Linux Tips and Tricks for Oracle
January 11, 2007
Oracle committed to Linux in 1998, with its first database released on Linux. Now Oracle claims its database software is number one on Linux with a market share of more than 75%. Though Oracle provides low-cost deployment of Linux solutions, many skeptics still hesitate to deploy mission-critical databases on Linux. As a DBA, whenever you change a job, the employer first asks about your experience on Linux. In this article, I would like to discuss some of my favorite Linux commands and tricks that we should be familiar with.
Assign an IP address and configure bonding to your Linux Server:
Many DBAs that are working with Linux for some time are probably familiar with the list of TCP/IP network files involved.
a) File /etc/resolv.conf is the hostname resolver configuration file. This file tells which DNS server will be resolving domain names into an IP Addresses. An example of the file is below:
b) /etc/hosts file is locally resolve node names to IP addresses. This informs your Linux server of local systems on the network which are not handled by the DNS server or for all systems in your LAN if you are not using DNS. File looks similar to what is displayed below. I do not have any servers added but you can see the columns.
[root@linuxhost mail]# more /etc/hosts # Do not remove the following line, or various programs # that require network functionality will fail. 127.0.0.1 dbq11ykf hostname localhost.localdomain localhost
c) /etc/sysconfig/network-scripts/ifcfg-etho file: This is the Red Hat Linux network configuration file used by the system during the boot process. If you are not using bonding driver we can configure this file. File looks like below.
[root@linuxhost mail]# more /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE=etho BOOTPROTO=static IPADDR=184.108.40.206 NETMASK
d) If you would like your Linux server to use DHCP rather than a static IP address, configure /etc/sysconfig/network-scripts/ifcfg-eth0 file with BOOTPROTO to dhcp.
Network bonding is essential for high availability and especially so when setting up RAC. It also improves performance by sending packets from both NIC actively. Red Hat Linux allows binding multiple network interfaces into a single channel/NIC using a special kernel module called bonding.
To setup bonding involves simple four tasks.
TASK 1: First, you need to create bond0 config file:
# vi /etc/sysconfig/network-scripts/ifcfg-bond0 Append following lines to DEVICE=bond0 BOOTPROTO=static ONBOOT=yes IPADDR=220.127.116.11 NETMASK=255.255.255.0 GATEWAY=18.104.22.168 USERCTL=no
TASK 2: Modify eth0 and eth1 config files:
Open both configuration using VI text editor and make sure file read as follows for eth0 and eth1 interfaces.
[root@linuxhost network-scripts]# more ifcfg-eth0 DEVICE=eth0 ONBOOT=no MASTER=bond0 SLAVE=yes USERCTL=no [root@linuxhost network-scripts]# more ifcfg-eth1 DEVICE=eth1 ONBOOT=no MASTER=bond0 SLAVE=yes USERCTL=no
TASK 3: Load driver module:
Make sure bonding module is loaded when the channel-bonding interface (bond0) is brought up. You need to modify the kernel modules configuration file so that it looks like the one below.
[root@linuxhost network-scripts]# more /etc/modprobe.conf alias bond0 bonding options bond0 mode=balance-alb miimon=100
TASK 4: Test configuration by modprobe and service network restart commands.
[root@linuxhost network-scripts]# modprobe bonding [root@linuxhost network-scripts]# service network restart
Making the Sendmail utility Work on a Linux server:
To start receiving email over the network, comment out the DAW-MON_OPTIONS (`Port=SMTP, addr=127.0.0.1, Name=MTA`) line in the /etc/mail/sendmail.mc file.
After commenting out , the file should be like this below...
<<< dnl DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl dnl # dnl # The following causes sendmail to additionally listen on the IPv6 loopback dnl # device. Remove the loopback address restriction listen to the network. dnl # dnl DAEMON_OPTIONS(`port=smtp,Addr=::1, Name=MTA-v6, Family=inet6')dnl dnl # dnl # enable both ipv6 and ipv4 in sendmail: dnl # dnl DAEMON_OPTIONS(`Name=MTA-v4, Family=inet, Name=MTA-v6, Family=inet6') dnl # dnl # We strongly recommend not accepting unresolvable domains if you want to dnl # protect yourself from spam. However, the laptop and users on computers dnl # that do not have 24x7 DNS do need this. >>>
Then re-generate the /etc/mail/sendmail.cf file:
[root@linuxhost: mail]# m4 /etc/mail/sendmail.mc >/etc/mail/sendmail.cf [root@linuxhost: mail]#
Please note that you should have all of the RPMs that are related to the Send Mail utility properly installed to use the above command.
Some sites use the /etc/mail/relay-domains file to determine domains from which it will relay mail so we should configure this file to limit to trusted domains. I would not recommend this type of configuration due to the fact that it controls mail based on source domain only; instead, configure /etc/mail/access file, ensuring that the mail server will relay mail to those trusted PCs on your network that have email clients configured to use the mail server.
The /etc/mail/access file has two columns. The first is IP addresses and domains from which the mail is coming or going. The scond column lists the type of action to be taken when mail from these sources is received. Key words include RELAY, OK, and DISCARD.
File looks like below.
<<<< root@linuxhost mail]# more /etc/mail/access # Check the /usr/share/doc/sendmail/README.cf file for a description # of the format of this file. (search for access_db in that file) # The /usr/share/doc/sendmail/README.cf is part of the sendmail-doc # package. # # by default we allow relaying from localhost... localhost.localdomain RELAY localhost RELAY 127.0.0.1 RELAY >>>
Once we have configured the above files and a new sendmail.cf is generated, we have to restart the sendmail service using the following command.
[root@linuxhost mail]# /etc/init.d/sendmail restart Shutting down sendmail: [ OK ] Shutting down sm-client: [ OK ] Starting sendmail: [ OK ] Starting sm-client: [ OK ] [root@linuxhost mail]#
We will see some more commands in my next article, such as breaking root password , working with xinetd ,sshing your Linux server and more importantly how do you secure your Linux host running your critical database.