John Scott

Subscribe to John Scott feed John Scott
Posts about Oracle APEX (#orclapex), Oracle Technology and all things techie
Updated: 12 hours 48 min ago

Oracle Exadata Express Service – Kicking the Tires (Part 1 – SignUp)

Sat, 2017-05-06 16:22

Pretty much immediately after I read the announcement that the Oracle Exadata Express service was available in Europe I decided to sign up to test it out.

Looking at the 3 options available (Exadata Express – X20, X50 and X50IM), I decided to go for the X20 option – primarily because I was interested how you connect to these instances, rather than.

After looking at the pricing options, I noticed a couple of points that jumped out at me.

Firstly you get 1 PDB, no mention of an option to purchase additional ones (I’m guessing you would need to sign up for a new instance rather than being able to clone an existing PDB for Dev / Test / Prod etc).

Secondly it has APEX already installed, which is obviously great if you want to get up and running with APEX right away.

Ok, so let’s go through the signup process and see how smooth it is…..!

After clicking the “Buy Now” button, I’m redirected to the Oracle Store (which if you didn’t notice is an APEX application!).

Clicking on the X20 option let’s me, choose whether I want to be billed –

  • Month-to-Month
  • 1 Year
  • 2 year
  • 3 Year

I must admit, I was slightly confused at this stage what the benefit of going for 1-Year or 2-Year etc versus Month-to-Month was. I didn’t seem to get a discount for going multi-year and in terms of flexibility for the same cost I could sign up month-to-month and cancel whenever I wanted to (please feel free to point out if I’m being dumb here, but I think they could highlight the differences clearer).

Then it’s a simple matter of Adding my choice to the cart, hitting checkout and paying for it (nope I’m not going to show you that bit, too many personal details on that page!).

All in all, I was pretty impressed – not too many clicks to sign up. I do have to say that I still find the Oracle Cloud payment / invoicing aspect slightly disconnected versus say Amazon. In Amazon AWS they already have my payment details – I just launch a new instance and get billed for it. Whereas with Oracle Cloud, I need to go through paying for each new instance before I can launch a new one (so in essence I’m paying to increase my quota for a specific service type). It might sound like a small quirk, but part of the real ‘wow’ factor of Amazon is the immediacy of being able to spin up an instance on demand quickly. Oh well…I’m sure there’s reasons for doing it this way.

So, after I sign up it tells me that I’ll receive an email once my service is available and that I can keep checking on progress via my Orders.

So, I wait…

and wait…

and wait…

About 2 1/2 hours (150 minutes!) later (I lost track of time but it was roughly then), I receive an email –

Note – I’ve omitted the majority of the email since it contains a lot of details on my service URL, CSI etc.

Again, not to gripe too much but 2.5 hours seems WAY too long to wait. As a frequent Presenter at Conferences it would be nice to walk through showing how easy Exadata Express is to setup, but I’m not sure the attendees would wait 2.5 hours for my email confirmation to come through.

Either there’s an element of human interaction going on here (why? Surely all this can be automated), or Oracle is so inundated with people signing up for the service that I ended up at the end of a very long queue. Either way I really do hope this signup time decreases in future or I predict people getting frustrated waiting for the mail to come through.

So that’s it, I now have access to an Exadata Express instance to play with. In the next blog post I’ll go through setting it up and accessing it.

 


Oracle Exadata Express – Now Available in Europe!

Sat, 2017-05-06 13:57

I was very interested to see the announcement by Oracle that the Exadata Express service was now available in Europe

https://blogs.oracle.com/dbaas/exadata-express-cloud-service-now-available-in-europe

I’ve been using the Oracle DBaaS service since it was (more or less) first publicly available and have been very impressed with the general performance and availability,

If you’re not familiar with it, the Exadata Express service comes in 3 flavours,

  • Exadata Express – X20
  • Exadata Express – X50
  • Exadata Express – X50IM

As you would expect, the main differences are around the amount of memory and storage you get, together with some differences in feature availability.

At the time of writing, it breaks down as –

  • Exadata Express – X20
    • 20GB Storage
    • 3GB PGA, 3GB SGA
    • 120GB / Month data transfer
  • Exadata Express – X50
    • 50GB Storage
    • 5GB PGA, 5GB SGA
    • 300GB / Month data transfer
  • Exadata Express – X50IM
    • 50GB Storage
    • 5GB PGA, 10GB SGA (5GB RAM for use with Database In-Memory Column Store)
    • 300GB / Month data transfer

So what about cost (prices correct at time of writing)?

  • Exadata Express – X20
    • $175.00 / Month (£141.00 / Month)
  • Exadata Express – X50
    • $750.00 / Month (£604.00 / Month)
  • Exadata Express – X50IM
    • $950.00 / Month (£765.00 / Month)

To be honest, when I saw these prices – I wondered what the break-point would be for choosing Exadata Express versus spinning up a dedicated DBaaS instance. The X20 looks like a decent price, the X50 and X50IM, well I’m not quite sure yet….I suspect the prices are too high for the average individual user, but the specs aren’t high enough for corporate users (50Gb storage these days isn’t a lot).

So…next steps…I’m going to sign up for the X20 and start kicking the tires!


APEX 5.1 Released

Thu, 2016-12-22 01:53

So, I just saw this tweet which we’ve all been waiting for!

This release has been very eagerly awaited, since it features-

  • Interactive Grid
    • Supports Fixed Headers, Frozen Columns, Sorting, Aggregation etc
    • Supports all Item types, including Plugins!
    • Master -> Detail -> Detail -> Detail
  • Oracle JET Charts Integration
    • Range of charts, Bar, Line, Area, Range, Radar, Pie etc
    • Declarative
    • HTML5 (no more Flash!)
  • Universal Theme Enhancements
    • Per-user Theme preferences
    • Modal Dialog Auto Resize (yay!)
    • Asynchronous Dynamic Actions
    • Live Template Options (this will be a huge time-saver!)
  • New and Improved Packaged Applications

I’m downloading this right now and can’t wait to test it out.

 


OTN Appreciation Day: Flashback

Tue, 2016-10-11 02:48

This is my contribution to the excellent OTN Appreciation Day idea by Tim

The Flashback (particularly Flashback Query) features of the database have saved my neck many (too many!) times over the years.

