Chapter 7 What Next?

Table of Contents

• 7.1 Configuring a Secondary Service Domain for SPARC
• 7.2 Installing Diagnostic Tools for Oracle VM Server
• 7.3 Configure the NTP Service on the Oracle VM Manager Host
• 7.4 Change the Backup and Restore Path for the Oracle VM Manager Database
• 7.5 Starting and Stopping Oracle VM Manager
• 7.6 Enabling the TLS Version 1 Protocol
• 7.7 Logging in to Oracle VM Manager
• 7.8 Configuring JVM Memory Allocation for Oracle VM Manager
• 7.9 Administrative Changes

The information contained within this chapter is not part of the default installation process for Oracle VM, however to ensure that your environment runs smoothly and that all elements within your deployment are functional and can be supported, you should perform a number of additional steps to fully configure your environment. These steps are discussed in the following sections.

7.1 Configuring a Secondary Service Domain for SPARC

If you are running a SPARC environment, and you do not intend to make use of the clustering features included in this release, you may want to consider setting up and configuring a secondary service domain to improve the availability of virtual machines in the instance where the primary control domain may need to be restarted, or may fail.

Instructions on configuring and setting up a secondary service domain are provided in Configuring a Secondary Service Domain in the Oracle VM Administrator's Guide. This is an advanced configuration that imposes some limitations on how you are able to use the product.

7.2 Installing Diagnostic Tools for Oracle VM Server

As an optional post-installation step, Oracle recommends that you also install and configure diagnostics tools on all Oracle VM Servers. These tools can be used to help debug and diagnose issues such as system crashes, hanging, unscheduled reboots, and OCFS2 cluster errors. The output from these tools can be used by Oracle Support and can significantly improve resolution and response times. See Diagnostic Tools for Oracle VM Server in the Oracle VM Administrator's Guide guide for information on installing the diagnostic and support tools.

Note

When installing Oracle VM Server, you are given the option to enable Kdump. Kdump is a crash dumping mechanism that captures a memory dump image for dom0 in the event of a system crash. Oracle strongly recommends that you enable Kdump during installation. See Section 2.1.2, “Installing Oracle VM Server From a DVD-ROM” for more information.

7.3 Configure the NTP Service on the Oracle VM Manager Host

When an Oracle VM Server is discovered in Oracle VM Manager, NTP (Network Time Protocol) is automatically configured and enabled to ensure time synchronization. Oracle VM automatically configures the Oracle VM Manager host computer as the NTP source for all Oracle VM Servers under its control, unless other NTP servers are configured for each server.

If you do not set up your own list of NTP servers, and want to use the Oracle VM Manager host computer to provide NTP time synchronization services, NTP must first be installed and configured on the Oracle VM Manager host server. Make sure that your Oracle VM Manager host is either registered with the Unbreakable Linux Network (ULN) or configured to use the Oracle Linux Yum Server.

Note

It is not recommended to use the Oracle VM Manager host as a single NTP server. It is best practice to configure 3 NTP servers at a minimum.

To configure NTP on the Oracle VM Manager host:

1. Install the NTP package.

   # yum install ntp

   When NTP is installed, configure it to both synchronize with upstream servers and provide time services to the local network, where the Oracle VM Servers reside.

2. Enable upstream synchronization by defining the upstream time servers in the ntp.conf file.

   Oracle Linux uses three public NTP servers as upstream time sources by default. Check with your network administrator if time services are provided on the corporate network and, if necessary, replace the default entries with the names or IP addresses of your NTP servers.

   Use your favorite text editor to modify /etc/ntp.conf. Search for these entries:

   # vi /etc/ntp.conf
   
   server 0.rhel.pool.ntp.org
   server 1.rhel.pool.ntp.org
   server 2.rhel.pool.ntp.org

3. Configure downstream access for the Oracle VM Servers in your local network. To do so, disable the default "noquery" option for the Oracle VM Server management network.

   Again in the /etc/ntp.conf file, search for this entry:

   #restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

   Remove the # character at the start of the line to uncomment this entry. Replace 192.168.1.0 with the network address of your Oracle VM Server management network. You may also need to adjust the netmask (255.255.255.0). Once you have finished editing, save the /etc/ntp.conf file.

