HOL-6340 Provide a Zero Downtime Update for Your Cloud Infrastructure

HOL-6340

Provide a Zero Downtime Update for Your Cloud Infrastructure

Simon Coter Director of Product Management, Oracle [email protected]

Copyright © 2018, Oracle and/or its affiliates. All rights reserved. Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners. 720041 US

CONTENTS Introduction...... 3 Preparation (done before LAB) ...... 4 Summary of the Lab steps ...... 5 Global picture ...... 5 Vagrant & VirtualBox ...... 6 Start the two servers ...... 6 Connect to the Oracle VM Manager 3.4.5 console ...... 7 Verify that the Oracle VM environment correctly started ...... 8 Ksplice technology applied to Oracle VM Server...... 14 Ksplice technology applied to Oracle VM Manager (OraCle Linux 7) ...... 20 Summary ...... 23 Appendix A: References ...... 24

INTRODUCTION

This document details all actions that were done during Oracle Open World 2018 session Hands-On Lab 6340.

This hands-on lab takes you through different examples and approaches on how-to provide zero downtime to your Cloud Infrastructure thanks to Ksplice, utility capable of introducing hot-patch capabilities for Kernel, Hypervisor and User-Space components like glibc and openssl.

The entire hand-on-lab run on top of Oracle VM VirtualBox, solution capable to create architectures for demo or test purposes like in this example.

Oracle VM VirtualBox is a free and open-source hypervisor for x86 computers being developed by Oracle Corporation. VirtualBox may be installed on a number of host operating systems, including: Linux, macOS, Windows and Solaris; It supports the creation and management of guest virtual machines running versions and derivations of Windows, Linux, BSD, OS/2, Solaris, macOS and others. For some guest operating systems, a "Guest Additions" package of device drivers and system applications is available which typically improves performance.

Oracle Linux (OL) is a Linux distribution packaged and freely distributed by Oracle, available partially under the GNU General Public License since late 2006. It is compiled from Red Hat Enterprise Linux source code, replacing Red Hat branding by Oracle's. It also used by Oracle Cloud and Oracle Engineered Systems such as Oracle Exadata and others. Potential users can freely download Oracle Linux through Oracle's E-delivery service (Oracle Software Delivery Cloud) or from a variety of mirror sites, and can deploy and distribute it without cost.

Oracle VM Server for x86 is a zero license cost server virtualization and management solution that makes enterprise applications easier to deploy, manage, and support. Backed worldwide by affordable enterprise-quality support for both Oracle and non- Oracle environments, Oracle VM reduces operations and support costs while increasing IT efficiency and agility.

Ksplice, available as part of Oracle Linux Premier Support subscription and Oracle VM Premier Support subscription, updates the Linux operating system (OS) kernel, the Xen Hypervisor (on which Oracle VM 3.4 is based) and key user space libraries, while the OS is running, without a reboot or any interruption. Only Oracle Linux and Oracle VM offer this unique capability, making it possible for you to keep up with important updates without burdening your team with the operational cost and disruption of rebooting for every update.

Note: You can also run this lab at your home or office on an x86 server, desktop, or laptop.

PREPARATION (DONE BEFORE LAB)

To save time and fit in the one-hour slot of Oracle Open World labs, the following actions were performed before the actual lab.

o Install Oracle Linux 7.5 (64 bits) as host operating system (the lab can also run on Windows or macOS). o Install Oracle VM VirtualBox 5.2.18 plus extension-pack on the host OS. o Create two different VirtualBox Virtual Machines: o Oracle VM Server 3.4.5 o Oracle VM Manager 3.4.5 o Create one Oracle VM Server Virtual Machine, Oracle Linux 6.9, running as nested virtualization

Note: To run this lab from your home or office, perform the tasks in Appendix A first to prepare your environment before you run the lab.

SUMMARY OF THE LAB STEPS

In this lab, you will get the knowledge about Ksplice capabilities for your Cloud Infrastructure founded on Oracle VM and Oracle Linux. There is no particular requirement to start with this HOL except for the “Preparation phase described above”.

GLOBAL PICTURE

Figure 1 shows all the components (Oracle VM VirtualBox and Oracle VM virtual machines) with their names and configuration (memory, IP addresses, and so on).

Figure 1. Diagram of all the components and their configuration.

VAGRANT & VIRTUALBOX

START THE TWO SERVERS

As previously explained, we will use Oracle VM VirtualBox to host the two servers (Oracle VM Server and Oracle VM Manager) on a single x86 physical machine.

• If it has not been started yet, start the Oracle VM VirtualBox console by clicking the icon. In the console, you should see the two VMs we will use in this lab.

Figure 2. Oracle VM VirtualBox console.

• Select the VM called hol6340_ovmm and click the icon to start it. • Select the VM called hol6340_ovs and click the icon to start it.