For example retrieving the value of the Employees salary as it was 10 minutes ago:

SQL> select sal 
 from emp 
 as of timestamp sysdate - interval '10' minutes 
 where ename = 'SCOTT';

This feature can be used almost everywhere Oracle is used, for example it’s embedded into the Export Application feature of Oracle Application Express

2016-10-11_08-38-54

As an extension to this, using the Flashback Data Archive feature allows you maintain an archive  of your application data that you can query in real time – without having to write your own logic.

Flashback – an extremely useful but often little known and underused feature of Oracle!


APEX 5.1 Early Adopter 2 Available

Sun, 2016-09-18 10:10

2016-11-10_15-14-47.png

Oracle have updated the Application Express Early Adopter instance to EA2, you can try it out here – https://apexea.oracle.com/

There are some fairly significant changes and enhancements in EA2 versus the EA1 release, particularly around the Interactive Grid feature (which every APEX developer can’t wait to get their hands on!). For example, the list below shows some very cool additions.

2016-11-10_15-17-52.png

There seem to have been some improvements to the Jet Charts too, this is shaping up to be the best APEX release ever IMHO.

 


SQLcl – do REPEAT yourself

Fri, 2016-06-17 14:41

In previous blog posts I’ve covered some of the useful new commands available in SQLcl.

One extremely useful enhancement is the ability to rerun (repeat) the last command, which can be used to monitor changes in another window while you perform work in your main window.

For example, let’s say – as a DBA – I want to monitor how many users are logged into the database.

Firstly lets logging as SYS (yes this is a local database – obviously use a less privileged account in production).


bash-3.2$ ./sql sys@localhost:11521:xe as sysdba

SQLcl: Release 4.1.0 Release Candidate on Tue Jun 17 18:42:12 2016

Copyright (c) 1982, 2016, Oracle. All rights reserved.

Password? (**********?) ******
Connected to:
Oracle Database 11g Express Edition Release 11.2.0.2.0 - 64bit Production

 

SQL>

Now lets run our command –


SQL> select username,
2 count(*)
3 from v$session
4 group by username;

USERNAME COUNT(*)
------------------------------ ----------
                                       22
APEX_PUBLIC_USER                        1 
SYS                                     1

As you can tell, I’m running APEX in my DB (hence the single APEX_PUBLIC_USER session).

Now let’s say we want to continuously run that command, you just use the REPEAT command –


SQL> help repeat
repeat <iterations> <sleep>
Repeats the current sql in the buffer the specified times with sleep intervals
Maximum sleep is 120s

So, let’s say I want to run it 5 times, with an interval of 1 second –


SQL> repeat 5 1

This will run the previous command 5 times (with 1 second between each run), and you should see output similar to –


Running 5 of 5 @ 18:51:11.900 with a delay of 1s

USERNAME      COUNT(*)
                    22
APEX_PUBLIC_USER     1
SYS                  1

I’v e used this many times to monitor APEX instances which I suspect are getting a lot of web requests, it’s also useful to check things like V$SQL during tuning sessions. The ability to be able to re-run a command at a scheduled interval is such a simple feature and yet invaluable (I’ve lost count of the number of times I’ve manually done that with SQLPlus scripts)


SQLcl – Using SQLFORMAT

Fri, 2016-06-17 12:16

One of the new settings in SQLcl is the ability to set different output formats when running queries. You can access this via the set command –


SQL> help set
SET
---

Sets a system variable to alter the SQLcl environment settings
for your current session. For example, to:
- set the display width for data
- customize HTML formatting
- enable or disable printing of column headings
- set the number of lines per page

SET system_variable value

where system_variable and value represent one of the following clauses:

help set <setting> for more details

APPINFO
ARRAYSIZE
AUTOCOMMIT
AUTOPRINT
AUTORECOVERY
AUTOTRACE

BLOCKTERMINATOR
CLEAR
CMDSEP
COLSEP
CONCAT
COPYCOMMIT
COPYTYPECHECK
DEFINE
ECHO
EDITF[ILE]
EMBEDDED
ENCODING
ESCAPE
ESCCHAR
EXITCOMMIT
FEEDBACK
FLUSH
HEADING
HEADSEP
LDAPCON
LINESIZE
LONG

LONGCHUNKSIZE
NET
NEWPAGE
NOVERWRITE
NULL
NUMFORMAT
NUMWIDTH
PAGESIZE
PAUSE
RECSEPCHAR
SERVEROUTPUT
SHOWMODE
SQLBLANKLINES
SQLCASE
SQLCONTINUE
SQLFORMAT  <------------ Here it is!
SQLPLUSCOMPATIBILITY
SQLPREFIX
SQLPROMPT
SUFFIX
TAB
TERMOUT
TIME
TIMING
TRIMOUT
TRIMSPOOL
VERIFY
WRAP

Viewing the command specific help shows the available output formats


SQL> help set sqlformat
SET SQLFORMAT
SET SQLFORMAT { csv,html,xml,json,ansiconsole,insert,loader,fixed,default}

So, let’s try a couple of tests against the ubiquitous emp table, firstly lets query it without making any changes to the SQLFORMAT settings

 

We can view what the current setting is via the show command


SQL> show sqlformat
SQL Format : Default

Let’s try the JSON format

 

As you can imagine the CSV format does exactly what you’d expect

You can imagine the previous formats are very useful combined with a SPOOL command to save the data to a file on the filesystem in a particular format.

The most common format I use is ANSICONSOLE (which works very well with a large monitor), which does a great job at auto-sizing the column sizes and always displaying the full column name (instead of a shorten abbreviated name).

As you can see, using SQLFORMAT is an extremely useful way to format your SQL query output


SQLcl – Using Aliases

Thu, 2016-06-16 14:50

In the last post we covered the basics of connecting to a database with SQLcl.

If you’re familiar with Unix, you’ll be familiar with the history command. SQLcl also has a history command and once you start to use it you’ll wonder why sqlplus didn’t have one added years ago (how many times have you mistyped a select statement?).

Once you’ve connected to a database, typing ‘help’ will list the available commands, and you can see the alias command listed.

