keys are correct – Oracle SM can try to push in a new OPC key only if cloud tooling access is working • Built-in opc user setup/repair scripts are different in JCS as to DBaaS (and probably others)! • You only really find out for sure after an instance restart 27 Excellent idea from audience at DOAG: Configure a second SSH daemon just for support users
Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 20: ALLOCATE TIME FOR TLS CONFIGURATION • Oracle doesn’t do much for you on TLS (SSL) – JCS/SOACS use demo certificates with Cert Gen CA (i.e. easy to forge) – Uses Key Store Service in database (new with 12.1.2) • You can re-use all your old WLST etc for TLS config though ☺ – But if you have an internal CA some of the Cloud Monitoring (if you use that) breaks 28 With any luck Oracle will build (or buy) its own Certificate Authority – then it could set up TLS automatically
Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential 29 Summary
Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential SUMMARY • Customer-managed Oracle PaaS experience is very similar to what you’re used to for on-prem systems ☺ • Classic & Oracle Cloud Infrastructure are in a state of transition • Cloud is heading to Oracle Managed / Autonomous • You still need to plan your environments • Support is about the same as before • Follow the tips & tweet us with any new ones ☺ 30
Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential ABOUT EPROSEED • Focussed only on Oracle technology • Globally distributed with centralised delivery management and local resources • 5 active ACE Directors, 2 Dev Champions, 8 OCM • 19 Oracle Excellence Awards in 8 years 25 Oracle Specializations… and counting. Local offices in UK, NL, PT… & Head Office in Luxembourg
Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential ABOUT US Simon Haslam • Platform / Infrastructure Architect • Focus includes HA, DR, security, automation Bruno Neves Alves • Integration Specialist • SOACS & Oracle Integration Cloud tech lead Relevant to this session • Researching JaaS/JCS from Spring 2015; OTN webcasts Autumn 2015 • Built SOA & DB CS in May 2016 (first production SOA CS in EMEA), inc Corente • Designed & built SOA CS integration platform for global use since Oct 2017, inc VPNaaS @simon_haslam @b_alves
Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential 3 Membership Tiers • Oracle ACE Director • Oracle ACE • Oracle ACE Associate bit.ly/OracleACEProgram 500+ Technical Experts Helping Peers Globally Connect: Nominate yourself or someone you know: acenomination.oracle.com @oracleace Facebook.com/oracleaces oracle-ace_ww@oracle.com
Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential IF YOU LIKED THIS YOU MIGHT LIKE… Monday WednesdayWednesday TODAY
Tips & Tricks for Oracle PaaS Admins

Recommandé

What You Need to Know about Oracle Cloud Connectivity
What You Need to Know about Oracle Cloud ConnectivityWhat You Need to Know about Oracle Cloud Connectivity
What You Need to Know about Oracle Cloud Connectivity
Simon Haslam
 
Platform Provisioning Automation for Oracle Cloud
Platform Provisioning Automation for Oracle CloudPlatform Provisioning Automation for Oracle Cloud
Platform Provisioning Automation for Oracle Cloud
Simon Haslam
 
Oracle IaaS/PaaS - Experience Technology Night
Oracle IaaS/PaaS - Experience Technology NightOracle IaaS/PaaS - Experience Technology Night
Oracle IaaS/PaaS - Experience Technology Night
Luis Albinati
 
Oracle Ravello Presentation 7Dec16 v1
Oracle Ravello Presentation 7Dec16 v1Oracle Ravello Presentation 7Dec16 v1
Oracle Ravello Presentation 7Dec16 v1
Kurt Liu
 
A2 run vmware_workloads_on_public_cloud-without_any_change
A2 run vmware_workloads_on_public_cloud-without_any_changeA2 run vmware_workloads_on_public_cloud-without_any_change
A2 run vmware_workloads_on_public_cloud-without_any_change
Dr. Wilfred Lin (Ph.D.)
 
Oracle Ravello
Oracle Ravello Oracle Ravello
Oracle Ravello
Andrey Akulov
 
Oracle cloud, private, public and hybrid
Oracle cloud, private, public and hybridOracle cloud, private, public and hybrid
Oracle cloud, private, public and hybrid
Johan Louwers
 
Oracle IaaS including OCM and Ravello
Oracle IaaS including OCM and RavelloOracle IaaS including OCM and Ravello
Oracle IaaS including OCM and Ravello
Andrey Akulov
 

Recommandé

What You Need to Know about Oracle Cloud Connectivity
What You Need to Know about Oracle Cloud ConnectivityWhat You Need to Know about Oracle Cloud Connectivity
What You Need to Know about Oracle Cloud Connectivity
Simon Haslam
 
Platform Provisioning Automation for Oracle Cloud
Platform Provisioning Automation for Oracle CloudPlatform Provisioning Automation for Oracle Cloud
Platform Provisioning Automation for Oracle Cloud
Simon Haslam
 
Oracle IaaS/PaaS - Experience Technology Night
Oracle IaaS/PaaS - Experience Technology NightOracle IaaS/PaaS - Experience Technology Night
Oracle IaaS/PaaS - Experience Technology Night
Luis Albinati
 
Oracle Ravello Presentation 7Dec16 v1
Oracle Ravello Presentation 7Dec16 v1Oracle Ravello Presentation 7Dec16 v1
Oracle Ravello Presentation 7Dec16 v1
Kurt Liu
 
A2 run vmware_workloads_on_public_cloud-without_any_change
A2 run vmware_workloads_on_public_cloud-without_any_changeA2 run vmware_workloads_on_public_cloud-without_any_change
A2 run vmware_workloads_on_public_cloud-without_any_change
Dr. Wilfred Lin (Ph.D.)
 
