Split application architecture using Oracle Database Service for Azure

In July 2022, Oracle announced the general availability of Oracle Database Service for Microsoft Azure (ODSA), an Oracle-managed service that enables customers to easily provision, access, and operate enterprise-grade Oracle Database services in Oracle Cloud Infrastructure (OCI) with a familiar Azure-like experience.

Many enterprise customers looking to build the application architecture to run Microsoft-based workloads on Azure and run the Oracle database on OCI require a private and secure connection between the application tier and database tier. In this blog post, we showcase a split application architecture using Oracle Database Service for Azure, which allows customers to deploy the Oracle database tier on OCI and the application tier deployed on Azure. With the help of the ODSA network, the Azure application host gets connected to the Oracle database privately and securely without routing network traffic through the public internet.

This blog post doesn’t cover high availability and disaster recovery configuration for databases and applications.

ODSA overview

Since 2019, Oracle has partnered with Microsoft to deliver the multicloud OCI-Azure Interconnect, which offers secure, private interconnections between OCI and Azure with sub-2 millisecond latency in different cloud regions globally. Customers use this to maintain and manage the virtual circuits (OCI Fastconnect and Azure Expressroute) that set up the OCI-Azure Interconnect.

ODSA is a fully automated Oracle-managed service that builds on the existing capabilities of the OCI-Azure Interconnect and further simplifies the setup, management, and connectivity of application components running on Azure, while connecting to databases running on OCI. ODSA provides an Azure-like user interface for existing Azure customers to provision an Oracle database and simplify connectivity between the Oracle database and the application server.

ODSA is also integrated with Azure telemetry services, such as Azure application insights, and log analytics that send metrics, logs, and events for the Oracle databases provisioned through the ODSA portal.

Solution summary

As an example, this solution uses Oracle Base Database provisioned through ODSA and a social media application running in Azure VM. We configured the application’s database connectivity using the fully qualified domain name (FQDN) of the database service name. The application running in Azure was able to connect to the Oracle database running in OCI, which was provisioned through ODSA.

We created the base database using the ODSA portal. During the database creation, we provided a CIDR block for OCI virtual cloud network (VCN) and chose the Azure VNet that was precreated and attached to the application server. As part of the ODSA automation provided by Oracle, it created the OCI VCN with the provided CIDR and created the network link with Azure VNet. All the default security ports were enabled and the routing table with rules was added to OCI VCN and Azure VNet.

The automation for database provisioning through ODSA also adds a private domain name system (DNS) in Azure and OCI and adds the A-record for the Oracle database. We use the private FQDN of the database to configure it on the Azure application server, which enables connectivity between the application server running on Azure and the Oracle database running on OCI.

ODSA builds a private tunnel between the customer’s Azure VNet and OCI VCN. The service also configures private DNS both in Azure and OCI service tenancy to enable bi-directional communication between applications in the customer’s azure tenant and database resources in OCI tenancy.

Multicloud solution configuration

To connect to Oracle Database from the application tier running on Azure using private FQDN that is provisioned through ODSA, follow these steps:

• If you haven’t already, onboard to ODSA following this documentation.

• Create a VNet and a subnet on azure for the application tier.

• Procure a nonoverlapping CIDR block for OCI VCN to provide during the database provisioning through ODSA.

• Create a base database through ODSA.

• Build an application virtual machine (VM) on Azure and deploy the application.

Create a database using the ODSA portal

Log in to the ODSA portal using Azure credentials and create the base database. ODSA allows only authorized users to manage database resources in ODSA, so ensure that the user is authorized with the right privileges to provision the Oracle database.

After you log in to the ODSA portal, click Base Database and Create to create the Oracle Base Database.​

Select the Azure VNet and provide a nonoverlapping network CIDR block for the OCI VCN. The database provisioning automation creates a network link between the Azure VNet and OCI VCN. As part of the database provision, it creates the required subnets, security list, and route table and attaches the subnet to the Oracle database.

After successfully creating the database, capture the database connectivity configuration from the ODSA portal. Click the database and click Connect to capture the database connectivity from the ODSA portal.​

You can perform the following common database administration and application access capabilities using ODSA:

• Create, read, update, delete, list (CRUDL)

• Clone database

• Database backup (Automatic and manual)

• Database restore (Restore to the existing database for now)

• Generate Azure connection string

• Display database metrics

Configure the application for database connectivity

Provision a VM on the Azure VNet that was selected during the database provision through ODSA. Deploy the application on the Azure VM. For this example, we used a social media application written in Python and deployed it on an Azure VM.

The following screenshots show the database configuration parameters provided in Azure VM for the application connectivity to the database.

Access applications from Azure

The application VM was assigned with a private IP from the Azure VNet and the software port 5000 was configured to access the application.

Provide the user credentials from a database schema to see the details of a social media user.

Conclusion

At Oracle, we’re committed to providing best-of-breed service to help our customers to be successful in their cloud journey and meet their hybrid and multicloud strategies. One of our core tenets has been to provide the easiest path for customers to migrate their mission-critical workloads to a public cloud, many of which have long been powered by Oracle databases. With this new Oracle Database Service for Azure, you can easily deploy or migrate your mission-critical workloads to the public cloud with their application tier in Azure and database tier in OCI.

For more information, see the following resources:

• Getting started with Oracle Database Service for Microsoft Azure

• Read industry analyst commentary.

• Announcing Oracle Database Service for Microsoft Azure

• Oracle Database Service for Microsoft Azure technical overview

• Oracle Database Service for Azure

• Disaster recovery best practices for ODSA