• Wait for the VMs to be ready: o Wait for the desktop started prompt on the hol6340_ovmm VM console. o When this prompt is displayed, all VMs are ready (since Oracle VM Manager takes the longest to start).

CONNECT TO THE ORACLE VM MANAGER 3.4.5 CONSOLE

• On your x86 physical machine, open a Firefox browser and connect to the Oracle VM Manager 3.4.5 console using URL https://192.168.56.200:7002/ovm/console .

Note: Firefox might raise a security warning (for example, This Connection is Untrusted) since the SSL certificates are self-signed. If so, ignore the warning (expand I understand the Risks, then click Add Exception, and then click Confirm Security Exception).

You should get the login window shown in Figure 3:

Figure 3. Login window.

• Log in using the following credentials: o Login: admin (default Oracle VM Manager administrator) o Password: Welcome1 (W is uppercase)

VERIFY THAT THE ORACLE VM ENVIRONMENT CORRECTLY STARTED

1) Once you are logged in to the Oracle VM Manager console, go to the Servers and VMs tab and verify the status of the Oracle VM pool and server; everything should look like Figure 4.

Figure 4. Status of the Oracle VM pool and server in the Servers and VMs tab.

2. Click the Networking tab and verify that the existing networks are usable by guests. You should see a checkmark under Virtual Machines, as shown in Figure 5.

Figure 5. Networking tab.

4. Click Servers and VMs, expand the pool named hol6340-pool, click the server named hol6340-ovs.oow.local, and select the Physical Disks perspective in the right pane.

Figure 6. Displaying the physical disks.

5. Right-Click on server named “hol6340-ovs.oow.local” and select “Rescan Physical Disks”.

Figure 7. Rescan Physical Disks execution.

6. Following step requires to remove the “Physical Disk” in “Warning” state, just because this is demo environment where the clone changed the disk-id of the system (so we can now see the new one and the “warning” one that has to be deleted). To delete it, just select the physical-disk in “Warning” state and click on “Delete Physical Disk” button (confirmation required).

Figure 8. Delete Physical Disk in “warning” state.

7. Execute the “Refresh Physical Disk” two times (force refresh) on the remaining “Physical Disk”; to execute this operation, just select the “Physical Disk” entry and click on “Refresh Physical Disk” button:

Figure 9. Refresh Physical Disk.

8. Click on “Repositories” tab, expand the “Repositories” section and select the repository named “hol6340-repo”; with the repository selected click on “Present/Unpresent” button:

Figure 10. Present/Unpresent Repository – 01/02.

In the following window, select the server named “hol6340-ovs.oow.local” under the “Present to server(s)” list, as show in Figure 11, and confirm with “OK”:

Figure 11. Present/Unpresent Repository – 02/02.

9. Refresh the repository named “hol6340-repo”; choose the repository and click on “Refresh Repository” button:

Figure 12. Refresh Oracle VM Repository.

10. Move the Virtual Machine available from “Unassigned Virtual Machines” to the server “hol6340-ovs.oow.local”. On “Servers and VMs” tab, select “Unassigned Virtual Machines” and by a right-click on the Virtual Machine “ol6u9.oow.local” choose “Migrate or Move”:

Figure 13. Migrate or Move Virtual Machine (1/3).

Choose “Migrate a VM to a different server, Server Pool or Unassigned state”

Figure 14. Migrate or Move Virtual Machine (2/3).

Select “Specified Server” and “hol6340-ovs.oow.local” and confirm with “Finish”.

Figure 15. Migrate or Move Virtual Machine (3/3).

11. Start the Virtual Machine “ol6u9.oow.local” By the “Servers and VMs” tab, select the Server “hol6340-ovs.oow.local” with “Virtual Machine” perspective, right-click on the Virtual Machine “ol6u9.oow.local” and choose “Start Virtual Machine”.

Figure 16. Start Virtual Machine.

KSPLICE TECHNOLOGY APPLIED TO ORACLE VM SERVER

• Open a terminal on your laptop and connect to the Oracle VM Server machine IP: 192.168.56.201 Access with: root/ovsroot

Figure 17. Connect to Oracle VM Server by “ssh”.

• Check the running kernel for Oracle VM Server Instance by “uname”

Figure 18. Check running kernel with “uname -a” command.

• Ksplice Uptrack does not change the output of “uname”, and “uname” will continue to reflect the version of the kernel into which a machine was booted. Instead, once you install Ksplice updates, use “uptrack-uname” to see what effective kernel a machine is running. “uptrack-uname” has the same format as “uname” and supports the common flags, including “-r” and “-a”. By executing “uptrack-uname -a” we do not see any difference now.

Figure 18. Show no differences between “uname” and “uptrack-uname”.