4. Start the NTP service and set it to launch automatically upon boot.

   # service ntpd start
   # chkconfig ntpd on

5. When NTP is running, check upstream synchronization. The ntpq command should output something similar to this example:

   # ntpq -p
   
        remote           refid      st t when poll reach   delay   offset  jitter
   ==============================================================================
    lists2.luv.asn. 203.161.12.165  16 u   25   64    3    3.495   -3043.1   0.678
    ns2.novatelbg.n 130.95.179.80   16 u   27   64    3   26.633   -3016.1   0.797
    sp1.mycdn.fr    130.234.255.83  16 u   24   64    3    4.314   -3036.3   1.039

   When upstream NTP is working properly, delay and offset values should be non-zero and the jitter value should be below 100.

6. Test downstream synchronization from another server in the management network to ensure that NTP services are working. Note that it may take several minutes before your NTP server is able to provide time services to downstream clients. Begin by checking the stratum level of your server:

   # ntpq -c rv
   
   assID=0 status=c011 sync_alarm, sync_unspec, 1 event, event_restart,
   version="ntpd 4.2.4p8@1.1612-o Tue Jul  6 21:50:26 UTC 2010 (1)",
   processor="x86_64", system="Linux/2.6.32-200.19.1.el6uek.x86_64",
   leap=11,  stratum=16 , precision=-20, rootdelay=0.000,
   rootdispersion=1.020, peer=0, refid=INIT,
   reftime=00000000.00000000  Thu, Feb  7 2036 17:28:16.000, poll=6,
   clock=d21d4a96.a26c5962  Fri, Sep 16 2011 14:09:58.634, state=0,
   offset=0.000, frequency=0.000, jitter=0.001, noise=0.001,
   stability=0.000, tai=0   

   If the server is showing stratum=16, wait a few minutes and try again. It may take up to 15 minutes for an NTP server to stabilize sufficiently to lower its stratum level.

   Downstream clients will not synchronize with a server at stratum level 16. Once the stratum level has dropped, log in to an available Linux host in your management network, not running Oracle VM Manager, and issue the following command:

   # ntpdate -d manager.hostname
   [...]
   16 Sep 13:58:25 ntpdate[1603]: step time server 192.168.1.1 offset 3.009257 sec

   This command runs ntpdate in debug mode, in which case the availability of the remote time server is checked. If the debug run ends in a line similar to the one in this example, the test is successful. In case the stratum level is still too high, the error message "Server dropped: strata too high" is displayed.

When you have confirmed with these tests that NTP is working properly for your environment, you should not need to check this again.

Caution

NTP communicates over UDP port 123. Ensure that no firewall is blocking this traffic.

7.4 Change the Backup and Restore Path for the Oracle VM Manager Database

Oracle VM Manager automatically performs backups of the Oracle VM Manager database. By default, these backups are located in /u01/app/oracle/mysql/dbbackup. If you have network attached storage available, it is strongly recommended that you change the default path for these backups to use a mount point on an external device, particularly if you can make use of some form of RAID to further protect this data.

The path where database backups are stored is defined in /etc/sysconfig/ovmm.

Please refer to Backing up the MySQL Database Repository in the Oracle VM Administrator's Guide for more information on this parameter and on the backup and restore process in general.

7.5 Starting and Stopping Oracle VM Manager

This section discusses the methods of starting and stopping Oracle VM Manager. For information on starting and stopping the Oracle VM Manager Command Line Interface, see Starting and Stopping the CLI in the Oracle VM Manager Command Line Interface User's Guide.

It is important to understand that Oracle VM Manager is dependent on the Oracle VM Manager MySQL server instance. These components are separated to run as independent services. In the case where the Oracle VM Manager MySQL service is stopped, it is not possible to start the Oracle VM Manager service. In the case where the Oracle VM Manager service is already running and the Oracle VM Manager MySQL service is stopped, errors are generated by Oracle VM Manager and are logged to the relevant Oracle VM Manager log files. This behavior is documented further in Working with the MySQL Instance in the Oracle VM Administrator's Guide.

