Tag Archives: FUD

Oracle releases Java 7 with odd restrictions

Oracle releases Java 7 today, but with restrictions that could greatly inhibit it’s adoption.

[update: Since this blog post being published, I’ve received a comment from Henrik Stahl who is the Sr. Director, Product Management, Java Platform Group at Oracle who stated “Hi – The supported platforms page was mistakenly created using a standard Oracle template which is not applicable to Java. It will be updated to clarify that we support Java explicitly on certified platforms (eg those called out in the page) and on other platforms as long as we don’t run in to platform specific issues. In that case (eg, if VMware is broken) you will have to go to the platform vendor for troubleshooting and a fix.”]

So as I’ve written in the past here and here, Oracle appears to have a bad habit of not playing nice with others.

In today’s installment, we have Java.

When Oracle acquired Sun, Oracle acquired control of Java. With Java came many political battles involving Google, Apache and even Starbucks. The last one is an April Fool’s article, but honestly, would you be surprised?

Now it seems Oracle is planning to leverage Java to restrict customer’s choice of hypervisors.

Java 7 is being released today.

If you check out the Planned Supported System Configurations for Java, you’ll see that Java 7 will be supported on
Windows: XP, Vista, Server 2008, and Windows 7
Oracle Linux: 5.5+, 6.X
Solaris: 10u9+, 11.X
SuSE Enterprise Linux: 10 SP2+, 11.X
RedHat Linux: 5.5+, 6.X
Ubuntu: 10.04, 11.04

To make things clearer, the document also mentions a couple of interesting notes:
SuSE Enterprise Linux (with Java 7): Not Supported on Oracle VM
Ubuntu (with Java 7): Not Supported on Oracle VM

and then this bombshell:
System Virtualization Support

All supported platforms are supported when virtualized in a supported hypervisor
Supported hypervisors are: Oracle VM 3.x, VirtualBox 3.x, 4.x, Solaris Containers and Solaris LDOMs. Except where noted.
VMWare and Microsoft Hypervisor NOT supported

[emphasis added by me]

A couple of things to note here:

1) Oracle still hasn’t gotten the message regarding capitalization – it’s VMware, not VMWare (really surprising when you consider Java uses CamelCase aka HumpBack notation for file names)

2) Oracle VM 3.0 still is not released, which means that Java 7 isn’t supported on Oracle’s own current Type 1 Hypervisor. Although I expect Oracle will eventually release Oracle VM 3.x, Gartner expects more than 50% of all server workloads to be virtualized by end of 2012. Is Oracle chopping off the nose to spite the face?

3) Java 7 is explicitly NOT supported on VMware and Microsoft Hypervisors

Java is owned by Oracle. The same Oracle who has My Oracle Support note 249212.1 which says that Oracle will provide support for issues that occur on the guest OS or that can be demonstrated not to be caused by running the guest OS on VMware. So Oracle in the case of Java is going from a de-facto “it’s supported” type document to now an explicit VMware (sorry, VMWare) is not supported.

So what does this mean for companies running products on VMware that they want to use with Java 7? Probably nothing – people will try their products with Java 7 under VMware and I’m guessing it’ll work just fine.

But what about the more interesting case – those Oracle customers running Oracle products like Oracle E-Business Suite or Oracle Agile that rely heavily on Java? Will Oracle support deny support because Java 7 isn’t supported on VMware, even though My Oracle Support note 249212.1 says Oracle will support Oracle products on VMware?

Where does OpenJDK fit into this?

What are the support implications when running Windows XP or Windows 7 Desktops in a VMware View environment? VMware View environments run on a VMware Hypervisor.

I honestly don’t know those answers, but this sort of FUD will probably retard the adoption of Java 7, something I don’t think Oracle really desires.

Software. Hardware. Complete.

So recently I was browsing Walmart.com ‘s Electronics section and was amazed at the selection they have.

You want to buy a computer? They’ve got it.

You want an operating system for that computer? They’ve got it.

You want to buy a network switch and cables to link multiple computers together? They’ve got it.

You want to buy 4TB of NAS storage? They’ve got it.

You can get them all from one vendor. The switches say their certified with the OS. The computer says its certified with the OS. Your storage is certified with your OS.

You can even install Oracle database on the hardware and be fully supported by Oracle (thought not certified by Oracle because Oracle doesn’t certify 3rd party hardware).

