X

A blog about Oracle's Database Cloud Service Technology

  • July 6, 2018

Cross region replication in Oracle Database Cloud Service using DataGuard

Kris Bhanushali
Sr. Principal Product Manager

Oracle Database Cloud Service ( DBCS) provides a Hybrid DataGuard option in the cloud tooling that can be creatively used to deploy a DataGuard based HA environment between any two Oracle database instances. This would apply to - 

1. Primary database instances on-premise that need a standby in the Oracle Cloud

2. Primary database  instances in AWS EC2 or Azure compute with standby in Oracle Cloud

3. Primary database  instances in the Oracle Cloud - compute or PaaS Database service with standby in the same region or across regions

Basically, anywhere. If you have an Oracle 11.2 or 12.1 database instance anywhere and you want to configure a DataGuard standby, you can use the cloud tooling to achieve this as long as there is network connectivity between the primary and standby.

This tutorial is for an Oracle cloud to Oracle cloud replication but the steps can be applied to any of the configurations listed above. Just make sure your primary DB meet the required checks so a successful backup can be taken to Oracle storage cloud using the Hybrid DataGuard tooling that you would download to the primary host. Here we will deploy a fresh 12.1 primary and then use cloud tooling to deploy a dataguard standby

Here's the high level steps to follow -

1. Deploy a 12.1 Enterprise Edition database using Oracle DBCS tooling ( skip this step if you are creating a dataguard standby for an existing instance )

2. Check for hybrid DG readiness on your primary

3. Take an RMAN backup of your primary DB using command line tooling to Oracle Storage Service

4. Deploy standby through DBCS UI using the Hybrid Dataguard option

Here's the steps in detail with screenshots.

 

1. Deploy a 12.1 Enterprise Edition database using Oracle DBCS tooling 

Log in to your Oracle Database Cloud service account and click 'Create Service' on the cloud console

On the next screen, fill in details of your primary database setup. Note I've chosen to deploy in region uscom-central-1 in a pre-created IP Network. Make sure you pick an OCI-C region. This configuration has not been tested in OCI regions such as Ashburn, Phoenix, Slough, Amsterdam at the time of this writing

Hit next and enter the remaining details. Note I've selected backup location as 'None' since we will do a backup by downloading a setup script later on. Note down the Instance Name on step 1 and DB Name on step 2 as you would need them later

Hit next, validate configuration and Create.

 

In about 20 mins your 12.1 primary database instance should be ready. Make a note of its public IP address.

A few things to remember before you move on to configure the primary and take a backup to OSS

1. You need to make sure port 22 ( ssh) and 1521 (sqlnet) allow ingress traffic from your database standby host. Which means you would need to setup an access rule to allow traffic on 1521 from a particular IP ( your dataguard standby) Port 22 is open by default for ssh traffic

First make an IP reservation for setting up the access rule and also make a note of it. You would need it later while configuring your primary for Hybrid DG backup and for provisioning of the standby.

 

 

Now create an access rule using the reserved IP

 

2. Check for hybrid DG readiness on your primary

Note: Many of these checks may be unnecessary on an Oracle cloud instance but mentioned here in case your primary DB is not an Oracle DBCS instance

ssh into your primary host as user opc

$ ssh -i <keyfile> opc@ipaddress

Check user oracle belongs to the right groups and has DBA priviledges

[opc@hdg-primary121 ~]$ id oracle

uid=54321(oracle) gid=54321(oinstall) groups=54321(oinstall),54322(dba)

[opc@hdg-primary121 ~]$

Check flashback and forceloggig are turned on in the database

[opc@hdg-primary121 ~]$ sudo su -

[root@hdg-primary121 ~]# su - oracle

[oracle@hdg-primary121 ~]$

[oracle@hdg-primary121 ~]$ sqlplus / as sysdba

 

SQL*Plus: Release 12.1.0.2.0 Production on Thu Jul 5 17:04:30 2018

 

Copyright (c) 1982, 2014, Oracle.  All rights reserved.

