Oracle Cloud Infrastructure Documentation

Managing Database Backup and Recovery on Exadata Cloud at Customer

This topic explains how to work with the backup and recovery facilities provided by Exadata Cloud at Customer.

Exadata Cloud at Customer provides automatic database backup facilities that use Oracle Recovery Manager (RMAN). When you create a database on Exadata Cloud at Customer, you can specify a backup destination and enable automatic backups. See Managing Databases on Exadata Cloud at Customer.

After database creation, you can also:

  • View a list of available backups.
  • Enable or disable automatic backups.
  • Edit backup settings.
  • Restore a database.

You can perform these operations by using the Console or the API.

Automatic database backups are configured as follows:

  • Automatic backups are scheduled daily. The automatic backup process can run at any time within the daily backup window, which is between midnight and 6:00 AM in the time zone of the VM cluster that hosts the database.

  • Automatic backups use a combination of full (RMAN level 0) and incremental (RMAN level 1) database backups:

    • For backups to a Recovery Appliance, after an initial full backup is performed the Recovery Appliance creates and validates virtual full backups from each daily incremental backup.
    • For backups to a Network File System (NFS) backup destination, incremental backups are always performed after an initial full backup is taken. Also, the incremental backups are merged into the full backup when they become older than the retention period.
    • For backups to all other storage types, the default interval between full backups is seven days.
  • The retention period defines the period for which automatic backups are maintained:

    • For backups to a Recovery Appliance, the retention policy that is implemented in the Recovery Appliance controls the retention period.
    • For backups to local Exadata storage, you can choose a retention period of 7 days or 14 days. The default retention period is 7 days.
    • For backups to Oracle Cloud Infrastructure Object Storage or to an NFS backup destination, you can choose one of the following preset retention periods: 7 days, 14 days, 30 days, 45 days, or 60 days. The default retention period is 30 days.
  • By default, the database runs in ARCHIVELOG mode, and archived redo log files are backed up every 60 minutes.
  • Regardless of the backup destination, backups of user data are encrypted by default.

While a backup is in progress, Oracle recommends that you avoid performing actions that could interfere with availability, such as restarting compute nodes or applying patches. If an automatic backup operation fails, the backup is deferred until the next day’s backup window.

When required, you can restore a database to:

  • The latest available restore point.
  • A specific point in time by providing a timestamp.
  • An Oracle Database System Change Number (SCN).

Note

The backup and recovery facilities described in this topic cater only for database backup and recovery, which includes Oracle Database data files, log files, control files, and the server parameter (SP) file.
You are responsible for backing up other files on your compute nodes.
In particular, Oracle strongly recommends that you back up the Transparent Data Encryption (TDE) keystore (wallet). Without the TDE keystore, the database backups are effectively useless because you cannot read the data contained therein.

Required IAM Policy

To use Oracle Cloud Infrastructure, you must be given the required type of access in a An IAM document that specifies who has what type of access to your resources. It is used in different ways: to mean an individual statement written in the policy language; to mean a collection of statements in a single, named "policy" document (which has an Oracle Cloud ID (OCID) assigned to it); and to mean the overall body of policies your organization uses to control access to resources. written by an administrator, whether you're using the Console or the REST API with an SDK, CLI, or other tool. If you try to perform an action and get a message that you don’t have permission or are unauthorized, confirm with your administrator the type of access you've been granted and which A collection of related resources that can be accessed only by certain groups that have been given permission by an administrator in your organization. you should work in.

If you're new to policies, see Getting Started with Policies and Common Policies.

Using the Console

To view a list of available backups
To edit backup settings
To restore a database

Using the API

For information about using the API and signing requests, see REST APIs and Security Credentials. For information about SDKs, see Software Development Kits and Command Line Interface.

Use these API operations to manage database backup and recovery:

For the complete list of APIs, see Database Service API.