Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
DG_ONE
/u01/oradata/control01.ctl
/u02/oradata/control02.ctl
Data Guard in the
same Data Center
DG_TWO
/u01/oradata/control01.ctl
/u02/oradata/control02.ctl
Data Guard in Oracle Cloud
Data Guard in Oracle Cloud
Data Guard in Oracle Cloud
Data Guard in Oracle Cloud
Data Guard in Oracle Cloud
DG_ONE
/u01/oradata/control01.ctl
/u02/oradata/control02.ctl
Data Guard in the
same Data Center
DG_TWO
/u01/oradata/control01.ctl
/u02/oradata/control02.ctl
Data Guard in Oracle Cloud
Data Guard in Oracle Cloud
There are two options for DR to the cloud using Oracle Database Cloud
Services:
- Active Data Guard utilizing the Extreme Performance Service or Exadata Service
Availability:
Recovery Time Objective (RTO) describes the maximum acceptable downtime should
an outage occur
Data Protection:
Recovery Point Objective (RPO) describes the maximum amount of data loss that can
be tolerated
Performance
Database response time may be different after failover if less capacity – compute,
memory, I/O, etc, are provisioned at the standby system than in the on-premises
production system
Security Requirements
Using Oracle Transparent Data Encryption (TDE) to encrypt primary and standby
databases at rest
- Lower data compression: Encrypted data compresses poorly because it must reveal no
information about the original plain text data
Oracle Net encryption is also required for encryption-in-flight for other redo
changes that are not encrypted by TDE
Deploying the DR to the cloud
Perform Switchover/Failover
Create a new Security Rule and configure Standby listener.ora file to use the
new port for accepting connections from the specified IP addresses
Encrypting On-Premise database
TDE tablespace encryption can only be enabled during the creation of a tablespace. Existing
tablespaces cannot be altered to enable TDE in 11g. A Data Guard Transient Logical Standby
Database can be used to limit the impact to application performance and availability during
conversion to TDE tablespace encryption.
Data is exported from the transient logical standby using Oracle Data Pump, the existing
tablespace is dropped and a new TDE enabled tablespace is created followed by an import.
Encrypting On-Premise database
1. Verify that the Data Guard configuration is healthy and contains no gaps.
2. Create the encryption wallet, and set the master key.
3. Copy the wallet files to all nodes in the configuration (Oracle RAC primary nodes and all
standby nodes).
4. Place the standby in a mounted state with recovery stopped.
5. On the standby: Encrypt data files in-place and in parallel.
6. On the standby: Restart redo apply and catch up.
7. Execute a Data Guard switchover making the encrypted standby the new primary and the
unencrypted primary the new standby.
8. On the NEW standby: Place the new standby database in a mounted state with recovery
stopped.
9. On the NEW standby: Encrypt data files in-place and in parallel.
10. On the NEW standby: Restart redo apply and catch up.
11. Optionally execute a Data Guard switchover to reestablish the original configuration.
Enabling Transparent Data Encryption
ENCRYPTION_WALLET_LOCATION =
(SOURCE =
(METHOD = FILE) (METHOD_DATA =
(DIRECTORY = /u01/app/oracle/admin/TDE/$ORACLE_SID) ) )
2. Create the corresponding directory on all nodes with the proper ORACLE_SID.
mkdir -p /u01/app/oracle/admin/TDE/$ORACLE_SID
12. Switchover.
DGMGRL> switchover to tdestby;
Instantiate Data Guard Standby
$ ssh-keygen
$ scp ~/.ssh/id_rsa.pub oracle@:~/.ssh/id_rsa.pub_cloud
$ cat ~/.ssh/id_rsa.pub_cloud >> ~/.ssh/authorized_users
$ chmod 700 ~/.ssh/authorized_users
Make sure to select the installation option ‘Install Oracle Grid Infrastructure
Software Only’
Create Standby database from On-Premises production
- SRLs should be created the same size as the largest of the Online Redo Logs(ORLs)
- Additionally, the MAA Best practice for standby redo logs is that there is the same number of
groups as there are groups of online redo logs plus 1
SQL> alter database add standby logfile thread 1 group 4 (‘+RECO’) size 100m;
RMAN> run
2> {
3> allocate channel t1 type ‘SBT_TAPE’
PARMS ‘SBT_LIBRARY=/home/oracle/lib/libopc.so
ENV=(OPC_PFILE=/u01/app/oracle/product/11.2.0/dbhome_1/dbs/opcPROD.ora
)’;
4> set dbid=345613202;
5> restore spfile to pfile ‘/tmp/pfile.ora’ from autobackup;
6> }
From Oracle Database Backup Cloud Service
SQL> startup nomount force;
RMAN> set decryption identified by “mypass”;
RMAN> run
{
allocate channel t1 type ‘SBT_TAPE’
PARMS ‘SBT_LIBRARY=/home/oracle/lib/libopc.so
ENV=(OPC_PFILE=/u01/app/oracle/product/11.2.0/dbhome_1/dbs/opcPROD.ora)’;
set dbid=345613202;
Oracle provides several automated health check tools that can be downloaded from My
Oracle Support
Exachk applicable to Exadata Database Machine (suitable for Exadata Cloud Service)
Perform Data Guard Health Check
Perform Data Guard Health Check
• Use Active Guard to offload read-only workload to the standby database to make sure that the standby
is ready for the production
• Periodically place Standby database in read-write mode to validate its readiness for production load
• Take Standby snapshots for the patch installation tests and upgrades
Data Guard VALIDATE DATABASE (Applicable from Oracle Database 12c onward)
• Perform any required SQL installation steps for the patch on the snapshot standby.
• Use Oracle Real Application Testing to evaluate stability and performance of the new software
using real application workload.
• After testing is complete, convert the snapshot standby back to a physical standby. Conversion
back to a physical standby will roll back changes made by Oracle Real Application Testing
workload replay, and made by SQL installation steps for the patch.
Performing Switchover/Failover of the Standby database
Run the following command to change the role of the primary database to standby
database:
DGMGRL> switchover to ;
Performing Switchover/Failover of the Standby database
In a Database Cloud Service database deployment, you can use the Oracle Database Cloud
Service console or the dataguard subcommand of the dbaascli utility to perform many Data Guard
operations
धन्यवाद
Thanks for coming!!
http://www.kamranagayev.com
http://www.ocmguide.com
http://www.oraclevideotutorials.com