My work laptop runs Windows. I would prefer to run Linux, but some programs I need only work on Windows. Another program I need, Ansible, does not support Windows. I get round this by not running it on Windows, but it would be nice to be able to develop on my laptop to avoid frustration with network slow downs etc.

VSCode supports dev containers. This is great, because development happens in a container. But the officially supported way of doing this is with Docker. Docker Desktop for Windows is not free. However, Podman desktop is, so we can use that.

The Problem

Our databases didn’t stop and start automatically with the OS. The oracle supplied scripts don’t cater for standby databases. Lastly we have one listener per database. Whether this is necessary or not is open to debate, but I would like to make our databases stop and start with the operating system. I’d also like the following features:

• Stop all the databases whether or not they are in the oratab on shutdown.
• Start all database that were stopped on startup.
• Deal with standby and logical standby databases.
• Deal with our unusual listener setup which has one listener per database instance.

Oracle provides scripts called dbstart and dbshut in $ORACLE_HOME/bin which are documented in the administrator guide, but they only start and stop databases in the oratab.

I have had a couple of instances where I have needed to look at which ports are open. On one occasion a firewall change meant I needed to check in a hurry whether ports I needed were open. On another instance, another team raised concerns with some of the TLS ciphers listening on some of the ports in our system.

I do not recommend port scanning across the internet. All these scans were completed within my employers infrastructure as part of my job. If you would like to try these commands and don’t have a similar job to me, I would suggest using devices on your home network such as a raspberry pi, or scanning a VM running on your laptop. The nmap security scanning book has a chapter on legal issues.

We noticed that our test PeopleSoft system was very slow on occasion, such that the load balancer decided it was broken. Sessions were redirected to the webpage we have for the system being in maintenance.

Since the webserver is Weblogic, it runs in a Java Virtual Machine (JVM). The first thing to check is how long the garbage collection pauses are. Fortunately I had garbage collection logging switched on, so I could see that they were over 100 seconds on occasion, which is far too long. This is what my garbage collection log parameters were set to (Java 11).

Normally newer versions of Operating systems have newer packages. But not RedHat when it comes to Ansible. On my workstation:

$ cat /etc/redhat-release 
Red Hat Enterprise Linux release 8.10 (Ootpa)
$ ansible --version
ansible [core 2.16.3]
  config file = /etc/ansible/ansible.cfg
  ...
  python version = 3.12.6
  jinja version = 3.1.2
  libyaml = True

But on the management server:

$ cat /etc/redhat-release 
Red Hat Enterprise Linux release 9.4 (Plow)
$ ansible --version
ansible [core 2.14.17]
  config file = /etc/ansible/ansible.cfg
  ...
  python version = 3.9.18
  jinja version = 3.1.2
  libyaml = True

Wait, what? The older operating system has a newer version of Ansible, and Python?

We have a number of PeopleSoft test environments. I have written about my automated build process before, but I have not yet mentioned what we do to the database when we refresh.

My approach here is that I want as much as possible to build the environment from scratch. This means that we have a consistent build. There are also database fields that need to be changed. Recently a colleague and I reviewed the tables that needed changing and came up with the following.

As mentioned in my previous post on this topic, we need to configure BindPlane to read our files. I chose to use the file source as there was no prepared parser for PeopleSoft logs.

Configuration again

Application server and process Scheduler

On the application server there are three types of files. These are:

Application Logs

I set this up as a file, and added the following regex to split it into fields. This is wrapped for readability - in reality it is all on one line. The spaces are part of the regex, the newlines are not.

At present all our logs are in random files in random places in the operating system. I would like to see whether we can improve this. As an example of the problems caused by the current situation, if a user reports an issue, they normally don’t give a timestamp, so we have to assume the issue occurs say up to 20 minutes before the call was raised. Then we have to search the logs on the operating system for their user ID. As mentioned these logs are in various places. It isn’t easy to limit to a time span using standard operating system tools. Also we have a redundant architecture, meaning the users session could have been on any one of four web servers, and four application servers. The error could have happened on any of these 8 VMs.