Using Oracle Data Guard with Exadata Cloud Service

Note

This procedure is only applicable to Exadata Cloud Service instances. To use Oracle Data Guard with bare metal and virtual machine DB systems, see Using Oracle Data Guard.

This topic explains how to use the Console or the API to manage Oracle Data Guard associations in your Exadata Cloud Service instances. This topic does not apply to Data Guard configurations created by accessing the host directly and setting up Oracle Data Guard manually.

When you use the Oracle Cloud Infrastructure Console or API to enable Oracle Data Guard for an Exadata Cloud Service database, the following are true:

  • The standby database is a physical standby.
  • The peer databases (primary and standby) are:

    • in the same compartment
    • both Exadata system shapes
    • identical database versions
  • You are limited to one standby database for each primary database.

To configure an Oracle Data Guard system between on-premises and Oracle Cloud Infrastructure DB systems, or to configure your database with multiple standbys, you must access the database host directly and set up Oracle Data Guard manually.

For complete information on Oracle Data Guard, see the Data Guard Concepts and Administration documentation in the Oracle Help Center.

Required IAM Service Policy

To use Oracle Cloud Infrastructure, you must be granted security access in a policy  by an administrator. This access is required whether you're using the Console or the REST API with an SDK, CLI, or other tool. If you get a message that you don’t have permission or are unauthorized, verify with your administrator what type of access you have and which compartment  you should work in.

If you are new to policies, see Getting Started with Policies and Common Policies.

Prerequisites

An Exadata Cloud Service Oracle Data Guard implementation requires two existing Exadata Cloud Service instances: one containing an existing database that is to be duplicated by Data Guard, and one that will house the new standby database by Data Guard. When enabling Data Guard, you can create a new Database Home on the standby Exadata instance to house the new standby database during the enable Data Guard operation. Alternately, you can choose to provision the standby database in an existing Database Home on the standby instance. For information on creating the required resources for the standby system, see the following topics:

You can use a custom database software image to that contains the necessary patches for your databases when creating a Database Home on either the primary or the standby Exadata instance. See Oracle Database Software Images for information on working with custom Oracle Database software images.

If you choose to provision a standby database in an existing Database Home, ensure that the target Database Home on the standby instance has all required patches that are in use for the primary database before you provision the standby database. See the following topics for more information on patching an existing Database Home:

Network Requirements

Ensure that your environment meets the following network requirements:

  • If you want to configure Oracle Data Guard across regions, then you must configure remote virtual cloud network (VCN) peering between the primary and standby databases. Networking is configured on the cloud VM cluster resource for systems using the new Exadata resource model, and on the DB system resource for system using the old resource model. See Remote VCN Peering (Across Regions).
  • To set up Oracle Data Guard within a single region, both Exadata Cloud Service instances must use the same VCN. When setting up Data Guard within the same region, Oracle recommends that the instance containing the standby database be in a different availability domain  from the instance containing the primary database to improve availability and disaster recovery.
  • Configure the ingress and egress security rules for the subnets of both Exadata Cloud Service instances in the Oracle Data Guard association to enable TCP traffic to move between the applicable ports. Ensure that the rules you create are stateful (the default).

    For example, if the subnet of the primary Exadata Cloud Service instance uses the source CIDR 10.0.0.0/24 and the subnet of the standby instance uses the source CIDR 10.0.1.0/24, then create rules as shown in the subsequent example.

    Note

    The egress rules in the example show how to enable TCP traffic only for port 1521, which is a minimum requirement for Oracle Data Guard to work. If TCP traffic is already enabled for all destinations (0.0.0.0/0) on all of your outgoing ports, then you need not explicitly add these specific egress rules.

    Security Rules for Subnet of Primary Exadata Cloud Service instance

    Ingress Rules:
    
    						Stateless: No
    						Source: 10.0.1.0/24 
    						IP Protocol: TCP 
    						Source Port Range: All 
    						Destination Port Range: 1521
    						Allows: TCP traffic for ports: 1521
    
    						Egress Rules:
    
    
    						Stateless: No
    						Destination: 10.0.1.0/24 
    						IP Protocol: TCP 
    						Source Port Range: All
    						Destination Port Range: 1521
    						Allows: TCP traffic for ports: 1521
    					

    Security Rules for Subnet of Standby Exadata Cloud Service instance

    Ingress Rules:
    
    						Stateless: No
    						Source: 10.0.0.0/24 
    						IP Protocol: TCP 
    						Source Port Range: All 
    						Destination Port Range: 1521
    						Allows: TCP traffic for ports: 1521
    
    						Egress Rules:
    
    						Stateless: No
    						Destination: 10.0.0.0/24 
    						IP Protocol: TCP 
    						Source Port Range: All
    						Destination Port Range: 1521
    						Allows: TCP traffic for ports: 1521
    					

    For information about creating and editing rules, see Security Lists.

