POUG Workshop 2023

Agenda



 
Track 1
Track 2

08:00-9:00
Rejestracjarozwiń opis

09:00 - 09:45
TBCrozwiń opis
TBCrozwiń opis

10:00 - 10:45
TBCrozwiń opis
TBCrozwiń opis

11:00 - 11:45
SQL: Good and evil are the same thing.rozwiń opis
Have you ever checked how many SQL statements you have in your system? How many SQL statements do you execute when you process your data? Too many. SQL is the slowest and the most error-prone part of the database. The less SQL you execute the faster the system can be. It is hard to believe but SQL is a bad practice! Reduce the number of queries and boost your performance!
Lecturer
Monika Lewandowska
Oracle TDE with PDBs and try not go mad againrozwiń opis
Security of data (at rest) becomes more and more important for database users. An Oracle database addressed this long ago by adding a Transparent Date Encryption (TDE) on column or tablespace level. This functionality was enhanced over time and became almost a standard solution for data encryption. There were a set of typical challenges related to a TDE configuration using non-multitenant architecture but with CDB/PDB that became more challenging. This talk is focusing on creating and managing clones of production databases with TDE in non-production environments in the automated way and with addressing data security in the non-production environments. During a talk the following topics will be addressed:
- How to TDE works and how to configure it
- Software and Hardware Wallet management for MT architecture (password changes, rekey, backup)
- PDB operations
- Nonproduction environments data protection
Lecturer
Marcin Przepiorowski

12:00 - 12:45
Finding a performance problems using SQL rozwiń opis
Lecturer
Marcin Przepiorowski
Fully automated migration to Multitenant for encrypted databases with AutoUpgraderozwiń opis
AutoUpgrade is smart. Even Kamil praised it once (ok, under the influence of alcohol, but he sounded pretty positive). Only Tim Hall ignored it so far. But you should NOT ignore AutoUpgrade. It can even migrate your non-CDB into Multitenant when your database is encrypted. Why is this so special? Because AutoUpgrade doesn't ask you for the password. Pure magic? Come by and see. It's no fake, it's real - and you can move hundreds of databases with no effort into Multitenant.
Lecturer
Mike Dietrich

12:45 - 14:00
How to Dig, Deep - AWR, Statspack, AWR V$, X$ and the root# prompt..rozwiń opis
Ratios got a bad name due to mis-use. But in some cases, Ratios can be Quite Useful
Lecturer
Piet de Visser
Unified Audit - you're already using it. Use it better.rozwiń opis
If you are on Oracle 12.1 or higher you are using Unified Audit unless you have explicitly disabled it. Which is a very good idea on 12.1. However, you could be using it so much better. If you aren't auditing what's going on in your database, how would you know if you have a data breach, who did it and how. Potentially even what was stolen. You might also be suffering unexpected performance issues in relation to the Unified Audit, and not just in the broken 12.1 implementation of it! It just might not have materialised yet.
Lecturer
Neil Chandler

14:00 - 14:45
Lunchrozwiń opis

15:00 - 15:45
Performance is Rarely an Accidentrozwiń opis
Performance is a feature - that's ancient wisdom. So it's time to discuss the matter in detail, is it?
Why you can't watch a road without thinking of two dimensions of power, what software design and fast food franchisers have in common, and where priority really matters.
Let's learn the basics of profiling, about the backbites of parallel processing, from the Magic of Q, about scalability, to be the Master of the Time, and what is possible and what is not.
Let's talk about Queueing Theory, have fun with average values, play with the user's feeling of performance and degradation, joking with throughput and response time.
Let's use hard and soft elbows, visual helpers, a bucket and a wall clock.
The overhead of the talk is 40 minutes, the hangover immense. :)
Lecturer
Martin Klier
Fighting Bad Database Appsrozwiń opis
In a PinkDB application, the connect user does not own objects. No tables. No views. No synonyms. No procedures, functions, packages or types. Access to data is only possible via API schemas. Access is granted to connect users based on the principle of least privilege. An API grants access to procedures, functions, packages, types and views, but not to tables.

Does this make sense? How is this related to database security? And if so, how do we check whether these rules are being followed? And furthermore, how can we ensure that no SQL injection is possible? Is there an easy-to-use way to report findings in an automated way?

After a short introduction that answers most of the questions, we will look at a solution approach in detail. Live. We will query the Oracle data dictionary views from utPLSQL tests that are part of a CI pipeline. We will visualize the findings in SonarQube along static code analysis results to identify SQL injection vulnerabilities.

After this talk, you will know how to identify and eliminate bad things in your database applications.

Keywords: PinkDB, SmartDB, SQL Injection, PL/SQL, SonarQube, Static Code Analysis, db* CODECOP
Lecturer
Philipp Salvisberg

16:00 - 16:45
Do not run-away! Oracle Performance for the Uncertainrozwiń opis
It's eternal. Autonomous Database yes, Self-driving maybe - at the end, one of us has to put boots on the ground if there are shortcomings in real throughput or latency. In the cloud, analysis is a bit harder, on-premises has a few features less. The Oracle RDBMS is changing, but architecture, the way how it works and its limitations are still very similar on all platforms. One dilemma will stay with us: Using precious and finite resources efficiently, while valuable time passes mercilessly.

With this background, I'd like to show you in theory and practice, how Oracle uses resources. How you can analyze with Oracle's on-board tools what currently is going on, and how you derive from that how to proceed. There is much to influence the runtime behaviour: We'll talk about Queueing Theory, Wait Events, AWR/Statspack, ASH, Indexes, Statistics, the optimizer, software developers, users and the janitor.

Even runaways are a topic of this entertaining session: They will bite you one day, and you have to be aware!

This talk was made for experienced Administrators and DevOperators, who whant to learn more about about performance analysis and its background.
Lecturer
Martin Klier
Cloud Hacking Sessionrozwiń opis
Lecturer
Kamil Stawiarski
Radosław Kut

17:00 - 17:45
Get me off that F*cking Exadata!rozwiń opis
Lecturer
Neil Chandler
Cloud Hacking Sessionrozwiń opis
Lecturer
Kamil Stawiarski
Radosław Kut

Koniec

 
Track 1
Track 2

Koniec

Lecturers


Jak dojechać


Browary Warszawskie, Centrum Konferencyjne ADN

Website

After party


POUG Partnership

POUG is not only the official Oracle community – first of all it is the base of very active members, who are engaged in the group development both during the meetings and the preparations to them. Our message gets to the 400 people connected with databases – from the developers to the administrators and from the begginers to the experts with years of experience.

We would like to invite you to be a part of our event – it is a chance to show your brand during and before the meeting.