Author Archives: alesk
Using ssh tunneling to gain access to remote VirtualBox guest attached to NAT
I’m building virtual machines on a weekly basis, sometimes daily. Most often I create various Linux distros as guests on VirtualBox hosts. VirtualBox hosts are either Windows or Linux computers. Majority of guests are built for test purposes only, so they often live in a “cage” behind a VirtualBox NAT. Guests with NIC attached to NAT have access to the LAN and Internet, but the opposite is not possible out of the box. So my typical NIC configuration for VirtualBox guest looks like this:
Fortunately, VirtualBox allows to configure port forwarding for NAT attached NIC’s. For every Linux guest I setup port forwarding for ssh (22), so that I can use MobaXterm (on Windows7/10) to connect to the Linux guest from the host itself. That’s how it looks:
That’s fine, as long as you have access to the host where your VBox guest is running, you can use MobaXterm to connect to the virtualbox guest. Seating at Windows 7 workstation we simply open MobaXterm and type:
Sometimes, I build virtual machines that I want to access from other machines as well and I don’t like to weaken security by attaching guest NIC’s to a Bridged adapter. Again, let’s call wonderful ssh to the rescue.
Situation: VirtualBox host is a Windows 2008 R2 Server (I’ll refer to this host as VBOXHOST). On this host we’re hosting Linux guest (OL7ORA12R2) with the latest Oracle 12.2 installation. Guest is behind a NAT, but with a port forwarding setup for ssh as shown above (picture 3). I would like to have access to this guest from remote workstation running Windows 7. All machines (physical Windows 7 & 2008R2, plus virtual Linux 7) are firewalled with ssh ports (22) left opened. On Windows 2008R2 is already running OpenSSH (Cygwin).
All that we need to do to get sqlplus access to remote Oracle 12.2 running in Linux guest from Windows 7 workstation is this:
On Windows 7 we start MobaXTerm terminal and run (note that by default Mobaxterm uses implicitly -X for ssh): $ ssh -L 12201:localhost:12201 alesk@vboxhost -t ssh -L 12201:localhost:1521 alesk@localhost -p 2222 First, we're asked for password to connect to vbohost (Windows 2008 R2), then we're asked for password to login to virtual machine guest (Linux). Note, that we must left the MobaXterm window open for a duration of SQL*Plus session that follows... Now, we can connect from Windows 7 Workstation to the remote Oracle DB, first open cmd and type: cmd> sqlplus /nolog cmd> connect c##alesk@'localhost:12201/ORA122'
What happens is illustrated on this picture:
- On Windows 7 we launched MobaXterm and run ssh command:
- On Windows 7 we opened sqlplus, connecting to localhost:12201. SSH redirected traffic to VBOXHOST:12201 (hop 1), followed by second redirection (hop 2) to Listener running inside VirtualBox.
$ ssh -L 12201:localhost:12201 alesk@vboxhost -t ssh -L 12201:localhost:1521 alesk@localhost -p 2222 ssh -L 12201:localhost:12201 alesk@vboxhost ........... tunnel #1 forwarding port 12201 (Windows 7) to port VBOXHOST (port 12201), in both cases on localhost. ssh -L 12201:localhost:1521 alesk@localhost -p 2222 .... tunnel #2 forwarding port 12201 (VBOXHOST) to port 1521 inside VirtualBox Guest, using port 2222 redirection done by VirtualBox itself.
What if we would like to run some GUI application on Linux guest? We can use X session forwarding, allowing us to see the GUI on our Windows 7 workstation. Like this:
We must open two MobaXterm terminals on Windows 7 workstation.
In the first MobaXterm terminal we type:
$ ssh -L 2222:localhost:2222 alesk@vboxhost
In the second MobaXterm terminal we type:
$ ssh alesk_guest@localhost -p 2222 alesk_guest@mint18 ~$ xclock &
….and xclock will popup on Windows 7 workstation but actually running on Linux guest. Note that alesk_guest is a Linux user on LinuxMint 18 guest and that guest is configured in the same way as before, behind a NAT and with ssh port forwarding (2222) at VirtualBox level. This option is handy to lauch Oracle gui configuration tools, like dbca, netca etc.
