SunFireT2000After receiving my try-and-buy Sun Fire T2000 over a week ago it’s finally up and running. While we have yet to hit it with much of a load, here are some thoughts on the out-of-box experience:

Before even powering up there are a couple interesting observations about the system. The first is the lack of power button, switch, or key. In fact there is only one button on the system and that is an indicator button which just flashes an LED on both the front and back of the system to make it easier to locate (a nice feature, by the way.) You’ll quickly find the hot-swappable dual power supply and fan compartment. The adventurous will find and the big button on top of the system which allows you to gain access to RAM and other non-hot-swappable components.

All of these compartments and components are accessible without the need for tools. The hard drives are on hot-swappable sleds which pop out the front of the box. The hard drives are small (2.5″ I believe) allowing room for 4 bays in the front and still affording enough space for ventilation. I was somewhat surprised to find laptop-style drives in a Sun server, but I guess I can’t come up with any reason not to.

After giving the hardware a good once-over it was time to get the T2000 up and running. I have to say Sun came up a little short on the out-of-box experience at this point. I’m comfortable with, even partial to the absence of on-board video on a server, and Sun has chosen to include serial via RJ-45 on the T2000. Sun was on the right track including two cables appropriately shielded for use with this port, but neglected to include an adapter to go to the 9 pin serial we all have on the back of our PCs.

After rummaging around for the proper adapter to hook the T2000 to an old laptop we plugged it in. The system is surprisingly (read obnoxiously) loud, but hey, it’s a server not a desktop. After a few minutes of the regular hardware diagnostics stuff the system came up to an sc> prompt.

This is where those who are not familiar with Sun’s newer hardware will come to a complete stop. The only documentation included with the system is the Sun Fire T2000 Server Getting Started Guide and that does little more than tell you what the different lights mean and where you can find more documentation online. If you get online and grab the Sun Fire T2000 Server Installation Guide this will walk you through dealing with the SC serial management port. In my opinion Sun should have included this one in hard copy with the system as well.

After a couple more steps things start to feel familiar and the rest of the setup is much like the Solaris 7, 8, and 9 installs I’m used to. With just a few extra steps here you can (and I’d recommend) configure the SC Network Management port which will allow you the same functionality as the SC Serial Management port without the need for the serial cable and adapter. You will need an extra network drop and IP address to use network management, but then you’ll be able to telnet to it for administrative functions. Of course in a production environment you’d want this behind a firewall or on a private subnet.

Other than that the system seems quick. Our next step is to get Oracle on the system and throw some queries at it. I’ll share more as soon as we get some results.

UPDATE: I have now had the chance to test drive some Oracle jobs on this system. Check out my findings here.

database, database administration, database administrator, dba, dbms, rdbms, solaris, sun, sunfire, sysadmin, system administration, systems administration, t2000, try and buy, unix, oracle

Here’s my cliff notes directions for managing secure certificates using Oracle Wallet Manager. These directions were written for Oracle Application Server 10g(9.0.4) and my not work right with other versions. As always, don’t do it if you don’t understand it.

NOTE: When you generate a certificate request within a wallet you must then import the certificate into the EXACT SAME WALLET! So it is important to not forget the path, or password to the wallet, but also a copy can be made of the wallet by copying the ewallet.p12 and cwallet.sso files from the path where you saved the wallet to another directory.

Generate a certificate request:

  1. On the system you want to display the wallet manager on run
    xhost +serverhostname.
  2. ssh to the system the cert is for.
  3. Export the display to somewhere you can view it
    DISPLAY=localhostname:0.0; export DISPLAY
  4. Start Oracle Wallet Manager from $ORACLE_HOME/bin (should be in the path)
    owm
  5. Select New from the Wallet menu.
  6. Answer No to creating the default location.
  7. Give the wallet a secure password and select OK.
  8. Answer Yes to create a certificate request.
  9. Enter the following information to generate the request. If you’re not sure about some of this info, check with someone at your site who has done cert requests before. It is important that it is all accurate.

  10. Common Name: The fully qualified domain name (e.g. gimli.plymouth.edu)
    Organizational Unit: Typically a department name (e.g. Information Technology Services)
    Organization Name: Your organizations official name (e.g. Plymouth State University)
    Locality/City: Plymouth
    State/Provence: New Hampshire
    Country: United States
    Key Size: (1024 is OK, 2048 is better)

  11. Click OK once these values are all correct.
  12. Click OK in the “Please submit” dialogue.
  13. Select Auto Login from the Wallet menu.
  14. Select Save from the Wallet menu and save the wallet to a safe, non-public directory on your server (being careful not to overwrite another wallet.)
  15. Click on the certificate request in the wallet tree then select Export Certificate Request from the Operations menu and export the request to a file.
  16. Send the certificate request file to the certificate authority to obtain a user certificate.