The general format of the command is


ALIAS
------

alias [<name>=<SQL statement>;| LOAD [<filename>]|SAVE [<filename>] | LIST [<NAME>] |
DROP <name> | DESC <name> <Description String>]

Typing alias by itself will list any previously defined aliases


SQL> alias
locks
sessions
tables
tables2
SQL>

You can see I have some aliases already defined, but lets create a new one. One thing I commonly do on remote databases is check what the server time(zone) is. I frequently find myself typing the command –


select to_char(sysdate, 'DD/MM/YYYY HH24:MI:SS') from dual

so, let’s create an alias for that –


SQL> alias time=select to_char(sysdate, 'DD/MM/YYYY HH24:MI:SS') from dual;
SQL>

Now we just need to type ‘time’ and it will run the full command –


SQL> time

TO_CHAR(SYSDATE,'DD
-------------------
16/06/2015 19:43:55

Such a simple thing, but so incredibly useful.

I also often find myself returning to a SQLPlus session and wondering which user I’m logged in as – now with SQLcl I can easily create an alias (called whoami to simulate the Unix command), like this –


SQL> alias whoami=select user from dual;
SQL> whoami

USER
------------------------------
JES

If you want these aliases to persist between database connections, then I can save my current aliases like this –

 


SQL> alias save aliases.sqlcl
ALIAS-007 - Aliases saved to aliases.sqlcl

and then reload them in a future session


SQL> alias load aliases.sqlcl
Aliases Loaded

it’s worth noticing that if you examine the file, it is stored in XML format –


<?xml version = '1.0' encoding = 'UTF-8'?>
<aliases>
<alias name="whoami">
<description/>
<queries>
<query>
<sql><![CDATA[select user from dual]]></sql>
</query>
</queries>
</alias>
<alias name="sel">
<description/>
<queries>
<query>
<sql><![CDATA[select :one]]></sql>
</query>
</queries>
</alias>
<alias name="time">
<description/>
<queries>
<query>
<sql><![CDATA[select to_char(sysdate, 'DD/MM/YYYY HH24:MI:SS') from dual]]></sql>
</query>
</queries>
</alias>
</aliases>

I can remove any aliases I want using the drop command –


SQL> alias drop whoami
Alias whoami dropped

The (very) cool thing is that you’re not just limited to SQL aliases, you can alias PL/SQL too.


Connecting to a database with SQLcl

Thu, 2016-06-16 14:05

In the last post I covered downloading and running SQLcl, now let’s try and connect to a database.

I have an Oracle XE database running on my local machine, so lets try and just enter the username and password of a valid schema to connect to that.


bash-3.2$ ./sql

SQLcl: Release 4.1.0 Release Candidate on Tue Jun 14 19:42:12 2016</span>

Copyright (c) 1982,2016, Oracle. All rights reserved.

Username? (''?) jes
Password? (**********?) **********
USER = pre3_prod
URL = jdbc:oracle:thin:@localhost:1521/orcl
Error Message = IO Error: The Network Adapter could not establish the connection

ok, so that didn’t work…

The issue here is that it defaults to localhost and port 1521 (which is where my instance is running), but the service name it defaults to (orcl) isn’t valid.

Ok, so let’s try again this time passing the correct parameters


bash-3.2$ ./sql

SQLcl: Release 4.1.0 Release Candidate on Tue Jun 14 19:42:12 2016
 
Copyright (c) 1982,2016, Oracle. All rights reserved.

Username? (''?) jes@localhost:1521/xe
Password? (**********?) **********
Connected to:
Oracle Database 11g Express Edition Release 11.2.0.2.0 - 64bit Production

SQL>

Great, success!

Actually SQLcl supports a number of different options when it comes to connection strings, namely –

  • jdbc:oracle:thin
  • jdbc:oracle:oci8
  • jdbc:oracle:kprb
  • jdbc:default:connection
  • jdbc:oracle:kprb:
  • jdbc:default:connection:

So now we’re connected let’s explore the available commands using the help command


SQL> help
For help on a topic type help <topic>
List of Help topics available:
/ @ @@ ACCEPT ALIAS APEX
ARCHIVE_LOG BREAK BRIDGE BTITLE CD CHANGE
COLUMN COMPUTE CONNECT COPY CTAS DDL
DEL DESCRIBE DISCONNECT EDIT EXECUTE EXIT
GET HISTORY HOST INFORMATION INPUT LIST
NET OERR PASSWORD PAUSE PRINT PROMPT
REMARK REPEAT RESERVED_WORDS REST RUN SAVE
SET SHOW SHUTDOWN SODA SPOOL SSHTUNNEL
STARTUP STORE TIMING TNSPING TTITLE UNDEFINE

this hasn’t formatted very well in this code editor, but here’s a screenshot

In the next post, we’ll explore the ALIAS command.


Getting started with SQLCL

Wed, 2016-06-15 13:01

I blogged briefly before here and here about SQLcl and thought I’d write a walkthrough of using it while I explored the various features.

Firstly how do you install it? Well head over to the download page here.

You should get a zipfile (I renamed the file for brevity) –

 
bash-3.2$ ls -al 
total 34120 
drwxr-xr-x 3 jes staff 102 14 Jun 19:09 . 
drwxr-xr-x+ 76 jes staff 2584 14 Jun 19:09 .. 
-rw-r--r--@ 1 jes staff 17466359 14 Jun 19:09 sqlcl.zip 

unzipping this extracts quite a few files

 
bash-3.2$ unzip sqlcl.zip
Archive: sqlcl.zip
 inflating: sqlcl/bin/sql
 inflating: sqlcl/bin/sql.bat
 inflating: sqlcl/bin/sql.exe
 inflating: sqlcl/lib/SQLinForm.jar
 inflating: sqlcl/lib/commons-codec.jar
 inflating: sqlcl/lib/commons-logging.jar
 inflating: sqlcl/lib/httpclient.jar
 inflating: sqlcl/lib/httpcore.jar
 inflating: sqlcl/lib/httpmime.jar
 inflating: sqlcl/lib/jackson-annotations.jar
 inflating: sqlcl/lib/jackson-core.jar
 inflating: sqlcl/lib/jackson-databind.jar
 inflating: sqlcl/lib/javax.json.jar
 inflating: sqlcl/lib/jline.jar
 inflating: sqlcl/lib/jsch.jar
 inflating: sqlcl/lib/ojdbc7.jar
 inflating: sqlcl/lib/oracle.dbtools-common.jar
 inflating: sqlcl/lib/oracle.dbtools.http.jar
 inflating: sqlcl/lib/oracle.dbtools.jdbcrest.jar
 inflating: sqlcl/lib/oracle.sqldeveloper.sqlcl.jar
 inflating: sqlcl/lib/oraclepki.jar
 inflating: sqlcl/lib/orai18n-mapping.jar
 inflating: sqlcl/lib/orai18n-utility.jar
 inflating: sqlcl/lib/orai18n.jar
 inflating: sqlcl/lib/orajsoda.jar
 inflating: sqlcl/lib/osdt_cert.jar
 inflating: sqlcl/lib/osdt_core.jar
 inflating: sqlcl/lib/xdb6.jar
 inflating: sqlcl/lib/xmlparserv2.jar