 

 

Connected to:

Oracle Database 12c Enterprise Edition Release 12.1.0.2.0 - 64bit Production

With the Partitioning, Oracle Label Security, OLAP, Advanced Analytics

and Real Application Testing options

 

SQL> select flashback_on, force_logging from v$database;

 

FLASHBACK_ON       FORCE_LOGGING

------------------ ---------------------------------------

YES           YES

 

SQL>

Ensure DB is in archivelog mode

SQL> archive log list

Database log mode           Archive Mode

Automatic archival           Enabled

Archive destination           USE_DB_RECOVERY_FILE_DEST

Oldest online log sequence     3

Next log sequence to archive   5

Current log sequence           5

SQL>

Check listener.ora is configured for static service registration

[oracle@hdg-primary121 ~]$ cat /u01/app/oracle/product/12.1.0/dbhome_1/network/admin/listener.ora

# listener.ora Network Configuration File: /u01/app/oracle/product/12.1.0/dbhome_1/network/admin/listener.ora

# Generated by Oracle configuration tools.

 

LISTENER =

  (DESCRIPTION_LIST =

    (DESCRIPTION =

      (ADDRESS = (PROTOCOL = TCP)(HOST = hdg-primary121.compute-5923450477.oraclecloud.internal)(PORT = 1521))

      (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC1521))

    )

  )

 

VALID_NODE_CHECKING_REGISTRATION_LISTENER=ON

SSL_VERSION = 1.2

[oracle@hdg-primary121 ~]$

 

Edit sqlnet.ora to ensure all sqlnet traffic is encrypted. This is what my sqlnet.ora looks like after changes

SQLNET.ENCRYPTION_SERVER = requested

SQLNET.ENCRYPTION_CLIENT = requested

SQLNET.CRYPTO_CHECKSUM_TYPES_SERVER = (SHA1)

SQLNET.CRYPTO_CHECKSUM_SERVER = required

ENCRYPTION_WALLET_LOCATION = (SOURCE=(METHOD=FILE)(METHOD_DATA=(DIRECTORY=/u01/app/oracle/admin/ORCL/tde_wallet)))

SQLNET.ENCRYPTION_TYPES_SERVER = (RC4_256, AES256)

SQLNET.ENCRYPTION_TYPES_CLIENT = (RC4_256, AES256)

NAMES.DIRECTORY_PATH = (TNSNAMES, EZCONNECT)

SQLNET.EXPIRE_TIME = 10

SQLNET.WALLET_OVERRIDE = FALSE

ADR_BASE = /u01/app/oracle

WALLET_LOCATION = (SOURCE=(METHOD=FILE)(METHOD_DATA=(DIRECTORY=/u01/app/oracle/admin/ORCL/db_wallet)))

SSL_VERSION = 1.2

Reload listener for changes to take effect

[oracle@hdg-primary121 ~]$ lsnrctl reload

 

LSNRCTL for Linux: Version 12.1.0.2.0 - Production on 05-JUL-2018 17:22:56

 

Copyright (c) 1991, 2014, Oracle.  All rights reserved.

 

Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=hdg-primary121.compute-596600477.oraclecloud.internal)(PORT=1521)))

The command completed successfully

[oracle@hdg-primary121 ~]$

 

 

Ensure you have the right oracle RDBMS rpm installed, in this case its 12.1

[oracle@hdg-primary121 ~]$ rpm -qa|grep oracle-rdbms-server

oracle-rdbms-server-12cR1-preinstall-1.0-14.el6.x86_64

[oracle@hdg-primary121 ~]$

Ensure the Netcat RPM is installed: nc-1.84-24.el6.x86_64 or higher

[oracle@hdg-primary121 ~]$ rpm -qa|grep nc

nc-1.84-24.el6.x86_64

Edit your /etc/hosts file to add standby host IP. This is the NAT IP you reserved on the database console earlier. This is what my /etc/hosts file looks like after edits. Note that I've picked 'hdg-standby121' as my standby hostname

127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4

::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

 

12.12.0.3 hdg-primary121.compute-596600477.oraclecloud.internal hdg-primary121

129.23.43.134 hdg-standby121 hdg-standby121

Ensure all TCP socket size maximum kernel parameters are set to 10 MB (10485760) for optimal transport performance