Oracle Ravello
Oracle Ravello Oracle Ravello
Oracle Ravello
Andrey Akulov
 
Oracle cloud, private, public and hybrid
Oracle cloud, private, public and hybridOracle cloud, private, public and hybrid
Oracle cloud, private, public and hybrid
Johan Louwers
 
Oracle IaaS including OCM and Ravello
Oracle IaaS including OCM and RavelloOracle IaaS including OCM and Ravello
Oracle IaaS including OCM and Ravello
Andrey Akulov
 
Designing Telco Scaled OpenStack Architectures
Designing Telco Scaled OpenStack ArchitecturesDesigning Telco Scaled OpenStack Architectures
Designing Telco Scaled OpenStack Architectures
Sriram Subramanian
 
RethinkDB on Oracle Linux
RethinkDB on Oracle LinuxRethinkDB on Oracle Linux
RethinkDB on Oracle Linux
Johan Louwers
 
A1 keynote oracle_infrastructure_as_a_service_move_any_workload_to_the_cloud
A1 keynote oracle_infrastructure_as_a_service_move_any_workload_to_the_cloudA1 keynote oracle_infrastructure_as_a_service_move_any_workload_to_the_cloud
A1 keynote oracle_infrastructure_as_a_service_move_any_workload_to_the_cloud
Dr. Wilfred Lin (Ph.D.)
 
Enterprise Ready OpenStack, Wiekus Beukes, Oracle
Enterprise Ready OpenStack, Wiekus Beukes, OracleEnterprise Ready OpenStack, Wiekus Beukes, Oracle
Enterprise Ready OpenStack, Wiekus Beukes, Oracle
Sriram Subramanian
 
Oracle Database Cloud Service
Oracle Database Cloud ServiceOracle Database Cloud Service
Oracle Database Cloud Service
Jean-Philippe PINTE
 
OpenStack + Cloud Foundry for the OpenStack Boston Meetup
OpenStack + Cloud Foundry for the OpenStack Boston MeetupOpenStack + Cloud Foundry for the OpenStack Boston Meetup
OpenStack + Cloud Foundry for the OpenStack Boston Meetup
ragss
 
Polyglot! A Lightweight Cloud Platform for Java SE, Node, and More
Polyglot! A Lightweight Cloud Platform for Java SE, Node, and MorePolyglot! A Lightweight Cloud Platform for Java SE, Node, and More
Polyglot! A Lightweight Cloud Platform for Java SE, Node, and More
Shaun Smith
 
Lightweight Java in the Cloud
Lightweight Java in the CloudLightweight Java in the Cloud
Lightweight Java in the Cloud
Shaun Smith
 
MySQL Manchester TT - Replication Features
MySQL Manchester TT - Replication FeaturesMySQL Manchester TT - Replication Features
MySQL Manchester TT - Replication Features
Mark Swarbrick
 
MySQL Intro JSON NoSQL
MySQL Intro JSON NoSQLMySQL Intro JSON NoSQL
MySQL Intro JSON NoSQL
Mark Swarbrick
 
MySQL Tech Tour 2015 - 5.7 Connector/J/Net
MySQL Tech Tour 2015 - 5.7 Connector/J/NetMySQL Tech Tour 2015 - 5.7 Connector/J/Net
MySQL Tech Tour 2015 - 5.7 Connector/J/Net
Mark Swarbrick
 
Intelligently Collecting Data at the Edge - Intro to Apache MiNiFi
Intelligently Collecting Data at the Edge - Intro to Apache MiNiFiIntelligently Collecting Data at the Edge - Intro to Apache MiNiFi
Intelligently Collecting Data at the Edge - Intro to Apache MiNiFi
DataWorks Summit
 
EclipseLink: Beyond Relational and NoSQL to Polyglot and HTML5
EclipseLink: Beyond Relational and NoSQL to Polyglot and HTML5EclipseLink: Beyond Relational and NoSQL to Polyglot and HTML5
EclipseLink: Beyond Relational and NoSQL to Polyglot and HTML5
Shaun Smith
 
How to get started with Oracle Cloud Infrastructure
How to get started with Oracle Cloud InfrastructureHow to get started with Oracle Cloud Infrastructure
How to get started with Oracle Cloud Infrastructure
Simo Vilmunen
 
Oracle database in cloud, dr in cloud and overview of oracle database 18c
Oracle database in cloud, dr in cloud and overview of oracle database 18cOracle database in cloud, dr in cloud and overview of oracle database 18c
Oracle database in cloud, dr in cloud and overview of oracle database 18c
AiougVizagChapter
 
MySQL Tech Tour 2015 - Alt Intro
MySQL Tech Tour 2015 - Alt IntroMySQL Tech Tour 2015 - Alt Intro
MySQL Tech Tour 2015 - Alt Intro
Mark Swarbrick
 
Using oracle vm virtual box as your development platform
Using oracle vm virtual box as your development platformUsing oracle vm virtual box as your development platform
Using oracle vm virtual box as your development platform
OTN Systems Hub
 
OpenStack in Action 4! Franz Meyer - What Use Case does Red Hat Enterprise ...
OpenStack in Action 4! Franz Meyer - What Use Case does Red Hat Enterprise ...OpenStack in Action 4! Franz Meyer - What Use Case does Red Hat Enterprise ...
OpenStack in Action 4! Franz Meyer - What Use Case does Red Hat Enterprise ...
eNovance
 
