Pages
Thursday, August 31, 2023
How to check the sql id history ?
Invalid Objects In Oracle Database ?
Invalid Objects In Oracle Database ?
How to check database startup time ?
How to check database startup time ?
How to truncate audit tablespace ?
How to truncate audit tablespace ?
How To Shrink Tablespaces
How To Shrink Tablespaces
select file_name, ceil( (nvl(hwm,1)*&&blksize)/1024/1024/1024 ) resize_GB, ceil( blocks*&&blksize/1024/1024/1024) currsize, ceil( blocks*&&blksize/1024/1024/1024) - ceil( (nvl(hwm,1)*&&blksize)/1024/1024/1024 ) reclaimable_GB from dba_data_files a, ( select file_id, max(block_id+blocks-1) hwm from dba_extents group by file_id ) b where a.file_id = b.file_id(+)
/
---With alter command individual tablespace.
select file_name,'alter database datafile'||' '''||file_name||''''||' resize '||ceil( (nvl(hwm,1)*&&blksize)/1024/1024/1024 )||''||'G'||';', ceil( (nvl(hwm,1)*&&blksize)/1024/1024/1024 ) resize_GB, ceil( blocks*&&blksize/1024/1024/1024) currsize, ceil( blocks*&&blksize/1024/1024/1024) - ceil( (nvl(hwm,1)*&&blksize)/1024/1024/1024 ) reclaimable_GB from dba_data_files a, ( select file_id, max(block_id+blocks-1) hwm from dba_extents group by file_id ) b where a.file_id = b.file_id(+) and a.tablespace_name='SYSTEM' and ceil( blocks*&&blksize/1024/1024/1024) - ceil( (nvl(hwm,1)*&&blksize)/1024/1024/1024 )!=0 order by 5 desc /
---with alter command.
set linesize 1000 pagesize 0 feedback off trimspool on
with
hwm as (
-- get highest block id from each datafiles ( from x$ktfbue as we don't need all joins from dba_extents )
select /*+ materialize */ ktfbuesegtsn ts#,ktfbuefno relative_fno,max(ktfbuebno+ktfbueblks-1) hwm_blocks
from sys.x$ktfbue group by ktfbuefno,ktfbuesegtsn
),
hwmts as (
-- join ts# with tablespace_name
select name tablespace_name,relative_fno,hwm_blocks
from hwm join v$tablespace using(ts#)
),
hwmdf as (
-- join with datafiles, put 5M minimum for datafiles with no extents
select file_name,nvl(hwm_blocks*(bytes/blocks),5*1024*1024) hwm_bytes,bytes,autoextensible,maxbytes from hwmts right join dba_data_files using(tablespace_name,relative_fno)
)
select case when autoextensible='YES' and maxbytes>=bytes then -- we generate resize statements only if autoextensible can grow back to current size '/* reclaim '||to_char(ceil((bytes-hwm_bytes)/1024/1024),999999) ||'M from '||to_char(ceil(bytes/1024/1024),999999)||'M */ ' ||'alter database datafile '''||file_name||''' resize '||ceil(hwm_bytes/1024/1024)||'M;' else -- generate only a comment when autoextensible is off '/* reclaim '||to_char(ceil((bytes-hwm_bytes)/1024/1024),999999)
||'M from '||to_char(ceil(bytes/1024/1024),999999) ||'M after setting autoextensible maxsize higher than current size for file ' || file_name||' */' end SQL from hwmdf where bytes-hwm_bytes>1024*1024 -- resize only if at least 1MB can be reclaimed order by bytes-hwm_bytes desc
/
---with alter command in GB
set linesize 1000 pagesize 0 feedback off trimspool on
with
hwm as (
-- get highest block id from each datafiles ( from x$ktfbue as we don't need all joins from dba_extents )
select /*+ materialize */ ktfbuesegtsn ts#,ktfbuefno relative_fno,max(ktfbuebno+ktfbueblks-1) hwm_blocks
from sys.x$ktfbue group by ktfbuefno,ktfbuesegtsn
),
hwmts as (
-- join ts# with tablespace_name
select name tablespace_name,relative_fno,hwm_blocks
from hwm join v$tablespace using(ts#)
),
hwmdf as (
-- join with datafiles, put 5GB minimum for datafiles with no extents
select file_name,nvl(hwm_blocks*(bytes/blocks),5*1024*1024*1024) hwm_bytes,bytes,autoextensible,maxbytes
from hwmts right join dba_data_files using(tablespace_name,relative_fno)
)
select
case when autoextensible='YES' and maxbytes>=bytes
then -- we generate resize statements only if autoextensible can grow back to current size
'/* reclaim '||to_char(ceil((bytes-hwm_bytes)/1024/1024/1024),999999)
||'GB from '||to_char(ceil(bytes/1024/1024/1024),999999)||'GB */ '
||'alter database datafile '''||file_name||''' resize '||ceil(hwm_bytes/1024/1024/1024)||'GB;'
else -- generate only a comment when autoextensible is off
'/* reclaim '||to_char(ceil((bytes-hwm_bytes)/1024/1024/1024),999999)
||'GB from '||to_char(ceil(bytes/1024/1024/1024),999999)
||'GB after setting autoextensible maxsize higher than current size for file '
|| file_name||' */'
end SQL from hwmdf where bytes-hwm_bytes>1024*1024*1024 -- resize only if at least 1GB can be reclaimed order by bytes-hwm_bytes desc
/
Monday, August 21, 2023
Important Features Of Cassandra Database ?