[root@hdg-primary121 ~]#

[root@hdg-primary121 ~]# sysctl -w net.core.rmem_max=10485760

net.core.rmem_max = 10485760

[root@hdg-primary121 ~]# sysctl -w net.core.wmem_max=10485760

net.core.wmem_max = 10485760

[root@hdg-primary121 ~]#

Ensure your python, perl and Java versions are 2.6, 5.1 and 1.8 or higher respectively

[root@hdg-primary121 ~]# python --version

Python 2.6.6

[root@hdg-primary121 ~]# perl -version

 

This is perl, v5.10.1 (*) built for x86_64-linux-thread-multi

 

Copyright 1987-2009, Larry Wall

 

Perl may be copied only under the terms of either the Artistic License or the

GNU General Public License, which may be found in the Perl 5 source kit.

 

Complete documentation for Perl, including FAQ lists, should be found on

this system using "man perl" or "perldoc perl".  If you have access to the

Internet, point your browser at http://www.perl.org/, the Perl Home Page.

 

[root@hdg-primary121 ~]# java -version

java version "1.8.0_121"

Java(TM) SE Runtime Environment (build 1.8.0_121-b13)

Java HotSpot(TM) 64-Bit Server VM (build 25.121-b13, mixed mode)

[root@hdg-primary121 ~]#

 

Check your dbaastools version. 

[root@hdg-primary121 ~]# rpm -qa | grep dbaastools

dbaastools-1.0-1+18.2.3.0.0_180413.0807.x86_64

[root@hdg-primary121 ~]#

 

At the time of this writing, 18.2.3 is the latest release of dbaastools. If your version isn't the latest release, download the rpm and upgrade to latest dbaastools as shown below

[root@hdg-primary121 ~]# wget https://storage.us2.oraclecloud.com/v1/dbcsswlibp-usoracle29538/hdg/18.2.3/OracleCloud_HybridDR_Setup.zip

--2018-07-05 18:13:15--  https://storage.us2.oraclecloud.com/v1/dbcsswlibp-usoracle29538/hdg/18.2.3/OracleCloud_HybridDR_Setup.zip

Resolving storage.us2.oraclecloud.com... 129.152.172.3, 129.152.172.4

Connecting to storage.us2.oraclecloud.com|129.152.172.3|:443... connected.

HTTP request sent, awaiting response... 200 OK

Length: 138247232 (132M) [application/zip]

Saving to: “OracleCloud_HybridDR_Setup.zip”

 

100%[=================================================================================================================>] 138,247,232 71.9M/s   in 1.8s    

 

2018-07-05 18:13:18 (71.9 MB/s) - “OracleCloud_HybridDR_Setup.zip” saved [138247232/138247232]

 

[root@hdg-primary121 ~]#

Unzip and install both RPMs

[root@hdg-primary121 ~]# unzip OracleCloud_HybridDR_Setup.zip

Archive:  OracleCloud_HybridDR_Setup.zip

  inflating: dbaastools.rpm          

  inflating: perl-JSON-2.15-5.el6.noarch.rpm

  inflating: README                  

[root@hdg-primary121 ~]# rpm -Uvh perl-JSON-2.15-5.el6.noarch.rpm

Preparing...                ########################################### [100%]

    package perl-JSON-2.15-5.el6.noarch is already installed

[root@hdg-primary121 ~]# rpm -Uvh dbaastools.rpm

Preparing...                ########################################### [100%]

    package dbaastools-1.0-1+18.2.3.0.0_180413.0807.x86_64 is already installed

[root@hdg-primary121 ~]#

 

With all checks now complete, you are now ready to send a backup of your primary database to the Oracle storage cloud. But first, you need to create a storage cloud container

Logon to your storage cloud service and create a container as shown below. Note down the name and URL of the container

3. Take an RMAN backup of your primary DB using command line tooling to Oracle Storage Service

The tooling required to take a backup is available in /var/opt/oracle/hdg.

A word of caution - if you have previously made a failed attempt to take a hybrid DG backup on source instance, do the following before you move on

1. Delete folder db_wallet and file hdgonpreminfo* from /var/opt/oracle/hdg

2. Remove all objects from the backup OSS container

ok, we are now ready to send a backup to OSS. Lets configure /var/opt/oracle/hdg/setupdg.cfg with the required parameters before firing the hybridDG utility. This is what my setupdg.cfg looks like.

