Often when working with Exadata, there is a need to review the Stroage or Cell Server. Since customers cannot SSH to the storage server on ExaCC/ExaCS, Oracle has provided the ExaCLI utility, exposing a few select metrics for monitoring and managing the Exadata Storage Server.
Gathering information to connect to ExaCLI
To connect to the Oracle Exadata Storage Server on OCI for the first time there are three things that we need
1. Cell Server IP
The file cellip.ora contains the IP addresses of storage cells, and as you can see, each cell typically has two IPs for fault tolerance.
# cat /etc/oracle/cell/network-config/cellip.ora
cell="100.100.0.100;1100.100.0.101"
cell="100.100.0.102;100.100.0.103"
cell="100.100.0.104;100.100.0.105"The above example is from an Oracle Exadata with three storage servers.
2. Username for Cell server
When provisioning the Oracle Exadata cluster, Oracle creates a user with the format 'cloud_user_<cluster_name>'. Your username for all the cell servers will be the same. Therefore, you need to know the cluster name, which you can fetch using the below command.
# crsctl get cluster name
CRS-6724: Current cluster name is 'ord1111clu00abc'
## E.g. the username would be cloud_user_ord1111clu00abc3. Password for the cloud user
Execute the script /opt/exacloud/get_cs_data.py as the opc user to find the initial password. If, for any reason, the initial password does not work and you need it changed, you will need to open an SR with Oracle Support to reset it.
$ /opt/exacloud/get_cs_data.py
*** WARNING : deprecated key derivation used.
Using -iter or -pbkdf2 would be better.
ExaCli initial password is
************
Connecting to ExaCLI using password
Having obtained all three necessary pieces of information, we can now establish the initial connection as shown below. Please note that you can provide the username separately using the -l (login-name) option or with the -c (connect) clause. However, when connecting to the Oracle Exadata Storage server for the first time, please accept the self-signed certificate by pressing ‘y’.
$ exacli -l cloud_user_ord1111clu00abc -c 100.100.0.100
Password: **************************
EXA-30016: This connection is not secure. You have asked ExaCLI to connect to cell 100.1000.0.100 securely. The identity cannot be verified.
Got certificate from server:
C=US,ST=California,L=Redwood City,O=Oracle Corporation,OU=Oracle Exadata,CN=localhost
Do you want to accept and store this certificate? (Press y/n)
y
exacli cloud_user_ord1111clu00abc@100.100.0.100> list cell attributes name,ipaddress1,ipaddress2
ord1111cluabccell01 100.100.0.100/21 100.100.0.101/21
exacli cloud_user_ord1111clu00abc@100.100.0.100>
$ exacli -c cloud_user_ord1111clu00abc@100.100.0.100
Password: **************************
exacli cloud_user_ord1111clu00abc@100.100.0.100>
Passwordless authentication to ExaCLI on Oracle Exadata
Once you obtain the password, you can create cookies. With a valid cookie present, ExaCLI will not prompt you for passwords. However, the cookies become invalidated after 24 hours.
$ exacli -c cloud_user_ord1111clu00abc@100.100.0.100 --cookie-jar
No cookies found for cloud_user_ord1111clu00abc@100.100.0.100
Password: **************************
exacli cloud_user_ord1111clu00abc@100.100.0.100> exit
$ exacli -c cloud_user_ord1111clu00abc@100.100.0.100 --cookie-jar
exacli cloud_user_ord1111clu00abc@100.100.0.100> exit
$ ls -l ~/.exacli/cookiejar
-rw------- 1 opc opc 117 Apr 1 13:55 /home/opc/.exacli/cookiejar
$ strings ~/.exacli/cookiejar
100.100.0.100;cloud_user_ord1111clu00abc
Set-Cookie2: JSESSIONID="node01ddddddddddddddddd.node0";$Path="/"
You can even run commands in batch or scripts to gather performance metrics.