Important Features Of Cassandra Database ?
What is Cassandra Database ?
What is Cassandra Database ?
What is NoSQL Database ?
What is NoSQL Database ?
Cassandra Database
Cassandra Database
- Cassandra is a Open Source, NoSQL database.
- Cassandra provides:
Highly scalable
High performance
Distributed database
-Cassandra is designed to handle large amounts of data in a cluster of nodes. The nodes of the cluster are commodity servers.
- Cassandra provides high availability with no single point of failure.
Cassandra supports the CAP theorem.
According to CAP theorem, the system must provide guarantee for:
- Consistency
- Availability
- Partition Tolerance
Cassandra supports the following
Updates to the state of the system are seen by all the clients simultaneously.
Availability
Guarantee of the system to be available for every valid request.
Partition tolerance
The system continues to operate despite arbitrary message loss or network partition.
Day 2 day queries
Day 2 day queries
How to check whether port is open or not ?
How to check whether port is open or not ?
(echo > /dev/tcp/192.168.1.75/1521) >/dev/null 2>&1 && echo "Port is open" || echo "Port is Closed"
Monday, August 7, 2023
How To Install "gnome-system-tools" Package on Ubuntu / Default packages in Ubuntu
How To Install "gnome-system-tools" Package on Ubuntu / Default packages in Ubuntu
Cross-platform configuration utilities for GNOME
The GNOME System Tools are a fully integrated set of tools aimed to make easy the job that means the computer administration on an UNIX or Linux system. They're thought to help from the new Linux or UNIX user to the system administrators. Cross-platform configuration utilities for GNOME
The GNOME System Tools are a fully integrated set of tools aimed to make easy the job that means the computer administration on an UNIX or Linux system. They're thought to help from the new Linux or UNIX user to the system administrators.
Step 1
Run update command to update package repositories and get latest package information.
sudo apt-get update -y (or) apt-get update -y
Step 2
Run the install command with -y flag to quickly install the packages and dependencies.
sudo apt-get install -y gnome-system-tools (or) apt-get install -y gnome-system-tools
Optional:
sudo apt-get update
sudo apt-get upgrade -y
sudo apt-get update
sudo apt-get install build-essential
sudo apt-get update && sudo apt-get install build-essential
How to install MySQL on Ubuntu
How to install MySQL on Ubuntu
Step 1 — Installing MySQLTo install it, update the package index on your server if you’ve not done so recently:
Then install the mysql-server package:
sudo apt install mysql-server
Ensure that the server is running using the systemctl start command:
sudo systemctl start mysql.service
Step 2 — Configuring MySQL
sudo mysql
Then run the following ALTER USER command to change the root user’s authentication method to one that uses a password. The following example changes the authentication method to mysql_native_password:
ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'password';
exit
sudo mysql_secure_installation
This will take you through a series of prompts where you can make some changes to your MySQL installation’s security options. The first prompt will ask whether you’d like to set up the Validate Password Plugin, which can be used to test the password strength of new MySQL users before deeming them valid.
If you elect to set up the Validate Password Plugin, any MySQL user you create that authenticates with a password will be required to have a password that satisfies the policy you select:
Output:
Securing the MySQL server deployment.
Enter password for user root:
VALIDATE PASSWORD COMPONENT can be used to test passwords
and improve security. It checks the strength of password
and allows the users to set only those passwords which are
secure enough. Would you like to setup VALIDATE PASSWORD component?
Press y|Y for Yes, any other key for No: Y
There are three levels of password validation policy:
LOW Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary file
Using existing password for root.
Estimated strength of the password: 25
Change the password for root ? ((Press y|Y for Yes, any other key for No) : Y
New password:
Re-enter new password:
Estimated strength of the password: 100
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : Y
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.
Remove anonymous users? (Press y|Y for Yes, any other key for No) : Y
Success.
Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network.
Disallow root login remotely? (Press y|Y for Yes, any other key for No) : Y
Success.
By default, MySQL comes with a database named 'test' that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.
Remove test database and access to it? (Press y|Y for Yes, any other key for No) : Y
- Dropping test database...
Success.
- Removing privileges on test database...
Success.
