Use Oracle Data Guard with Exadata Cloud Infrastructure

Learn to configure and manage Data Guard associations in your VM cluster.

About Using Oracle Data Guard with Exadata Cloud Infrastructure

This topic explains how to use the Console or the API to manage Data Guard associations in your VM cluster.

When you use the Console or the API to enable Data Guard for an Exadata database compute node database:
  • The standby database is a physical standby.
  • The versions of peer databases (primary and standby) are identical.
  • You are limited to one standby database for each primary database.
  • The standby database is deployed as an open, read-only database (Active Data Guard).

To configure a Data Guard system between on-premises and Exadata database compute nodes, or to configure your database with multiple standbys, you must access the database host directly and set up Data Guard manually.

For complete information on Oracle Data Guard, see the Data Guard Concepts and Administration documentation on the Oracle Document Portal.

Prerequisites for Using Oracle Data Guard with Exadata Cloud Infrastructure

An Exadata Cloud Infrastructure Oracle Data Guard implementation requires two existing Exadata VM Clusters: one containing an existing database that is to be duplicated by Data Guard, and one that will house the new standby database by Data Guard.

Note

Oracle strongly recommends the primary and standby databases for any production workloads be on different Exadata Cloud Infrastructures for better fault isolation and disaster protection. If you are adding a new standby in the same region with multiple availability domains, Oracle recommends choosing a separate availability domain for complete availability domain or data center fault isolation. If you are adding a new standby across regions, the standby will have fault isolation for a regional failure as well.

When enabling Data Guard, you can create a new Database Home on the standby Exadata instance to house the new standby database during the enable Data Guard operation. Alternately, you can choose to provision the standby database in an existing Database Home on the standby instance. For information on creating the required resources for the standby system, see the following topics:

You can use a custom database software image to that contains the necessary patches for your databases when creating a Database Home on either the primary or the standby Exadata instance. See Oracle Database Software Images for information on working with custom Oracle Database software images.

If you choose to provision a standby database in an existing Database Home, ensure that the target Database Home on the standby instance has all required patches that are in use for the primary database before you provision the standby database. See the following topics for more information on patching an existing Database Home:

If you are creating a Data Guard Association and you are using customer managed keys to encrypt the database, you must have configured the Vault Service and created a master key. See To administer Vault encryption keys and Key and Secret Management Concepts.

Network Requirements for Data Guard

Describe the network requirements for using Exadata Cloud Infrastructure with Oracle Data Guard.

Ensure that your environment meets the following network requirements:

  • The primary and standby databases can be part of VM clusters in different compartments.
  • The primary and standby databases must, however, be part of the same VCN within the same region.
  • If you want to configure Oracle Data Guard across regions, then you must configure remote virtual cloud network (VCN) peering between the primary and standby databases. Networking is configured on the cloud VM cluster resource for systems using the The new Exadata Resource Model, and on the DB system resource for system using the old resource model. See Remote VCN Peering using an RPC .

    For Exadata Data Guard configurations, OCI supports the use of hub-and-spoke network topology for the VCNs within each region. This means that the primary and standby databases can each utilize a "spoke" VCN that passes network traffic to the "hub" VCN that has a remote peering connection. See Transit Routing inside a hub VCN for information on setting up this network topology.

  • To set up Oracle Data Guard within a single region, both Exadata Cloud Infrastructure instances must use the same VCN. When setting up Data Guard within the same region, Oracle recommends that the instance containing the standby database be in a different availability domain from the instance containing the primary database to improve availability and disaster recovery.
  • Configure the ingress and egress security rules for the subnets of both Exadata Cloud Infrastructure instances in the Oracle Data Guard association to enable TCP traffic to move between the applicable ports. Ensure that the rules you create are stateful (the default).

    For example, if the subnet of the primary Exadata Cloud Infrastructure instance uses the source CIDR 10.0.0.0/24 and the subnet of the standby instance uses the source CIDR 10.0.1.0/24, then create rules as shown in the subsequent example.