Unicode and Oracle SQLcl…on Windows — solved
I was struggling with sqlcl on Windows 7 to properly display our umlauts (we’re using Windows 7 desktops with NLS_LANG=SLOVENIAN_SLOVENIA.EE8MSWIN1250 setup in the registry — note: sqlcl is not reading this variable).
When I read Jeff Smith blog post “Unicode and Oracle SQLcl…on Windows” I though that my problem was solved. Someone reading an article without reading the comments would assume that sqlcl works out of the box on Windows with proper UTF-8 support, which does not. Partly due to the omission of proper parameter in supplied sql.bat file, but mostly because of the state of cmd.exe (powershell.exe) in versions of Windows 7 and below, Windows 10 is much better.
In this demo we’re using Windows 7 EE (Windows 10 EE), Oracle 12c R1 and sqlcl-4.2.0.16.308.0750-no-jre.zip.
First, we created test table called UMLAUT in SQL*Developer and inserted our umlauts:
Then we run a query from this table with sqlcl. Note an extra line between the rows returned from the query….
ok, how about writing some umlauts on the command line….
Well, we can write umlauts but console won’t show us what we wrote (note a presence of squares)…nevertheless the result of the query is correct.
What we can do? Well, for a start we need to patch the officially supplied sql.bat script.
Open sql.bat and replace line
SET STD_ARGS=-Djava.awt.headless=true -Xss10M
with
SET STD_ARGS=-Djava.awt.headless=true -Xss10M -Dfile.encoding=UTF-8
But don’t celebrate yet…what we achieved is this….
We still have an extra line between the rows, which is annoying, but at least we can see what we wrote in the WHERE condition. Plus an extra square :-)…if you’re “lucky” Windows 7 user.
However, above patch is enough on Windows 10, where, both writing of umlauts and properly displaying the records (without extra blank line) works as expected….
The only “workaround” that we found for Windows 7 clients is to simply forget about official console applications (cmd.exe and powershell.exe) as a “host” for sqlcl and use some alternative. We found out that ConEMU works great…(patch in the sql.bat is of course still mandatory until sqlcl guys do this for you).
And what about the suggestion that we can tweak the registry and permanently change the console application (cmd.exe) code page to UTF? Don’t do this, because you’ll disable some non-java applications, including SQL*Plus…look what happens with sqlplus.exe….
Windows 10 – disable Windows Update automatic reboot
Despite of the Linux (Mint & Fedora) dominance on my desktops and laptops, I nevertheless need at least one Windows workstation at work. Recently, I started to move part of my Windows (only) application stack from Windows 7 Enterprise to Windows 10 Enterprise. One thing that bothers me from day one on Windows 10 is automatic updating and rebooting. I’m fine with the automatic update part, but certainly don’t like auto-reboot part, my main desktop simply must run non-stop, usually for several months in a row. Here is a mini “how-to” that I used to change default behavior:
Open Local Security Policy Editor
Make a search for “Edit group policy”, then open “Computer Configuration” -> “Administrative Templates” -> “Windows Components” -> “Windows Update”
Double clikc on “Configure Automatic Updates”….
…and click on “Enabled” and select the way you want updates to be downloaded and installed. Here is my choice…
After reboot, you can check Windows Update Settings, where you should see warning that “Some settings are managed by your organization”….
Another policy option that you probably want to enable is “No auto-restart with logged on users…”:
Installing Standalone Oracle Http Server 12c R2 (12.2.1.1) on Windows 2012 R2
IMPORTANT!
According to MOS note Oracle Web Tier – Statement of Direction (Doc ID 1576588.1) Oracle mod_plsql in Oracle HttpServer is deprecated as of version OHS 12.1.3.