Reloading the privilege tables will ensure that all changes made so far will take effect immediately.
Reload privilege tables now? (Press y|Y for Yes, any other key for No) : Y
Success.
All done!
$ mysql -u root -p
Then go back to using the default authentication method using this command:
ALTER USER 'root'@'localhost' IDENTIFIED WITH auth_socket;
Step 3 — Creating a Dedicated MySQL User and Granting Privileges
sudo mysql
Note: If you installed MySQL with another tutorial and enabled password authentication for root, you will need to use a different command to access the MySQL shell. The following will run your MySQL client with regular user privileges, and you will only gain administrator privileges within the database by authenticating:
mysql -u root -p
CREATE USER 'username'@'host' IDENTIFIED WITH authentication_plugin BY 'password';
Run the following command to create a user that authenticates with caching_sha2_password. Be sure to change sammy to your preferred username and password to a strong password of your choosing:
CREATE USER 'sammy'@'localhost' IDENTIFIED BY 'password';
Note: There is a known issue with some versions of PHP that causes problems with caching_sha2_password. If you plan to use this database with a PHP application — phpMyAdmin, for example — you may want to create a user that will authenticate with the older, though still secure, mysql_native_password plugin instead:
CREATE USER 'sammy'@'localhost' IDENTIFIED WITH mysql_native_password BY 'password';
If you aren’t sure, you can always create a user that authenticates with caching_sha2_plugin and then ALTER it later on with this command:
ALTER USER 'sammy'@'localhost' IDENTIFIED WITH mysql_native_password BY 'password';
After creating your new user, you can grant them the appropriate privileges. The general syntax for granting user privileges is as follows:
GRANT PRIVILEGE ON database.table TO 'username'@'host';
Run this GRANT statement, replacing sammy with your own MySQL user’s name, to grant these privileges to your user:
GRANT CREATE, ALTER, DROP, INSERT, UPDATE, INDEX, DELETE, SELECT, REFERENCES, RELOAD on *.*
Note that this statement also includes WITH GRANT OPTION. This will allow your MySQL user to grant any permissions that it has to other users on the system
Warning: Some users may want to grant their MySQL user the ALL PRIVILEGES privilege, which will provide them with broad superuser privileges akin to the root user’s privileges, like so:
GRANT ALL PRIVILEGES ON *.* TO 'sammy'@'localhost' WITH GRANT OPTION;
Such broad privileges should not be granted lightly, as anyone with access to this MySQL user will have complete control over every database on the server.
Following this, it’s good practice to run the FLUSH PRIVILEGES command. This will free up any memory that the server cached as a result of the preceding CREATE USER and GRANT statements:
FLUSH PRIVILEGES;
Then you can exit the MySQL client:
exit
In the future, to log in as your new MySQL user, you’d use a command like the following:
mysql -u sammy -p
Finally, let’s test the MySQL installation.
Step 4 — Testing MySQL
Regardless of how you installed it, MySQL should have started running automatically. To test this, check its status.
systemctl status mysql.service
The output will be similar to the following:
Output
● mysql.service - MySQL Community Server
Loaded: loaded (/lib/systemd/system/mysql.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2022-04-11 16:04:39 UTC; 2h 36min ago
Process: 2593 ExecStartPre=/usr/share/mysql/mysql-systemd-start pre (code=exited, status=0/SUCCESS)
Main PID: 2601 (mysqld)
Status: "Server is operational"
Tasks: 38 (limit: 1119)
Memory: 354.3M
CPU: 19.944s
CGroup: /system.slice/mysql.service
└─2601 /usr/sbin/mysqld
If MySQL isn’t running, you can start it with sudo systemctl start mysql.
Source/Reference:
Saturday, August 5, 2023
Docker volume ?
Docker volume ?
Volumes are stored in a part of the host file system which is managed by docker (/var/lib/docker/volumes/ on Linux). Non-Docker processes should not modify this part of the file system. Volumes are the best way to persist data in docker.
Sharing with one or more containers are allowed.
Note: To attach multiple volumes to container use -v/--mount flag more than once.
Commands:
docker run -d \
--name devtest1 \
--mount source=myvol1,target=/qpath \
nginx:latest
$ docker run -d --name devtest1 --mount source=myvol1,target=/qpath nginx:latest
$ docker volume inspect myvol1
docker run -d \
--name devtest2 \
-v myvol2:/app \
nginx:latest
$ docker run -d --name devtest2 -v myvol2:/app nginx:latest
$ docker volume inspect myvol2
Docker bind mount?
Docker bind mount?
When you use a bind mount, a file or directory on the host machine is mounted into a container.
Bind mounts may be stored anywhere on the host system. They may even be important system files or directories. Non-Docker processes on the Docker host or a Docker container can modify them at any time.
Sharing with one or more containers are allowed in bind mount.
