Friday, April 25, 2014

Oracle Products: What Patching, Migration, and Upgrade Mean?

Software products evolve from time to time. Its life cycle starts with installation. Installation is when new software is copied onto your system for use. After the new software is installed, you can patch it or upgrade it as necessary.

Before you patch or upgrade your Oracle product, you need to understand compatibility among product's versions.[4] Using WebLogic Server as an example:
Oracle attempts to support binary and source-level compatibility between the current version of WebLogic Server and all versions as far back as 9.2 in the areas of persistent data, generated classes, and API compatibility. In some cases, it is impossible to avoid incompatibilities. Where incompatibilities arise, they are fully documented in the Upgrading Oracle WebLogic Server.

In this article, the following terms are described for using Oracle products:[1]
  • Patching
  • Migration
  • Upgrade

Patching


Patching involves copying a small collection of files over an existing installation. A patch is normally associated with a particular version of an Oracle product and involves updating from one minor version of the product to a newer minor version of the same product (for example, from version 11.1.1.2.0 to version 11.1.1.3.0).

It is highly recommended that users install Patchsets (i.e., a single patch that contains a collection of patches designed to be applied together), Patch Set Updates (PSUs),[13] Software Patch Updates (SPUs) (formerly known as Critical Patch Updates (CPUs)), and Mini and Maintenance Packs instead of patches that include only a single update. Patches that include only a single update should be installed only when the update addresses a specific issue that has been identified on the target system.

Migration


Migration typically involves moving from a third-party (non-Oracle) product to an Oracle product.
It can also be used to refer to moving an existing set of software parameters (for example, an existing configuration or existing domain) from one release to another. For example, instructions for migrating your configuration from Oracle Fusion Middleware 11g Release 1 (11.1.1.1.0) to 11g Release 1 (11.1.1.2.0) are provided in "Using Patch Assistant to Migrate from 11g Release 1 (11.1.1.1.0) to Release 1 (11.1.1.2.0)".

Using Tomcat-to-WLS migration as an example, here are the questions you need to ask yourselves:
  • Is the application using just the base JSP/Servlet capabilities of Tomcat?
  • Does the application extend Tomcat with JSF or other EE APIs such as JAX-RS?
  • Is the application using Spring and possibly other things such as Spring MVC?
  • Does the application use any other of the common frameworks such as Struts, etc.?
  • Does it use Liferay or any other Portal platforms?
  • What Tomcat authentication provider do you use?


Upgrade


Upgrade involves moving from a previous major version to a new major version. For example, an upgrade would be required to move from Oracle Application Server 10g to Oracle Fusion Middleware 11g.

For upgrading from an earlier WebLogic Server release to the latest WebLogic Server 12c Release 1 (i.e., 12.1.3), read [6] for details.  For example, if you are currently using a WebLogic version prior to WebLogic Server 10.3.1, upgrading to version 12.1.3 is a two-stage process.

See Also

  1. Patching and Upgrade Tools
  2. How to Download WebLogic Upgrade Installer? (Xml and More)
  3. How to find Oracle WebLogic Server Version? (Xml and More)
  4. JRockit Version Information (Xml and More)
  5. How to Determine JDBC Driver Version Installed with WebLogic Server? (Xml and More)
  6. Configuring WebLogic Server with a Different JVM (Xml and More)
  7. Configuring JDeveloper with a Different JDK (Xml and More)
  8. How to Upgrade the JDK Used by Oracle WebLogic Server UNIX installations to a Different Version (Doc ID 1309855.1)
  9. How to use the Smart Update tool to apply patches to a WebLogic Server installation.
  10. Third party and Oracle products that are supported to work with the 11g versions of JDeveloper and Application Development Framework (ADF)
  11. Register for the free online event--Migrating Java EE applications from GLassfish to WebLogic (04/30/2014)
  12. Migrating Oracle B2B from Test to Production (T2P) (Chap 10 of the Book "Getting Started with Oracle SOA B2B Integration: A Hands-On Tutorial")
    • This section provides a real-world scenario to replicate (clone) the test environment to production for Oracle SOA.
    • Oracle Fusion Middleware provides a series of scripts for this task.
  13. Fusion Middleware Lifetime Support Policy Document
  14. Best Practices for SOA Suite 11g to 12c Upgrade