My sql en la nube conoce las mejores prácticas en administración y operación_...
My sql en la nube conoce las mejores prácticas en administración y operación_...My sql en la nube conoce las mejores prácticas en administración y operación_...
My sql en la nube conoce las mejores prácticas en administración y operación_...
GeneXus
 
Oracle vm engineered for open cloud
Oracle vm engineered for open cloudOracle vm engineered for open cloud
Oracle vm engineered for open cloud
OTN Systems Hub
 
Tips & Tricks for Oracle PaaS Admins
Tips & Tricks for Oracle PaaS AdminsTips & Tricks for Oracle PaaS Admins
Tips & Tricks for Oracle PaaS Admins
Simon Haslam
 
Tips & Tricks for Java & SOA Cloud Service
Tips & Tricks for Java & SOA Cloud ServiceTips & Tricks for Java & SOA Cloud Service
Tips & Tricks for Java & SOA Cloud Service
Simon Haslam
 

Contenu connexe

Tendances

OpenStack + Cloud Foundry for the OpenStack Boston Meetup
OpenStack + Cloud Foundry for the OpenStack Boston MeetupOpenStack + Cloud Foundry for the OpenStack Boston Meetup
OpenStack + Cloud Foundry for the OpenStack Boston Meetup
ragss
 
Intelligently Collecting Data at the Edge - Intro to Apache MiNiFi
Intelligently Collecting Data at the Edge - Intro to Apache MiNiFiIntelligently Collecting Data at the Edge - Intro to Apache MiNiFi
Intelligently Collecting Data at the Edge - Intro to Apache MiNiFi
DataWorks Summit
 
EclipseLink: Beyond Relational and NoSQL to Polyglot and HTML5
EclipseLink: Beyond Relational and NoSQL to Polyglot and HTML5EclipseLink: Beyond Relational and NoSQL to Polyglot and HTML5
EclipseLink: Beyond Relational and NoSQL to Polyglot and HTML5
Shaun Smith
 

Tendances (20)

Designing Telco Scaled OpenStack Architectures
Designing Telco Scaled OpenStack ArchitecturesDesigning Telco Scaled OpenStack Architectures
Designing Telco Scaled OpenStack Architectures
 
RethinkDB on Oracle Linux
RethinkDB on Oracle LinuxRethinkDB on Oracle Linux
RethinkDB on Oracle Linux
 
A1 keynote oracle_infrastructure_as_a_service_move_any_workload_to_the_cloud
A1 keynote oracle_infrastructure_as_a_service_move_any_workload_to_the_cloudA1 keynote oracle_infrastructure_as_a_service_move_any_workload_to_the_cloud
A1 keynote oracle_infrastructure_as_a_service_move_any_workload_to_the_cloud
 
Enterprise Ready OpenStack, Wiekus Beukes, Oracle
Enterprise Ready OpenStack, Wiekus Beukes, OracleEnterprise Ready OpenStack, Wiekus Beukes, Oracle
Enterprise Ready OpenStack, Wiekus Beukes, Oracle
 
Oracle Database Cloud Service
Oracle Database Cloud ServiceOracle Database Cloud Service
Oracle Database Cloud Service
 
OpenStack + Cloud Foundry for the OpenStack Boston Meetup
OpenStack + Cloud Foundry for the OpenStack Boston MeetupOpenStack + Cloud Foundry for the OpenStack Boston Meetup
OpenStack + Cloud Foundry for the OpenStack Boston Meetup
 
Polyglot! A Lightweight Cloud Platform for Java SE, Node, and More
Polyglot! A Lightweight Cloud Platform for Java SE, Node, and MorePolyglot! A Lightweight Cloud Platform for Java SE, Node, and More
Polyglot! A Lightweight Cloud Platform for Java SE, Node, and More
 
Lightweight Java in the Cloud
Lightweight Java in the CloudLightweight Java in the Cloud
Lightweight Java in the Cloud
 
MySQL Manchester TT - Replication Features
MySQL Manchester TT - Replication FeaturesMySQL Manchester TT - Replication Features
MySQL Manchester TT - Replication Features
 
MySQL Intro JSON NoSQL
MySQL Intro JSON NoSQLMySQL Intro JSON NoSQL
MySQL Intro JSON NoSQL
 
MySQL Tech Tour 2015 - 5.7 Connector/J/Net
MySQL Tech Tour 2015 - 5.7 Connector/J/NetMySQL Tech Tour 2015 - 5.7 Connector/J/Net
MySQL Tech Tour 2015 - 5.7 Connector/J/Net
 
Intelligently Collecting Data at the Edge - Intro to Apache MiNiFi
Intelligently Collecting Data at the Edge - Intro to Apache MiNiFiIntelligently Collecting Data at the Edge - Intro to Apache MiNiFi
Intelligently Collecting Data at the Edge - Intro to Apache MiNiFi
 
EclipseLink: Beyond Relational and NoSQL to Polyglot and HTML5
EclipseLink: Beyond Relational and NoSQL to Polyglot and HTML5EclipseLink: Beyond Relational and NoSQL to Polyglot and HTML5
EclipseLink: Beyond Relational and NoSQL to Polyglot and HTML5
 
