Oracle VM Manager: Restoring Backup

Execute the following steps to restore a backup of Oracle VM Manager:

• Log in to the VM Manager Server as root.
• Save or copy Oracle VM Manager resources into the following directories:
  VM images in /OVS/running_pool, VM templates in /OVS/seed_pool,
  and ISO files in /OVS/iso_pool.
• Restore backup by initiating the following commands:

cd /opt/ovs-manager-2.1/bin
sh backup.sh
Please enter the choice: [1|2]
1. Back up Oracle VM Manager,
2. Restore Oracle VM Manager
Enter [2] to restore data:

• Again, provide the database user OVS information and the location of the
  dump and log files:

Please enter the password for database account 'SYS':
Please enter the password for database account 'OVS':
Please specify the path for dump file?
Please specify the path for log file?

And we have just restored our Oracle VM Manager from its latest backup. Also we can login to the Oracle VM Manager and quickly scan the environment to check if it is the same as we would have expected.

Enabling secure access to Oracle VM Manager

When accessing the Oracle VM Manager remotely in the Cloud, we will have to ensure that we are providing a totally secure connection to our remote, geographically dispersed workforce.

To do so, we will have to provide a secure HTTP access to the Oracle VM Manager portal. We will be doing this by enabling the SSL with standalone OC4J. We need to ensure that we set the PATH to be included in the JDK bin directory.

Let's get going and create a certificate:

Carry out the following commands in the OC4J directory:

/opt/oc4j/java/jdk1.5.0_11/bin/keytool -genkey -keyalg "RSA"
-keystore keystore_file -storepass password -validity days

In this command, the keystore option sets the file name where the keys are stored, the storepass option sets the password for the keystore, and the validity option sets the number of days of the certificate's validity.

For example, enter:

[root@vmmgr ~]# /opt/oc4j/java/jdk1.5.0_11/bin/keytool -genkey
-keyalg "RSA" -keystore sslfile -storepass securep@ss -validity 365
What is your first and last name?
[Unknown]: Tarry Singh
What is the name of your organizational unit?
[Unknown]: Avastu
What is the name of your organization?
[Unknown]: Avastu
What is the name of your City or Locality?
[Unknown]: Your State
What is the name of your State or Province?
[Unknown]: Your Province
What is the two-letter country code for this unit?
[Unknown]: NL

Is CN=Tarry Singh, OU=Avastu, O=Avastu, L=Assen, ST=Drenthe, C=NL
correct?
[no]: yes

Enter key password for <mykey>
(RETURN if same as keystore password):
[root@vmmgr ~]#

Answering these questions on prompt helps us in creating the new keystore file, which is an sslfile. It is stored in the current directory. We can go to that directory and check if the file is created there.

Our next step is to configure the OC4J. We can do this by first creating a secure-web-site.xml file. If we don't have one created in the OC4J config directory, we should make one by either copying the existing http-web-site.xml or default-web-site.xml and then renaming it to secure-web-site.xml.

Let's go ahead and edit the secure-web-site.xml file.

We can configure OC4J by performing the following steps:

1. Create secure-web-site.xml.

If you do not have the secure-web-site.xml file in the OC4J configuration directory, create one by copying the existing http-web-site.xml, or default-web-site.xml. Rename the copy to secure-web-site.xml.

This how what XML file looks like before editing:

2. Edit the secure-web-site.xml file.

Edit the web site element as follows:

<web-site xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"" target="_blank" rel="nofollow";
xsi:noNamespaceSchemaLocation="http://xmlns.example.com/example/
schema/web-site-10_0.xsd" port="4443" display-name="OC4J
10g (10.1.3) Default Web Site" schema-major-version="10"
schema-minor-version="0" secure="true"> <ssl-config
keystore="sslfile" keystore-password="securep@ss"/>

In the web site element we added secure = "true". We added the keystore name (sslfile) and our password (securep@ss) to this file which we used when creating the sslfile. We use a different port here just for safety purposes.

Save the file with the changes.

3. Now go ahead and edit the server.xml file and uncomment the following:
<web-site path="./secure-web-site.xml" />

Save the changes.

This is how it will look:

4. Restart the OC4J daemon by clicking on the Restart button in the following OC4Jadmin pane:

5. We need to click on the Yes button when prompted with the following warning and our /opt/OC4J would get restarted.

Now it will also start listening to the SSL port that we assigned, namely 4443.

OC4J will listen for both SSL request (port 4443 in the example) and non-SSL requests (port 8888).

Now all we need is to go ahead and log on to the HTTPS site by typing https:vmmgr:4443/OVS. We can use the non-SSL site as well and always switch them on or off by editing them in the server.xml file.

Summary

As we can clearly see, the management of Oracle VM Servers and the VMs, which we will see in the upcoming chapters, is rather crucial to managing our Oracle cloud farm. Fortunately, the feature-rich portal of Oracle is well equipped to manage an Oracle VM farm with its VMs.

In the next two chapters, we will see more on Virtual Machines or Guests as they are also called. We have divided the chapters into two parts so we don't end up filling up all of the information in one chapter alone.