Instructions for Oracle VM Manager on Linux for x86

When Oracle VM Manager is installed, it is set to automatically start when the operating system starts. If you want to disable this, enter:

# chkconfig ovmm off

To manually start or stop Oracle VM Manager, and to verify its status, log in as the root user, and use the syntax:

/sbin/service ovmm [start|stop|status|restart]

For example, to start Oracle VM Manager:

# /sbin/service ovmm start

To stop Oracle VM Manager, you must first stop the Oracle VM Manager Command Line Interface, then Oracle VM Manager:

# /sbin/service ovmm stop

To restart Oracle VM Manager:

# /sbin/service ovmm restart

As of Oracle VM Release 3.4.5, a check_migrate option can be used with the stop or restart commands, allowing you to check for active VM migration jobs that are triggered by a server pool load balancing job. VM migration jobs of this type must be completed first before you stop or restart your Oracle VM Manager instance. Log in as the root user, and use the syntax:

/sbin/service ovmm [stop check_migrate|restart check_migrate]

Note

The check_migrate option does not execute when issuing the stop or restart commands on an Oracle Linux 7 environment. Interactive scripts are not permitted with the systemctl command and as a result, you must run the following command first to check if active VM migration jobs that are triggered by a server pool load balancing job are present, before proceeding to stop or restart the Oracle VM Manager instance:

# /u01/app/oracle/ovm-manager-3/ovm_shell/ovm_shell.sh -u admin -i check_migrate_job.py

For example, on an Oracle Linux 6 environment append check_migrate to the Oracle VM Manager /sbin/service ovmm stop command as follows:

# /sbin/service ovmm stop check_migrate

The check_migrate option displays the following confirmation message and prompts you for the current Oracle VM Manager password:

check_migrate option is passed. Script will check for active VM Migrate jobs triggered by 
PoolLoadBalancer, before proceeding with ovmm stop
# Enter ovmm Password: 

If the password is accepted, the check_migrate option executes a script to check for any active VM migration jobs triggered by a server pool load balancing job. If no VM migration jobs are active, a success message is displayed and Oracle VM Manager is stopped:

Enter ovmm Password:
SUCCESS
Stopping Oracle VM Manager

If active VM migration jobs are found as a result of the check_migrate option, the ovmm stop command is not executed. Instead, an error message is displayed containing the VM migration and pool load balancer job IDs:

Enter ovmm Password:
ERROR: VM Migrate Job with id : [OVMJOB_ID] PoolLoadBalancer-ID is still active

You must wait until these VM migration jobs are complete before attempting stop or restart Oracle VM Manager. Use the Oracle VM Manager Command Line Interface show Job command to monitor the progress of the VM migration job to determine when the job completes. For more information, see the CLI Command Reference section in the Oracle VM Manager Command Line Interface User's Guide .

To check the status of Oracle VM Manager:

# /sbin/service ovmm status

The status option returns whether the Oracle VM Manager service is running or stopped.

If the Oracle VM Manager host computer runs a full graphical desktop environment, you can also use the Services dialog to start and stop the CLI. From the Applications menu, select System Settings > Server Settings > Services. Or by running the following command in a terminal to display the Services dialog:

# /usr/bin/system-config-services

In the Service Configuration dialog, select ovmm to check the status, and start or stop it.

Instructions for Oracle VM Manager on Solaris for SPARC

When Oracle VM Manager is installed, it runs as a service that can be managed using the standard Solaris Service Management Facility (SMF) tools. Therefore, to obtain a report on the status of the service, you can simply use the svcs tool:

# svcs ovmm

Tip

You can use the -l to print a more detailed listing, including the full FMRI and restarter service paths.

Starting, stopping and restarting the service can be handled using the svcadm command. This can either be done on a temporary basis using the -t option, or can be enforced permanently to set the start-up behavior of the service.

Note

As of Oracle VM Release 3.4.5, a check_migrate option can be used with the disable or restart commands, allowing you to check for active VM migration jobs that are triggered by a server pool load balancing job. VM migration jobs of this type must be completed first before you stop or restart your Oracle VM Manager instance.

For example, to stop Oracle VM Manager from starting up on start-up, run the command:

# svcadm disable ovmm

To stop Oracle VM Manager from running temporarily:

# svcadm disable -t ovmm

To start Oracle VM Manager:

# svcadm enable ovmm

To restart Oracle VM Manager, provided that no migrations for load balancing are ongoing:

# svcadm restart ovmm check_migrate

7.6 Enabling the TLS Version 1 Protocol

As of Oracle VM Release 3.4.5, the SSL TLS version 1 (TLSv1) protocol is disabled within Oracle VM Manager for security reasons. By default, only connections using the TLSv1.2 protocol are accepted. As a result, management of Oracle VM Server for x86 at Release 3.2.10 or 3.2.11, and Oracle VM Agent for SPARC at Release 3.3.1, is not possible after the upgrade to Oracle VM Manager 3.4.5 or later release versions.