Note

The egress rules in the example show how to enable TCP traffic only for port 1521, which is a minimum requirement for Oracle Data Guard to work. If TCP traffic is already enabled for all destinations (0.0.0.0/0) on all of your outgoing ports, then you need not explicitly add these specific egress rules.

Security Rules for Subnet of Primary Exadata Cloud Infrastructure instance

Ingress Rules:

						Stateless: No
						Source: 10.0.1.0/24 
						IP Protocol: TCP 
						Source Port Range: All 
						Destination Port Range: 1521
						Allows: TCP traffic for ports: 1521

						Egress Rules:


						Stateless: No
						Destination: 10.0.1.0/24 
						IP Protocol: TCP 
						Source Port Range: All
						Destination Port Range: 1521
						Allows: TCP traffic for ports: 1521
					

Security Rules for Subnet of Standby Exadata Cloud Infrastructure instance

Ingress Rules:

						Stateless: No
						Source: 10.0.0.0/24 
						IP Protocol: TCP 
						Source Port Range: All 
						Destination Port Range: 1521
						Allows: TCP traffic for ports: 1521

						Egress Rules:

						Stateless: No
						Destination: 10.0.0.0/24 
						IP Protocol: TCP 
						Source Port Range: All
						Destination Port Range: 1521
						Allows: TCP traffic for ports: 1521
					

For information about creating and editing rules, see Security Lists .

Password Requirements

For Data Guard operations to work, the SYS password and the TDE wallet password of the primary and standby databases must all be the same.

If you change any one of these passwords, you must update the rest of the passwords to match. See Changing the Database Passwords to learn how to change the SYS password or the TDE wallet password.

If you make any change to the TDE wallet (such as adding a master key for a new PDB or changing the wallet password), you must copy the wallet from the primary to the standby so that Data Guard can continue to operate. For Oracle Database versions earlier than 12.2, if you change the SYS password on one of the peers, you need to manually sync the password file between the DB systems.

Known Issues for Exadata Cloud Infrastructure and Data Guard

Possible TDE key replication issue, and MRP and DG LCM operation failures.

KMS RPM libkmstdepkcs11_1.286-1.286-1-Linux.rpm is the latest available which supports active replication of key between cross-region KMS vaults (source and target), and it is recommended to upgrade the RPM on clusters participating in Data Guard. OCI Vault cross-region Data Guard works with a lower version of RPM, but the older version does not guarantee active replication of keys. If the TDE keys have any replication issue between vaults, Data Guard replication might have an impact (MRP fails on standby cluster due to missing key on target vault) and MRP could resume only after the keys are replicated to the target vault. To avoid MRP and DG LCM operation failures, upgrade the libkms RPM on both the clusters, and restart the databases (only databases using customer-managed keys).

Adding a Node to a VM Cluster

When adding a node to a VM cluster, an instance of the Data Guard database is automatically created on the new node. However, metadata updation on the remote database, that is, the primary database if addition is done on the standby database and vice versa, must be done manually.

This can be done by copying over the addinstance JSON file, /var/opt/oracle/dbaas_acfs/<dbname>/addInstance.json created at the end of instance addition and running the /var/opt/oracle/ocde/rops update_instance <dbname> <path to addInstance JSON> command on any node of the remote cluster.

Removing a Node from a VM Cluster

When removing a node from a VM cluster, the instance and it's metadata on the removing node is deleted automatically. However, deletion of the corresponding metadata on the remote database, that is, the primary database if removal is done on the standby database and vice versa, must be done manually.

This can be done by running the /var/opt/oracle/ocde/rops remove_instance <dbname> <Instance Name> command on any node of the remote cluster.

Working with Data Guard

Oracle Data Guard ensures high availability, data protection, and disaster recovery for enterprise data.

The Data Guard implementation requires two databases, one in a primary role and one in a standby role. The two databases compose a Data Guard association. Most of your applications access the primary database. The standby database is a transactionally consistent copy of the primary database.

Data Guard maintains the standby database by transmitting and applying redo data from the primary database. If the primary database becomes unavailable, you can use Data Guard to switch or fail over the standby database to the primary role.

Switchover

A switchover reverses the primary and standby database roles.

