Startup APEX with Oracle 11g on AWS

In my previous post I completed creating an Oracle instance from public AMI on AWS. In a following post we configured OEM.

In this post I’ll start APEX on this instance. This instance of Oracle comes preinstalled with APEX.

First we have to reset the password of ADMIN and APEX_PUBLIC_USER and unlock the accounts. The process to reset these are described here.

For resetting password of ADMIN user we must use apxchpwd.sql. For APEX_PUBLIC_USER we can use ALTER USER command.

ADMIN user password change…

oracle@domU-12-31-39-00-64-53:[/u01/app/oracle/product/11.2.0/db_1/apex]

$ ls

apex_epg_config.sql       apexvalidate.sql  apxdbmig.sql  apxe101.sql  apxldimg.sql  apxremov.sql  apxxemig.sql  catapx.sql   devins.sql  load_trans.sql  utilities

apex_epg_config_core.sql  apxchpwd.sql      apxdevrm.sql  apxe102.sql  apxpatch.sql  apxrtins.sql  apxxepwd.sql  core         endins.sql  owa

apexins.sql               apxconf.sql       apxdvins.sql  apxe111.sql  apxrelod.sql  apxsqler.sql  builder       coreins.sql  images      patches

oracle@domU-12-31-39-00-64-53:[/u01/app/oracle/product/11.2.0/db_1/apex]

$ sqlplus / as sysdba;

SQL*Plus: Release 11.2.0.1.0 Production on Thu Feb 14 20:27:12 2013

Copyright (c) 1982, 2009, Oracle.  All rights reserved.

Connected to:

Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 - Production

With the Partitioning, OLAP, Data Mining and Real Application Testing options

SQL> @/u01/app/oracle/product/11.2.0/db_1/apex/apxchpwd.sql

Enter a value below for the password for the Application Express ADMIN user.

Enter a password for the ADMIN user              []

Session altered.

...changing password for ADMIN

PL/SQL procedure successfully completed.

Commit complete.

SQL>

APEX_PUBLIC_USER password change…

SQL> ALTER USER APEX_PUBLIC_USER IDENTIFIED BY ********;

User altered.

SQL>

Now we can access the APEX via web browser.

We’ll explore the APEX application development environment in the next post.

Till then BYE.

Configuring EM for Oracle 11g on AWS

In my previous post creating-oracle-11g-instance-in-aws we explored how to create an AWS EC2 instance from preconfigured Oracle 11g public AMI.

Many months later, after starting a LINUX instance with Oracle 11g configure AMI, I found that EM (enterprise manager) was not configured properly.

In this post I’ll explore and start EM.

After logging into OS using oracle user, I issued the following commands.

Note the two IP addresses 174-129-62-10 (in emctl response) and 54-234-168-130 (at the header). This indicates AMI previous configuration is file is sitting there.

We need to reconfigure EM.

oracle@domU-12-31-39-00-64-53:[/u01/app/oracle/product/11.2.0/db_1]

$ emca -deconfig dbcontrol db -repos drop;

STARTED EMCA at Feb 13, 2013 4:15:31 PM

EM Configuration Assistant, Version 11.2.0.0.2 Production

Copyright (c) 2003, 2005, Oracle.  All rights reserved.

Enter the following information:

Database SID: odmdb

Listener port number: 1521

Password for SYS user:

Password for SYSMAN user:

Do you wish to continue? [yes(Y)/no(N)]: Y

Feb 13, 2013 4:15:58 PM oracle.sysman.emcp.EMConfig perform

INFO: This operation is being logged at /u01/app/oracle/cfgtoollogs/emca/odmdb/emca_2013_02_13_16_15_30.log.

Feb 13, 2013 4:15:59 PM oracle.sysman.emcp.EMDBPreConfig performDeconfiguration

WARNING: EM is not configured for this database. No EM-specific actions can be performed.

Feb 13, 2013 4:15:59 PM oracle.sysman.emcp.ParamsManager checkListenerStatusForDBControl

WARNING: Error initializing SQL connection. SQL operations cannot be performed

Feb 13, 2013 4:15:59 PM oracle.sysman.emcp.EMReposConfig invoke

INFO: Dropping the EM repository (this may take a while) ...