How to get started with Oracle Cloud Infrastructure
How to get started with Oracle Cloud InfrastructureHow to get started with Oracle Cloud Infrastructure
How to get started with Oracle Cloud Infrastructure
 
Oracle database in cloud, dr in cloud and overview of oracle database 18c
Oracle database in cloud, dr in cloud and overview of oracle database 18cOracle database in cloud, dr in cloud and overview of oracle database 18c
Oracle database in cloud, dr in cloud and overview of oracle database 18c
 
MySQL Tech Tour 2015 - Alt Intro
MySQL Tech Tour 2015 - Alt IntroMySQL Tech Tour 2015 - Alt Intro
MySQL Tech Tour 2015 - Alt Intro
 
Using oracle vm virtual box as your development platform
Using oracle vm virtual box as your development platformUsing oracle vm virtual box as your development platform
Using oracle vm virtual box as your development platform
 
OpenStack in Action 4! Franz Meyer - What Use Case does Red Hat Enterprise ...
OpenStack in Action 4! Franz Meyer - What Use Case does Red Hat Enterprise ...OpenStack in Action 4! Franz Meyer - What Use Case does Red Hat Enterprise ...
OpenStack in Action 4! Franz Meyer - What Use Case does Red Hat Enterprise ...
 
My sql en la nube conoce las mejores prácticas en administración y operación_...
My sql en la nube conoce las mejores prácticas en administración y operación_...My sql en la nube conoce las mejores prácticas en administración y operación_...
My sql en la nube conoce las mejores prácticas en administración y operación_...
 
Oracle vm engineered for open cloud
Oracle vm engineered for open cloudOracle vm engineered for open cloud
Oracle vm engineered for open cloud
 

Similaire à Tips & Tricks for Oracle PaaS Admins

IDERA Live | Working with Complex Data Environments
IDERA Live | Working with Complex Data EnvironmentsIDERA Live | Working with Complex Data Environments
IDERA Live | Working with Complex Data Environments
IDERA Software
 
PHP Performance tuning for Drupal 8
PHP Performance tuning for Drupal 8PHP Performance tuning for Drupal 8
PHP Performance tuning for Drupal 8
Acquia
 

Similaire à Tips & Tricks for Oracle PaaS Admins (20)

Tips & Tricks for Oracle PaaS Admins
Tips & Tricks for Oracle PaaS AdminsTips & Tricks for Oracle PaaS Admins
Tips & Tricks for Oracle PaaS Admins
 
Tips & Tricks for Java & SOA Cloud Service
Tips & Tricks for Java & SOA Cloud ServiceTips & Tricks for Java & SOA Cloud Service
Tips & Tricks for Java & SOA Cloud Service
 
Provisioning with Oracle Cloud Stack Manager
Provisioning with Oracle Cloud Stack ManagerProvisioning with Oracle Cloud Stack Manager
Provisioning with Oracle Cloud Stack Manager
 
Provisioning with Oracle Cloud Stack Manager
Provisioning with Oracle Cloud Stack ManagerProvisioning with Oracle Cloud Stack Manager
Provisioning with Oracle Cloud Stack Manager
 
Experiences of SOACS
Experiences of SOACSExperiences of SOACS
Experiences of SOACS
 
#PCMVision: Oracle Hybrid Cloud Solutions
#PCMVision: Oracle Hybrid Cloud Solutions#PCMVision: Oracle Hybrid Cloud Solutions
#PCMVision: Oracle Hybrid Cloud Solutions
 
Better Practices when Using Terraform to Manage Oracle Cloud Infrastructure
Better Practices when Using Terraform to Manage Oracle Cloud InfrastructureBetter Practices when Using Terraform to Manage Oracle Cloud Infrastructure
Better Practices when Using Terraform to Manage Oracle Cloud Infrastructure
 
Connecting Oracle Cloud to your Data Centre (Part A)
Connecting Oracle Cloud to your Data Centre (Part A)Connecting Oracle Cloud to your Data Centre (Part A)
Connecting Oracle Cloud to your Data Centre (Part A)
 
IDERA Live | Working with Complex Data Environments
IDERA Live | Working with Complex Data EnvironmentsIDERA Live | Working with Complex Data Environments
IDERA Live | Working with Complex Data Environments
 
Separation of Concerns through APIs: the Essence of #SmartDB
Separation of Concerns through APIs: the Essence of #SmartDBSeparation of Concerns through APIs: the Essence of #SmartDB
Separation of Concerns through APIs: the Essence of #SmartDB
 
Platform Engineering for the Modern Oracle World
Platform Engineering for the Modern Oracle WorldPlatform Engineering for the Modern Oracle World
Platform Engineering for the Modern Oracle World
 
XPages: No Experience Needed
XPages: No Experience NeededXPages: No Experience Needed
XPages: No Experience Needed
 
18. Madhur Hemnani - Result Orientated Innovation with Oracle HR Analytics
18. Madhur Hemnani - Result Orientated Innovation with Oracle HR Analytics18. Madhur Hemnani - Result Orientated Innovation with Oracle HR Analytics
18. Madhur Hemnani - Result Orientated Innovation with Oracle HR Analytics
 
Gartner pace and bi-modal models
Gartner pace and bi-modal modelsGartner pace and bi-modal models
Gartner pace and bi-modal models
 
SAP Teched 2012 Session Tec3438 Automate IaaS SAP deployments
SAP Teched 2012 Session Tec3438 Automate IaaS SAP deploymentsSAP Teched 2012 Session Tec3438 Automate IaaS SAP deployments
SAP Teched 2012 Session Tec3438 Automate IaaS SAP deployments
 
TechEvent 2019: Create a Private Database Cloud in the Public Cloud using the...
TechEvent 2019: Create a Private Database Cloud in the Public Cloud using the...TechEvent 2019: Create a Private Database Cloud in the Public Cloud using the...
TechEvent 2019: Create a Private Database Cloud in the Public Cloud using the...
 