Each database continues to participate in the Data Guard association in its new role. A switchover ensures no data loss. You can use a switchover before you perform planned maintenance on the primary database. Performing planned maintenance on a Exadata database virtual machine with a Data Guard association is typically done by switching the primary to the standby role, performing maintenance on the standby, and then switching it back to the primary role.

Failover

A failover transitions the standby database into the primary role after the existing primary database fails or becomes unreachable.

A failover might result in some data loss when you use Maximum Performance protection mode.

Reinstate

Reinstates a database into the standby role in a Data Guard association.

You can use the reinstate command to return a failed database into service after correcting the cause of failure.

Note

You can't terminate a primary database that has a Data Guard association with a peer (standby) database. Delete the standby database first. Alternatively, you can switch over the primary database to the standby role, and then terminate the former primary.

You can't terminate a VM cluster that includes Data Guard enabled databases. You must first remove the Data Guard association by terminating the standby database.

Using the Console to Manage Oracle Data Guard Associations

Learn how to enable a Data Guard association between databases, change the role of a database in a Data Guard association using either a switchover or a failover operation, and reinstate a failed database.

When you enable Data Guard, a separate Data Guard association is created for the primary and the standby database.

Using the Console to Enable Data Guard on an Exadata Cloud Infrastructure System

Learn to enable Data Guard association between databases.

Note

When you enable Data Guard, replication of data happens only over the client network.
  1. Open the navigation menu. Under Oracle Database, click Oracle Exadata Database Service on Dedicated Infrastructure.
  2. Choose your Compartment that contains the Exadata Cloud Infrastructure instance with the database for which you want to enable Oracle Data Guard..
  3. Navigate to the cloud VM cluster or DB system that contains a database you want to assume the primary role:
    • Cloud VM clusters ( new resource model): Under Oracle Exadata Database Service on Dedicated Infrastructure, click Exadata VM clusters. In the list of VM clusters, find the VM cluster you want to access and click its highlighted name to view the details page for the cluster.

    • DB systems: Under Bare Metal, VM, and Exadata, click DB Systems. In the list of DB systems, find the Exadata DB system you want to access, and then click its name to display details about it.

  4. On the VM cluster or DB system details page, in the Databases section, click the name of the database you want to make primary.
  5. On the Database Details page, under Resources, click Data Guard Associations.
  6. In the Data Guard Associations section, click Enable Data Guard.
  7. On the Enable Data Guard page, configure your Data Guard association.
    • In the Select peer DB system section, provide the following information for the standby database to obtain a list of available Exadata systems in which to locate the standby database:

      • Region: Select a region where you want to locate the standby database. The region where the primary database is located is selected, by default. You can choose to locate the standby database in a different region. The hint text associated with this field tells you in which region the primary database is located.
      • Availability domain: Select an availability domain for the standby database. The hint text associated with this field tells you in which availability domain the primary database is located.
      • Shape: Select the shape of the standby Exadata system.
      • Data Guard peer resource type: Select DB System or VM Cluster.
      • Select a DB system or cloud VM cluster from the drop-down list.
    • Data Guard association details:
      • Data Guard Type: Select Active Data Guard or Data Guard. Active Data Guard provides additional features including: Real-Time Query and DML Offload, Automatic Block Repair, Standby Block Change Tracking, Far Sync, Global Data Services, and Application Continuity. Note that Active Data Guard requires an Oracle Active Data Guard license. For more information on Active Data Guard, see Active Data Guard. For a complete overview of both Data Guard types, see Introduction to Oracle Data Guard

      • Protection mode: The protection mode can be Maximum Performance or Maximum Availability. See Oracle Data Duard Protection Modes for information on these options.

      • Transport type: The redo transport type used for this Data Guard association.

        See Redo Transport Servicesfor information on these options.
    • In the Choose Database Home section, choose one of the following:
      • Select an existing Database Home: If you use this option, select a home from the Database Home display name drop-down list.