Have you ever bought a wireless Microsoft keyboard and mouse that didn’t work right with your Microsoft Windows OS running on a PC with a sticker on it that said “Designed for Windows” ? It’s all from one vendor. Just one throat to choke, right?

So why isn’t most of your data center running off of what’s at Walmart?

Because those products might not be leaders in their category.

Because the technical support backing those products might be crappy.

Because the software might not be enterprise ready .

Just because you can buy everything from one company doesn’t mean you should.

Oracle VM Security: Sometimes you need hip waders

Have you ever read something and thought, “what a load of crap. I had better get my hip waders out.”

Well, as a cynical jaded DBA, I have that experience regularly.

Take this Oracle.com blog post on Oracle VM where Rene Kundersma who is a Technical Architect with Oracle explains Oracle’s reasons for NOT shipping Oracle VM with a “fancy Gnome X-Window” environment:

“Oracle has it reasons to NOT ship Oracle VM with all the bells and whistles of a fancy Gnome X-Window environment. This has to do with vulnerabilities, not tested situations of software combination’s and whatever reason that makes Oracle VM not to behave as tested and intended.”

Vulnerabilities as the reason for Oracle VM not having a “fancy X-Window environment”. Vulnerabilities… really? But isn’t Oracle VM running on a special version of Oracle Unbreakable Linux (hint: yes – they’re both based off of RedHat Enterprise Linux)?

Want to get to the console of a VM running under Oracle VM? It uses VNC. Sure, you need to know the password to connect to the VNC Desktop, but guess what, the VNC traffic isn’t encrypted. The password is sent in cleartext.

Unbreakable indeed.

I find this all the more contradictory when one of Oracle’s talking points for why to use Oracle VM is Secure Live Migration which SSL encrypts the live migration (aka vMotion) traffic. My favorite line: “No need to purchase special hardware or deploy special secure networks. “

No need to deploy special secure networks! VLANs? Who needs them? We’ve got encrypted live migration!

Oh wait, in Oracle’s own Oracle Real Application Clusters in Oracle VM Environments guide, there’s this tidbit

“While Secure Live Migration is enabled by default, it should be considered that a secure connection to the remote guest (using –ssl) adds overhead to the Live Migration operation. It is therefore recommended to avoid such secure connections, if permitted. In general, a secure connection can be avoided, if the Live Migration network is inherently secure. “

Seriously Oracle, which is it?

But let’s get back to the main point Rene was trying to get across – that Oracle VM doesn’t come with a GUI to reduce vulnerabilities. Oracle’s October 2010 CPU (Critical Patch Update) was released on October 12th, 2010 and for the current version of Oracle VM (2.2.1) it lists 4 vulnerabilities, 3 of which have a base score of 9.0 (the scale is from 0.0 to 10.0, with 10.0 representing the highest severity of vulnerability). All 3 of those 9/10 severity vulnerabilities have a low access complexity (they’re easy to do) and result in complete access.

Oracle, thank you for not including a “fancy Gnome X-Window” with Oracle VM so as to reduce vulnerabilities. Given how insecure your product appears without a GUI, I shudder to think what things would be like with a GUI.

a rant about FUD about Oracle on VMware

You know those searchXXXXXXXXXXX.com websites (searchoracle.techtarget.com, searchvmware.techtarget.com, searchvirtualization.techtarget.com etc)? There are some good articles, but I keep seeing alot of plainly inaccurate articles about virtualized Oracle, especially Oracle under VMware.

I keep seeing these FUD (Fear, Uncertainty, Doubt) articles on searchXXXXXXXXXX.com that just bug the hell out of me.

Take this article about Oracle RAC on VMware . They start out with something reasonable and accurate

Oracle will not support customers running Oracle RAC on VMware, for reasons that many say are political and technically outdated.

and then say things that are just completely not true:

In short, Oracle won’t support it unless the customer can prove that the problem wasn’t related to the virtual machine.

While getting support for single-instance Oracle on VMware is difficult…”

I run multiple Oracle databases and various Oracle products (Oracle E-Business Suite, Oracle Hyperion, Oracle Universal Content Manager, Oracle Hyperion, Oracle Agile, etc) and It is no different to get support for Oracle virtualized under VMware unless troubleshooting leads Oracle Support to suspect your issue is with VMware itself.

