Oracle Database 环境整改建议应对 Linux TCP SACK PANIC 内核安全高危漏洞 CVE-2019-11477
在 Linux 内核处理 TCP 网络数据的操作中发现了三个相关的安全漏洞。 其最严重的安全漏洞会被远程攻击者利用在运行受影响软件的系统上触发一个内核崩溃,从而影响到系统的可用性。对于安装现在运行oracle 数据库的环境,anbob建议禁用tcp_sack的方式解决SACK问题高危。
系统相关
操作系统方面知识
How to create ASM devices with UDEV
Udev is the mechanism used to create and name /dev device nodes corresponding to the devices that are present in the system. Udev uses matching information provided by sysfs with rules provided by the user to dynamically add the required device nodes.
Troubleshooting kernel: EXT4-fs warning (device dm-0): ext4_dx_add_entry: Directory index full!
The following error message is displayed in the database host operating system log of a customer today.
kernel: EXT4-fs warning (device dm-0): ext4_dx_add_entry: Directory index full!
Troubleshooting sqlplus logon instance slow and Swap usage high even memory is 50% free
A few days ago, I encountered a case, a 11.2.0.4 three-node Oracle RAC database on RHEL 6.6 , when trying to login to the database instance using sqlplus “/ as sysdba” on the third node, It’s very slow, and vmstat show that there is a very large swap in and out, but there is still a lot of memory free space
Troubleshooting Out-Of-Memory(OOM) killer db crash when memory exhausted
If kernel can not find memory to allocate when it’s needed, it puts in-use user data pages on the swap-out queue, to be swapped out. If the Virtual Memory (VM) cannot allocate memory and canot swap out in-use memory, the Out-of-memory killer may begin killing current userspace processes.
Alert : 当在AIX 7.1/7.2使用AIX Flash Cache 读写/dev/pfcdd0时System crashes
这次预警主要是因为AIX的新特性Flash cache device相关的bug引起的ORACLE 数据库可用性风险, 虽然坑是AIX挖的,但是对于装数据库和巡检(RDA),DBA及客户就是直接受害者。 OracleDBA在使用RDA巡检运行在AIX 7.1 、7.2上使用了ASM 的数据库时可能会把库查死
Troubleshooting ORA-27300 ‘fork failed with status: 11’ on SLES12 (SUSE /Linux 7)
建议在SLSE 12或以后的版本,或LINUX 7等以后的版本时,先了解一下系统变化,至少在安装RAC时, 把DefaultTasksMax修改加入到安装方档中去, 可能Oracle 在以后的安装文档或最佳实践中会增加该内容。
自动化运维工具之:dcli 批量管理主机
dcli 为Oracle Exadata Machine中提供的管理cell的工具,全名 Distributed Command Line Interface,在Exadata, Exalogic, Exalytics等系列一体机都自带这个工具, 该工具是一套python脚本,可以用文本工具直接查看编辑, 在当前的IT管理中批量管理几百台机器已不是什么稀奇的事, 所以在日常一些批量共性的常规检查和运维就需要一种维护工具自动实现或者叫自动化运维工具, 当前较流行的有puppet和ansible 产品
Leap Second (闰秒) 在ORACLE环境的影响
因为我国是东八时区(UTC+8),所以我国将在北京时间2017年1月1日的7时59分59秒也会做闰秒调整和全球同步,到时会出现7:59:60的特殊现象。对时间敏感的系统不可忽略,除了航天系统,我们的数据库系统应该也要做好检查, 润秒有可能会使OS Reboot,应用HANG, Clusterware restart影响.