Feb 13, 2013 4:16:59 PM oracle.sysman.emcp.util.PlatformInterface executeCommand

WARNING: Error executing /u01/app/oracle/product/11.2.0/db_1/sysman/admin/emdrep/bin/RepManager -connect (DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=ec2-174-129-62-10.compute-1.amazonaws.com)(PORT=1521)))(CONNECT_DATA=(SERVICE_NAME=odmdb))) -repos_user SYSMAN -action drop -verbose -output_file /u01/app/oracle/cfgtoollogs/emca/odmdb/emca_repos_drop_2013_02_13_16_15_59.log

Feb 13, 2013 4:16:59 PM oracle.sysman.emcp.EMReposConfig invoke

SEVERE: Error dropping the repository

Feb 13, 2013 4:16:59 PM oracle.sysman.emcp.EMReposConfig invoke

INFO: Refer to the log file at /u01/app/oracle/cfgtoollogs/emca/odmdb/emca_repos_drop_<date>.log for more details.

Feb 13, 2013 4:16:59 PM oracle.sysman.emcp.EMConfig perform

SEVERE: Error dropping the repository

Refer to the log file at /u01/app/oracle/cfgtoollogs/emca/odmdb/emca_2013_02_13_16_15_30.log for more details.

Could not complete the configuration. Refer to the log file at /u01/app/oracle/cfgtoollogs/emca/odmdb/emca_2013_02_13_16_15_30.log for more details.

oracle@domU-12-31-39-00-64-53:[/u01/app/oracle/product/11.2.0/db_1]

This failed, and on checking the log, I realized the SYSMAN password was wrong. So I am going to correct the SYSMAN account (PW reset) and try EMCA again.

oracle@domU-12-31-39-00-64-53:[/u01/app/oracle/product/11.2.0/db_1]

$ emca -deconfig dbcontrol db -repos drop;

STARTED EMCA at Feb 13, 2013 4:23:25 PM

EM Configuration Assistant, Version 11.2.0.0.2 Production

Copyright (c) 2003, 2005, Oracle.  All rights reserved.

Enter the following information:

Database SID: odmdb

Listener port number: 1521

Password for SYS user:

Password for SYSMAN user:

Do you wish to continue? [yes(Y)/no(N)]: Y

Feb 13, 2013 4:23:48 PM oracle.sysman.emcp.EMConfig perform

INFO: This operation is being logged at /u01/app/oracle/cfgtoollogs/emca/odmdb/emca_2013_02_13_16_23_24.log.

Feb 13, 2013 4:23:49 PM oracle.sysman.emcp.EMDBPreConfig performDeconfiguration

WARNING: EM is not configured for this database. No EM-specific actions can be performed.

Feb 13, 2013 4:24:49 PM oracle.sysman.emcp.EMConfig perform

SEVERE: Listener is not up or database service is not registered with it. Start the Listener and register database service and run EM Configuration Assistant again .

Refer to the log file at /u01/app/oracle/cfgtoollogs/emca/odmdb/emca_2013_02_13_16_23_24.log for more details.

Could not complete the configuration. Refer to the log file at /u01/app/oracle/cfgtoollogs/emca/odmdb/emca_2013_02_13_16_23_24.log for more details.

oracle@domU-12-31-39-00-64-53:[/u01/app/oracle/product/11.2.0/db_1]

$

However this time we get the message that DB is not registered with Listener. Let’s check.

$ lsnrctl status

LSNRCTL for Linux: Version 11.2.0.1.0 - Production on 13-FEB-2013 16:27:32

Copyright (c) 1991, 2009, Oracle.  All rights reserved.

Connecting to (ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1521))

STATUS of the LISTENER

------------------------

Alias                     LISTENER

Version                   TNSLSNR for Linux: Version 11.2.0.1.0 - Production

Start Date                13-FEB-2013 11:14:39

Uptime                    0 days 5 hr. 12 min. 52 sec

Trace Level               off

Security                  ON: Local OS Authentication

SNMP                      OFF

Listener Parameter File   /u01/app/oracle/product/11.2.0/db_1/network/admin/listener.ora

Listener Log File         /u01/app/oracle/diag/tnslsnr/domU-12-31-39-00-64-53/listener/alert/log.xml

Listening Endpoints Summary...

  (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=domU-12-31-39-00-64-53)(PORT=1521)))

  (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=domU-12-31-39-00-64-53)(PORT=8080))(Presentation=HTTP)(Session=RAW))

Services Summary...

Service "odmdb" has 1 instance(s).

  Instance "odmdb", status READY, has 1 handler(s) for this service...

Service "odmdbXDB" has 1 instance(s).