Automating Infrastructure as a Service Deployments and monitoring – TEC213
Automating Infrastructure as a Service Deployments and monitoring – TEC213Automating Infrastructure as a Service Deployments and monitoring – TEC213
Automating Infrastructure as a Service Deployments and monitoring – TEC213
 
SOA & WebLogic - Lift & Shift to the Cloud
SOA & WebLogic - Lift & Shift to the CloudSOA & WebLogic - Lift & Shift to the Cloud
SOA & WebLogic - Lift & Shift to the Cloud
 
PHP Performance tuning for Drupal 8
PHP Performance tuning for Drupal 8PHP Performance tuning for Drupal 8
PHP Performance tuning for Drupal 8
 
Change Management for Oracle Database with SQLcl
Change Management for Oracle Database with SQLcl Change Management for Oracle Database with SQLcl
Change Management for Oracle Database with SQLcl
 

Plus de Simon Haslam

Driving DevOps for Oracle with the orawls Puppet Modules
Driving DevOps for Oracle with the orawls Puppet ModulesDriving DevOps for Oracle with the orawls Puppet Modules
Driving DevOps for Oracle with the orawls Puppet Modules
Simon Haslam
 
SSL Everywhere!
SSL Everywhere!SSL Everywhere!
SSL Everywhere!
Simon Haslam
 
Oracle Traffic Director - a vital part of your Oracle infrastructure
Oracle Traffic Director - a vital part of your Oracle infrastructureOracle Traffic Director - a vital part of your Oracle infrastructure
Oracle Traffic Director - a vital part of your Oracle infrastructure
Simon Haslam
 
Java & SOA Cloud Service for Fusion Middleware Administrators
Java & SOA Cloud Service for Fusion Middleware AdministratorsJava & SOA Cloud Service for Fusion Middleware Administrators
Java & SOA Cloud Service for Fusion Middleware Administrators
Simon Haslam
 
Ten Real-World Customer Configurations on Oracle Database Appliance
Ten Real-World Customer Configurations on Oracle Database Appliance Ten Real-World Customer Configurations on Oracle Database Appliance
Ten Real-World Customer Configurations on Oracle Database Appliance
Simon Haslam
 
What should I do now?! JCS for WebLogic Admins
What should I do now?! JCS for WebLogic AdminsWhat should I do now?! JCS for WebLogic Admins
What should I do now?! JCS for WebLogic Admins
Simon Haslam
 
High Availability Options for Oracle Enterprise Manager 12c Cloud Control
High Availability Options for Oracle Enterprise Manager 12c Cloud ControlHigh Availability Options for Oracle Enterprise Manager 12c Cloud Control
High Availability Options for Oracle Enterprise Manager 12c Cloud Control
Simon Haslam
 

Plus de Simon Haslam (19)

The Kubernetes WebLogic revival (part 2)
The Kubernetes WebLogic revival (part 2)The Kubernetes WebLogic revival (part 2)
The Kubernetes WebLogic revival (part 2)
 
The Kubernetes WebLogic revival (part 1)
The Kubernetes WebLogic revival (part 1)The Kubernetes WebLogic revival (part 1)
The Kubernetes WebLogic revival (part 1)
 
Terrraform meet Oracle Cloud: Platform Provisioning Automation
Terrraform meet Oracle Cloud: Platform Provisioning AutomationTerrraform meet Oracle Cloud: Platform Provisioning Automation
Terrraform meet Oracle Cloud: Platform Provisioning Automation
 
Delivering Mobile Apps to the Field with Oracle
Delivering Mobile Apps to the Field with OracleDelivering Mobile Apps to the Field with Oracle
Delivering Mobile Apps to the Field with Oracle
 
Oracle SOA Cloud - Skanska Customer Journey
Oracle SOA Cloud - Skanska Customer JourneyOracle SOA Cloud - Skanska Customer Journey
Oracle SOA Cloud - Skanska Customer Journey
 
Delivering Mobile Apps to the Field with Oracle JET
Delivering Mobile Apps to the Field with Oracle JETDelivering Mobile Apps to the Field with Oracle JET
Delivering Mobile Apps to the Field with Oracle JET
 
JET Hybrid Mobile Apps - taster for Oracle CodeOne
JET Hybrid Mobile Apps - taster for Oracle CodeOneJET Hybrid Mobile Apps - taster for Oracle CodeOne
JET Hybrid Mobile Apps - taster for Oracle CodeOne
 
Delivering Mobile Apps to the field using Oracle
Delivering Mobile Apps to the field using OracleDelivering Mobile Apps to the field using Oracle
Delivering Mobile Apps to the field using Oracle
 
Running SOA in the Cloud: SOA CS for SOA Suite Customers
Running SOA in the Cloud: SOA CS for SOA Suite CustomersRunning SOA in the Cloud: SOA CS for SOA Suite Customers
Running SOA in the Cloud: SOA CS for SOA Suite Customers
 
Driving DevOps for Oracle with the orawls Puppet Modules
Driving DevOps for Oracle with the orawls Puppet ModulesDriving DevOps for Oracle with the orawls Puppet Modules
Driving DevOps for Oracle with the orawls Puppet Modules
 
3 Ways to Connect to the Oracle Cloud
3 Ways to Connect to the Oracle Cloud3 Ways to Connect to the Oracle Cloud
3 Ways to Connect to the Oracle Cloud
 
SSL Everywhere!
SSL Everywhere!SSL Everywhere!
SSL Everywhere!
 