      • Create a new Database Home: If you choose this option, enter a name for the new Database Home in the Database Home display name field. Click Change Database Image to select a database software image for the new Database Home. In the Select a Database Software Image panel, do the following:
        1. Select the compartment containing the database software image you want to use to create the new Database Home.
        2. Select the Oracle Database software version that the new Database Home will use, then choose an image from the list of available images for your selected software version.
        3. Click Select.
        Note

        Oracle recommends applying the same list of patches to the Database Homes of the primary and standby databases.
    • In the Configure standby database: section, provide standby database details.
      Note

      You cannot modify the db_unique_name and SID prefix after creating the database.
      • Database unique name: Optionally, specify a value for the DB_UNIQUE_NAME database parameter. This value must be unique across the primary and standby cloud VM clusters. The unique name must meet the requirements:

        • Maximum of 30 characters
        • Contain only alphanumeric or underscore (_) characters
        • Begin with an alphabetic character
        • Unique across the VM cluster. Recommended to be unique across the tenancy.
        If not specified, the system automatically generates a unique name value, as follows:
        <db_name>_<3_chars_unique_string>_<region-name>
      • Database password: Enter the database administrator password of the primary database. Use this same database administrator password for the standby database.

        Note

        The administrator password and the TDE wallet password must be identical. If the passwords are not identical, then follow the instructions in Changing the Database Passwords to ensure that they are.
  8. Click Show Advanced Options to specify advanced options for the standby database:
    • Management:

      Oracle SID prefix: The Oracle Database instance number is automatically added to the SID prefix to create the INSTANCE_NAME database parameter. The INSTANCE_NAME parameter is also known as the SID. If not provided, then the SID prefix defaults to the first 12 characters of the db_unique_name.
      Note

      Entering an SID prefix is only available for Oracle 12.1 databases and above.

      The SID prefix must meet the requirements:

      • Maximum of 12 characters
      • Contain only alphanumeric characters
      • Begin with an alphabetic character
      • Unique in the VM cluster and across primary and standby databases
  9. Click Enable Data Guard. When you create the association, the details for a database and its peer display their respective roles as Primary or Standby.

A work request is issued to configure the Data Guard association. The progress of the request and the stages of provisoning an be viewed on the Work Requests page.

When the association is created, the details for a database and its peer display their respective roles as Primary or Standby.

View Data Guard Provisioning Progress

View the progress of Data Guard Provisioning tasks using the Work Requests page.

After you have completed the task To Enable Data Guard, multiple work requests are issued to complete the provisioning of the Data Guard association. To veiw the progress of these work requests:

  1. Navigate to the Work Requests Details page. On the Work Requests Details page there is a bar in the Work Request Information tab that shows the overall progress of the Data Guard Provisioning
  2. Under Resources, select Log Messages. The table shows a messsage for each task that is completed or in progress.

To view Data Guard associations of databases in a Cloud VM Cluster

To view the role of each database in a Data Guard association in an Cloud VM Cluster, follow this procedure.

  1. Open the navigation menu. Under Oracle Database, click Oracle Exadata Database Service on Dedicated Infrastructure.
  2. Choose your Compartment.
  3. Navigate to the cloud VM cluster that contains the databases you wish to view their roles in Data Guard associations.
  4. In the Databases section under Resources, the role of each database in this VM Cluster is indicated in the Data Guard role column.

To enable automatic backups on a standby database

Learn to enable automatic backups on a standby database.

  1. Open the navigation menu. Under Oracle Database, click Oracle Exadata Database Service on Dedicated Infrastructure.
  2. Choose your Compartment that contains the Exadata Cloud Infrastructure instance with the database for which you want to enable automatic database.
  3. Navigate to the cloud VM cluster or DB system that contains the primary database.
    • Cloud VM clusters ( new resource model): Under Oracle Exadata Database Service on Dedicated Infrastructure, click Exadata VM clusters. In the list of VM clusters, find the VM cluster you want to access and click its highlighted name to view the details page for the cluster.

    • DB systems: Under Bare Metal, VM, and Exadata, click DB Systems. In the list of DB systems, find the Exadata DB system you want to access, and then click its name to display details about it.