Although it is strongly recommended to upgrade your Oracle VM Servers to the latest release version, in Oracle VM Release 3.4.5 in it is possible to enable the management of Oracle VM Server for x86 at Release 3.2.10 or 3.2.11, and Oracle VM Agent for SPARC at Release 3.3.1. To do this, you must enable the TLSv1 protocol, which is less secure, as follows:

Important

As of Oracle VM Release 3.4.6, management of Oracle VM Server for x86 at Release 3.2.10 or 3.2.11, and Oracle VM Agent for SPARC at Release 3.3.1 is removed.

1. Start an ssh session to the Oracle VM Manager instance.

2. Open /etc/sysconfig/ovmm for editing and add the following line:

   ALLOWTLS1=YES

3. Save and close /etc/sysconfig/ovmm.

4. Restart Oracle VM Manager for the setting to take effect:

   # /sbin/service ovmm restart

When all your Oracle VM Servers have been upgraded to the latest release, it is recommended that you reset the security protocol in Oracle VM Manager to the default. Disable TLSv1 and revert to the TLSv1.2 protocol as follows:

1. Start an ssh session to the Oracle VM Manager instance.

2. Open /etc/sysconfig/ovmm for editing and remove the following line:

   ALLOWTLS1=YES

3. Save and close /etc/sysconfig/ovmm.

4. Restart Oracle VM Manager for the setting to take effect:

   # /sbin/service ovmm restart

7.7 Logging in to Oracle VM Manager

To open the Login page of Oracle VM Manager, enter the following address in a Web browser:

https://hostname:port/ovm/console

Where, hostname refers to the host name or IP address of the Oracle VM Manager host, and port refers to the port number on which Oracle VM Manager is listening.

Important

The hostname should match the fully qualified domain name or IP address that you configured during installation of Oracle VM Manager. The SSL certificate that was generated for HTTPS traffic is specific to this hostname. If you enter an alternate hostname or IP address, the SSL certificate may fail validation and you may see an error in your browser.

Note

In previous version of Oracle VM Manager unencrypted HTTP traffic was allowed by default. This has been disabled to always encrypt traffic using the Secure Sockets Layer (SSL). Therefore, you should always use https within the protocol portion of the URL to access the Oracle VM Manager.

To connect to Oracle VM Manager on a host named myserver.example.com, use:

https://myserver.example.com:7002/ovm/console

Important

You should ensure that if you are accessing Oracle VM Manager through a firewall, the firewall should be configured to allow TCP traffic on the port configured in Oracle VM Manager. By default, this is set to 7002.

Enter your Oracle VM Manager administration username (which is admin by default) in the Username field. This is the administration username you create during the Oracle VM Manager install. Enter the password for the Oracle VM Manager administration username in the Password field.

Warning

In addition to the default admin user, you can also log into Oracle VM Manager using other default accounts created by the Oracle VM Manager installer, namely:

• OracleSystemUser

• weblogic

  Make sure the passwords for all accounts are secure. See Oracle VM Manager Administrator Tool (ovm_admin) in the Oracle VM Administrator's Guide for information on managing Oracle VM users and passwords.

Now you are logged in, you can create storage repositories, server pools, add Oracle VM Servers, and create virtual machines, import resources, and so on.

The user interface displays context sensitive information, relevant to the selection in the navigator and content panes. For further information on using the user interface, please refer to the Oracle VM Manager Getting Started Guide and the Oracle VM Manager User's Guide.

7.8 Configuring JVM Memory Allocation for Oracle VM Manager

Some performance tuning is required in Oracle VM environments where you manage more than 80 instances of Oracle VM Server with a single instance of Oracle VM Manager. In these environments, you should increase JVM memory allocation to 8G and reduce the interval of statistics collection. See the following topics for more information:

• Increasing the Memory Allocated to Oracle WebLogic Server in the Oracle VM Administrator's Guide

• Preferences in the Oracle VM Manager User's Guide

Oracle Support can apply additional tuning configurations to optimize Oracle VM Manager performance, such as reducing the number of events that Oracle VM Manager processes. Contact Oracle Support for more information.

7.9 Administrative Changes

There are a number of systems administration tasks that may be performed at any time after you have completed your deployment. These include tasks such as changing the default self-signed SSL certificate that Oracle VM Manager uses, to a CA signed certificate of your own choosing, installing third-party Oracle VM Storage Connect plug-ins, or changing the Oracle VM Manager administrator password. These additional steps are discussed in the Oracle VM Administrator's Guide.

Copyright © 2011, 2022 Oracle and/or its affiliates. All rights reserved. Legal Notices