vendredi 21 octobre 2022

How To Provision an Oracle Base Database Cloud Service

 


Provision an Oracle Base Database Cloud Service

Author: Donatien MBADI OUM, Consultant

 

 

Steps to setup Oracle Cloud Infrastructure Database System

 

-        Create compartment

-        Create Virtual Cloud Network (VCN)

-        Setup Public/Private Keys

-        Create a DB System

-        Check database connectivity

-        Setup SSH connectivity

-        Add rules on Security List

 

1.    Create Compartment

Compartment is a logical container in which OCI resources reside. A resource in OCI definitely belong to a compartment. It is used to provide appropriate access to various resources in OCI. We can have sub-compartment in a compartment. You can create separate compartment for DEV, PROD, TEST environments. You will find a top level root compartment and Oracle recommends that the resources you are creating should be in a compartment that is not a root compartment.

We will create a compartment named dbtestmig, so all the resources that we will create for our database system will be inside the dbtestmig compartment.

After signing in to Oracle Cloud Infrastructure Console using your cloud tenant name, user name, and password, from the OCI services menu,

 

1.     Open the navigation menu and click Identity & Security.

 


 

2.     Under Identity, click Compartments.

 


 

3.     Click Create Compartment

a.     Enter the following:

o   Name: Enter a name that is unique across all compartments in your tenancy(maximum 100 characters, including letters, numbers, hyphens and underscores) : dbtestmig

o   Description: Enter a description for this compartment

o   Tags: enter tags to organize and list resources based on your business needs.


 

b.     Click Create Compartment

 


 

 

2.    Create Virtual Cloud Network (VCN)

 

After provisioning a tenancy and create a new compartment, the next things to do is to create a Networking environment named Virtual Cloud Network or VCN. OCI VCN allows different resources in OCI to communicate with each other within and outside a region. Each VCN is divided into subnets and each subnet is related to availability domains. A typical OCI networking architecture has the following network components:

-        Virtual Cloud Network (VCN)

-        One public subnet in which public-facing resources reside like instance, load balancer or object storage

-        At least one private subnet in which highly secured resources reside like Database

-        An Internet Gateway to connect to the internet from public subnet

-        A Service Gateway to access OCI Object Storage and other OCI services

-        A Dynamic Routing Gateway (DRG) for private access from on-premises data center to OCI

To create a VCN on OCI, From the OCI services menu,

1.     Click Networking


 

2.     Click Virtual Cloud Networks


 

 

3.     Choose your compartment and the Click Start VCN Wizard


 

4.     Choose Create VCN with Internet Connectivity option

 


 

5.     Click Start VCN Wizard

a.     Complete the following:

o   VCN Name: Enter a name for your cloud network. The name is incorporated into the names of all the related resources that are automatically created. Avoid entering confidential information. Our VCN names vcntestmig.

o   Compartment: this field defaults to your current compartment. Select the compartment you want to create the VCN and related resources, if not already selected.

o   VCN CIDR Block: Enter a valid CIDR Block for the VCN. For example 10.0.0.0/16

o   Public VCN CIDR Block: Enter a valid CIDR block for the subnet. The value must be within the VCN’s CIDR block. For example 10.0.0.0/24

o   Private VCN CIDR Block: Enter a valid CIDR block for the subnet. The value must be within the VCN’s CDIR block and nor overlap with the public subnet’s CIDR block. For example 10.0.1.0/24

o   Accept the defaults for any other fields.

Note: CIDR stands for Classless Inter-Domain Routing.


b.     Click Next


c.     Click Create


6.     Click View Virtual Cloud Network


 

3.    Setup a Public/Private Key

Before creating the DB system, we need to administer the cloud machine. For that we need to have public key and private key.  So from your local computer (Windows or Mac or Linux), check that if ssh client is installed.


So you will just create a public key and private key and then distribute that public key across to the cloud machine so that you will able to make a connection from your local machine to the cloud directly. This detail will be asked when creating the database system.

