OCI上に検証用のOracle Databaseを立てる
目次
- 目次
- はじめに
- VMの作成
- 接続元IPアドレスの制限
- OS設定
- 環境変数ファイルの作成
- インストール
- リスナー起動
- DB作成
- 接続確認
- tnsnames.oraの設定
- 自動起動設定
- PDB自動起動設定
はじめに
Oracle Database の検証用として次のコンセプトでDBを作成したいと思います。
- 気軽に触れる
- 維持が面倒でない(PCの容量を取らない)
- お金をかけたくない
- OSも触れる
小さめのVMを作成して、その上にサイレント・インストールで Single DBを立てます。
DB作成の手順はこちらを参考にします。
ORACLE-BASE - Oracle Database 19c Installation On Oracle Linux 7 (OL7)
VMの作成
VMのImage、シェイプは以下の様にしました。
- Image : Oracle-Linux-7.9-2021.12.08-0
- Shape : VM.Standard.E4.Flex
- OCPU: 2
- Memory: 4GB
- ブートボリューム: デフォルトサイズ(46.xGB)
dfはこんな感じです。
[root@db01 ~]# df -h Filesystem Size Used Avail Use% Mounted on devtmpfs 1.8G 0 1.8G 0% /dev tmpfs 1.8G 0 1.8G 0% /dev/shm tmpfs 1.8G 8.8M 1.8G 1% /run tmpfs 1.8G 0 1.8G 0% /sys/fs/cgroup /dev/sda3 39G 14G 25G 35% / /dev/sda1 200M 7.5M 193M 4% /boot/efi tmpfs 364M 0 364M 0% /run/user/0 tmpfs 364M 0 364M 0% /run/user/1000 tmpfs 364M 0 364M 0% /run/user/994
不正な接続は気になりますが、接続を楽にしたいのでVMはパブリック・セグメントに作成し、踏み台(Bastion)は作りません。
一応、接続元のIP アドレスは制限します。
接続元IPアドレスの制限
VMに接続したら /var/log/secureを参照し、自身の接続元のIPアドレスを確認します。
その、IPアドレスをセキュリティ・リストのイングレス・ルールの22番ポートへの接続元IPに設定します。
OS設定
必要なパッケージを入れます。
[root@db01 ~]# yum install -y oracle-database-preinstall-19c [root@db01 ~]# yum update -y
oracle ユーザーも作成されます
[root@db01 ~]# id oracle uid=54321(oracle) gid=54321(oinstall) groups=54321(oinstall),54322(dba),54323(oper),54324(backupdba),54325(dgdba),54326(kmdba),54330(racdba)
SELinux無効化
[root@db01 ~]# vi /etc/selinux/config [root@db01 ~]# [root@db01 ~]# cat /etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=permissive # SELINUXTYPE= can take one of three values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted [root@db01 ~]# getenforce Enforcing [root@db01 ~]# setenforce Permissive [root@db01 ~]# getenforce Permissive [root@db01 ~]#
Firewalld停止
● firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled) Active: active (running) since Fri 2022-01-14 13:55:53 GMT; 53min ago Docs: man:firewalld(1) Main PID: 1336 (firewalld) Memory: 0B CGroup: /system.slice/firewalld.service mq1336 /usr/bin/python2 -Es /usr/sbin/firewalld --nofork --nopid Jan 14 13:55:53 localhost.localdomain systemd[1]: Starting firewalld - dynamic firewall daemon... Jan 14 13:55:53 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall daemon. Jan 14 13:55:54 localhost.localdomain firewalld[1336]: WARNING: AllowZoneDrifting is enabled. This is considered an insecure configuration option. It will be removed in a future release. Please consider disabling it now. [root@db01 ~]# systemctl stop firewalld [root@db01 ~]# systemctl disable firewalld Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service. Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
ディレクトリ作成。
[root@db01 ~]# mkdir -p /u01/app/oracle/product/19.0.0/dbhome_1 [root@db01 ~]# mkdir -p /u02/oradata [root@db01 ~]# chown -R oracle:oinstall /u01 /u02 [root@db01 ~]# chmod -R 775 /u01 /u02
環境変数ファイルの作成
[oracle@db01 ~]$ vi .bash_profile [oracle@db01 ~]$ [oracle@db01 ~]$ cat .bash_profile # .bash_profile # Get the aliases and functions if [ -f ~/.bashrc ]; then . ~/.bashrc fi # User specific environment and startup programs PATH=$PATH:$HOME/.local/bin:$HOME/bin export PATH export ORACLE_UNQNAME=cdb1 export ORACLE_BASE=/u01/app/oracle export ORACLE_HOME=$ORACLE_BASE/product/19.0.0/dbhome_1 export ORA_INVENTORY=/u01/app/oraInventory export ORACLE_SID=cdb1 export PDB_NAME=pdb1 export DATA_DIR=/u02/oradata export PATH=$ORACLE_HOME/bin:$PATH export LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/lib [oracle@db01 ~]$ . .bash_profile