Note: To attach multiple (bind mount) to container use -v/--mount flag more than once
Commands:
[root@localhost ~]# mkdir target
[root@localhost ~]# cd target/
[root@localhost target]# touch qader1
docker run -d \
-it \
--name devtest \
--mount type=bind,source="$(pwd)"/target,target=/app \
nginx:latest
[root@localhost ~]# docker run -d -it --name devtest --mount type=bind,source="$(pwd)"/target,target=/app nginx:latest
[root@localhost ~]# docker exec -it devtest bash
root@7e7fc162399c:/# ls
app bin boot dev docker-entrypoint.d docker-entrypoint.sh etc home lib lib32 lib64 libx32 media mnt opt proc root run sbin srv sys tmp usr var
root@7e7fc162399c:/# cd app/
root@7e7fc162399c:/app# ls
qader1
root@7e7fc162399c:/# cd app/
root@7e7fc162399c:/app# touch qader3
root@7e7fc162399c:/app# exit
exit
[root@localhost ~]# ls -ltrh target
total 0
-rw-r--r--. 1 root root 0 Aug 5 15:37 qader1
-rw-r--r--. 1 root root 0 Aug 5 15:41 qader2
-rw-r--r--. 1 root root 0 Aug 5 15:42 qader3
docker run -d \
-it \
--name abc \
-v "$(pwd)"/target:/app \
nginx:latest
[root@localhost ~]# docker run -d -it --name abc -v "$(pwd)"/target:/app nginx:latest
7e9d2a26b3b14a106f1855e0795808539ef28fa5c34d206ce1e1b64916c073d6
[root@localhost ~]# docker exec -it abc bash
root@7e9d2a26b3b1:/# cd app/
root@7e9d2a26b3b1:/app# ls
qader1
root@7e9d2a26b3b1:/app# touch qader2
rot@7e9d2a26b3b1:/app# exit
exit
[root@localhost ~]# ls -ltrh target
total 0
-rw-r--r--. 1 root root 0 Aug 5 15:37 qader1
-rw-r--r--. 1 root root 0 Aug 5 15:41 qader2
Docker image digests?
Docker image digests?
When you download something from the internet, a common method for determining both integrity and authenticity of an object is to generate a cryptographic hash of it and compare it to what you expect.
Let’s say you’re using Docker Hub to store images, and you’re also deploying Docker images to your infrastructure by specifying a tag like oneminutenotes/app:v1.2.11.
Now, one day, you discover that someone’s Docker Hub credentials on your team have been exposed. Docker Hub doesn’t support MFA, so you know an attacker could have had push access to your repositories.
How can you be sure that the image you’re running, hasn’t been overwritten with a malicious version? Short answer is you can’t, because you’re not verifying what you’re downloading from the internet.
The answer to this in the Docker world is digests
Images that use the v2 or later format have a content-addressable identifier called a digest. As long as the input used to generate the image is unchanged, the digest value is predictable.
Instead of specifying oneminutenotes/app:v1.2.11, we should have been specifying the content addressable identifier for that tag; oneminutenotes/app@sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
When we use the digest as the identifier, Docker will not only pull the image with that digest, but also calculate the sha256 digest of what we downloaded and verify it against what we specified.
This provides a number of protections:
1. It removes any attack vector through the Docker Registry to change what we’re running in production. An attack that overwrites a mutable tag, has no effect on what we’re running.
2. It prevents any possibility of a MiTM attack, since any alteration (either malicious, or accidental) will be checked.
3. It increases the overall stability of the system as a whole, by the simple fact that the digest is an immutable identifier, so we know it can never change.
4. It improves cacheability for docker pull’s; content-addressable identifiers can never change, so they can be cached efficiently.
How to see container digest ?
docker images --digests
docker pull ubuntu:latest ----------bydefault
docker pull ubuntu@sha256:5d1d5407f353843ecf8b16524bc5565aa332e9e6a1297c73a92d3e754b8a636d
docker pull nginx@sha256:67f9a4f10d147a6e04629340e6493c9703300ca23a2f7f3aa56fe615d75d31ca
How to expose container's ports?
How to expose container's ports?
Options Used for port expose:
--publish, -p Publish a container’s port(s) to the host--publish-all, -P Publish all exposed ports to random ports
Commands:
[root@localhost ~]# docker run --name 'nginx2' -P -itd nginx[root@localhost ~]# docker run --name 'nginx3' -p 1521:80 -itd nginx
How to rename a container?
How to rename a container?
$ docker rename CONTAINER NEW_NAME
The docker rename command renames a container.
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
90a3993d725a ubuntu "/bin/bash" 4 hours ago Up 4 hours c1
[root@localhost ~]# docker container rename 90a 'TESTNAME'
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
90a3993d725a ubuntu "/bin/bash" 4 hours ago Up 4 hours TESTNAME