References

  1. Oracle® Fusion Middleware Patching Guide 11g Release 1 (11.1.1.7.0)
  2. My Oracle Support Help Release 14.2
  3. WebLogic Upgrade Wizard
  4. WebLogic Server Compatibility
  5. WebLogic Server 12.1.2 Install, Configure, Upgrade, and Patch (good video)
  6. Upgrade from an earlier WebLogic Server release to WebLogic Server 12c Release 1 (12.1.3)
    • This document describes the upgrade process for Oracle product installations that include only WebLogic Server. If your installation includes other Oracle Fusion Middleware products, prior to beginning the upgrade, refer to Planning an Upgrade of Oracle Fusion Middleware and the upgrade guides for each Fusion Middleware product in your installation.
  7. Oracle Fusion Middleware 12c —Install, Patch, and Upgrade
  8. Oracle Critical Patch Update Advisory - July 2014 
  9. Oracle WebLogic Server Interactive Upgrade Guide (Oracle Learning Library)
  10. Oracle Fusion Middleware Supported System Configurations
  11. Oracle Premier Support for the Java SE Platform
    • Customers who need continued access to critical bug fixes and security fixes as well as general maintenance for Java SE 7 or older versions can get long term support through Oracle Java SE Support.
  12. How to migrate failed services in WebLogic Server?
    • WebLogic Server also supports whole server-level migration, where a migratable server instance, and all of its services, is migrated to a different physical machine upon failure. 
  13. PSU does NOT increment the version of WLS
    • If OPatch inventory tool is used, you can use the following command to verify update status:
      • ./opatch lspatches
  14. Moving Oracle SOA Suite to a New Target Environment (FMW 11g)

Thursday, April 10, 2014

Heartbleed Bug: Unofficial information

Here are the links on what were reported on Hearbleed Bug:
  1. The Heartbleed Bug
  2. Does the Heartbleed Bug Mean You Should Stay Off the Internet?
    • Could temporarily staying away from Internet until things settling down be a protective approach?
  3. The Heartbleed Hit List: The Passwords You Need to Change Right Now
    • Could changing password be a protective approach?
      • Here are what experts say: Do NOT change your password on any websites until you know they are safe from Heartbleed.
  4. Heartbleed Bug a Catastrophic Hole in Web Security; Webusers Told to Change All Passwords
  5. Vulnerable web sites
  6. Heartbleed Test Tools
  7. 网络世界大混乱 (Chinese)
    • Could removing saved cookies be a protective approach!?
  8. OpenSSL 'Heartbleed' vulnerability (CVE-2014-0160)
    • Older versions are not vulnerable
  9. ‘Heartbleed’ Vulnerability Opens the Door to SSL Heartbeat Exploits
    • One of the factors that makes this such a critical vulnerability is there are no files to detect. It’s completely network borne, and leaves no trace that a system has been attacked.
  10. OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products
  11. The Heartbleed Hack: Winners and Losers
    • The Heartbleed bug was unknown for two years before researchers discovered it two weeks ago. Companies (and if they can be believed, the government) had no idea whether or how they might have been attacked.
    • The Heartbleed vulnerability affects hardware as well as software. Equipment needs to be patched or replaced before it can be "safe."
If any web servers or their front-ends use OpenSSL, they are vulnerable to the attacks.  As I have heard of, the following products Do Not Include OpenSSL:
But, customers using Apache could be vulnerable.

Finally, you can learn more from Oracle public blog about the Heartbleed vulnerability (see also here).