Oracle Traffic Director - a vital part of your Oracle infrastructure
Oracle Traffic Director - a vital part of your Oracle infrastructureOracle Traffic Director - a vital part of your Oracle infrastructure
Oracle Traffic Director - a vital part of your Oracle infrastructure
 
Java & SOA Cloud Service for Fusion Middleware Administrators
Java & SOA Cloud Service for Fusion Middleware AdministratorsJava & SOA Cloud Service for Fusion Middleware Administrators
Java & SOA Cloud Service for Fusion Middleware Administrators
 
Ten Real-World Customer Configurations on Oracle Database Appliance
Ten Real-World Customer Configurations on Oracle Database Appliance Ten Real-World Customer Configurations on Oracle Database Appliance
Ten Real-World Customer Configurations on Oracle Database Appliance
 
What should I do now?! JCS for WebLogic Admins
What should I do now?! JCS for WebLogic AdminsWhat should I do now?! JCS for WebLogic Admins
What should I do now?! JCS for WebLogic Admins
 
Living with the Oracle Database Appliance
Living with the Oracle Database ApplianceLiving with the Oracle Database Appliance
Living with the Oracle Database Appliance
 
Enterprise Deployments: The Real World of Best Practices
Enterprise Deployments: The Real World of Best PracticesEnterprise Deployments: The Real World of Best Practices
Enterprise Deployments: The Real World of Best Practices
 
High Availability Options for Oracle Enterprise Manager 12c Cloud Control
High Availability Options for Oracle Enterprise Manager 12c Cloud ControlHigh Availability Options for Oracle Enterprise Manager 12c Cloud Control
High Availability Options for Oracle Enterprise Manager 12c Cloud Control
 

Dernier

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

Dernier (20)