Password Requirements

For Oracle Data Guard operations to work, the SYS password and the TDE wallet password of the primary and standby databases must all be the same. If you change any one of these passwords, then you must update the rest of the passwords to match. See Changing the Database Passwords to learn how to change the SYS password or the TDE wallet password.

If you make any change to the TDE wallet (such as adding a master key for a new PDB or changing the wallet password), then you must copy the wallet from the primary database to the standby database so that Oracle Data Guard can continue to operate. For Oracle Database versions prior to Oracle Database 12c release 2 (12.2), if you change the SYS password on one of the peers, then you must manually sync the password file between the DB systems.

Working with Oracle Data Guard

Oracle Data Guard ensures high availability, data protection, and disaster recovery for enterprise data. The Oracle Cloud Infrastructure Database Data Guard implementation requires two databases: one in a primary role and one in a standby role. The two databases compose an Oracle Data Guard association. Most of your applications access the primary database. The standby database is a transactionally consistent copy of the primary database.

Oracle Data Guard maintains the standby database by transmitting and applying redo data from the primary database. If the primary database becomes unavailable, then you can use Oracle Data Guard to switch or failover the standby database to the primary role.

Switchover

A switchover reverses the primary and standby database roles. Each database continues to participate in the Oracle Data Guard association in its new role. A switchover ensures no data loss. Performing planned maintenance on a Exadata Cloud Service instance with an Oracle Data Guard association is typically done by switching the primary database to the standby role, performing maintenance on the standby database, and then switching the standby database back to the primary role.

Failover

A failover transitions the standby database into the primary role after the existing primary database fails or becomes unreachable. A failover might result in some data loss when you use Maximum Performance protection mode.

Reinstate

Reinstates a database into the standby role in an Oracle Data Guard association. You can use the reinstate command to return a failed database into service after correcting the cause of failure.

Note

You cannot terminate a primary database that has an Oracle Data Guard association with a peer (standby) database. Delete the standby database first. Alternatively, you can switch over the primary database to the standby role, and then terminate it.

You cannot terminate an Exadata cloud VM cluster or DB system that includes Oracle Data Guard-enabled databases. You must first remove the Oracle Data Guard association by terminating the standby database.

Using the Console

Use the Console to enable an Oracle Data Guard association between databases, change the role of a database in an Oracle Data Guard association using either a switchover or a failover operation, and reinstate a failed database.

When you enable Oracle Data Guard, a separate Oracle Data Guard association is created for the primary and the standby database.

To enable Oracle Data Guard on an Exadata Cloud Service instance
  1. Open the navigation menu. Under Oracle Database, click Bare Metal, VM, and Exadata.
  2. Choose the Compartment that contains the Exadata Cloud Service instance with the database for which you want to enable Oracle Data Guard.
  3. Navigate to the cloud VM cluster or DB system that contains a database you want to assume the primary role:

    Cloud VM clusters (new resource model): Under Exadata at Oracle Cloud, click Exadata VM Clusters. In the list of VM clusters, find the VM cluster you want to access and click its highlighted name to view the details page for the cluster.

    DB systems: Under Bare Metal, VM, and Exadata, click DB Systems. In the list of DB systems, find the Exadata DB system you want to access, and then click its name to display details about it.

  4. On the VM cluster or DB system details page, in the Databases section, click the name of the database you want to make primary.
  5. On the Database Details page, in the Resources section, click Data Guard Associations.
  6. In the Data Guard Associations section, click Enable Data Guard.
  7. On the Enable Data Guard page, configure the Oracle Data Guard association.

    • The settings in the Data Guard association details section are read only and cannot be changed.

      • Protection mode: The protection mode used for this Oracle Data Guard association is set to Maximum Performance.
      • Transport type: The redo transport type used for this Oracle Data Guard association is set to Async (asynchronous).
    • In the Select peer DB system section, provide the following information for the standby database to obtain a list of available DB systems in which to locate the standby database:

      • Region: Select a region where you want to locate the standby database. The region where the primary database is located is selected, by default. You can choose to locate the standby database in a different region. The hint text associated with this field tells you in which region the primary database is located.
      • Availability domain: Select an availability domain for the standby database. The hint text associated with this field tells you in which availability domain the primary database is located.
      • Shape: Select the shape of the standby DB system. The shape must be an Exadata DB system shape.
      • Data Guard peer resource type: Select DB System or VM Cluster.
      • Select a DB system or cloud VM cluster from the drop-down list.
    • In the Choose Database Home section, choose one of the following:

      • Select an existing Database Home: If you use this option, select a home from the Database Home display name drop-down list.
      • Create a new Database Home: Use this option to provision a new Database Home for your Data Guard peer database.

        Click Change Database Image to use an older Oracle-published image or a custom database software image that you have created in advance, then select an Image Type:

        • Oracle Provided Database Software Images: These images contain generally available versions of Oracle Database software.
        • Custom Database Software Images: These images are created by your organization and contain customized configurations of software updates and patches. Use the Select a compartment and Select a Database version selectors to limit the list of custom database software images to a specific compartment or Oracle Database software major release version.
    • In the Configure standby database section, enter the database administrator password of the primary database in the Database password field. Use this same database administrator password for the standby database.