Shell: To delete listener log file contains text and xml format (自动清理监听日志)
整理的一个清理Oracle数据库监听日志的脚本,可以部署到监听进程的owner用户的crontab中(RAC通常是grid, 单实例通常是oracle), 实现的是监听日志大于1GB时,归档监听日志文本格式的文件如listener.log ,自动压缩保存, 后期循环自动覆盖, 11G 引入的ADR, XML格式的文件19c前也无法自动清理,这个shell 目前是自动rm 7前天的, 关于19c 的日志自动清理后期会分享
Shell: extract more from listener.log (分析oracle监听日志连接频率)
最近遇到了两起数据库连接数不足的问题, 通常都会预留一些会话增加的情况, 但在一些特殊情况下如连接风暴(logon storm), 如果在监听中没有做rate限流,对数据库来说
巨大的冲击可能会导致数据库Hang 或 ora-20 或ora-18 错误。
Unable execute “@”(at) sql file in sqlplus on hp-ux issue
I have a ORACLE db server on hp-ux, i want to execute a sql script file in sqlplus using “@” , get some error. but I use “start” sql file in sqlplus ,it work fine for me. now I have been resolved this error, just shared here. SQL> @uptime SP2-0042: unknown command “uptime” – … Read more
How to use the MegaCLI Utility with your RAID Controller on your DELL PowerEdge Server in Linux. (在linux监控RAID信息)
The MegaRAID Storage Manager includes both GUI (MSM) and The megacli tool is used for managing the controller via the command-line interface, text based tools (MegaCLI) to monitor and manage the disk array.
Shell script to backup MySQL database(备份MySQL 脚本)
this is shell script to backup mysql database, using mysqldump to dump all databases into separate files, and encrypt backup file using zip password option, Generate a collective file using tar, ftp to ftp server, to send email to DBA .
MySql 5.5 tar安装及sysbench 配置
Next, let’s create the mysql user and group: groupadd mysql useradd -g mysql mysql create mysql soft and data files store dictroy. and install mysql mkdir -p /data/mysql tar zxvf mysql-5.5.36-linux2.6-x86_64.tar.gz mv mysql-5.5.36-linux2.6-x86_64 /data/mysql/ cd /usr/local ln -s /data/mysql/mysql-5.5.36-linux2.6-x86_64/ mysql scripts/mysql_install_db –user=mysql or (./mysql_install_db –user=mysql –basedir=/usr/local/mysql –datadir=/usr/local/mysql/data) Modify File and Directory Permissions cd /data/mysql/ chown … Read more
Build the BBED utility in ORACLE 11G on linux
Oracle has the BBED utility (block browser and editor) is is all releases of Oracle, from Oracle7 to Oracle10g,In Oracle 11g, BBED becomes unavailable but if you search in the ins_rdbms.mk makefile,…
AWR Formatter (一个不错的AWR报告格式化google chrome 插件)
一个不错的oracle AWR 报告本地文件格式化chrome浏览器插件,看似用js完成,有一些特性非常不错,拿出来分享,作者Tyler Muth –观看 需要翻墙视频介绍 下载下载地址1下载地址2 安装方法 1,下载AWR-Format.crx文件2,打开chrome 谷歌浏览器,我这里版本是28,点击右上角的按钮或显示菜单,找工具–扩展程序 打开扩展程序页面3,用鼠标把1 下载的文件托进浏览器的这个页面,增加插件,默认是启用,勾选插件下的“允许访问文件网址”4,右击本地的AWR html文件,使用google chrome 打开,体验一下吧 — update 如果新版本的chrome 不支持, 可以修改crx为.rar ,解压文件夹,修改manifest.json 的manifest_version 为 3或更高,chrome修改为开发者模式,加载已解压的文件夹即可。 执行时可能报错 Refused to evaluate a string as JavaScript because ‘unsafe-eval’ is not an allowed source 当前页面的 CSP策略禁止执行字符串形式的 JavaScript。 因为awr-format.js中使用了, 在1606行,eval() 是 XSS 攻击最大入口。修改如下 //var rowVal = eval(‘sqlStatsCombined[i].’+column);var rowVal = sqlStatsCombined[i][column]; 重新加载就可以。
How to used the gdb (GNU Debugger) Collecting Hanganalyze and Systemstate Dumps on Linux systems(操作系统收集hanganalyze和systemstate)
Prior to 10g you can use a unix debugger like gdb, adb or dbx to attach to a shadow process and dump the system state using the function ksudss which is the subroutine in the Oracle source code which does the same.
How to get call stack of oracle processes ?
Each time your program performs a function call, information about the call is generated. That information includes the location of the call in your program, the arguments of the call, and the local variables ..
SHELL:Find Memory Usage In Linux (统计每个程序内存使用情况)
shell统计linux系统中每个程序的内存使用情况,因为内存结构非常复杂,不一定100%精确,