• List Ksplice Kernel updates available for the currently running kernel by “uptrack-show --available”

Figure 19. List Ksplice Kernel updates available for the currently running kernel.

• Install Ksplice Kernel updates by “yum install uptrack-updates-`uname -r`” command On this demo environment we’re using the offline-client; the same operation on a real environment can be completed with the command “uptrack-upgrade -y”.

Figure 20. Install Ksplice Kernel updates for the running kernel.

• Check the output of Ksplice Kernel updates installation

Figure 21. Check Ksplice kernel updates installed.

• Re-execute commands “uname -a” and “uptrack-uname -a” to see the difference between installed and running kernel.

Figure 22. Show different release between installed and running kernel.

• Install Ksplice Xen hypervisor updates (example) without any service interruption by executing “yum update xen*”. This Oracle VM Server is configured to get example updates from the IP address “192.168.56.200”, the Oracle VM Manager virtual machine, that acts as a local Yum-mirror server. While executing “yum update” you’ll note that between the updates all the packages contain the naming “ksplice”; this is just because those Xen (and also glibc) releases are also available as standard updates for Oracle VM. On our configuration by executing “yum update xen*” we only access to the list of Ksplice updates and, so, the installation will happen without any outage.

Figure 23. Ksplice Xen updates installation (1/2).

Installation output should be similar to the following one:

Figure 24. Ksplice Xen updates installation (2/2).

• Install “openssl” Ksplice updates by executing the command “yum update openssl*”

Figure 25. Ksplice OpenSSL updates installation (1/2).

Figure 25. Ksplice OpenSSL updates installation (2/2).

• On this chapter we had: o Upgraded the running UEK4 kernel from “4.1.12-124.18.9” to “4.1.12-124.19.1” release. o Upgraded Xen hypervisor from “4.4-196.0.3” to “4.4-196.0.8” release. o Upgraded openssl from “1.0.1e-57.0.1” to “1.0.1e-57.0.3” release.

And all those updates have been installed while an Oracle VM Virtual Machine (ol6u9.oow.local) is running on the same (VM we’ve started at the beginning on this HOL).

KSPLICE TECHNOLOGY APPLIED TO ORACLE VM MANAGER (ORACLE LINUX 7)

• Open a terminal on your laptop and connect to the Oracle VM Manager machine IP: 192.168.56.200 Access with: root/ovsroot

Figure 26. Connect to Oracle VM Manager Server by “ssh”.

• This Oracle VM Manager Instance relies on an Oracle Linux 7 installation; Oracle Linux 7 has been configured with a local-yum mirror containing all the Ksplice updates available for Kernel and user-space components like “glibc” and “openssl”; to update this server the only operation required are: o The classic “yum update -y” to get all the user-space updates

Figure 27. User-space Ksplice updates (1/2).

Figure 28. User-space Ksplice updates (2/2).

o “yum install uptrack-updates-`uname -r`” to get the Ksplice updates for the running kernel

Figure 29. Kernel Ksplice updates (1/2).

Figure 30. Kernel Ksplice updates (2/2).

With the same commands used in the previous chapter you can now check: o Installed kernel with “uname -a” o Running kernel with “uptrack-uname -a” o Ksplice installed updates with “uptrack-show”

Figure 31. Kernel Ksplice updates check.

A huge difference, from the classic “yum update -y” is there: here we’ll get all the updates for “Kernel”, “glibc” and “openssl” installed without needing any kind of system reboot. All the existing (and running) processes will immediately rely on updated packages.

• Same operations executed on this Oracle Linux 7 system can be also applied to any other Virtual Machine running on our Cloud Infrastructure like, for example, the virtual machine named “ol6u9.oow.local”; so, by a terminal you can also update the Oracle Linux 6 system:

IP: 192.168.56.202 Access with: root/ovsroot

SUMMARY

Congratulations! You have successfully completed this Hands on Lab and started to play with DevOps solutions like VirtualBox, Vagrant, Oracle Linux and Docker.

APPENDIX A: REFERENCES

Oracle VM VirtualBox documentation: https://www.virtualbox.org/wiki/Documentation

Oracle Linux 7 documentation: https://docs.oracle.com/cd/E52668_01/index.html

Vagrant documentation: https://www.vagrantup.com/docs/

Docker documentation: https://docs.docker.com

Oracle Linux Blog – From Zero to Docker sandbox in 2 minutes: https://blogs.oracle.com/linux/from-zero-to-docker-sandbox-in-2-minutes

GitHub Labs on Docker: https://github.com/docker/labs/blob/master/beginner/chapters/alpine.md https://github.com/docker/labs/blob/master/beginner/chapters/webapps.md https://github.com/docker/labs/blob/master/beginner/chapters/votingapp.md

In addition, this hands-on-lab document is available at the following website:

https://blogs.oracle.com/scoter/