インストール
バイナリは先にサーバに送り込んでおきます。解凍。
[oracle@db01 ~]$ cd $ORACLE_HOME [oracle@db01 dbhome_1]$ unzip -oq /tmp/LINUX.X64_193000_db_home.zip
インストーラー実行
[oracle@db01 dbhome_1]$ ./runInstaller -ignorePrereq -waitforcompletion -silent \ > -responseFile ${ORACLE_HOME}/install/response/db_install.rsp \ > oracle.install.option=INSTALL_DB_SWONLY \ > ORACLE_HOSTNAME=${ORACLE_HOSTNAME} \ > UNIX_GROUP_NAME=oinstall \ > INVENTORY_LOCATION=${ORA_INVENTORY} \ > SELECTED_LANGUAGES=en,en_GB \ > ORACLE_HOME=${ORACLE_HOME} \ > ORACLE_BASE=${ORACLE_BASE} \ > oracle.install.db.InstallEdition=EE \ > oracle.install.db.OSDBA_GROUP=dba \ > oracle.install.db.OSBACKUPDBA_GROUP=dba \ > oracle.install.db.OSDGDBA_GROUP=dba \ > oracle.install.db.OSKMDBA_GROUP=dba \ > oracle.install.db.OSRACDBA_GROUP=dba \ > SECURITY_UPDATES_VIA_MYORACLESUPPORT=false \ > DECLINE_SECURITY_UPDATES=true Launching Oracle Database Setup Wizard... The response file for this session can be found at: /u01/app/oracle/product/19.0.0/dbhome_1/install/response/db_2022-01-15_00-59-13AM.rsp You can find the log of this install session at: /tmp/InstallActions2022-01-15_00-59-13AM/installActions2022-01-15_00-59-13AM.log As a root user, execute the following script(s): 1. /u01/app/oraInventory/orainstRoot.sh 2. /u01/app/oracle/product/19.0.0/dbhome_1/root.sh Execute /u01/app/oraInventory/orainstRoot.sh on the following nodes: [db01] Execute /u01/app/oracle/product/19.0.0/dbhome_1/root.sh on the following nodes: [db01] Successfully Setup Software. Moved the install session logs to: /u01/app/oraInventory/logs/InstallActions2022-01-15_00-59-13AM
rootスクリプトの実行
[oracle@db01 dbhome_1]$ logout [opc@db01 ~]$ [opc@db01 ~]$ sudo su - Last login: Fri Jan 14 15:47:17 GMT 2022 on pts/0 [root@db01 ~]# [root@db01 ~]# /u01/app/oraInventory/orainstRoot.sh Changing permissions of /u01/app/oraInventory. Adding read,write permissions for group. Removing read,write,execute permissions for world. Changing groupname of /u01/app/oraInventory to oinstall. The execution of the script is complete. [root@db01 ~]# /u01/app/oracle/product/19.0.0/dbhome_1/root.sh Check /u01/app/oracle/product/19.0.0/dbhome_1/install/root_db01_2022-01-15_01-01-42-755954239.log for the output of root script [root@db01 ~]# [root@db01 ~]# cat /u01/app/oracle/product/19.0.0/dbhome_1/install/root_db01_2022-01-15_01-01-42-755954239.log Performing root user operation. The following environment variables are set as: ORACLE_OWNER= oracle ORACLE_HOME= /u01/app/oracle/product/19.0.0/dbhome_1 Copying dbhome to /usr/local/bin ... Copying oraenv to /usr/local/bin ... Copying coraenv to /usr/local/bin ... Creating /etc/oratab file... Entries will be added to the /etc/oratab file as needed by Database Configuration Assistant when a database is created Finished running generic part of root script. Now product-specific root actions will be performed. Oracle Trace File Analyzer (TFA) is available at : /u01/app/oracle/product/19.0.0/dbhome_1/bin/tfactl
リスナー起動