this should have created a sqlcl sub-folder in the directory you unzipped the file in

 
bash-3.2$ ls -al
total 34120
drwxr-xr-x 4 jes staff 136 14 Jun 19:37 .
drwxr-xr-x+ 76 jes staff 2584 14 Jun 19:09 ..
drwxr-xr-x@ 4 jes staff 136 14 Jun 19:37 sqlcl
-rw-r--r--@ 1 jes staff 17466359 14 Jun 19:09 sqlcl.zip

inside the sqlcl folder you’ll find a bin and lib folder

 
bash-3.2$ cd sqlcl
bash-3.2$ ls -al
total 0
drwxr-xr-x@ 4 jes staff 136 14 Jun 19:37 .
drwxr-xr-x 4 jes staff 136 14 Jun 19:37 ..
drwxr-xr-x@ 5 jes staff 170 14 Jun 19:37 bin
drwxr-xr-x@ 28 jes staff 952 14 Jun 19:37 lib

in the bin directory you will find the sql command

 
bash-3.2$ cd bin
bash-3.2$ ls -al
total 840
drwxr-xr-x@ 5 jes staff 170 14 Jun 19:37 .
drwxr-xr-x@ 4 jes staff 136 14 Jun 19:37 ..
-rwxr-xr-x@ 1 jes staff 13781 14 Jun 19:37 sql
-rwxr-xr-x@ 1 jes staff 2585 14 Jun 19:37 sql.bat
-rwxr-xr-x@ 1 jes staff 406507 14 Jun 19:37 sql.exe

you’ll notice there’s a sql command, a sql.bat and a sql.exe file (since this is a single download regardless of operating system).

Since I’m on a Mac I can just invoke the sql command

 
bash-3.2$ ./sql

SQLcl: Release 4.1.0 Release Candidate on Tue Jun 14 19:42:12 2016</span>

Copyright (c) 1982,2016, Oracle. All rights reserved.

Username? (''?)

and we’re good to go! in the next post I’ll connect to a database and explore some of the commands.


APEX Integration with SQLCl

Sun, 2016-06-12 08:34

Oracle SQLcl contains some very useful built in commands that APEX developers might find useful.

For example, lets say I’m connected to a schema and want to know what APEX applications are installed in the workspace linked to that schema, I can simply issue the APEX command and it will list the APEX applications, for example:

SQL> apex
WORKSPACE APPLICATION_ID APPLICATION_NAME BUILD_STATUS LAST_UPDATED_ON
JES_DEMO 105 LDAP Demo Run and Develop 12-JUN-16
JES_DEMO 280 Amazing jQuery Run and Develop 12-JUN-16

Let’s say you want to export an application from the command line, we can use the APEX EXPORT command like this:

SQL> spool f105.sql
SQL> apex export 105

...application spools out

Now I can do cool things like automate exports from my application using cron, how cool is that?

I see a lot of potential in SQLCl and it keeps improving with each release, go and check it out!


APEX 5.1 Early Adopter 1 Available

Thu, 2016-06-02 12:08

After a long (but I’m sure well worth it) wait, Oracle just announced APEX 5.1 Early Adopter is available.

Head over to https://apexea.oracle.com/ to sign up and request a Workspace.

The two big items everyone has been waiting for are

  • Interactive Grids
  • Jet Charts

but reading through the “Additional Features in Application Express 5.1” section on the EA homepage it looks like there are lots of other interesting improvements and enhancements.

 

 

 


Oracle Cloud – Querying Glassfish Memory Usage

Thu, 2016-04-28 10:48

In a previous post I posted about a Java Heap memory issue we were having with Glassfish.

One of the ways we tracked down the cause of the issue and by how much to increase the memory by was to use the asadmin command to generate a memory report – which is a really useful way to see a snapshot of how your Glassfish instance is consuming memory.

You can run a command like

./asadmin generate-jvm-report --type memory

which should give output similar to

[oracle@ahi-dhh-prod bin]$ ./asadmin generate-jvm-report --type memory
Enter admin user name> admin
Enter admin password for user "admin">
The uptime of Java Virtual Machine: 47 Hours 2 Minutes 44 Seconds
Memory Pool Name: PS Eden Space
Memory that Java Virtual Machine initially requested to the Operating System: 122,683,392 Bytes
Memory that Java Virtual Machine is guaranteed to receive from the Operating System: 239,599,616 Bytes
Maximum Memory that Java Virtual Machine may get from the Operating System: 264,241,152 Bytes. Note that this is not guaranteed.
Memory that Java Virtual Machine uses at this time: 45,212,424 Bytes

Memory Pool Name: PS Survivor Space
Memory that Java Virtual Machine initially requested to the Operating System: 20,447,232 Bytes
Memory that Java Virtual Machine is guaranteed to receive from the Operating System: 2,097,152 Bytes
Maximum Memory that Java Virtual Machine may get from the Operating System: 2,097,152 Bytes. Note that this is not guaranteed.
Memory that Java Virtual Machine uses at this time: 312,976 Bytes

Memory Pool Name: Code Cache
Memory that Java Virtual Machine initially requested to the Operating System: 2,555,904 Bytes
Memory that Java Virtual Machine is guaranteed to receive from the Operating System: 17,956,864 Bytes
Maximum Memory that Java Virtual Machine may get from the Operating System: 50,331,648 Bytes. Note that this is not guaranteed.
Memory that Java Virtual Machine uses at this time: 17,726,208 Bytes

Memory Pool Name: PS Perm Gen
Memory that Java Virtual Machine initially requested to the Operating System: 67,108,864 Bytes
Memory that Java Virtual Machine is guaranteed to receive from the Operating System: 99,614,720 Bytes
Maximum Memory that Java Virtual Machine may get from the Operating System: 201,326,592 Bytes. Note that this is not guaranteed.
Memory that Java Virtual Machine uses at this time: 99,278,352 Bytes