Importing a Certificate:

  1. Follow the instructions above to connect to the server and export the display.
  2. Transfer the certificate you received from your certificate authority to the server.
  3. Open Oracle Wallet Manager and open the wallet the cert request was created from.
  4. Select Import User Certificate from the Operations menu. DO NOT import the certificate as a trusted certificate.
  5. Select Import Certificate From File and then select the file containing the certificate.
  6. If you are prompted to import the CA certificate, select Yes and follow these steps to get the CA cert:
    1. On a Windows box, rename the certificate to have a .cer extention (which should change the icon.)
    2. Double click on the certificate and select the Certification Path tab.
    3. Select the highest level of the certification path (e.g. Thawte Premium Server CA) and click View Certificate.
    4. Select the Details tab and click Copy to File…
    5. Follow the directions on screen to export the CA certificate as a Base-64 Certificate.
    6. Once exported, copy the CA certificate to the host the wallet is on.
    7. In the Import Trusted Certificate dialogue box, choose Select a file that contains the certificate and click OK.
    8. Select the CA Cert file you have just uploaded and click OK.
  7. The certificate should now have the word Ready next to it. That indicates the certificate is ready to use.
  8. Confirm that Auto Login is checked in the Wallet menu.
  9. Save the wallet by choosing Save from the Wallet menu.
  10. Exit the wallet manager.

From here you’ll have to follow the instructions in the Oracle HTTP Server Administration Guide to complete the SSL setup.

Importing a Renewed Certificate

These directions are for when your certificate authority has renewed your cert based on your previous request.

  1. Follow the instructions above to connect to the server and export the display.
  2. Transfer the certificate you received from your certificate authority to the server.
  3. Open Oracle Wallet Manager and open the wallet the cert request was created from.
  4. Click on the existing certificate, select Remove User Certificate from the Operations menu and click Yes to confirm.
  5. Click on the certificate (now in [Requested] status) from the wallet and select Import User Certificate from the Operations menu.
  6. Select Import Certificate From File and then select the file containing the certificate.
  7. The certificate should now have the word Ready next to it. That indicates the certificate is ready to use.
  8. Confirm that Auto Login is checked in the Wallet menu.
  9. Save the wallet by choosing Save from the Wallet menu.
  10. Exit the wallet manager.

oracle, oracle application server, oas, application administration, system administration, sysadmin

Last week Warren left a comment on my story Converting Time Zones in Oracle asking how he could output dates with time zone like: “17-Mar-2006 14:30:00 EST”.

Well, after a bit of digging it turns out the answer is not as simple as it sounds. The traditional Oracle DATE and TIMESTAMP datatypes don’t store time zone information. A workaround might be to store time zone information in a separate column in the table, but that seems like it could cause some confusion.

Well, it looks like in version 9i Oracle has added a new datatype to handle exactly this. The TIMESTAMP WITH TIME ZONE datatype allows a time zone to be stored with a date and time either in offset from UTC or by abbreviation.

The TIMESTAMP WITH TIME ZONE datatype can be declared in the table definition anywhere you would have used DATE or TIMESTAMP. To store a date/time/time zone into a row Oracle has also added the function TO_TIMESTAMP_TZ which acts much like the familiar TO_DATE function, however will recognize TZH, TZM, TZR, and TZD for time zone hour, minute, region, and abbreviation respectively.

To retrieve time zone information you can apply the same new abbreviations to the familiar to_char function when selecting a column of type TIMESTAMP WITH TIME ZONE.

Rather than go into any more detail here, check out this article from Oracle Magazine. It covers the topic very well including example code.

sql, oracle, database administration, database, dba, database development, dbms, pl/sql

SunFireT2000After being tipped of on the Sun try-and-buy program by Alan Baker, a coworker and cohort, I figured I’d throw my hat into the ring for a chance to test drive a SunFire T2000… and today it arrived.

Here’s what Sun has to say about their program:

Toss your toughest workloads at the multithreaded Sun Fire T2000 server with the Solaris 10 Operating System, and watch it crank up your database and Web application performance.

We’re so confident in the quality and performance of the world’s first eco-responsible server, we’re offering a free 60-day trial, risk-free. If you’re not totally impressed, just send it back at our expense and owe us nothing.

Chances are that you will be dazzled by your trial server and come back for more. The new Sun Fire T2000 server will likely become your multithreaded workload energy-saving powerhouse of choice.

When you apply for the Try and Buy program you get the choice of a four, six, or eight core 1GHz UltraSPARC T1 processor. I chose the eight, not just because bigger is better, but also because it is closest to our production Oracle servers in capacity and price.

So once we can find the time we’ll get 64-bit Oracle installed on there and run it through the paces. On deck are some join, function, lookup intensive datamart creation scripts which currently crush our production server every evening. This should be fun.

Also of interest is Sun’s claim of this server being “the world’s first eco-responsible server”. While I am unlikely to bring in a kilowatt meter to verify these claims, we are a very green university and hey, everyone wants to save a few bucks on electric.

UPDATE: I have now had the chance to test drive some Oracle jobs on this system. Check out my findings here.

oracle, database, database administration, database administrator, dba, dbms, rdbms, sun, solaris, systems administration, system administration, sysadmin, unix, t2000, try and buy, sunfire

Web surfing today I stumbled upon Ora-WTF.blogspot.com. This will be one to follow.

Now most of the world won’t understand why logging users clear-text passwords in a table is a bad idea, or that your error handling should handle errors, not cause them, but for those of us who get some perverse pleasure from disaster prone, elaborate solutions to everyday problems this is a great site!

I am amused. This blog has just the right attitude for my current mood (spread too thin, working on too many disparate projects at once, and jealous of my student worker who gets to work on one thing at a time, at least at work.)

oracle, weblog, blog, wtf, database administration, database programming

« Previous PageNext Page »