  Instance "odmdb", status READY, has 1 handler(s) for this service...

The command completed successfully

oracle@domU-12-31-39-00-64-53:[/u01/app/oracle/product/11.2.0/db_1]

$

Well Listener is up and servicing the database. So we are going to create the EM repository.

Note: You’ll need the DB password for SYS, DBSNMP and SYSMAN users.

If you continue this you’ll get an error that SYSMAN already exists. We should have used recreate command on emca

Also in case where AMI was created with ORACLE_HOSTNAME and other parameters set to original instance value, please make sure that those values are changed to reflect the current instance values.

In this instance the .bash_profile had set the HOSTNAME to old value. I corrected that.

oracle@domU-12-31-39-00-64-53:[/home/oracle]

$ emca -config dbcontrol db -repos recreate;

STARTED EMCA at Feb 13, 2013 5:04:48 PM

EM Configuration Assistant, Version 11.2.0.0.2 Production

Copyright (c) 2003, 2005, Oracle.  All rights reserved.

Enter the following information:

Database SID: odmdb

Listener port number: 1521

Listener ORACLE_HOME [ /u01/app/oracle/product/11.2.0/db_1 ]:

Password for SYS user:

Password for DBSNMP user:

Password for SYSMAN user:

Email address for notifications (optional):

Outgoing Mail (SMTP) server for notifications (optional):

-----------------------------------------------------------------

You have specified the following settings

Database ORACLE_HOME ................ /u01/app/oracle/product/11.2.0/db_1

Local hostname ................ ec2-54-234-168-130.compute-1.amazonaws.com

Listener ORACLE_HOME ................ /u01/app/oracle/product/11.2.0/db_1

Listener port number ................ 1521

Database SID ................ odmdb

Email address for notifications ...............

Outgoing Mail (SMTP) server for notifications ...............

-----------------------------------------------------------------

Do you wish to continue? [yes(Y)/no(N)]: Y

Feb 13, 2013 5:05:30 PM oracle.sysman.emcp.EMConfig perform

INFO: This operation is being logged at /u01/app/oracle/cfgtoollogs/emca/odmdb/emca_2013_02_13_17_04_47.log.

Feb 13, 2013 5:05:32 PM oracle.sysman.emcp.EMReposConfig invoke

INFO: Dropping the EM repository (this may take a while) ...

Feb 13, 2013 5:09:02 PM oracle.sysman.emcp.EMReposConfig invoke

INFO: Repository successfully dropped

Feb 13, 2013 5:09:03 PM oracle.sysman.emcp.EMReposConfig createRepository

INFO: Creating the EM repository (this may take a while) ...

Feb 13, 2013 5:23:18 PM oracle.sysman.emcp.EMReposConfig invoke

INFO: Repository successfully created

Feb 13, 2013 5:23:26 PM oracle.sysman.emcp.EMReposConfig uploadConfigDataToRepository

INFO: Uploading configuration data to EM repository (this may take a while) ...

Feb 13, 2013 5:26:33 PM oracle.sysman.emcp.EMReposConfig invoke

INFO: Uploaded configuration data successfully

Feb 13, 2013 5:26:38 PM oracle.sysman.emcp.util.DBControlUtil configureSoftwareLib

INFO: Software library configured successfully.

Feb 13, 2013 5:26:38 PM oracle.sysman.emcp.EMDBPostConfig configureSoftwareLibrary

INFO: Deploying Provisioning archives ...

Feb 13, 2013 5:27:46 PM oracle.sysman.emcp.EMDBPostConfig configureSoftwareLibrary

INFO: Provisioning archives deployed successfully.

Feb 13, 2013 5:27:46 PM oracle.sysman.emcp.util.DBControlUtil secureDBConsole

INFO: Securing Database Control (this may take a while) ...

Feb 13, 2013 5:28:56 PM oracle.sysman.emcp.util.DBControlUtil secureDBConsole

INFO: Database Control secured successfully.

Feb 13, 2013 5:28:56 PM oracle.sysman.emcp.util.DBControlUtil startOMS

INFO: Starting Database Control (this may take a while) ...