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 

Tips & Tricks for Oracle PaaS Admins

  • 1. Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIPS & TRICKS FOR ORACLE PAAS ADMINS Simon Haslam Bruno Neves Alves 1 3rd Edition
  • 2. Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential INSPIRATION FOR THIS PRESENTATION I have a note where I keep “tips & tricks” I find as I work… – This is my current list but is work in progress (I haven’t done everything possible in PaaS ☺ ) – Some are opinions, mainly with an Ops/Admin focus – YMMV! – I have perfectionist tendencies (but am in therapy!) and want to improve each batch of environments I provision – Oracle Cloud changes all the time (monthly releases) – in future they may change/become irrelevant – Oracle Managed / Autonomous services are making these tips less relevant – Even if you are not using services like SOA CS or JCS today hopefully they may be a useful reference for later 3rd Edition
  • 3. Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential DIFFERENT TYPES OF PAAS, WITH EXAMPLES Software as a Service Infrastructure as a Service Autonomous Oracle Integration Cloud Oracle Integration Cloud Oracle Managed, Minimal customer config. Oracle Managed, Moderate customer config. Oracle SOA CloudCustomer Managed, Advanced customer config. Autonomous Transaction Processing Oracle & Auto Managed, Minimal customer config. Database Cloud Service / DBaaS Oracle Java Cloud Autonomous Oracle DIPC Oracle DIPC high level low level
  • 4. Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential 5 • Planning: Setup and Identity • Networking, VPN & Misc • Operation: SSH and internal access
  • 5. Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 1: KNOW WHETHER YOU WANT OCI OR CLASSIC 6 Sounds obvious but… • The noise around Oracle Cloud Infrastructure is deafening! • State of transition (18Q4) – many PaaS services are now provisioning via PSM on OCI but Classic is still available. • Very little ‘new’ PaaS yet on OCI (database & load balancers) NB: there is no migration between OCI Classic and OCI – think of them as completely different clouds Both use IDCS PSM Generally use OCI if you can but, if you are in a hurry and it’s not a “forever” platform, you might be better with Classic currently OCI Classic aka OPC Mature, around for 3-4 years Simpler, lower tech Blogs, discussions & docs mostly about this Legacy but not EOL OCI aka Next Gen IaaS New, around for ~2 years More sophisticated, esp. DR, better meets enterprise needs New services & autonomous are OCI Info harder to find, e.g. PaaS+OCI Strategic C L A S S I C Shiny!
  • 6. Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 2: KNOW YOUR OCI(C) REGIONS • *com- ones are Classic: – eucom-* – gbcom-* – uscom-* • <country>- ones are OCI: – eu-frankfurt-1 – uk-london-1 – us-ashburn-1 – us-phoenix-1 7 If you have an account created before ~Oct 2017 you may not have any OCI regions in the list C L A S S I C For PaaS this list is determined by your home region (set during provisioning) Govt regions are separate (2 in US, 1 in EMEA)
  • 7. Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 3: PRACTICE ON A TRIAL ACCOUNT 8 • There’s a lot to learn: – User management – How consoles look, what names/naming conventions fit – Auto-generated names – ( You usually have one identity domain for both live and test: how will you manage instances for your organisation? – You will probably end up with things in the wrong place – usually it’s easier/quicker to start fresh – more likely to delete stuff in trial account especially if your org. has multiple admins – Makes you less nervous about creating stuff that might cost $$$! • Downside: trial accounts get burnt up - can be hard to get new ones C L A S S I C
  • 8. Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 4: CHOOSE YOUR DOMAIN NAME CAREFULLY 9 • Name is used a lot in URLs and references – Since IDCS + PaaS name is in log-in URL too, e.g. https://myservices-eproseeduk.console.oraclecloud.com • You may or may not get to choose – Depends on how cloud was purchased and type – may get choice or maybe just a123456 – Oracle added feature to rename but that is superficial • Domains can’t be re-used later AFAIK so think about it carefully especially if you are a multi-national – E.g. I created “eproseeduk” in case we want to use “eproseed” globally – Are there annoying domain squatters out there…? • This is probably vanity/perfectionism led! Most corporates may be happy with a123456 ☺ C L A S S I C
  • 9. Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 5: BE AWARE THERE ARE 2 IDENTITY DOMAIN TERMS • Prior to IDCS, now called “traditional” ID, there was one “Identity Domain” – a short name you chose, like mycompany, or, – for a phase Oracle allocated it, e.g. a1234567 • With IDCS (any cloud account provisioned since ~Oct 2017) you have a second “Identity Domain” or “Identity Service ID” (terms used interchangeably) – Generated: idcs-******* (32 hex digits) 10 C L A S S I C For API calls know which one you need: it’s usually the idcs-* one but docs may be out of date
  • 10. Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 6: BE MINDFUL OF OVERLAPPING IDENTITY PROVIDERS It’s possible to get to funny situations where initial user/password has been provisioned in two places and password only changed in one 11 Traditional IDM Pre-Oct 2017 Post-Oct 2017 OCI Identity Federated ID IDCS Classic Identity Only ID store Most users are here (or federated, e.g. to AD)
  • 11. Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 7: CREATE A PROVISIONING USER • The username of user who creates instances & other artefacts ends up in URIs. Default usernames are email addresses. • Create a provisioning user – make sure it is only used by scripts, and not for administration functions • Create the provisioning user as a name, not an email address – I like something short, typically just the organisation name • This concept is valid for: – IDCS-backed PaaS on Classic since you might be using PSM scripts – OCI provisioning which need an API key defined for the user in the OCI identity domain 12 C L A S S I C
  • 12. Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 8: CREATE A STORAGE USER • The domain name is in the storage container name BUT the storage user is what the PaaS instances use for backup/restore. • Oracle Cloud user passwords expire after ~4 months – you can’t prevent this – If you let them expire your backups will break – If your database backups break you start using more Recovery Area – If your Recovery Area fills up the database archiver can’t archive the redo log – If the archiver can’t archive the redo log the db can’t do a log switch – BANG! • Oracle Cloud “password change dance” was possible last year – not sure about now • Create a separate storage user to limit the scope of a password change 13 Practise change of Oracle Cloud storage user password before user expiry!!!
  • 13. Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 8 (CONTINUED) STORAGE USER’S REQUIRED PERMISSIONS • Needs to have: (not just ReadWriteGroup – console allows that… then fails later) 14
  • 14. Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 9: CREATE A STORAGE CONTAINER PER INSTANCE • When you create service instances that are fully managed by Oracle Cloud (i.e. not Virtual Image service types) you need to supply Storage Cloud container • It’s tempting to have one big bucket but don’t… – remember in the future you may have 20 instances but want to delete one including its backups – a storage container makes this much easier to track • You now have an option in console and REST API to create a new container at provisioning time – I’m not really sure why this isn’t the default – Not yet the case on OCI – you need to create object containers first 15 C L A S S I C
