Red Hat / Oracle Enterprise Linux I/O tuning for Oracle databases

Starting with Red Hat 4 you can choose between four I/O scheduler which have all their pros and cons versus what you run on your server:

noop
anticipatory
deadline
cfq

In Red Hat 6 the anticipatory I/O scheduler has disappeared…

There are multiple documents stating that deadline I/O scheduler is the preferred choice when running Oracle databases.
cfq scheduler is the default one on Red Hat edition while Oracle has chosen to activate deadline scheduler by default
on its Unbreakable Enterprise Kernel (uek) kernel branch. Which tend to say that it is the one to use when running Oracle databases.

You can change it, dynamically per disk device, by modifying below file:

# echo deadline > /sys/block/${ASM_DISK}/queue/scheduler

[root@server1 ~]# cat /sys/block/sda/queue/scheduler
noop anticipatory deadline [cfq]
[root@server1 ~]# echo deadline > /sys/block/sda/queue/scheduler
[root@server1 ~]# cat /sys/block/sda/queue/scheduler
noop anticipatory [deadline] cfq

http://docs.oracle.com/database/121/CWLIN/prelinux.htm#CHDCEBCD
http://blog.yannickjaquier.com/linux/red-hat-oracle-enterprise-linux-io-tuning-for-oracle-databases.html

RHEL6.x Tuning Virtual Memory

swappiness

    A value from 0 to 100 which controls the degree to which the system
swaps.A high value prioritizes system performance, aggressively swapping
processes out of physical memory when they are not active. A low value
prioritizes interactivity and avoids swapping processes out of physical
memory for as long as possible, which decreases response latency. The
default value is 60.
    A high swappiness value is not recommended for database workloads.
For example, for Oracle databases, Red Hat recommends a swappiness value
of 10.

    vm.swappiness=10

https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Performance_Tuning_Guide/s-memory-tunables.html

https://www.linkedin.com/groups/echo-3-proc-sys-vm-59573.S.5928598366660345856?trk=groups_guest_most_popular-0-b-ttl&goback=.gmp_59573

http://en.wikipedia.org/wiki/Swappiness

https://www.netroby.com/view.php?id=3687

format the multipath raw partition and use for oracle asm without reboot the machine

Node-2
# fdisk /dev/mapper/myraw
Device contains neither a valid DOS partition table, nor Sun, SGI or OSF disklabel
Building a new DOS disklabel. Changes will remain in memory only,
until you decide to write them. After that, of course, the previous
content won’t be recoverable.

The number of cylinders for this disk is set to 78325.
There is nothing wrong with that, but this is larger than 1024,
and could in certain setups cause problems with:
1) software that runs at boot time (e.g., old versions of LILO)
2) booting and partitioning software from other OSs
(e.g., DOS FDISK, OS/2 FDISK)
Warning: invalid flag 0x0000 of partition table 4 will be corrected by w(rite)

Command (m for help): u
Changing display/entry units to sectors

Command (m for help): n
Command action
e extended
p primary partition (1-4)
p
Partition number (1-4): 1
First sector (63-1258291199, default 63): 2048
Last sector or +size or +sizeM or +sizeK (2048-1258291199, default 1258291199):
Using default value 1258291199

Command (m for help): p

Disk /dev/mapper/myraw: 644.2 GB, 644245094400 bytes
255 heads, 63 sectors/track, 78325 cylinders, total 1258291200 sectors
Units = sectors of 1 * 512 = 512 bytes

Device Boot Start End Blocks Id System
/dev/mapper/myraw1 2048 1258291199 629144576 83 Linux

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.

WARNING: Re-reading the partition table failed with error 22: Invalid argument.
The kernel still uses the old table.
The new table will be used at the next reboot.
Syncing disks.
#

#/sbin/partprobe /dev/mapper/myraw

Node-1
#/sbin/partprobe /dev/mapper/myraw

How to Protect your Server Against the Shellshock Bash Vulnerability ?

There’s latest security flaw Bash Bug called Shellshock affecting Linux nodes. It’s a major vulnerability related to Bash.

Please check/review if Linux nodes are affected by this security flaw, and prepare plan for patching it.
The Shellshock vulnerability can be exploited on systems that are running Services or applications that allow unauthorized remote users to assign Bash environment variables. Examples of exploitable systems include the following:
 Apache HTTP Servers that use CGI scripts (via mod_cgi and mod_cgid) that are written in Bash or launch to Bash subshells
 Certain DHCP clients
 OpenSSH servers that use the ForceCommand capability
Various network-exposed services that use Bash

For more details, please refer below link –

Resolution

[root@kvmpri01-vm05 ~]# rpm -qa | grep bash
bash-4.1.2-14.el6.x86_64
[root@kvmpri01-vm05 ~]#
[root@kvmpri01-vm05 ~]#
[root@kvmpri01-vm05 ~]# bash --version
GNU bash, version 4.1.2(1)-release (x86_64-redhat-linux-gnu)
Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>

This is free software; you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
[root@kvmpri01-vm05 ~]#
[root@kvmpri01-vm05 ~]#
[root@kvmpri01-vm05 ~]# env VAR='() { :;}; echo Bash is vulnerable!' bash -c "echo Bash Test"
Bash is vulnerable!
Bash Test

sftp> put bash-4.1.2-15.el6_5.2.x86_64.rpm
Uploading bash-4.1.2-15.el6_5.2.x86_64.rpm to /root/bash-4.1.2-15.el6_5.2.x86_64.rpm
100% 905KB 905KB/s 00:00:00