Memory Pool Name: PS Old Gen
Memory that Java Virtual Machine initially requested to the Operating System: 326,631,424 Bytes
Memory that Java Virtual Machine is guaranteed to receive from the Operating System: 441,974,784 Bytes
Maximum Memory that Java Virtual Machine may get from the Operating System: 536,870,912 Bytes. Note that this is not guaranteed.
Memory that Java Virtual Machine uses at this time: 372,432,888 Bytes


Name of the Garbage Collector: PS MarkSweep
Number of collections occurred using this garbage collector: 244 Bytes
Garbage Collection Time: 37 Seconds 768 Milliseconds
Name of the Garbage Collector: PS Scavenge
Number of collections occurred using this garbage collector: 54,911 Bytes
Garbage Collection Time: 330 Seconds 761 Milliseconds

Heap Memory Usage:
Memory that Java Virtual Machine initially requested to the Operating System: 489,924,096 Bytes
Memory that Java Virtual Machine is guaranteed to receive from the Operating System: 683,671,552 Bytes
Maximum Memory that Java Virtual Machine may get from the Operating System: 716,177,408 Bytes. Note that this is not guaranteed.
Memory that Java Virtual Machine uses at this time: 418,149,376 Bytes

Non-heap Memory Usage:
Memory that Java Virtual Machine initially requested to the Operating System: 69,664,768 Bytes
Memory that Java Virtual Machine is guaranteed to receive from the Operating System: 117,571,584 Bytes
Maximum Memory that Java Virtual Machine may get from the Operating System: 251,658,240 Bytes. Note that this is not guaranteed.
Memory that Java Virtual Machine uses at this time: 117,004,560 Bytes

Approximate number of objects for which finalization is pending: 0


Command generate-jvm-report executed successfully.

As you can see there’s a lot of output here, but I’ve highlighted the section which shows how much Heap Memory we’re currently using and what the maximums are set to. By regularly monitoring these values we were able to hone in on how much memory was the optimal amount to allocate to the Glassfish instance.


Oracle Cloud – Glassfish Heap Memory Issues

Fri, 2016-04-08 10:35

I recently encountered some issues with our Oracle Cloud Glassfish server encountering out of memory issues.

This manifested itself by Glassfish becoming unrepsonsive and eventually crashing, digging into the logfile we found entries like this

server.log_2016-04-08T18-32-27:[#|2016-04-04T18:21:56.472+0000|SEVERE|oracle-glassfish3.1.2|null|_ThreadID=74;_ThreadName=Thread-2;|Java heap space
server.log_2016-04-08T18-32-27:java.lang.OutOfMemoryError: Java heap space

After a lot of Googling, I found that you can find out the current Java settings that are being used by Glassfish by running the list-jvm-options command, like this:

[oracle@prod bin]$ ./asadmin list-jvm-options
Enter admin user name> admin
Enter admin password for user "admin">
-XX:MaxPermSize=192m
-XX:PermSize=64m
-client
-Djava.awt.headless=true
-Djavax.management.builder.initial=com.sun.enterprise.v3.admin.AppServerMBeanServerBuilder
-XX: UnlockDiagnosticVMOptions
-Djava.endorsed.dirs=${com.sun.aas.installRoot}/modules/endorsed${path.separator}${com.sun.aas.installRoot}/lib/endorsed
-Djava.security.policy=${com.sun.aas.instanceRoot}/config/server.policy
-Djava.security.auth.login.config=${com.sun.aas.instanceRoot}/config/login.conf
-Dcom.sun.enterprise.security.httpsOutboundKeyAlias=s1as
-Djavax.net.ssl.keyStore=${com.sun.aas.instanceRoot}/config/keystore.jks
-Djavax.net.ssl.trustStore=${com.sun.aas.instanceRoot}/config/cacerts.jks
-Djava.ext.dirs=${com.sun.aas.javaRoot}/lib/ext${path.separator}${com.sun.aas.javaRoot}/jre/lib/ext${path.separator}${com.sun.aas.instanceRoot}/lib/ext
-Djdbc.drivers=org.apache.derby.jdbc.ClientDriver
-DANTLR_USE_DIRECT_CLASS_LOADING=true
-Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory
-Dosgi.shell.telnet.port=6666
-Dosgi.shell.telnet.maxconn=1
-Dosgi.shell.telnet.ip=127.0.0.1
-Dgosh.args=--nointeractive
-Dfelix.fileinstall.dir=${com.sun.aas.installRoot}/modules/autostart/
-Dfelix.fileinstall.poll=5000
-Dfelix.fileinstall.log.level=2
-Dfelix.fileinstall.bundles.new.start=true
-Dfelix.fileinstall.bundles.startTransient=true
-Dfelix.fileinstall.disableConfigSave=false
-XX:NewRatio=2
-Xmx128m
Command list-jvm-options executed successfully.

You can see a lot of info here, the Heap memory parameter is the Xmx one, which we can adjust by deleting the current setting:

./asadmin delete-jvm-options --target server-config -- '-Xmx128m'

and then assigning a new value

./asadmin delete-jvm-options --target server-config -- '-Xmx256m'

 

Then we restarted the Glassfish server and haven’t seen the issue occur since.
It’s important to not just blindly choose a value here, you need to understand why you’re running out of heap memory and not just increase it for the sake of it (but that’s a post for another day).

 


Oracle Cloud – Enterprise Manager Express

Thu, 2016-03-31 09:29

Oracle Cloud DBaaS provides a lightweight version of Enterprise Manager called Enterprise Manager Express which is enabled by default (just not perhaps enabled ‘fully’, as you’ll see).

You can check if EM Express is up and running by checking the Listener Status on your DBaaS instance.

[oracle@DEMO ~]$ lsnrctl status

LSNRCTL for Linux: Version 12.1.0.2.0 - Production on 31-MAR-2016 14:27:54

Copyright (c) 1991, 2014, Oracle. All rights reserved.

Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=DEMO.compute-ae.oraclecloud.internal)(PORT=1521)))
STATUS of the LISTENER
------------------------
Alias LISTENER
Version TNSLSNR for Linux: Version 12.1.0.2.0 - Production
Start Date 30-MAR-2016 23:52:34
Uptime 1 days 14 hr. 35 min. 19 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File /u01/app/oracle/product/12.1.0/dbhome_1/network/admin/listener.ora
Listener Log File /u01/app/oracle/diag/tnslsnr/DEMO/listener/alert/log.xml
Listening Endpoints Summary...
 (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=DEMO.compute-ae.oraclecloud.internal)(PORT=1521)))
 (DESCRIPTION=(ADDRESS=(PROTOCOL=ipc)(KEY=EXTPROC1521)))
 (DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=DEMO.compute-ae.oraclecloud.internal)(PORT=5500))(Security=(my_wallet_directory=/u01/app/oracle/product/12.1.0/dbhome_1/admin/ORCL/xdb_wa
llet))(Presentation=HTTP)(Session=RAW))
Services Summary...
Service "ORCL.ae.oraclecloud.internal" has 1 instance(s).
 Instance "ORCL", status READY, has 1 handler(s) for this service...
Service "ORCLXDB.ae.oraclecloud.internal" has 1 instance(s).
 Instance "ORCL", status READY, has 1 handler(s) for this service...
Service "pdb1.ae.oraclecloud.internal" has 1 instance(s).
 Instance "ORCL", status READY, has 1 handler(s) for this service...
The command completed successfully

notice the item running on Port 5500 here, that’s the EM Express instance running in the Container DB (CDB) of my Multi-tenant 12c database.

So you could either open up Port 5500 via the network rules or use an SSH tunnel, which I’ll do using a command like this:

[jes@mac oracle-cloud]$ ssh -L 5500:localhost:5500 -i oracle_cloud_rsa opc@129.191.3.59
[opc@DEMO ~]$

Now with my SSH tunnel in place I can navigate to https://localhost:5500/em (it’s important to remember the /em on the end since unfortunately it won’t redirect by default).

You should now see the EM Express login page

 

em-1.png

Enterprise Manager Express – Login Page

You can login using ‘sys’ or ‘system’ together with the password you specified during the DBaaS setup.

em-2.png

Enterprise Manager Express – Landing Page

 

Whilst it doesn’t offer the full functionality of Enterprise Manager, EM Express does ways to perform the most common DBA type tasks such as creating tablespaces, creating users etc.

Depending on the Database Edition you opted for, there is even a pretty nifty Performance Hub where you can review performance issues and drill down to find out the cause of issues.

em-3.png

Enterprise Manager Express – Performance Hub

So is this a replacement for Enterprise Manager (or Enterprise Manager Cloud Control)? No, absolutely not – there are many pieces of functionality available in EM that aren’t implemented in EM Express. For example of glaring omission I found was there was no way to query Scheduler Jobs (to create, delete or query if they’d executed for example).

EM Express and PDB’s

One thing I did find confusing at first was that I tried to create a tablespace. However I couldn’t find the option! You’d expect it to be under the ‘Storage’ tab, but it wasn’t there.

The penny finally dropped when I realised there was no way to drill down into the PDB information either. The EM Express instance running on port 5500 really only shows information about the CDB, whereas to create a tablespace you would create it for (or within) a PDB.

Therefore you need to enable EM Express for the PDB you want to create a tablespace for. To do that you need to login to the PDB and enable it, like this (you can find more information on this here).

[oracle@DEMO ~]$ sqlplus

SQL*Plus: Release 12.1.0.2.0 Production on Fri May 13 14:47:44 2016

Copyright (c) 1982, 2014, Oracle. All rights reserved.

Enter user-name: system@pdb1
Enter password:
Last Successful login time: Fri May 13 2016 14:25:33 +00:00

Connected to:
Oracle Database 12c EE Extreme Perf Release 12.1.0.2.0 - 64bit Production
With the Partitioning, OLAP, Advanced Analytics and Real Application Testing options

SQL> exec dbms_xdb_config.sethttpsport(5501);

PL/SQL procedure successfully completed.

SQL>

the important bit here is the call to dbms_xdb_config.sethttpsport where I pass in the port number I want to enable it on (you need to ensure nothing is running on that port already). By convention I like to increment the port, e.g. 5500, 5501, 5502 etc but really it’s an arbitrary choice.

Once you’ve done that you should be able to launch an SSH tunnel and navigate to the Enterprise Manager Express instance running just for that PDB.

em-4-cdb.png

Enterprise Manager Express – PDB View

You can see we now have a PDB-centric Enterprise Manager Express view, and we have the tablespace menu item to create tablespaces within this PDB.

I could see this becoming a little tedious / confusing if you have a lot of PDB’s to manage since you have the overhead of enabling them all (and using multiple ports) and also having to logout and login to different ones each time you wanted to perform some maintenance. On the other hand it’s a nice way to tie down access and restrict users to being able to administer a specific PDB.

I’m hoping Oracle enhances EM Express in the future to plug some of the gaps (e.g. scheduler jobs), but in the meantime at least you have something out of the box when you create a DBaaS instance.


Oracle Cloud – Updated UI

Thu, 2016-03-24 08:49

I was creating a new DBaaS Instance recently and noticed that much of the UI had changed from when I originally blogged about it previously. The differences are quite striking and it goes to show that you shouldn’t base your opinion on something you saw many months ago, always check your assumptions to see if they’ve changed!

So for example, in one of my older running DBaaS instances the home page looks like this

cloud_home.png

Old DBaaS Landing Page

whereas in the new instance it looks like this

cloud_home_new.png

New DBaaS Landing Page

So functionality equivalent, but very much nicer and more modern to look at.

The Database Monitor has been updated quite dramatically too, so for example it had an ‘ugly’ default webserver login page that looked like this

database_monitor.png

Database Monitor – Old Login Screen

and the home page looked like this

dbaas_home.png

Database Monitor – Old Version

the new version has a much cleaner HTML based login

dbaas_monitor_login.png

Database Login – New Login Page

and the home page looks much nicer

dbaas_monitor_new.png

Database Login – New Landing Page

To my eyes this is a much more visually appealing page.

As well as being visually updated, there has also been some functionality added, so for example I can now clone, unplug and plug PDB’s directly from this interface (I’m pretty sure you couldn’t before – although I could be mistaken).

clone.png

I have to say I’m pretty impressed by this update, whilst the visuals in no way change the underlying functionality (i.e. I can still perform most of these actions at the OS, DB level), having a visually pleasing UI gives another way to interact with the service.