  4. On the VM cluster or DB system details page, in the Databases section, click the name of the primary database.
  5. On the Database Details page, under Resources, click Data Guard Associations.
  6. Click the name of the standby database for which you want to enable automatic backups.

    The system displays a banner if automatic backups are not enabled for this database.

  7. Click Enable automatic backups on the banner.
  8. On the resulting Configure Automatic Backups window, enter the following details:
    • Enable automatic backup: Check the check box to enable or disable automatic incremental backups for this database. If your database is in a security zone compartment, you must enable automatic backups.
    • Backup Scheduling:
      • Full backup scheduling day: Choose a day of the week for the initial and future L0 backups to start.
      • Full backup scheduling time (UTC): Specify the time window when the full backups start when the automatic backup capability is selected.
      • Take the first backup immediately: A full database backup includes all datafiles, control file, and parameter files associated with the target database. Archive backups are separate and decoupled and executed every 30 minutes. You can choose to execute the first full backup immediately or defer to the assigned full backup scheduling time. If you defer to the latter, the database will not be recoverable until the first backup completes.
    • Backup Destination: Object Storage is selected by default and you cannot change it.
      Note

      • If automatic backup is enabled on the primary database and the backup destination is Autonomous Recovery Service, then you cannot enable backup on the standby database.
      • If automatic backup is enabled on the primary database and the backup destination is Object Storage, then you can enable backup on the standby database. Note that you can only select Object Storage as the backup destination.
      • If automatic backup is disabled on the primary database, you can still enable backup on the standby database by selecting Object Storage as the backup destination.
  9. Click Save Changes.

To perform a database switchover

You initiate a switchover operation by using the Data Guard association of the primary database.

  1. Open the navigation menu. Click Oracle Database, then click Oracle Exadata Database Service on Dedicated Infrastructure
  2. Choose the Compartment that contains the Exadata Cloud Infrastructure instance with the database for which you want to enable Oracle Data Guard.
  3. Navigate to the cloud VM cluster or DB system that contains the Data Guard association:

    Cloud VM clusters (new resource model): Under Oracle Exadata Database Service on Dedicated Infrastructure, click Exadata VM Clusters. In the list of VM clusters, find the VM cluster you want to access and click its highlighted name to view the details page for the cluster.

    DB systems: Under Bare Metal, VM, and Exadata, click DB Systems. In the list of DB systems, find the Exadata DB system you want to access, and then click its name to display details about it.

  4. Under Resources, click Data Guard Associations.
  5. For the Data Guard association on which you want to perform a switchover, click the Actions icon (three dots), and then click Switchover.
  6. In the Switchover Database dialog box, enter the database admin password, and then click OK.

    This database should now assume the role of the standby, and the standby should assume the role of the primary in the Data Guard association.

To edit the Oracle Data Guard association

  1. Open the navigation menu. Click Oracle Database, then click Oracle Exadata Database Service on Dedicated Infrastructure
  2. Choose the Compartment that contains the Exadata Cloud Service instance with the database for which you want to enable Oracle Data Guard.
  3. Navigate to the cloud VM cluster or DB system that contains the Data Guard association:

    Cloud VM clusters ( new resource model): Under Oracle Exadata Database Service on Dedicated Infrastructure, click Exadata VM Clusters. In the list of VM clusters, find the VM cluster you want to access and click its highlighted name to view the details page for the cluster.

    DB systems: Under Bare Metal, VM, and Exadata, click DB Systems. In the list of DB systems, find the Exadata DB system you want to access, and then click its name to display details about it.

  4. Under Resources, click Data Guard Associations.
  5. For the Data Guard association you want to manage, click the Actions icon (three dots), and then click Edit Protection Mode.
  6. In the Edit Data Guard Association panel, configure the Data Guard association:

    • Data Guard Type: Select Active Data Guard or Data Guard. Active Data Guard provides additional features including: Real-Time Query and DML Offload, Automatic Block Repair, Standby Block Change Tracking, Far Sync, Global Data Services, and Application Continuity. Note that Active Data Guard requires an Oracle Active Data Guard license. For more information on Active Data Guard, see Active Data Guard. For a complete overview of both Data Guard types, see Introduction to Oracle Data Guard
    • Protection mode: The protection mode can be Maximum Performance or Maximum Availability. See Oracle Data Guard Protection Modes for information on these options.
    • Transport type: The redo transport type used for this Oracle Data Guard association.