      Note

      The administrator password and the TDE wallet password must be identical. If the passwords are not identical, then follow the instructions in Changing the Database Passwords to ensure that they are.
  8. Click Enable Data Guard.

    When you create the association, the details for a database and its peer display their respective roles as Primary or Standby.

To perform a database switchover

You initiate a switchover operation by using the Data Guard association of the primary database.

  1. Open the navigation menu. Under Oracle Database, click Bare Metal, VM, and Exadata.
  2. Choose the Compartment that contains the Exadata Cloud Service instance with the database for which you want to enable Oracle Data Guard.
  3. Navigate to the cloud VM cluster or DB system that contains the Data Guard association:

    Cloud VM clusters (new resource model): Under Exadata at Oracle Cloud, click Exadata VM Clusters. In the list of VM clusters, find the VM cluster you want to access and click its highlighted name to view the details page for the cluster.

    DB systems: Under Bare Metal, VM, and Exadata, click DB Systems. In the list of DB systems, find the Exadata DB system you want to access, and then click its name to display details about it.

  4. Under Resources, click Data Guard Associations.
  5. For the Data Guard association on which you want to perform a switchover, click the Actions icon (three dots), and then click Switchover.
  6. In the Switchover Database dialog box, enter the database admin password, and then click OK.

    This database should now assume the role of the standby, and the standby should assume the role of the primary in the Data Guard association.

To perform a database failover

You initiate a failover operation by using the Data Guard association of the standby database.

  1. Open the navigation menu. Under Oracle Database, click Bare Metal, VM, and Exadata.
  2. Choose the Compartment that contains the Exadata Cloud Service instance with the database for which you want to enable Oracle Data Guard.
  3. Navigate to the cloud VM cluster or DB system that contains the Data Guard association:

    Cloud VM clusters (new resource model): Under Exadata at Oracle Cloud, click Exadata VM Clusters. In the list of VM clusters, find the VM cluster you want to access and click its highlighted name to view the details page for the cluster.

    DB systems: Under Bare Metal, VM, and Exadata, click DB Systems. In the list of DB systems, find the Exadata DB system you want to access, and then click its name to display details about it.

  4. Under Resources, click Data Guard Associations.
  5. For the Data Guard association on which you want to perform a failover, click Failover.
  6. In the Failover Database dialog box, enter the database admin password, and then click OK.

    This database should now assume the role of the primary, and the old primary's role should display as Disabled Standby.

To reinstate a database

After you fail over a primary database to its standby, the standby assumes the primary role and the old primary is identified as a disabled standby. After you correct the cause of failure, you can reinstate the failed database as a functioning standby for the current primary by using its Data Guard association.

  1. Open the navigation menu. Under Oracle Database, click Bare Metal, VM, and Exadata.
  2. Choose the Compartment that contains the Exadata Cloud Service instance with the database for which you want to enable Oracle Data Guard.
  3. Navigate to the cloud VM cluster or DB system that contains the Data Guard association:

    Cloud VM clusters (new resource model): Under Exadata at Oracle Cloud, click Exadata VM Clusters. In the list of VM clusters, find the VM cluster you want to access and click its highlighted name to view the details page for the cluster.

    DB systems: Under Bare Metal, VM, and Exadata, click DB Systems. In the list of DB systems, find the Exadata DB system you want to access, and then click its name to display details about it.

  4. Under Resources, click Data Guard Associations.
  5. For the Data Guard association on which you want to reinstate this database, click the Actions icon (three dots), and then click Reinstate.
  6. In the Reinstate Database dialog box, enter the database admin password, and then click OK.

    This database should now be reinstated as the standby in the Data Guard association.

To terminate a Data Guard association on an Exadata Cloud Service instance

On an Exadata Cloud Service instance, you remove a Data Guard association by terminating the standby database.

  1. Open the navigation menu. Under Oracle Database, click Bare Metal, VM, and Exadata.
  2. Choose the Compartment that contains the Exadata Cloud Service instance with the database for which you want to enable Oracle Data Guard.
  3. Navigate to the cloud VM cluster or DB system that contains the standby database:

    Cloud VM clusters (new resource model): Under Exadata at Oracle Cloud, click Exadata VM Clusters. In the list of VM clusters, find the VM cluster you want to access and click its highlighted name to view the details page for the cluster.

    DB systems: Under Bare Metal, VM, and Exadata, click DB Systems. In the list of DB systems, find the Exadata DB system you want to access, and then click its name to display details about it.

  4. For the standby database you want to terminate, click the Actions icon (three dots), and then click Terminate.
  5. In the Terminate Database dialog box, enter the name of the database, and then click OK.

Using the API

For information about using the API and signing requests, see REST APIs and Security Credentials. For information about SDKs, see Software Development Kits and Command Line Interface.

Use these API operations to manage Data Guard associations on an Exadata Cloud Service instance:

For the complete list of APIs for the Database service, see Database Service API.