Oracle Cloud Infrastructure Documentation

Using Oracle Data Guard

Note

This topic is not applicable to Exadata DB systems.

This topic explains how to use the Console to manage Data Guard associations in your DB system. To configure a Data Guard system across regions or between on-premises and Oracle Cloud Infrastructure DB systems, you must access the database host directly and use the DGMGRL utility.

For complete information on Oracle Data Guard, see the Data Guard Concepts and Administration documentation on the Oracle Document Portal.

Required IAM Service Policy

To use Oracle Cloud Infrastructure, you must be given the required type of access in a An IAM document that specifies who has what type of access to your resources. It is used in different ways: to mean an individual statement written in the policy language; to mean a collection of statements in a single, named "policy" document (which has an Oracle Cloud ID (OCID) assigned to it); and to mean the overall body of policies your organization uses to control access to resources. written by an administrator, whether you're using the Console or the REST API with an SDK, CLI, or other tool. If you try to perform an action and get a message that you don’t have permission or are unauthorized, confirm with your administrator the type of access you've been granted and which A collection of related resources that can be accessed only by certain groups that have been given permission by an administrator in your organization. you should work in.

If you're new to policies, see Getting Started with Policies and Common Policies.

Prerequisites

A Data Guard implementation requires two DB systems, one containing the primary database and one containing the standby database. When you enable Data Guard for a virtual machine DB system database, a new DB system with the standby database is created and associated with the primary database. For a bare metal DB system, the DB system with the database to be used as the standby must already exist before you enable Data Guard.

Tip

A Data Guard configuration on the Oracle Cloud Infrastructure is limited to one standby database per primary database.

Requirement details are as follows:

  • Both DB systems must be in the same compartment, and they must be the same shape.
  • The database versions and editions must be identical. Data Guard does not support Standard Edition. (Active Data Guard requires Enterprise Edition - Extreme Performance.)
  • The database version determines whether Active Data Guard is enabled. If you are using the BYOL licensing model and if your license does not include Active Data Guard, you must either use Enterprise Edition - High Performance or set up Data Guard manually. See Using Oracle Data Guard with the Database CLI.
  • Both DB systems must use the same VCN, and port 1521 must be open.
  • Important! Properly configure the security list ingress and egress rules for the subnets of both DB systems in the Data Guard association to allow TCP traffic to flow between the applicable ports. Ensure that the rules you create are stateful (the default).

    For example, if the subnet of the primary DB System uses the source CIDR 10.0.0.0/24 and the subnet of the standby DB system uses the source CIDR 10.0.1.0/24, create rules as shown in the following example.

    Note

    The egress rules in the example show how to enable TCP traffic only for port 1521, which is a minimum requirement for Data Guard to work. If TCP traffic is already enabled on all of your outgoing ports (0.0.0.0/0), then you need not explicitly add these specific egress rules.

    Security List for Primary DB System's Subnet

    
    Ingress Rules:
    
    Stateless: No
    Source: 10.0.1.0/24 
    IP Protocol: TCP 
    Source Port Range: All 
    Destination Port Range: 1521
    Allows: TCP traffic for ports: 1521
    
    Egress Rules:
    
    Stateless: No
    Destination: 10.0.1.0/24 
    IP Protocol: TCP 
    Source Port Range: All
    Destination Port Range: 1521
    Allows: TCP traffic for ports: 1521
    

    Security List for Standby DB System's Subnet

    
    Ingress Rules:
    
    Stateless: No
    Source: 10.0.0.0/24 
    IP Protocol: TCP 
    Source Port Range: All 
    Destination Port Range: 1521
    Allows: TCP traffic for ports: 1521
    
    Egress Rules:
    
    Stateless: No
    Destination: 10.0.0.0/24 
    IP Protocol: TCP 
    Source Port Range: All
    Destination Port Range: 1521
    Allows: TCP traffic for ports: 1521
    

    For information about creating and editing rules, see Security Lists.

Availability Domain and Fault Domain Considerations for Data Guard

Oracle recommends that the DB system of the standby database be in a different One or more isolated, fault-tolerant Oracle data centers that host cloud resources such as instances, volumes, and subnets. A region contains one or more availability domains. from the DB system of the primary database to improve availability and disaster recovery. If you enable Data Guard for a database and your standby database is in the same availability domain as the primary (either by choice, or because you are working in a single availability domain region), Oracle recommends that you place the standby database in a different A logical grouping of hardware and infrastructure within an availability domain to provide isolation of resources in case of hardware failure or unexpected software changes. from that of the primary database. Note that if your primary and standby databases are 2-node RAC databases and both are in the same availability domain, only one of the two nodes of the standby database can be in a fault domain that does not include any other nodes from either the primary or standby database. This is because each availability domain has only three fault domains, and the primary and standby databases have a combined total of 4 nodes. For more information on availability domains and fault domains, see Regions and Availability Domains.

Working with Data Guard

Oracle Data Guard ensures high availability, data protection, and disaster recovery for enterprise data. The Oracle Cloud Infrastructure Database Data Guard implementation requires two databases, one in a primary role and one in a standby role. The two databases compose a Data Guard association. Most of your applications access the primary database. The standby database is a transactionally consistent copy of the primary database.

Data Guard maintains the standby database by transmitting and applying redo data from the primary database. If the primary database becomes unavailable, you can use Data Guard to switch or fail over the standby database to the primary role.

Tip

The standby databases in Oracle Cloud Infrastructure Database are physical standbys.

Switchover

A switchover reverses the primary and standby database roles. Each database continues to participate in the Data Guard association in its new role. A switchover ensures no data loss. You can use a switchover before you perform planned maintenance on the primary database.

Failover

A failover transitions the standby database into the primary role after the existing primary database fails or becomes unreachable. A failover might result in some data loss when you use Maximum Performance protection mode.

Reinstate

Reinstates a database into the standby role in a Data Guard association. You can use the reinstate command to return a failed database into service after correcting the cause of failure.

Note

You can't terminate a primary database that has a Data Guard association with a peer (standby) database. Delete the standby database first. Alternatively, you can perform a switchover to the standby database, and then terminate the primary database.

You can't terminate a DB system that includes Data Guard enabled databases. To remove the Data Guard association:

  • For a bare metal DB system database - terminate the standby database.
  • For a virtual machine DB system database - terminate the standby DB system.

Using the Console

The Console allows you to enable a Data Guard association between databases, change the role of a database in a Data Guard association using either a switchover or a failover operation, and reinstate a failed database.

When you enable Data Guard, a separate Data Guard association is created for the primary and the standby database.

To enable Data Guard on a bare metal DB system
To enable Data Guard on a virtual machine DB system
To perform a database switchover
To perform a database failover
To reinstate a database
To terminate a Data Guard association on a bare metal DB system
To terminate a Data Guard association on a virtual machine DB system

Using the API

For information about using the API and signing requests, see REST APIs and Security Credentials. For information about SDKs, see Software Development Kits and Command Line Interface.

Use these API operations to manage Data Guard associations:

For the complete list of APIs for the Database service, see Database Service API.