[oracle@db01 dbhome_1]$ lsnrctl start LSNRCTL for Linux: Version 19.0.0.0.0 - Production on 15-JAN-2022 01:08:32 Copyright (c) 1991, 2019, Oracle. All rights reserved. Starting /u01/app/oracle/product/19.0.0/dbhome_1/bin/tnslsnr: please wait... TNSLSNR for Linux: Version 19.0.0.0.0 - Production Log messages written to /u01/app/oracle/diag/tnslsnr/db01/listener/alert/log.xml Listening on: (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=db01.subnet10220017.vcn10220017.oraclevcn.com)(PORT=1521))) Connecting to (ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1521)) STATUS of the LISTENER ------------------------ Alias LISTENER Version TNSLSNR for Linux: Version 19.0.0.0.0 - Production Start Date 15-JAN-2022 01:08:32 Uptime 0 days 0 hr. 0 min. 0 sec Trace Level off Security ON: Local OS Authentication SNMP OFF Listener Log File /u01/app/oracle/diag/tnslsnr/db01/listener/alert/log.xml Listening Endpoints Summary... (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=db01.subnet10220017.vcn10220017.oraclevcn.com)(PORT=1521))) The listener supports no services The command completed successfully
DB作成
[oracle@db01 dbhome_1]$ dbca -silent -createDatabase \ > -templateName General_Purpose.dbc \ > -gdbname ${ORACLE_SID} -sid ${ORACLE_SID} -responseFile NO_VALUE \ > -characterSet AL32UTF8 \ > -sysPassword SysPassword1 \ > -systemPassword SysPassword1 \ > -createAsContainerDatabase true \ > -numberOfPDBs 1 \ > -pdbName ${PDB_NAME} \ > -pdbAdminPassword PdbPassword1 \ > -databaseType MULTIPURPOSE \ > -memoryMgmtType auto_sga \ > -totalMemory 2000 \ > -storageType FS \ > -datafileDestination "${DATA_DIR}" \ > -redoLogFileSize 50 \ > -emConfiguration NONE \ > -ignorePreReqs Prepare for db operation 8% complete Copying database files 31% complete Creating and starting Oracle instance 32% complete 36% complete 40% complete 43% complete 46% complete Completing Database Creation 51% complete 53% complete 54% complete Creating Pluggable Databases 58% complete 77% complete Executing Post Configuration Actions 100% complete Database creation complete. For details check the logfiles at: /u01/app/oracle/cfgtoollogs/dbca/cdb1. Database Information: Global Database Name:cdb1 System Identifier(SID):cdb1 Look at the log file "/u01/app/oracle/cfgtoollogs/dbca/cdb1/cdb1.log" for further details.
接続確認
[oracle@db01 dbhome_1]$ ps -ef | grep pmon oracle 6402 1 0 01:20 ? 00:00:00 ora_pmon_cdb1 oracle 9250 32701 0 01:30 pts/0 00:00:00 grep --color=auto pmon [oracle@db01 dbhome_1]$ sqlplus / as sysdba SQL*Plus: Release 19.0.0.0.0 - Production on Sat Jan 15 01:30:20 2022 Version 19.3.0.0.0 Copyright (c) 1982, 2019, Oracle. All rights reserved. Connected to: Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production Version 19.3.0.0.0 SQL> show pdbs CON_ID CON_NAME OPEN MODE RESTRICTED ---------- ------------------------------ ---------- ---------- 2 PDB$SEED READ ONLY NO 3 PDB1 READ WRITE NO
tnsnames.oraの設定
[oracle@db01 ~]$ cat $ORACLE_HOME/network/admin/tnsnames.ora PDB1 = (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = db01)(PORT = 1521)) (CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME = PDB1) ) )
自動起動設定
[oracle@db01 ~]$ vi /etc/oratab [oracle@db01 ~]$ cat /etc/oratab cdb1:/u01/app/oracle/product/19.0.0/dbhome_1:Y
PDB自動起動設定
SQL> alter pluggable database pdb1 open; Pluggable database altered. SQL> show pdbs CON_ID CON_NAME OPEN MODE RESTRICTED ---------- ------------------------------ ---------- ---------- 2 PDB$SEED READ ONLY NO 3 PDB1 READ WRITE NO SQL> SQL> alter pluggable database all save state; Pluggable database altered.