If you’re reading this to learn how to install OHS because your application depends on mod_plsql functionality, then we have a bad news for you. Oracle removed mod_plsql from OHS 12.2. So, the best help that we can give you is our reference installation note for OHS 12.1.3 installation on Windows 2012 R2.
Oracle recommends to move to Oracle REST Data Services (ORDS) (formerly known as Apex Listener) on top of Oracle WebLogic, Oracle Glassfish or Apache Tomcat.
Of course, if you’re still interested in installation procedure for OHS 12.2 on top of Windows 2012 R2 keep reading….
Once again, we got a brand new server with Windows 2012 R2, on which we wanted to install standalone Oracle HttpServer 12c R2 (12.2.1.1.0). If you read our post from the last year covering Oracle HttpServer 12.1 installation on Windows 2012 R2, you already know that we’re a big fans of Oracle end user friendliness and admiration of Oracle engineering capabilities to transform a mouse to an elephant. Let’s see if this crap excellent piece of software installs as smooth in Release 2 as it did in Release 1.
Find and download fmw_12.2.1.1.0_ohs_win64_Disk1_1of1.zip from OTN, at the time of this writing you should see something like this:
Unpack fmw_12.2.1.1.0_ohs_win64_Disk1_1of1.zip and run setup_fmw_12.2.1.1.0_ohs_win64.exe.
Setup will check the system prerequisites, you should be fine if you’re installing on Windows 2012 R2. Now, we’ll show you some screenshots from our installation with comments whenever we think they’re necessary. Basically, we left most options at default (apart from changing the Oracle home).
According to Oracle documentation:
On the Windows platform, Oracle HTTP Server requires Microsoft Visual C++ run-time libraries to be installed on the system.
To meet this system requirement for Oracle HTTP Server, download the Visual C++ Redistributable for Visual Studio 2012
software from the following URL: https://www.microsoft.com/en-us/download/details.aspx?id=30679D
After we downloaded and installed Visual C++ (VS 2012) redistributable we hit the Rerun button and the check completed successfully…
As you can notice, there is no screenshot of step #9. After we clicked Next on Step #8 the new dialog window opened for a second and immediately closed. Perhaps it was just us….fortunately, we could made an educated guess that the last screen should likely be an informative one, like the one that we saw during OHS 12c R1 installation:
…suggesting that fun is not over yet and that you need to create domain with the Configuration Wizard. Start configuration Wizard from:
D:\ORACLE\OFM\OFM12\oracle_common\common\bin\config.cmd
and configure Oracle Http Server in standalone mode…
If you check Windows services at this time you’ll see, well, nothing. We need to create service for Node Manager before we can start Http server.
Note that we installed Oracle HttpServer 12c R2 in ORACLE_HOME: D:\ORACLE\OFM.
First open command prompt (cmd) wit “Run as Administrator” and set the path before you run installNodeMgrSvc.cmd:
set DOMAIN_HOME_BIN=D:\ORACLE\OFM\OFM12\user_projects\domains\base_domain\bin set PATH=%DOMAIN_HOME_BIN%;%PATH% installNodeMgrSvc.cmd
And if everything has gone well you should see the message at command prompt, with the line:
... Oracle Weblogic base_domain NodeManager (D_ORACLE_OFM_OFM12_wlserver) installed. ...
Script installeNodeMgrSvc.cmd created a new service, that reads, don’t hold your breath….:
"Oracle Weblogic base_domain NodeManager (D_ORACLE_OFM_OFM12_wlserver)"
with path to the executable like this:
D:\ORACLE\OFM\OFM12\wlserver\server\bin\wlsvcX64.exe
Yes, they probably set a World record for the length of a Windows service. What a schmucks.
The service is installed using the default Node Manager listen port (5556). By default Node Manager Listens only on localhost.
Now, we can finally start Oracle HttpServer 12c R2. First, make sure that Node manager service is running and if it’s not then start “Oracle Weblogic base_domain NodeManager (D_ORACLE_OFM_OFM12_wlserver)”.