[root@kvmpri01-vm05 ~]# rpm -Uvh bash-4.1.2-15.el6_5.2.x86_64.rpm
warning: bash-4.1.2-15.el6_5.2.x86_64.rpm: Header V3 RSA/SHA1 Signature, key ID c105b9de: NOKEY
Preparing... ########################################### [100%]
1:bash ########################################### [100%]
[root@kvmpri01-vm05 ~]#
[root@kvmpri01-vm05 ~]# env VAR='() { :;}; echo Bash is vulnerable!' bash -c "echo Bash Test"
Bash Test

[root@kvmpri01-vm05 ~]# which bash
/bin/bash

[root@kvmpri01-vm05 ~]# bash --version
GNU bash, version 4.1.2(1)-release (x86_64-redhat-linux-gnu)
Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>

This is free software; you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Format and create a Linux file system

Linux comes with mkfs command to format filesystem. It is used to build a Linux file system on a device, usually a hard disk partition. General syntax of mkfs is as follows:

In RHEL 5.x for create ext3 file system
mkfs -t filetype /dev/DEVICE
OR
mkfs.ext3 /dev/DEVICE


In RHEL 6.x for create ext4 file system
# mke2fs -t ext4 /dev/DEV
or
# mkfs.ext4 /dev/DEV

# mkfs.ext3 /dev/mapper/Backup1
mke2fs 1.39 (29-May-2006)
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
17924096 inodes, 35831420 blocks
1791571 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=4294967296
1094 block groups
32768 blocks per group, 32768 fragments per group
16384 inodes per group
Superblock backups stored on blocks:
        32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,
        4096000, 7962624, 11239424, 20480000, 23887872

Writing inode tables: done
Creating journal (32768 blocks): done
Writing superblocks and filesystem accounting information: done

This filesystem will be automatically checked every 31 mounts or
180 days, whichever comes first.  Use tune2fs -c or -i to override.

# mkdir /backup
# ll /dev/mapper/*
brw-rw—- 1 800 900 253, 7 Jul 25 09:39 /dev/mapper/APP
brw-rw—- 1 800 900 253, 18 Jul 27 08:42 /dev/mapper/APP1
brw-rw—- 1 root disk 253, 9 Jul 25 11:51 /dev/mapper/Backup
brw-rw—- 1 root disk 253, 15 Jul 27 10:26 /dev/mapper/Backup1
crw——- 1 root root 10, 63 Jul 24 17:30 /dev/mapper/control
brw-rw—- 1 root 900 253, 0 Jul 25 09:39 /dev/mapper/ocrvote1
brw-rw—- 1 root 900 253, 10 Jul 27 08:22 /dev/mapper/ocrvote1p1
brw-rw—- 1 root 900 253, 1 Jul 25 09:39 /dev/mapper/ocrvote2
brw-rw—- 1 root 900 253, 11 Jul 27 08:25 /dev/mapper/ocrvote2p1
brw-rw—- 1 root 900 253, 2 Jul 25 09:39 /dev/mapper/ocrvote3
brw-rw—- 1 root 900 253, 12 Jul 27 08:27 /dev/mapper/ocrvote3p1
brw-rw—- 1 800 900 253, 6 Jul 25 09:39 /dev/mapper/oradata
brw-rw—- 1 800 900 253, 5 Jul 25 09:39 /dev/mapper/oradata1
brw-rw—- 1 800 900 253, 16 Jul 27 08:38 /dev/mapper/oradata1p1
brw-rw—- 1 800 900 253, 8 Jul 25 09:39 /dev/mapper/oradata2
brw-rw—- 1 800 900 253, 17 Jul 27 08:41 /dev/mapper/oradata2p1
brw-rw—- 1 800 900 253, 4 Jul 25 09:39 /dev/mapper/oraredo
brw-rw—- 1 800 900 253, 14 Jul 27 08:32 /dev/mapper/oraredo1
brw-rw—- 1 800 900 253, 3 Jul 25 09:39 /dev/mapper/orasys
brw-rw—- 1 800 900 253, 13 Jul 27 08:29 /dev/mapper/orasys1

# mount /dev/mapper/Backup1 /backup

# df -kh
Filesystem Size Used Avail Use% Mounted on
/dev/sda3 37G 3.1G 32G 9% /
/dev/sda9 3.6G 72M 3.4G 3% /tmp
/dev/sda8 7.2G 294M 6.6G 5% /var
/dev/sda7 15G 165M 14G 2% /home
/dev/sda6 15G 165M 14G 2% /opt
/dev/sda2 38G 177M 36G 1% /u01
/dev/sda1 99M 26M 69M 28% /boot
tmpfs 7.8G 0 7.8G 0% /dev/shm
/dev/mapper/Backup1 135G 188M 128G 1% /backup

# cd /backup/

Note: do not put the entries in /etc/fstab otherwise next reboot server not able to startup

Recommended to put the permanent configuration using rc.local file
vi rc.local
mount /dev/mapper/Backup1 /backup

http://www.cyberciti.biz/faq/howto-format-create-linux-filesystem/
https://ext4.wiki.kernel.org/index.php/Ext4_Howto#Creating_ext4_filesystems

How to make password of ‘oracle’ OS user account as non-expiry ?

chage is the OS command by which we can control the number of days between password changes
and the date of the last password change.

# chage -l oracle

Last password change : May 29, 2013
Password expires : Aug 27, 2013
Password inactive : Sep 10, 2013
Account expires : never
Minimum number of days between password change : -1
Maximum number of days between password change : 90
Number of days of warning before password expires : 14
chage -m -1 -M -1 -I -1 -E -1 oracle


Where:
[-m mindays] [-M maxdays] [-d lastday] [-I inactive] [-E expiredate] [-W warndays]


chage -l oracle

Last password change : May 29, 2013
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : -1
Maximum number of days between password change : -1
Number of days of warning before password expires : 14