  • cloud_ipaddr is the reserved IP of the standby.
  • Encryption wallet needs to be autologin, hence no password.
  • sys_passwd is what your  will provide as admin password while provisioning standby
  • OSS password is password of your OSS account, typically your cloud account

[dg]

cloud_ipaddr=129.153.17.81

oss_url=https://oradbclouducm.us.storage.oraclecloud.com/v1/Storage-oradbclouducm/hdg-primary121-backup

onprem_ipaddr=129.107.126.21

tde=Y

dbname=ORCL

wallet_passwd=

sys_passwd=abcd1234#

oss_passwd=abcd1234#

oss_user=xxxxxxxx@acme.com

firewall_acl=Y

cloud_shost=hdg-standby121

oss_user=xxxxx@acme.com

firewall_acl=Y

~                

Save setupdg.cfg and fire off hybridDG utility as follows - 

[oracle@hdg-primary121 ~]$ cd /var/opt/oracle/hdg/

[oracle@hdg-primary121 hdg]$ ./setupdg.py -b

 

####################

DG-readiness check

####################

 

OK: On-premises Firewall ACLs configured

OK: Will use TDE to encrypt the standby database in cloud environment

OK: sys & system passwords are identical

OK: supported java version

OK: supported db

OK: supported database edition for Data Guard

OK: supported os

WARNING: APEX is not installed; Recommended minimum apex version : 5.0.0.00.31

OK: socket_size ok

OK: Data Vault is not enabled

OK: Flashback mode of the database is enabled

OK: The log mode is Archive Mode and the archive destination is /u03/app/oracle/fast_recovery_...

OK: Database ORCL is not part of an existing DG configuration

OK: DBID of ORCL database is 1508430918

OK: Size of ORCL database

    data(MB) |  temp(MB) |  redo(MB) |  archive(MB) |  control(MB) |  total(MB)   

    --------------------------------------------------------------------------

       4075         317        3072           79             35           7578    

OK: sqlnet.ora has the following information

      SQLNET.ENCRYPTION_SERVER = requested

      SQLNET.ENCRYPTION_TYPES_SERVER = (RC4_256, AES256)

      SQLNET.ENCRYPTION_CLIENT = requested

      SQLNET.ENCRYPTION_TYPES_CLIENT = (RC4_256, AES256)

OK: Oracle Net Listener Configuration file listener.ora is present

OK: perl-JSON rpm is installed

OK: netcat (nc) rpm is installed

OK: /etc/hosts entries are verified fine

OK: Domain information available for hdg-primary121

    All checks passed. Database backup can be performed

 

100% of checks completed successfully

running opc installer

creating config file for rman backup

generating rman.bkup

initiating backup

backup in progress. Takes a while

...

database backup to oss complete.

 

New set of priv/pub ssh keypair is created for oracle user. The keypair is under /home/oracle/.ssh, please use this to access this VM. Backup of original /home/oracle/.ssh is saved as /home/oracle/.ssh.bak

 

    Created hdgonpreminfo.tgz. Uploaded to OSS

 

##############################

DG-readiness check completed

##############################

 

[oracle@hdg-primary121 hdg]$

 

Your primary side configuration and backup is now complete. Next we provision the dataguard standby using cloud UI

4. Deploy standby through DBCS UI using the Hybrid Dataguard option

On the DBCS provisioning UI, enter your standby database details. Ensure your Instance Name matches the hostname you picked in the primary etc/hosts and the Software Release and Edition matches primary

 

On screen 2, ensure DB Name, admin password, IP reservation and Cloud Storage container URL matches what you specified in setupdg.cfg on the primary

On the final step, confirm everything looks ok and hit create. Your DataGuard standby should be ready soon.

 

 

 

 

Join the discussion

Comments ( 1 )
  • firdous bhat Tuesday, February 19, 2019
    That is nice document..

    i have question:
    since you have used OCI-classic. can same go with oracle second generation cloud(OCI). I would like to create a hybrid cloud between on prem database and want to chose second gen cloud bare-matel. do you see any restrictions in that?

    looking forward to your reply.
    regards
    firdous
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.