  • 15. Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 10: CHOOSE YOUR TIMING FOR PROVISIONING • OOW introduces a lot of change (2017 after, 2018 before & after) – if not bugs then maybe new ways to do things • Monthly release cycle • Put provisioning jobs onto a Build Server & run weekly to minimise surprises 16
  • 16. Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential 17 • Planning: Setup and Identity • Networking, VPN & Misc • Operation: SSH and internal access
  • 17. Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 11: USE AUTONOMOUS / ORACLE MANAGED • If available & suitable use Autonomous / Oracle Managed – Positive experience so far (July-) with API Platform, though primarily it’s the Gateway that is critical (and that’s on our own infra) – Doesn’t necessarily mean service level is better, but it’s someone else’s problem! • This is the “direction of travel”, e.g. look at pricing for Integration Cloud • Time will tell, especially for early adopters 18
  • 18. Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 12: APIP OAUTH DEBUGGING When troubleshooting APIs that you have configured in Oracle API Platform cloud service you can use the following tools: • Oracle API Platform Cloud Service Analytics: shows the type of error • jwt.io debugger: tool lets you inspect OAuth tokens generated by a provider • Change Oracle API Platform logging policies so you can you log the content of objects 19 See Lonneke Dikman’s (eProseed NL) blog post at: http://blog.vennster.nl/2017/12/troubleshooting-oracle-api-platform.html
  • 19. Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 13: BUILD YOURSELF A STOP/START SCHEDULER • Often we size non-prod environments now based on part-time usage, e.g. 9 hours, weekday • There’s no feature in Oracle Cloud Platform to allow you to simply set up a timetable •  Create a simple scheduler to do that – e.g. crontab plus PSM work OK on an IaaS VM or DevCS 20
  • 20. Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 14: USE IP NETWORKS • “IP Networks” on Oracle Cloud Infrastructure Classic allow you to choose your own network numbering, and VMs to talk directly to one another • “Shared Network” is the original network where every VM is allocated to a 4-IP subnet… adds all sorts of complexity • Going forward: IP Networks will dominate: – No migration path – you have to re-provision – If you have any choice then set up IP Networks from the start! 21 This relates to Classic – for OCI you will have to use VCNs anyway C L A S S I C
  • 21. Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 15: WATCH OUT FOR IP RESERVATIONS ON IP NETWORKS • Was no method to reserve internal IPs (not public IPs) – depended on VM start-up order • Critical if you have op-prem firewall rules to specific cloud IP Network addresses • This was an Enhancement Request but according to recent SR you can now specify IP reservation at time of provisioning… needs verification though 22 C L A S S I C
  • 22. Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 16: NO OVERLAPPING NETWORKS ON VPNAAS Example: i.e. not how you’d expect with normal routing VCN/IP network planning – liaise with all your network teams to choose global network 23 On-premises 10.5.0.0/16 IP Network 10.5.1.0/8 IP Network 10.6.1.0/8 VPNaaS tunnel VPNaaS tunnel ✓
  • 23. Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential 24 • Planning: Setup and Identity • Networking, VPN & Misc • Operation: SSH and internal access
  • 24. Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 17: CREATE SSH USERS FOR VM ADMINS • Have centralised, secret OPC SSH key-pairs – Don’t be lazy… I typically have one for each env type (prod, acceptance, test, etc) – You may choose to have a super-user keypair per instance (if you are fully scripted and have good key) • Don’t give out the OPC private key for admin use – if admins need to access the VMs create local accounts for them • You probably should re-generate your opc keypair periodically • Medium term – I’d like to authenticate against LDAP or IDCS 25 RELATED Cloud Ops/Admins should have their own Oracle Cloud users with appropriate privs (easy to revoke etc – remember Oracle Cloud console is available outside the corporate firewall)
  • 25. Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 18: CREATE AT LEAST 3 VM UNIX USER GROUPS • It’s pretty rare for users to need SSH access to PaaS VMs their roles might be: – Non-privileged user - not too much use but possibly for tunnelling SQL*net if you don’t have VPN – Admin user allowed to sudo to oracle <= most common – Admin user allowed to sudo to root • Oracle Support expects you to have root, e.g. to fix backup issues. (even though they are often just writing to an Oracle owned filesystem or calling RMAN) 26
  • 26. Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 19: CREATE UNIX USERS ONLY USING SCRIPTS • Only specific users are allowed to SSH in (hard-coded list in sshd_config) • SSH is used for ALL low level access to the VM – Your admins – The OPC admin account – Oracle Cloud tooling • If you break the SSH login configuration you will not be able to log in! – The VM boot attempts to make sure oracle and opc keys are correct – Oracle SM can try to push in a new OPC key only if cloud tooling access is working • Built-in opc user setup/repair scripts are different in JCS as to DBaaS (and probably others)! • You only really find out for sure after an instance restart 27 Excellent idea from audience at DOAG: Configure a second SSH daemon just for support users
  • 27. Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential TIP 20: ALLOCATE TIME FOR TLS CONFIGURATION • Oracle doesn’t do much for you on TLS (SSL) – JCS/SOACS use demo certificates with Cert Gen CA (i.e. easy to forge) – Uses Key Store Service in database (new with 12.1.2) • You can re-use all your old WLST etc for TLS config though ☺ – But if you have an internal CA some of the Cloud Monitoring (if you use that) breaks 28 With any luck Oracle will build (or buy) its own Certificate Authority – then it could set up TLS automatically
  • 28. Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential 29 Summary
  • 29. Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential SUMMARY • Customer-managed Oracle PaaS experience is very similar to what you’re used to for on-prem systems ☺ • Classic & Oracle Cloud Infrastructure are in a state of transition • Cloud is heading to Oracle Managed / Autonomous • You still need to plan your environments • Support is about the same as before • Follow the tips & tweet us with any new ones ☺ 30
  • 30. Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential ABOUT EPROSEED • Focussed only on Oracle technology • Globally distributed with centralised delivery management and local resources • 5 active ACE Directors, 2 Dev Champions, 8 OCM • 19 Oracle Excellence Awards in 8 years 25 Oracle Specializations… and counting. Local offices in UK, NL, PT… & Head Office in Luxembourg
  • 31. Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential ABOUT US Simon Haslam • Platform / Infrastructure Architect • Focus includes HA, DR, security, automation Bruno Neves Alves • Integration Specialist • SOACS & Oracle Integration Cloud tech lead Relevant to this session • Researching JaaS/JCS from Spring 2015; OTN webcasts Autumn 2015 • Built SOA & DB CS in May 2016 (first production SOA CS in EMEA), inc Corente • Designed & built SOA CS integration platform for global use since Oct 2017, inc VPNaaS @simon_haslam @b_alves
  • 32. Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential 3 Membership Tiers • Oracle ACE Director • Oracle ACE • Oracle ACE Associate bit.ly/OracleACEProgram 500+ Technical Experts Helping Peers Globally Connect: Nominate yourself or someone you know: acenomination.oracle.com @oracleace Facebook.com/oracleaces oracle-ace_ww@oracle.com
  • 33. Copyright © 2018, eProseed and/or its affiliates. All rights reserved. | Confidential IF YOU LIKED THIS YOU MIGHT LIKE… Monday WednesdayWednesday TODAY