You can START Oracle HttpServer 12c R2 on command line with:
set DOMAIN_HOME_BIN=D:\ORACLE\OFM\OFM12\user_projects\domains\base_domain\bin set PATH=%DOMAIN_HOME_BIN%;%PATH% startComponent ohs1
You’ll be asked to enter password for Node Manager which you entered on screen 6 of Oracle Fusion Middleware Configuration Wizard.
You can STOP Oracle HttpServer 12c R2 on command line with:
set DOMAIN_HOME_BIN=D:\ORACLE\OFM\OFM12\user_projects\domains\base_domain\bin set PATH=%DOMAIN_HOME_BIN%;%PATH% stopComponent ohs1
There is also a WLST tool (wlst.cmd) that allow us to manipulate with running OHS.
Using WLST to control OHS:
Open WLST D:\ORACLE\OFM\OFM12\oracle_common\common\bin\wlst.cmd:
Initializing WebLogic Scripting Tool (WLST) ...
Welcome to WebLogic Server Administration Scripting Shell
Type help() for help on available commands
wls:/offline> nmConnect('administrator','mysecretpassword','localhost','5556','base_domain','D:/ORACLE/OFM/OFM12/user_projects/domains/base_domain','ssl')
// status
wls:/nm/base_domain> nmServerStatus(serverName='ohs1', serverType='OHS')
RUNNING
// soft restart
wls:/nm/base_domain> nmSoftRestart(serverName='ohs1', serverType='OHS')
// stop OHS
wls:/nm/base_domain> nmKill(serverName='ohs1', serverType='OHS')
Killing server ohs1 ...
Successfully killed server ohs1
// status
wls:/nm/base_domain> nmServerStatus(serverName='ohs1', serverType='OHS')
SHUTDOWN
// start
wls:/nm/base_domain> nmStart(serverName='ohs1', serverType='OHS')
And finally, let’s see where is the config file for httpd. According to the Oracle Http 12c documentation there are runtime and staging config files and we should always edit staging config file(s). In our example the config file location is:
Domain home bin : D:\ORACLE\OFM\OFM12\user_projects\domains\base_domain\bin httpd.conf : D:\ORACLE\OFM\OFM12\user_projects\domains\base_domain\config\fmwconfig\components\OHS\ohs1
Final Test….open IE and go to http://localhost:7777:
xrdp on Raspberry Pi 2 with Slovenian keyboard
This is a short memo about setting up xrdp on my Raspberry Pi 2 with freshly installed Ubuntu Mate 16.04. The objective is to run RPI headless on run level 3 (multi-user.target in systemd parlance), but with the option to have GUI access from my Windows 10 workstation via RDP (90% of the time, I’ll be using MobaXterm to ssh into RPI). Primary role of this “machine” will be executing some DBA related python scripts, some of those scripts will produce some graphics, nothing fancy, but still a lot simpler to maintain if I can login from time to time to RPI desktop.
Install xrdp:
$ ssh -X alesk@rpi-mate $ sudo apt-get install xrdp $ reboot // note down your IP $ ip addr
On Windows desktop open Remote desktop and connect to RPI. You’ll get prompt like the one on the picture:
Enter username and password and wait for the desktop to appear. The problem however is that by default I was stuck with the US keyboard without the way to change it.
With some googling I found out, that I need to find my country code for the xrdp key mapping ini file, for example here. In my case, it’s 0x0424 – sl Slovenian.
I used country code for the naming of generated keyboard mapping file.
$ ssh alesk@rpi-mate $ xrdp-genkeymap km-0424.ini $ sudo cp km-0424.ini /etc/xrdp $ sudo chown xrdp:xrdp /etc/xrdp/km-0424.ini $ sudo service xrdp restart
Now, after reconnecting to my RPI with Remote Desktop client, I got desktop with functional Slovenian keyboard:
dbaportal.eu 
You must be logged in to post a comment.