    • Database admin password: Enter the ADMIN password for the database.
  7. Click Save.

To perform a database failover

You initiate a failover operation by using the Data Guard association of the standby database.

  1. Open the navigation menu. Click Oracle Database, then click Oracle Exadata Database Service on Dedicated Infrastructure
  2. Choose the Compartment that contains the Exadata Cloud Infrastructure instance with the database for which you want to enable Oracle Data Guard.
  3. Navigate to the cloud VM cluster or DB system that contains the Data Guard association:

    Cloud VM clusters ( new resource model): Under Oracle Exadata Database Service on Dedicated Infrastructure, click Exadata VM Clusters. In the list of VM clusters, find the VM cluster you want to access and click its highlighted name to view the details page for the cluster.

    DB systems: Under Bare Metal, VM, and Exadata, click DB Systems. In the list of DB systems, find the Exadata DB system you want to access, and then click its name to display details about it.

  4. Under Resources, click Data Guard Associations.
  5. For the Data Guard association on which you want to perform a failover, click Failover.
  6. In the Failover Database dialog box, enter the database admin password, and then click OK.

    This database should now assume the role of the primary, and the old primary's role should display as Disabled Standby.

To reinstate a database

After you fail over a primary database to its standby, the standby assumes the primary role and the old primary is identified as a disabled standby. After you correct the cause of failure, you can reinstate the failed database as a functioning standby for the current primary by using its Data Guard association.

  1. Open the navigation menu. Click Oracle Database, then click Oracle Exadata Database Service on Dedicated Infrastructure
  2. Choose the Compartment that contains the Exadata Cloud Infrastructure instance with the database for which you want to enable Oracle Data Guard.
  3. Navigate to the cloud VM cluster or DB system that contains the Data Guard association:

    Cloud VM clusters (new resource model): Under Oracle Exadata Database Service on Dedicated Infrastructure, click Exadata VM Clusters. In the list of VM clusters, find the VM cluster you want to access and click its highlighted name to view the details page for the cluster.

    DB systems: Under Bare Metal, VM, and Exadata, click DB Systems. In the list of DB systems, find the Exadata DB system you want to access, and then click its name to display details about it.

  4. Under Resources, click Data Guard Associations.
  5. For the Data Guard association on which you want to reinstate this database, click the Actions icon (three dots), and then click Reinstate.
  6. In the Reinstate Database dialog box, enter the database admin password, and then click OK.

    This database should now be reinstated as the standby in the Data Guard association.

To terminate a Data Guard association on an Exadata Cloud Infrastructure instance

On an Exadata Cloud Infrastructure instance, you remove a Data Guard association by terminating the standby database.

  1. Open the navigation menu. Click Oracle Database, then click Oracle Exadata Database Service on Dedicated Infrastructure.
  2. Choose the Compartment that contains the Exadata Cloud Infrastructure instance with the database for which you want to enable Oracle Data Guard.
  3. Navigate to the cloud VM cluster or DB system that contains the standby database:

    Cloud VM clusters (new resource model): Under Oracle Exadata Database Service on Dedicated Infrastructure, click Exadata VM Clusters. In the list of VM clusters, find the VM cluster you want to access and click its highlighted name to view the details page for the cluster.

    DB systems: Under Bare Metal, VM, and Exadata, click DB Systems. In the list of DB systems, find the Exadata DB system you want to access, and then click its name to display details about it.

  4. For the standby database you want to terminate, click the Actions icon (three dots), and then click Terminate.
  5. In the Terminate Database dialog box, enter the name of the database, and then click OK.

Using the API to manage Data Guard associations

Use these API operations to manage Data Guard associations on an Exadata Cloud Infrastructure instance:

For information about using the API and signing requests, see REST APIs and Security Credentials. For information about SDKs, see Software Development Kits and Command Line Interface.

For the complete list of APIs for the Database service, see Database Service API.