The rest of the article I pretty much agree with. I’ve met Dave Welch numerous times and find his outlook on Oracle on VMware similar to mine. Oracle’s stated “we do not support Oracle RAC on VMware” appears to be nothing more than Oracle’s whim with no current technical issues to back it up. As much as I don’t like it, that’s their choice. If / when VMware starts getting Fault Tolerance working with multiple CPUs in a VM, that’s going to mute the argument about needing to run Oracle RAC solely for uptime requirements. Sure, you’ll still have VMs that aren’t good candidates for virtualization (Oracle VM or VMware) but that’s not the bulk of installations out there.

Oracle uses VMware in its training classes – I attended an Oracle Hyperion installation and configuration class last year that utilized VMware Workstation running 3 or 4 VMs on each student’s machine. I’ve worked issues with Oracle Hyperion with Oracle Support and had the analyst not only notice my environment was under VMware, but state that roughly half their customers run Hyperion virtualized under VMware. With Oracle now having Oracle VM and Oracle Virtualbox, you’d think at least Oracle’s own training partners would be using Oracle products in their lab and you’d think if this support was such a big deal that I’d have Oracle’s support telling me about the benefits of Oracle VM when they noticed I was running VMware.

Here’s another article that bugged me, this time about how Oracle VM is not half bad . First line of the article:

“Oracle’s continued refusal to support its applications virtualized on something other than the Oracle VM hypervisor has forced the hands of some users, pushing them to try the Xen-based virtualization offering.”

Did you see what I did? ” Oracle’s continued refusal to support its applications virtualized on something other than the Oracle VM hypervisor..”. That’s simply and plainly wrong.

I’ll end this article quoting from the official stance of Oracle Support with regards to VMware, My Oracle Support (aka Metalink) note 249212.1

Support Status for VMware Virtualized Environments 
-------------------------------------------------- 
Oracle has not certified any of its products on VMware virtualized 
environments. Oracle Support will assist customers running Oracle products 
on VMware in the following manner: Oracle will only provide 
support for issues that either are known to occur on the native OS, or 
can be demonstrated not to be as a result of running on VMware. 

If a problem is a known Oracle issue, Oracle support will recommend the 
appropriate solution on the native OS.  If that solution does not work in 
the VMware virtualized environment, the customer will be referred to VMware 
for support.   When the customer can demonstrate that the Oracle solution 
does not work when running on the native OS, Oracle will resume support, 
including logging a bug with Oracle Development for investigation if required.

---

Oracle Support on VMware – your Cisco switches and DELL servers aren’t certified with Oracle

So I came across this article last week on Oracle VM and how companies are trying it and how it’s, and I’m quoting here “not half bad”

If I ever come out with my own Enterprise level software and have a couple of public releases under my belt and the best thing I can get in the press is “not half bad”, shoot me.  Seriously.  That’s embarrassing.  Even if you do offer it for free.

So let’s look past the headline and see what the article has to say, shall we?

First sentence “Oracle’s continued refusal to support its applications virtualized on something other than the Oracle VM hypervisor has forced the hands of some users, pushing them to try the Xen-based virtualization offering.”

It’s this sort of FUD (Fear, Uncertainty, Doubt) spreading that’s one of the things I dislike about our industry.  Let me be completely clear ORACLE FULLY SUPPORTS ITS APPLICATIONS VIRTUALIZED ON SOMETHING OTHER THAN ORACLE VM HYPERVISOR.  Don’t believe me?  Check out Metalink My Oracle Support note 249212.1 – Support Position for Oracle Products Running on VMWare Virtualized Environments. Here’s the first paragraph

Oracle has not certified any of its products on VMware virtualized
environments. Oracle Support will assist customers running Oracle products
on VMware in the following manner: Oracle will only provide
support for issues that either are known to occur on the native OS, or
can be demonstrated not to be as a result of running on VMware.

Did you know your Cisco switches aren’t certified by OracleYour DELL servers aren’t certified by Oracle either.

Very very rarely does Oracle certify another vendor’s hardware products.  Certify != support.  Oracle support’s your installation of Oracle productions on VMware just fine.  They take the very reasonable point of view that they’ll help you until they come to believe the issue is VMware at which point they’ll refer you to VMware support.  Seems completely rational to me.

I’ve been an Oracle Apps DBA running Oracle products under VMware for about 4 years.  I have never had Oracle not help me because I run many of my environments under VMware. I’ve spoken with numerous other Oracle DBAs running Oracle products under VMware.  None of us have ever had an issue where Oracle wouldn’t support our environments because we were running under VMware.

I’ll address the rest of the article in another blog post shortly, but seeing this FUD still slung about makes me too annoyed to write coherently.