Feb 13, 2013 5:31:25 PM oracle.sysman.emcp.EMDBPostConfig performConfiguration

INFO: Database Control started successfully

Feb 13, 2013 5:31:25 PM oracle.sysman.emcp.EMDBPostConfig performConfiguration

INFO: >>>>>>>>>>> The Database Control URL is https://ec2-54-234-168-130.compute-1.amazonaws.com:1158/em <<<<<<<<<<<

Feb 13, 2013 5:31:46 PM oracle.sysman.emcp.EMDBPostConfig invoke

WARNING:

************************  WARNING  ************************

Management Repository has been placed in secure mode wherein Enterprise Manager data will be encrypted.  The encryption key has been placed in the file: /u01/app/oracle/product/11.2.0/db_1/ec2-54-234-168-130.compute-1.amazonaws.com_odmdb/sysman/config/emkey.ora.   Please ensure this file is backed up as the encrypted data will become unusable if this file is lost.

***********************************************************

Enterprise Manager configuration completed successfully

FINISHED EMCA at Feb 13, 2013 5:31:46 PM

oracle@domU-12-31-39-00-64-53:[/home/oracle]

$

Now we can use the URL to access the EM from web browser.

That is it. Give it try. Good Luck.

Note with this EC2 instance is Oracle Database is configured to continuously perform work, behind the scenes. So even if you are not actively working with this instance, there are IO and CPU cycles being consumed and will incur some cost. Specifically with this instance if you keep the instance running in default configuration without accessing the instance at all you’ll incur about $40.00 (Estimated) cost per month.

You can create a custom AMI or a SPOT instance to lower the cost.

More in Next.

How to log into AWS instance using password authentication

By default SSHD in linux instances in AWS are started with password authentication set to NO. For good resaons. Clear text password authentication is NOT as secured.
However for development instances or sandboxes, it might provide a "convenience" that may be worth.
To enable password authentication to AWS linux instances, modify parameter PasswordAuthentication parameter in file sshd_config and then restart the sshd process.
For example...

1	root@domU-12-31-39-00-7C-94:[/etc/ssh]

2

$ pwd

3

/etc/ssh

4	root@domU-12-31-39-00-7C-94:[/etc/ssh]

5

$

6	$ vi sshd_config

In the VI editor...

1	# To disable tunneled clear text passwords, change to no here!

2	PasswordAuthentication yes # <<<< we enabled this!!!!

3	#PermitEmptyPasswords no

4	# Changed to no per AWS

5	#PasswordAuthentication no

Now restart SSHD process.

01

$ sshd

02	sshd re-exec requires execution with an absolute path

03	root@domU-12-31-39-00-7C-94:[/etc/ssh]

04	$ which sshd

05	/usr/sbin/sshd

06	root@domU-12-31-39-00-7C-94:[/etc/ssh]

07

$

08	root@domU-12-31-39-00-7C-94:[/etc/ssh]

09	$ service /usr/sbin/sshd restart

10	/usr/sbin/sshd: unrecognized service

11	root@domU-12-31-39-00-7C-94:[/etc/ssh]

12	$ service sshd restart

13	Stopping sshd: [ OK ]

14	Starting sshd: [ OK ]

15	root@domU-12-31-39-00-7C-94:[/etc/ssh]

16

$

Now SSHD process is started with password authentication enabled. If we remove the key from the putty profle and open a telnet connection, we'll be prompted for userid and password.
We should be able use a valid linux user with password to login.

1	login as: oracle

2	oracle@ec2-23-22-205-159.compute-1.amazonaws.com's password:

3	oracle@domU-12-31-39-00-7C-94:[/home/oracle]

4

$

5	oracle@domU-12-31-39-00-7C-94:[/home/oracle]

6

$

7	oracle@domU-12-31-39-00-7C-94:[/home/oracle]

8

$

That's it. Be careful when using this technique.

AWS Oracle 11g instance

After logging into AWS, I chose the the public ami-47c5252e (Oracle published AMI) and started the instance. Instance started successfully.
Public DNS: ec2-184-72-84-130.compute-1.amazonaws.com

Save and generate the public key using puttygen

Download and save the *.ppm file from AWS instance. Use puttygen.exe to load and create private key. Puttygen does not recognize the .ppm extension, so change the filetype and then open .ppm file and save it as .ppk extension.
Using putty.exe initiated the telnet session to my instance.
Logged in as ROOT and installed the Oracle version 11g using preconfigured DBCA.
To enable password based login to the instance, edit the sshd_config file and restart ssh deamon

/etc/ssh
$ vi sshd_config
/etc/ssh
$ /etc/init.d/sshd restart
Stopping sshd: [ OK ]
Starting sshd: [ OK ]
/etc/ssh