An effective disaster recovery plan can prevent data loss and business interruption because of unexpected disastrous events. A common architectural pattern provides disaster recovery functionality between two cloud regions. We recently worked with a government customer using Dedicated Region Cloud@Customer, helping them connect to a commercial Oracle Cloud Infrastructure (OCI) region for SaaS shared services and disaster recovery. This post discusses solutions applicable for a Dedicated Region Cloud@Customer disaster recovery plan but doesn’t focus on the configuration details.
Oracle Dedicated Region Cloud@Customer is a fully managed cloud region at a customer location where the customers can have a private cloud and use all infrastructure- and platform-as-as-service (IaaS and PaaS) services in the same way that they use in a public cloud. OCI regions are grouped into realms, which enforce boundaries in areas, such as policies, authentication, and infrastructure. All commercial OCI regions are in one realm, government regions in others, and a Dedicated Region Cloud@Customer is most commonly in its own realm. Oracle aims to offer all our cloud services across all cloud realms delivering the same secure, scalable, and consistent value.
Oracle Dedicated Region Cloud@Customer is also certified to run Oracle software-as-a-service (SaaS) products, such as ERP Financials, HCM, and SCM, making it the only product to offer an integrated cloud experience for IaaS, PaaS, and SaaS software on-premises. Essentially, customers provide their own approved data center space, while Oracle provides the cloud services and infrastructure with the same service level agreements (SLAs) as public clouds. Typically, a customer chooses Oracle Dedicated Region Cloud@Customer to support latency-sensitive applications that require local data residency.
Australian Data Centres chose Oracle Dedicated Region Cloud@Customer to secure government workloads for their customers and Australian Government agencies. Their Dedicated Region Cloud@Customer is hosted on their secure data center facility in Canberra, allowing them to extend Oracle’s services across different workloads dealing with sensitive data, while having physical control on infrastructure to fulfill their policies on security and data sovereignty.
An effective disaster recovery plan helps you recover quickly and deliver business continuity. If you’re interested in different architecture options for disaster recovery, check out this solution playbook on protecting your cloud topology against disasters. OCI provides different paths and solutions that you can apply to plan for disaster recovery of the applications.
How can customers approach disaster recovery for Dedicated Region Cloud@Customer? Typically, a tenancy in the commercial realm connects to another region in the same realm for a failover environment by using shared services, such as data replication, authentication, and OCI’s high-performance backbone that connects different cloud regions. However, Dedicated Region Cloud@Customer stands in its own realm and has no direct access back to the Oracle commercial realm, its network backbone, or other services. Realms are separate by design, and connections, data replication, and authentication can only be done in certain defined ways.
You can use Oracle FastConnect between a Dedicated Region Cloud@Customer and a PCO commercial region to provide higher-bandwidth options and a more reliable consistent networking experience, compared to internet-based connections. FastConnect makes it possible to treat the separate networks as the same network with specified rules within the dynamic routing gateways established from both ends. The following architecture works for this setup as a recommended practice for peering different networks.
FastConnect enables customers to create a dedicated, private connection between their Dedicated Region Cloud@Customer and other OCI regions. You can use it to peer to replicate File Storage, Object Storage, and Block Volume. OCI shared replication services don’t function normally between realms, but you can still replicate this data for your disaster recovery plan.
File Storage: Replication launches virtual machine (VM) hosts and copies the data directly from the source File Storage Service to a destination file system using the cron job with rsync.
Object Storage: Customers replicate with Oracle Functions or configures rclone to read the source and destination buckets on a Compute machine then perform a sync operation. For a step-by-step process, see Using rclone to copy data in and out of Oracle Cloud Object Storage.
Block Volume: Replication works by copying content at the file system level through Object Storage. If Object Pre-Authenticated Requests is an option, you can copy the file system content to Object Storage as objects and use Pre-Authenticated Requests in Object Storage. After you get the file system content, you can create block volumes on the target region and copy content to them.
To meet disaster recovery requirements, OCI provides several network-related services. You can use remote virtual cloud network (VCN) peering to establish secure and reliable connections between different VCNs across regions. Essentially, with FastConnect private peering, you can extend your existing infrastructure into your commercial cloud VCNs. You can connect disaster recovery in one network across the peered networks, and latency primarily functions in the underlying physical network. For detailed information, see our FastConnect documentation.
Ready to give it a try? Oracle LiveLabs allows you to try a wide variety of labs and technical workshops for Oracle’s tools and technologies running in Oracle Cloud free of charge and learn a technical skill without creating an account or Oracle Cloud tenancy. This particular LiveLabs workshop shows how to utilize disaster recovery best practices on Oracle Cloud Infrastructure. You learn the following concepts:
Enable application and database disaster recovery across regions on OCI
Automate block volume backups to a new region
Setup DNS on OCI
Simulate disaster and subsequent recovery
As a prerequisite, you need an Oracle Free Tier, Always Free, paid, or LiveLabs Cloud Account. You can select the Oracle Cloud Free Tier or a 30-day free trial in our commercial regions, which includes US$300 in credits to get you started with a range of services, including compute, storage, and networking. The Oracle Cloud Infrastructure regions dedicated to the Government consist of FedRAMP high federal and civilian authorized regions and IL5 Department of Defense (DoD) authorized regions. If you prefer Oracle Government Cloud, consult your Oracle sales representative for proof of concept in the appropriate region.