From your command line interface or PowerShell command line interface,

1.     Type a command ssh-keygen –t rsa


2.     Open your explorer to see the key files


4.    Create Database System

Now, we move by provisioning the Oracle Cloud Database. To create a database system on OCI, From the OCI services menu,

1.     Click Oracle Database


2.     Click Oracle Base Database (VM, BM)


3.     Choose your compartment


 

4.     Click Create DB system

 

a.     Provide the following:

o   Compartment: the compartment where your need to create your db system

o   Name of your db system

o   Availability domain: The availability domain inside which you want to create the instance.

o   Shape type: A shape type for your db system which can be a Virtual Machine, a Bare Metal or Exadata.

 


 

b.     Change the shape if needed

o   Click Change shape


o   Click Change shape


c.     Configure the storage and software edition

o   Storage: you can choose to use either ASM (Automatic Storage Management) which need Oracle Grid Infrastructure (GI) or Logical Volume Manager (LVM) as storage. We leave GI and 256 GB.

o   Total node: The number of DB node you need

o   Software Edition: Choose to use Standard Edition, Enterprise Edition, Enterprise Edition High Performance or Enterprise Edition Extreme Performance. In our case, we choose the Enterprise Edition


 

d.     SSH Keys

Now we need to either generate SSH key pair, upload SSH key files or paste SSH keys. Remember that we have create a public and private keys earlier because we need to administer the cloud database from the local machine. We choose to upload the key file.




 

e.     License type

You have two options, License Included and Bring Your Own License (BYOL). The second option is used if you are already having Oracle license. We are choosing License Included option.


 

f. Network Information. You have to provide the following:

o   Virtual Cloud Network

o   Client subnet (a public subnet)

o   Hostname prefix

 


 

g.     Information for the initial database

Provide the following:

o   Database Name: The database name (Maximum 8 characters)

o   Database image

o   PDB Name (optional)

o   Administrator credentials


 

h.     Database Backup: you can enable database backup and then specify the retention period. By default it’s 30 days.


i.  Click Create DB system (it will around 45 minutes)


The db system is now created.


 

 

5.    Check connectivity

By clicking on Node link under Resources, we can notice the public IP address.


Using this IP address, we can actually a connectivity to a virtual machine.

o   From a local machine, go to the directory where you generate or save your keys

o   Run ssh command as below:


Remember that we shared the public key. So we have to specify a private key. There is a handshake between public and private key.

o   We are now connected to the Cloud Virtual Machine. We can switch to root or oracle user by using sudo command.


o   We can check that the database is running:


 

o   We can check if the listener is running:

 


 

6.    Setup SSH Connectivity from on-premise to OCI Machine

Now, we will make a SSH connectivity from our on-premise machine to the Oracle Cloid environment. The best way to do that is to:

o   Create new keys on on-premise

o   Copy the id_rsa.pub of on-premise as oracle use to authorized_keys of cloud machine

o   Edit the copied keys

o   Perform the connectivity

o   ssh –i id_rsa oacle@<public_ip_adress>

 

1.     Create new keys on on-premise

 




 




 

2.     Edit the id_rsa.pub file

 




 3.     Go to cloud machine as oracle user


 

4.     Copy the content of this id_rsa.pub file and paste it in one line on authorized_keys file.

 

 


 

5.     Connect to cloud machine using ssh

 


 

7.    Setup the Security Lists to connect to DBCS from on-premise

By default, the wizard creates two security lists (SL). One SL for private subnet (Security List for Private Subnet-vcntestmig) and one SL for public subnet (Default Security List for vcntestmig).

To allow external client to connect to the Database services (like PDBs), you will add an Ingress rule to the public subnet security list using 1521 as destination port range.

1.     Add Ingress rule on Security group

 

o   Under resources, click Security lists

 


o   Click the security list you are interested (e.g.: Default Security List for vcntestmig)


 

o   Click on Add Ingress Rules

§  Specify the VCN CIDR block as the source CIDR

§  Select TCP as the IP protocol

§  Specify 1521 as the destination port range


o   Click on Add Ingress Rules


 

2.     Connect to DBCS from on-premise

 


 

à

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)

How to fix errors : -         ORA-38760: This database instance failed to turn on flashback database -         ORA-38780: Restore poin...