Great job Oracle!


SQLcl the Future?

Fri, 2016-03-04 11:29

I’ve worked with SQLPlus for years and like many people who have used Oracle for a while you come to learn its strengths and weaknesses. However I must say that over the years SQLPlus has always been reliable but hasn’t exactly changed much.

However there’s a new kids on the block, enter SQLCL (or SQL Command Line), which is available here.

Why is SQLcl a contender to the venerable SQLPus? Well this feature alone makes it worthwhile:

  • Command History

that’s right, it’s 2016 and SQLPlus still doesn’t let you recall previous commands easily (there are ways to do it, but nothing as simple and analogous to the BASH history command)

However, it’s some of the other features that really set it apart, how about –

  • Doing a ‘Create Table As Select’ in a single CTAS command
  • Generating the DDL for database objects using the DDL command
  • Being able to ALIAS your own commands (incredibly useful for creating shortcut commands for things you frequently type)

I really encourage you to try out SQLcl, it’s going to be a HUGE productivity gain over SQLPlus.


Oracle Cloud – Using dbaascli

Tue, 2016-01-05 06:37

One of the nice features of Oracle Cloud is that it comes with some additional command-line tooling in the form of the dbaascli command.

When you run this command (while logged into your  DBaaS instance) you’ll see

[oracle@DEMO ~]# dbaascli
DBAAS CLI version 1.0.0
DBAAS>

This dumps you into an interactive shell, typing ‘help’ gives us a bit more info.

DBAAS>help
Help for dbaascli
dbaascli is a command line interface for different tools to be used with Oracle Cloud DB.
This command line interface supports logging, command history and autocomplete.
Logging is done on a session level. Each time dbaascli is run the last log is overwritten.
To access command history use the up/down arrow keys as you would normally do in a terminal.
Autocomplete uses the Tab key. Autocomplete will complete to the longest common string in case there is not an exact match.
To obtain help on a command use the help keyword at the begining or end.
Autocomplete is supported if the first word is the "help" keyword.
Special commands are available.
The list of special commands is:

-H
 -HELP
 ? - Get dbaascli help
 CLEAR - Clear the screen
 HELP - Get dbaascli help
 HIST - Print command line history
 HISTORY - Print command line history
 LIST - List available commands
 Q - Exit Command Line Interface
 QUIT - Exit Command Line Interface

DBAAS>

Note – you can also run the command non-interactively by specifying the options on the command-line.

So, let’s list the commands available.

DBAAS>list

Very Long Text, press q to quit
Available commands:
 
database bounce
database changepassword
database start
database status
database stop
dataguard failover
dataguard reinstate
dataguard status
dataguard switchover
dbpatchm
dv off
dv off cdb
dv off pdb
dv on
dv on cdb
dv on pdb
gg setup
gg status
glassfish start
glassfish status
glassfish stop
listener bounce
listener start
listener status
listener stop
mrec

netsec config
netsec config encryption
netsec config integrity
netsec deconfig
netsec deconfig encryption
netsec deconfig integrity
netsec status
netsec status encryption
netsec status integrity
ore setup

orec
tde config
tde rotate
tde rotate masterkey
tde status
tfa install
tfa uninstall


DBAAS>

Most of these commands are wrappers around other commands but it does give you one “go-to” centralised command which is consistent across all your DBaaS instances rather than trying to remember each command (and perhaps having to deal with different configurations).

So let’s try a few commands, this time I’ll run them non-interactively (type ‘quit’ to exit the interactive version).

Database Commands

Let’s check the database status

[oracle@DEMO ~]$ dbaascli database status
DBAAS CLI version 1.0.0
Executing command database status
Database Status:
Database is open
Database name: ORCL

Oracle Database 12c EE Extreme Perf Release 12.1.0.2.0 - 64bit Production
PL/SQL Release 12.1.0.2.0 - Production
CORE 12.1.0.2.0 Production
TNS for Linux: Version 12.1.0.2.0 - Production
NLSRTL Version 12.1.0.2.0 - Production

You could leverage this script to perhaps grep for the phrase ‘Database is open’ to check for problems.

We could also do the commands

dbaascli database bounce
dbaascli database start
dbaascli database stop
Glassfish Commands

Lets check Glassfish

[oracle@DEMO ~]$ dbaascli glassfish status
DBAAS CLI version 1.0.0
Executing command glassfish status
Unable to run command. This command should be run as user: root. Currently: oracle

Hmmm ok, so depending on the command we need to run it as different users, lets switch to root and try it again

[root@DEMO ~]# dbaascli glassfish status
DBAAS CLI version 1.0.0
Executing command glassfish status
Calculating the status and metrics:
Authentication failed for user: admin
with password from password file: /root/statuspwd.txt
(Usually, this means invalid user name and/or password)
Authentication failed for user: admin
with password from password file: /root/statuspwd.txt
(Usually, this means invalid user name and/or password)
domain1 running
Command list-domains executed successfully.
Command list-http-listeners failed.
Command uptime failed.

 

Notice the error message stating it’s reading the /root/statuspwd.txt file to get the password. Once I entered the password there and re-ran the command worked (I’ll omit the output here as it’s quite lengthy).

Listener Commands

Let’s check the listener

[root@DEMO ~]# dbaascli listener status
DBAAS CLI version 1.0.0
Executing command listener status
Invalid parameter(s)
Command Error
Command: listener status
Listener Status

Ok, this is getting annoying, maybe I need to be the oracle user for this one?

[root@DEMO ~]# su - oracle
[oracle@DEMO ~]$ dbaascli listener status
DBAAS CLI version 1.0.0
Executing command listener status
Starting listener

LSNRCTL for Linux: Version 12.1.0.2.0 - Production on 13-MAY-2016 13:15:50

Copyright (c) 1991, 2014, Oracle. All rights reserved.

Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=DEMO.compute-ae.oraclecloud.internal)(PORT=1521)))
STATUS of the LISTENER
------------------------
Alias LISTENER
Version TNSLSNR for Linux: Version 12.1.0.2.0 - Production
Start Date 4-JAN-2015 23:52:34
Uptime 1 days 13 hr. 23 min. 15 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File /u01/app/oracle/product/12.1.0/dbhome_1/network/admin/listener.ora
Listener Log File /u01/app/oracle/diag/tnslsnr/DEMO/listener/alert/log.xml
Listening Endpoints Summary...
 (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=DEMO.compute-ae.oraclecloud.internal)(PORT=1521)))
 (DESCRIPTION=(ADDRESS=(PROTOCOL=ipc)(KEY=EXTPROC1521)))
 (DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=DEMO.compute-ae.oraclecloud.internal)(PORT=5500))(Security=(my_wallet_directory=/u01/app/oracle/product/12.1.0/dbhome_1/admin/ORCL/xdb_wa
llet))(Presentation=HTTP)(Session=RAW))
Services Summary...
Service "ORCL.ae.oraclecloud.internal" has 1 instance(s).
 Instance "ORCL", status READY, has 1 handler(s) for this service...
Service "ORCLXDB.ae.oraclecloud.internal" has 1 instance(s).
 Instance "ORCL", status READY, has 1 handler(s) for this service...
Service "pdb1.ae.oraclecloud.internal" has 1 instance(s).
 Instance "ORCL", status READY, has 1 handler(s) for this service...
The command completed successfully

So that worked, obviously the output is quite lengthy, but again you could see how this simple command could be used in a monitoring script.

Command Specific Help

If you’re unsure what a particular command might do, rather than risking running it, you can get some help on each command. For example what does that mrec command do?

[oracle@DEMO ~]$ dbaascli mrec help
DBAAS CLI version 1.0.0
Executing command mrec help
Command: mrec
Help for MREC tool.
Parameters:
 --args Format: Not defined Required: NO

Usage:
 mrec --args -oss_cfgfile <cfgfile> -old_hostname <vm_name>
 mrec --args -oss_cfgfile <cfgfile> -old_hostname <vm_name> -sid <oracle_sid>
Where:
 -help = Print this help.
 -oss_cfgfile = full path to OSS config file.
 -old_hostname = Name of the host to recover.
 -sid = ORACLE SID of the DB instance to recover. Default is orcl
Examples:
 mrec --args -oss_cfgfile /var/opt/oracle/mrec/oss.cfg -old_hostname vmprod01
 mrec --args -oss_cfgfile /var/opt/oracle/mrec/oss.cfg -old_hostname vmprod01 -sid orcl

Ok, so it doesn’t tell me what it actually does (I had to search the documentation to figure out MREC = Media Recovery), but it does at least tell you what parameters it expects.

 


Oracle APEX 5.0.3 Patchset Released

Tue, 2015-12-22 06:41

Oracle APEX 5.0.3 patchset was released (early Christmas Present!), with (again) fewer fixed bugs than the previous patchset, some stand out ones are:

  • 22173641 – APEX_PLUGIN_UTIL.GET_DATA raises ORA-06502 for CLOB or LONG VARCHAR2
  • 22301102 – Redirect Loop if Rejoin Sessions Enabled for All, Logged In and On Public Page

As always, read the patchset notes, but I’d definitely recommend installing this update.


Oracle Cloud – Glassfish Port 4848 Madness?

Thu, 2015-12-17 05:20

In my last post on accessing Glassfish, it was a few days later and something dawned on me.

In the last post I mentioned that Glassfish was running on Port 4848, however when I accessed the DBaaS monitor I was able to access it via HTTP/HTTPs which run on port 80 and 443 respectively.

So, the question is, how am I able to access both APEX and DBaaS monitor via ports 80 / 443 when Glassfish is running on port 4848?

If you checked the DBaaS instance for the ports that are listening, using a command similar to this

[root@DEMO ~]# netstat -an | grep LISTEN
tcp 0 0 0.0.0.0:37764 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp 0 0 :::5500 :::* LISTEN
tcp 0 0 :::16386 :::* LISTEN
tcp 0 0 :::12164 :::* LISTEN
tcp 0 0 :::5000 :::* LISTEN
tcp 0 0 ::ffff:127.0.0.1:5006 :::* LISTEN
tcp 0 0 :::111 :::* LISTEN
tcp 0 0 :::8080 :::* LISTEN
tcp 0 0 :::1521 :::* LISTEN
tcp 0 0 :::8181 :::* LISTEN
tcp 0 0 :::22 :::* LISTEN
tcp 0 0 ::1:631 :::* LISTEN

You can see there’s nothing listening on port 80 (HTTP) or 443 (HTTPS). So how is our web request being handled? This did confuse me for more than a few minutes.

Based on having used Amazon AWS for years, I had a quick look in the network rules as I expected some Port Forwarding  rules doing the magic conversion of relaying traffic from port 80 to 4848 etc.

However…

network_forward.png

nothing there at all…I couldn’t even see an option for network port forwarding (this IMHO is pretty confusing, since I’d expect it to be here).

The answer turned out to be pretty simple. The GUI shows network rules enforced outside of the DBaaS instance itself, if you login to the DBaaS instance there are also firewall rules configured there.

Let’s SSH into the machine using our SSH key

[jes@mac oracle-cloud]$ ssh -i oracle_cloud_rsa opc@<my.public.ip.here>
[opc@DEMO ~]$

now, let’s SUDO to the root user

[opc@DEMO ~]$ sudo su -
[root@DEMO ~]#

and let’s check the firewall rules setup using iptables

[root@DEMO ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Hmmm this threw me, I did expect something to be listed here.

Long story short, it’s the PREROUTING rules we need to look at, which can do via a command similar to

[root@DEMO ~]# iptables -L -t nat
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 8080
REDIRECT udp -- anywhere anywhere udp dpt:http redir ports 8080
REDIRECT tcp -- anywhere anywhere tcp dpt:https redir ports 8181
REDIRECT udp -- anywhere anywhere udp dpt:https redir ports 8181

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination

So here you can see that any traffic coming into the http ports is redirected to port 8080 and any https traffic is redirected to port 8181 (which is the SSL port that Glassfish listens on to).

So it’s these ‘magically transparent’ and ‘not very obvious’ iptables rules that make the incoming HTTP/HTTPS traffic get redirected internally to Glassfish running on Port 80.

Why is this relevant and why should you care?

Well this is important if (for example) you didn’t want users to directly access (such an old version of) Glassfish and instead put a Proxy like NGINX infront of Glassfish. You would need to remove / modify those pre-routing rules so that the traffic would go to NGINX (or Apache or whatever) first and then be reverse proxied from NGINX to Glassfish (this is something we do in our production instances.


Pages